Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Nach Trojaner-Befall -> PC unglaublich langsam (https://www.trojaner-board.de/113333-trojaner-befall-pc-unglaublich-langsam.html)

dirknik 12.04.2012 16:57
Sorry, ich hab beim ersten Durchlauf eine Bedrohung gelöscht, weil ich nach der Anleitung im Link vorgegangen bin. Hoffe, dass war nichts wichtiges. So hier das Log nach dem zweiten Scan mit den entsprechenden Voreinstellungen (die ich beim ersten mal auch nicht gemacht habe, weil ich, wie gesagt, zuerst alles so durchgeführt hatte, wie im Link beschrieben war. Entschuldige bitte!):

Code:
17:48:28.0515 3180        TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
17:48:30.0546 3180        ============================================================
17:48:30.0546 3180        Current date / time: 2012/04/12 17:48:30.0546
17:48:30.0546 3180        SystemInfo:
17:48:30.0546 3180       
17:48:30.0546 3180        OS Version: 5.1.2600 ServicePack: 3.0
17:48:30.0546 3180        Product type: Workstation
17:48:30.0546 3180        ComputerName: IBM-5D34BDAD641
17:48:30.0546 3180        UserName: Marc Nikolaus
17:48:30.0546 3180        Windows directory: C:\WINDOWS
17:48:30.0546 3180        System windows directory: C:\WINDOWS
17:48:30.0546 3180        Processor architecture: Intel x86
17:48:30.0546 3180        Number of processors: 1
17:48:30.0546 3180        Page size: 0x1000
17:48:30.0546 3180        Boot type: Normal boot
17:48:30.0546 3180        ============================================================
17:48:34.0375 3180        Drive \Device\Harddisk0\DR0 - Size: 0x951240000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:48:34.0484 3180        \Device\Harddisk0\DR0:
17:48:34.0500 3180        MBR used
17:48:34.0500 3180        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x432A8E1
17:48:34.0578 3180        Initialize success
17:48:34.0578 3180        ============================================================
17:53:14.0812 2948        ============================================================
17:53:14.0812 2948        Scan started
17:53:14.0812 2948        Mode: Manual; SigCheck; TDLFS;
17:53:14.0812 2948        ============================================================
17:53:15.0437 2948        Abiosdsk - ok
17:53:15.0515 2948        abp480n5        (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
17:53:18.0296 2948        abp480n5 - ok
17:53:18.0406 2948        ac97intc        (0f2d66d5f08ebe2f77bb904288dcf6f0) C:\WINDOWS\system32\drivers\ac97intc.sys
17:53:18.0671 2948        ac97intc - ok
17:53:18.0781 2948        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:53:19.0000 2948        ACPI - ok
17:53:19.0109 2948        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:53:19.0359 2948        ACPIEC - ok
17:53:19.0468 2948        AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:53:19.0531 2948        AdobeFlashPlayerUpdateSvc - ok
17:53:19.0625 2948        adpu160m        (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\System32\DRIVERS\adpu160m.sys
17:53:19.0875 2948        adpu160m - ok
17:53:19.0968 2948        aeaudio        (3cb6ae5435987b1f8c83fd2730479878) C:\WINDOWS\system32\drivers\aeaudio.sys
17:53:20.0015 2948        aeaudio - ok
17:53:20.0140 2948        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:53:20.0375 2948        aec - ok
17:53:20.0500 2948        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
17:53:20.0578 2948        AFD - ok
17:53:20.0687 2948        agp440          (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
17:53:20.0921 2948        agp440 - ok
17:53:21.0015 2948        agpCPQ          (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
17:53:21.0250 2948        agpCPQ - ok
17:53:21.0328 2948        Aha154x        (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\System32\DRIVERS\aha154x.sys
17:53:21.0484 2948        Aha154x - ok
17:53:21.0593 2948        aic78u2        (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\System32\DRIVERS\aic78u2.sys
17:53:21.0812 2948        aic78u2 - ok
17:53:21.0890 2948        aic78xx        (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\System32\DRIVERS\aic78xx.sys
17:53:22.0125 2948        aic78xx - ok
17:53:22.0203 2948        Alerter        (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
17:53:22.0437 2948        Alerter - ok
17:53:22.0546 2948        ALG            (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
17:53:22.0765 2948        ALG - ok
17:53:22.0859 2948        AliIde          (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\System32\DRIVERS\aliide.sys
17:53:23.0078 2948        AliIde - ok
17:53:23.0171 2948        alim1541        (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\System32\DRIVERS\alim1541.sys
17:53:23.0406 2948        alim1541 - ok
17:53:23.0500 2948        amdagp          (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\System32\DRIVERS\amdagp.sys
17:53:23.0734 2948        amdagp - ok
17:53:23.0828 2948        amsint          (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\System32\DRIVERS\amsint.sys
17:53:23.0984 2948        amsint - ok
17:53:24.0062 2948        AntiVirSchedulerService (c27d46b06d340293670450fce9dfb166) C:\Programme\Avira\AntiVir Desktop\sched.exe
17:53:24.0093 2948        AntiVirSchedulerService - ok
17:53:24.0171 2948        AntiVirService  (72d90e56563165984224493069c69ed4) C:\Programme\Avira\AntiVir Desktop\avguard.exe
17:53:24.0203 2948        AntiVirService - ok
17:53:24.0296 2948        AppMgmt        (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
17:53:24.0515 2948        AppMgmt - ok
17:53:24.0625 2948        asc            (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\System32\DRIVERS\asc.sys
17:53:24.0859 2948        asc - ok
17:53:24.0953 2948        asc3350p        (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\System32\DRIVERS\asc3350p.sys
17:53:25.0093 2948        asc3350p - ok
17:53:25.0187 2948        asc3550        (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\System32\DRIVERS\asc3550.sys
17:53:25.0421 2948        asc3550 - ok
17:53:25.0531 2948        Aspi32 - ok
17:53:25.0640 2948        aspnet_state    (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:53:25.0734 2948        aspnet_state - ok
17:53:25.0828 2948        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:53:26.0046 2948        AsyncMac - ok
17:53:26.0140 2948        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:53:26.0359 2948        atapi - ok
17:53:26.0453 2948        Atdisk - ok
17:53:26.0531 2948        atksgt          (5b80e84af6b02ecab72dae9afee06309) C:\WINDOWS\system32\DRIVERS\atksgt.sys
17:53:26.0562 2948        atksgt ( UnsignedFile.Multi.Generic ) - warning
17:53:26.0562 2948        atksgt - detected UnsignedFile.Multi.Generic (1)
17:53:26.0656 2948        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:53:26.0890 2948        Atmarpc - ok
17:53:26.0968 2948        AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
17:53:27.0187 2948        AudioSrv - ok
17:53:27.0359 2948        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:53:27.0593 2948        audstub - ok
17:53:27.0671 2948        avgio          (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
17:53:27.0687 2948        avgio - ok
17:53:27.0796 2948        avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
17:53:27.0937 2948        avgntflt - ok
17:53:28.0046 2948        avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
17:53:28.0062 2948        avipbb - ok
17:53:28.0171 2948        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:53:28.0390 2948        Beep - ok
17:53:28.0484 2948        BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
17:53:28.0781 2948        BITS - ok
17:53:28.0859 2948        Browser        (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
17:53:29.0078 2948        Browser - ok
17:53:29.0156 2948        cbidf          (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
17:53:29.0390 2948        cbidf - ok
17:53:29.0484 2948        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:53:29.0687 2948        cbidf2k - ok
17:53:29.0765 2948        cd20xrnt        (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
17:53:29.0906 2948        cd20xrnt - ok
17:53:29.0984 2948        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:53:30.0218 2948        Cdaudio - ok
17:53:30.0296 2948        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:53:30.0515 2948        Cdfs - ok
17:53:30.0593 2948        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:53:30.0828 2948        Cdrom - ok
17:53:30.0906 2948        Changer - ok
17:53:30.0984 2948        CiSvc          (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
17:53:31.0187 2948        CiSvc - ok
17:53:31.0265 2948        ClipSrv        (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
17:53:31.0484 2948        ClipSrv - ok
17:53:31.0609 2948        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:53:31.0812 2948        clr_optimization_v4.0.30319_32 - ok
17:53:31.0906 2948        CmdIde          (c687f81290303d90099b027a6474f99f) C:\WINDOWS\System32\DRIVERS\cmdide.sys
17:53:32.0125 2948        CmdIde - ok
17:53:32.0171 2948        COMSysApp - ok
17:53:32.0250 2948        Cpqarray        (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\System32\DRIVERS\cpqarray.sys
17:53:32.0484 2948        Cpqarray - ok
17:53:32.0562 2948        CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
17:53:32.0781 2948        CryptSvc - ok
17:53:32.0875 2948        dac2w2k        (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
17:53:33.0093 2948        dac2w2k - ok
17:53:33.0187 2948        dac960nt        (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\System32\DRIVERS\dac960nt.sys
17:53:33.0406 2948        dac960nt - ok
17:53:33.0500 2948        DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
17:53:33.0765 2948        DcomLaunch - ok
17:53:33.0843 2948        delprot - ok
17:53:33.0968 2948        DfSdkS          (92ae26f2caf4a67e24a0ba6ddf32cc3c) C:\Programme\Ashampoo\Ashampoo WinOptimizer 9\DfsdkS.exe
17:53:34.0046 2948        DfSdkS ( UnsignedFile.Multi.Generic ) - warning
17:53:34.0046 2948        DfSdkS - detected UnsignedFile.Multi.Generic (1)
17:53:34.0140 2948        DgiVecp        (a5034f77b278f07e224fe07cf98a8b76) C:\WINDOWS\system32\Drivers\DgiVecp.sys
17:53:34.0187 2948        DgiVecp ( UnsignedFile.Multi.Generic ) - warning
17:53:34.0187 2948        DgiVecp - detected UnsignedFile.Multi.Generic (1)
17:53:34.0250 2948        Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
17:53:34.0468 2948        Dhcp - ok
17:53:34.0546 2948        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:53:34.0765 2948        Disk - ok
17:53:34.0812 2948        dmadmin - ok
17:53:34.0921 2948        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
17:53:35.0187 2948        dmboot - ok
17:53:35.0265 2948        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
17:53:35.0484 2948        dmio - ok
17:53:35.0578 2948        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:53:35.0796 2948        dmload - ok
17:53:35.0890 2948        dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
17:53:36.0093 2948        dmserver - ok
17:53:36.0187 2948        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:53:36.0421 2948        DMusic - ok
17:53:36.0484 2948        Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
17:53:36.0593 2948        Dnscache - ok
17:53:36.0671 2948        Dot3svc        (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
17:53:36.0890 2948        Dot3svc - ok
17:53:36.0984 2948        dpti2o          (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\System32\DRIVERS\dpti2o.sys
17:53:37.0203 2948        dpti2o - ok
17:53:37.0296 2948        drmkaud        (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:53:37.0515 2948        drmkaud - ok
17:53:37.0625 2948        dtscsi          (6461e57bb51a848aae26f52427b7cf9e) C:\WINDOWS\System32\Drivers\dtscsi.sys
17:53:37.0718 2948        dtscsi - ok
17:53:38.0078 2948        E100B          (98b46b331404a951cabad8b4877e1276) C:\WINDOWS\system32\DRIVERS\e100b325.sys
17:53:38.0140 2948        E100B - ok
17:53:38.0218 2948        EapHost        (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
17:53:38.0437 2948        EapHost - ok
17:53:38.0500 2948        EGATHDRV        (7f220875288944c9c7856e2bc8613b1f) C:\WINDOWS\SYSTEM32\EGATHDRV.SYS
17:53:38.0531 2948        EGATHDRV ( UnsignedFile.Multi.Generic ) - warning
17:53:38.0531 2948        EGATHDRV - detected UnsignedFile.Multi.Generic (1)
17:53:38.0609 2948        ERSvc          (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
17:53:38.0812 2948        ERSvc - ok
17:53:38.0890 2948        Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
17:53:39.0015 2948        Eventlog - ok
17:53:39.0125 2948        EventSystem    (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\System32\es.dll
17:53:39.0187 2948        EventSystem - ok
17:53:39.0312 2948        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:53:39.0515 2948        Fastfat - ok
17:53:39.0593 2948        FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
17:53:39.0687 2948        FastUserSwitchingCompatibility - ok
17:53:39.0781 2948        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
17:53:39.0984 2948        Fdc - ok
17:53:40.0078 2948        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
17:53:40.0281 2948        Fips - ok
17:53:40.0375 2948        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:53:40.0593 2948        Flpydisk - ok
17:53:40.0687 2948        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
17:53:40.0906 2948        FltMgr - ok
17:53:41.0000 2948        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:53:41.0234 2948        Fs_Rec - ok
17:53:41.0328 2948        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:53:41.0562 2948        Ftdisk - ok
17:53:41.0671 2948        GEARAspiWDM    (6f55305289a0765bd8ae8e8d32f17117) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:53:41.0703 2948        GEARAspiWDM - ok
17:53:41.0812 2948        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:53:42.0015 2948        Gpc - ok
17:53:42.0109 2948        gupdate        (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe
17:53:42.0125 2948        gupdate - ok
17:53:42.0140 2948        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe
17:53:42.0171 2948        gupdatem - ok
17:53:42.0250 2948        helpsvc        (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:53:42.0468 2948        helpsvc - ok
17:53:42.0531 2948        HidServ        (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
17:53:42.0921 2948        HidServ - ok
17:53:43.0046 2948        HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:53:43.0250 2948        HidUsb - ok
17:53:43.0328 2948        hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
17:53:43.0546 2948        hkmsvc - ok
17:53:43.0625 2948        hpn            (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\System32\DRIVERS\hpn.sys
17:53:43.0843 2948        hpn - ok
17:53:43.0937 2948        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:53:44.0000 2948        HTTP - ok
17:53:44.0078 2948        HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
17:53:44.0296 2948        HTTPFilter - ok
17:53:44.0406 2948        i2omgmt        (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
17:53:44.0609 2948        i2omgmt - ok
17:53:44.0703 2948        i2omp          (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\System32\DRIVERS\i2omp.sys
17:53:44.0906 2948        i2omp - ok
17:53:45.0000 2948        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:53:45.0187 2948        i8042prt - ok
17:53:45.0281 2948        ialm            (cfc89f98c436c6687bd818abb6a4480b) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
17:53:45.0515 2948        ialm - ok
17:53:45.0609 2948        IBM Rapid Restore Ultra Service (1a1b8fd95d598d9d772333283154a1b5) C:\Programme\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
17:53:45.0687 2948        IBM Rapid Restore Ultra Service ( UnsignedFile.Multi.Generic ) - warning
17:53:45.0687 2948        IBM Rapid Restore Ultra Service - detected UnsignedFile.Multi.Generic (1)
17:53:45.0796 2948        ibmfilter      (4dc41ab5aa3f96fa7f01587dd9ccf467) C:\WINDOWS\system32\drivers\ibmfilter.sys
17:53:45.0812 2948        ibmfilter ( UnsignedFile.Multi.Generic ) - warning
17:53:45.0812 2948        ibmfilter - detected UnsignedFile.Multi.Generic (1)
17:53:45.0921 2948        IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:53:46.0000 2948        IDriverT ( UnsignedFile.Multi.Generic ) - warning
17:53:46.0000 2948        IDriverT - detected UnsignedFile.Multi.Generic (1)
17:53:46.0109 2948        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:53:46.0328 2948        Imapi - ok
17:53:46.0406 2948        ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\System32\imapi.exe
17:53:46.0625 2948        ImapiService - ok
17:53:46.0718 2948        ini910u        (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\System32\DRIVERS\ini910u.sys
17:53:46.0953 2948        ini910u - ok
17:53:47.0046 2948        IntelIde        (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\System32\DRIVERS\intelide.sys
17:53:47.0250 2948        IntelIde - ok
17:53:47.0343 2948        intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:53:47.0562 2948        intelppm - ok
17:53:47.0640 2948        ip6fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
17:53:47.0843 2948        ip6fw - ok
17:53:47.0937 2948        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:53:48.0156 2948        IpFilterDriver - ok
17:53:48.0250 2948        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:53:48.0453 2948        IpInIp - ok
17:53:48.0531 2948        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:53:48.0734 2948        IpNat - ok
17:53:48.0843 2948        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:53:49.0062 2948        IPSec - ok
17:53:49.0156 2948        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:53:49.0359 2948        IRENUM - ok
17:53:49.0468 2948        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:53:49.0687 2948        isapnp - ok
17:53:49.0781 2948        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:53:50.0000 2948        Kbdclass - ok
17:53:50.0093 2948        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:53:50.0312 2948        kmixer - ok
17:53:50.0437 2948        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:53:50.0718 2948        KSecDD - ok
17:53:50.0796 2948        lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
17:53:50.0859 2948        lanmanserver - ok
17:53:50.0921 2948        lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
17:53:50.0984 2948        lanmanworkstation - ok
17:53:51.0062 2948        lbrtfdc - ok
17:53:51.0156 2948        lirsgt          (975b6cf65f44e95883f3855bae8cecaf) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
17:53:51.0171 2948        lirsgt ( UnsignedFile.Multi.Generic ) - warning
17:53:51.0171 2948        lirsgt - detected UnsignedFile.Multi.Generic (1)
17:53:51.0281 2948        LiveTunerPM    (1307c0131756a1160b1821ce8293fe64) C:\Programme\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerProcessMonitor32.sys
17:53:51.0296 2948        LiveTunerPM - ok
17:53:51.0359 2948        LmHosts        (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
17:53:51.0578 2948        LmHosts - ok
17:53:51.0687 2948        MBAMProtector  (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
17:53:51.0703 2948        MBAMProtector - ok
17:53:51.0765 2948        MBAMService    (ba400ed640bca1eae5c727ae17c10207) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
17:53:51.0843 2948        MBAMService - ok
17:53:51.0937 2948        MBAMSwissArmy  (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
17:53:51.0953 2948        MBAMSwissArmy - ok
17:53:52.0031 2948        Messenger      (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
17:53:52.0234 2948        Messenger - ok
17:53:52.0328 2948        Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe
17:53:52.0375 2948        Microsoft Office Groove Audit Service - ok
17:53:52.0453 2948        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:53:52.0671 2948        mnmdd - ok
17:53:52.0750 2948        mnmsrvc        (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\System32\mnmsrvc.exe
17:53:52.0968 2948        mnmsrvc - ok
17:53:53.0062 2948        Modem          (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
17:53:53.0281 2948        Modem - ok
17:53:53.0406 2948        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:53:53.0625 2948        Mouclass - ok
17:53:53.0734 2948        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:53:53.0937 2948        mouhid - ok
17:53:54.0031 2948        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:53:54.0234 2948        MountMgr - ok
17:53:54.0312 2948        mraid35x        (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\System32\DRIVERS\mraid35x.sys
17:53:54.0546 2948        mraid35x - ok
17:53:54.0671 2948        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:53:54.0875 2948        MRxDAV - ok
17:53:54.0984 2948        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:53:55.0109 2948        MRxSmb - ok
17:53:55.0171 2948        MSDTC          (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
17:53:55.0375 2948        MSDTC - ok
17:53:55.0484 2948        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:53:55.0703 2948        Msfs - ok
17:53:55.0781 2948        MSIServer - ok
17:53:55.0859 2948        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:53:56.0062 2948        MSKSSRV - ok
17:53:56.0171 2948        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:53:56.0375 2948        MSPCLOCK - ok
17:53:56.0484 2948        MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:53:56.0687 2948        MSPQM - ok
17:53:56.0781 2948        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:53:56.0984 2948        mssmbios - ok
17:53:57.0109 2948        Mup            (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:53:57.0171 2948        Mup - ok
17:53:57.0265 2948        napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
17:53:57.0515 2948        napagent - ok
17:53:57.0625 2948        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:53:57.0843 2948        NDIS - ok
17:53:57.0937 2948        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:53:58.0000 2948        NdisTapi - ok
17:53:58.0109 2948        Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:53:58.0328 2948        Ndisuio - ok
17:53:58.0437 2948        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:53:58.0640 2948        NdisWan - ok
17:53:58.0750 2948        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:53:58.0828 2948        NDProxy - ok
17:53:58.0921 2948        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:53:59.0109 2948        NetBIOS - ok
17:53:59.0218 2948        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:53:59.0437 2948        NetBT - ok
17:53:59.0531 2948        NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
17:53:59.0765 2948        NetDDE - ok
17:53:59.0812 2948        NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
17:54:00.0031 2948        NetDDEdsdm - ok
17:54:00.0109 2948        Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe
17:54:00.0328 2948        Netlogon - ok
17:54:00.0437 2948        Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
17:54:00.0656 2948        Netman - ok
17:54:00.0765 2948        NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:54:00.0812 2948        NetTcpPortSharing - ok
17:54:00.0921 2948        Nla            (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
17:54:01.0062 2948        Nla - ok
17:54:01.0125 2948        NMSAccess      (7aea4df1ca68fd45dd4bbe1f0243ce7f) C:\Programme\CDBurnerXP\NMSAccessU.exe
17:54:01.0171 2948        NMSAccess - ok
17:54:01.0265 2948        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:54:01.0453 2948        Npfs - ok
17:54:01.0531 2948        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:54:01.0796 2948        Ntfs - ok
17:54:01.0890 2948        NtLmSsp        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe
17:54:02.0078 2948        NtLmSsp - ok
17:54:02.0187 2948        NtmsSvc        (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
17:54:02.0453 2948        NtmsSvc - ok
17:54:02.0562 2948        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:54:02.0781 2948        Null - ok
17:54:02.0906 2948        nv              (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:54:03.0218 2948        nv - ok
17:54:03.0343 2948        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:54:03.0578 2948        NwlnkFlt - ok
17:54:03.0671 2948        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:54:03.0890 2948        NwlnkFwd - ok
17:54:04.0000 2948        NwlnkIpx        (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
17:54:04.0203 2948        NwlnkIpx - ok
17:54:04.0296 2948        NwlnkNb        (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
17:54:04.0515 2948        NwlnkNb - ok
17:54:04.0593 2948        NwlnkSpx        (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
17:54:04.0812 2948        NwlnkSpx - ok
17:54:04.0859 2948        obvious - ok
17:54:04.0968 2948        odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
17:54:05.0031 2948        odserv - ok
17:54:05.0125 2948        ose            (5a432a042dae460abe7199b758e8606c) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
17:54:05.0156 2948        ose - ok
17:54:05.0281 2948        Parport        (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
17:54:05.0500 2948        Parport - ok
17:54:05.0593 2948        PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:54:05.0796 2948        PartMgr - ok
17:54:05.0875 2948        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
17:54:06.0093 2948        ParVdm - ok
17:54:06.0156 2948        PCDRSRVC - ok
17:54:06.0218 2948        PCI            (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
17:54:06.0421 2948        PCI - ok
17:54:06.0500 2948        PCIDump - ok
17:54:06.0578 2948        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:54:06.0812 2948        PCIIde - ok
17:54:06.0906 2948        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:54:07.0125 2948        Pcmcia - ok
17:54:07.0187 2948        PDCOMP - ok
17:54:07.0250 2948        PDFRAME - ok
17:54:07.0312 2948        PDRELI - ok
17:54:07.0375 2948        PDRFRAME - ok
17:54:07.0453 2948        pelmouse        (e541a80cdffd6077c761b4578efc0450) C:\WINDOWS\system32\DRIVERS\pelmouse.sys
17:54:07.0500 2948        pelmouse - ok
17:54:07.0609 2948        pelusblf        (6432858a4493e906a7d61b9b17a0672a) C:\WINDOWS\system32\DRIVERS\pelusblf.sys
17:54:07.0640 2948        pelusblf - ok
17:54:07.0734 2948        perc2          (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\System32\DRIVERS\perc2.sys
17:54:07.0968 2948        perc2 - ok
17:54:08.0046 2948        perc2hib        (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\System32\DRIVERS\perc2hib.sys
17:54:08.0281 2948        perc2hib - ok
17:54:08.0375 2948        PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
17:54:08.0500 2948        PlugPlay - ok
17:54:08.0578 2948        PMEM            (fa292805788528c083f416e151b60ab6) C:\WINDOWS\system32\drivers\PMEMNT.SYS
17:54:08.0609 2948        PMEM ( UnsignedFile.Multi.Generic ) - warning
17:54:08.0609 2948        PMEM - detected UnsignedFile.Multi.Generic (1)
17:54:08.0687 2948        PolicyAgent    (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe
17:54:08.0890 2948        PolicyAgent - ok
17:54:08.0984 2948        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:54:09.0187 2948        PptpMiniport - ok
17:54:09.0265 2948        Processor      (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
17:54:09.0468 2948        Processor - ok
17:54:09.0578 2948        prodrv06        (6d3b2fc5dec2f59b28fe5fa17250a7b0) C:\WINDOWS\System32\drivers\prodrv06.sys
17:54:09.0609 2948        prodrv06 ( UnsignedFile.Multi.Generic ) - warning
17:54:09.0609 2948        prodrv06 - detected UnsignedFile.Multi.Generic (1)
17:54:09.0718 2948        prohlp02        (c5f47b7ec2ec906847d5f80ba779a5bd) C:\WINDOWS\system32\drivers\prohlp02.sys
17:54:09.0750 2948        prohlp02 ( UnsignedFile.Multi.Generic ) - warning
17:54:09.0750 2948        prohlp02 - detected UnsignedFile.Multi.Generic (1)
17:54:09.0859 2948        prosync1        (f3471e7971ee62420451d958da635064) C:\WINDOWS\system32\drivers\prosync1.sys
17:54:09.0875 2948        prosync1 ( UnsignedFile.Multi.Generic ) - warning
17:54:09.0875 2948        prosync1 - detected UnsignedFile.Multi.Generic (1)
17:54:09.0953 2948        ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
17:54:10.0156 2948        ProtectedStorage - ok
17:54:10.0234 2948        psadd          (dc23b0d9a0282cb0d8281dbda431ac14) C:\WINDOWS\system32\Drivers\psadd.sys
17:54:10.0312 2948        psadd ( UnsignedFile.Multi.Generic ) - warning
17:54:10.0312 2948        psadd - detected UnsignedFile.Multi.Generic (1)
17:54:10.0437 2948        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:54:10.0640 2948        PSched - ok
17:54:10.0718 2948        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:54:10.0953 2948        Ptilink - ok
17:54:11.0015 2948        PxHelp20        (86724469cd077901706854974cd13c3e) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
17:54:11.0046 2948        PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
17:54:11.0046 2948        PxHelp20 - detected UnsignedFile.Multi.Generic (1)
17:54:11.0156 2948        ql1080          (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\System32\DRIVERS\ql1080.sys
17:54:11.0375 2948        ql1080 - ok
17:54:11.0468 2948        Ql10wnt        (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\System32\DRIVERS\ql10wnt.sys
17:54:11.0687 2948        Ql10wnt - ok
17:54:11.0781 2948        ql12160        (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\System32\DRIVERS\ql12160.sys
17:54:11.0984 2948        ql12160 - ok
17:54:12.0062 2948        ql1240          (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\System32\DRIVERS\ql1240.sys
17:54:12.0296 2948        ql1240 - ok
17:54:12.0390 2948        ql1280          (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\System32\DRIVERS\ql1280.sys
17:54:12.0609 2948        ql1280 - ok
17:54:12.0687 2948        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:54:12.0890 2948        RasAcd - ok
17:54:12.0968 2948        RasAuto        (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
17:54:13.0187 2948        RasAuto - ok
17:54:13.0296 2948        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:54:13.0500 2948        Rasl2tp - ok
17:54:13.0578 2948        RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
17:54:13.0781 2948        RasMan - ok
17:54:13.0875 2948        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:54:14.0078 2948        RasPppoe - ok
17:54:14.0187 2948        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:54:14.0437 2948        Raspti - ok
17:54:14.0531 2948        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:54:14.0750 2948        Rdbss - ok
17:54:14.0859 2948        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:54:15.0062 2948        RDPCDD - ok
17:54:15.0140 2948        rdpdr          (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:54:15.0359 2948        rdpdr - ok
17:54:15.0468 2948        RDPWD          (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
17:54:15.0531 2948        RDPWD - ok
17:54:15.0625 2948        RDSessMgr      (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
17:54:15.0828 2948        RDSessMgr - ok
17:54:15.0921 2948        redbook        (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:54:16.0125 2948        redbook - ok
17:54:16.0203 2948        RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
17:54:16.0406 2948        RemoteAccess - ok
17:54:16.0500 2948        RemoteRegistry  (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
17:54:16.0718 2948        RemoteRegistry - ok
17:54:16.0796 2948        ROOTMODEM      (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
17:54:17.0031 2948        ROOTMODEM - ok
17:54:17.0093 2948        RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\System32\locator.exe
17:54:17.0296 2948        RpcLocator - ok
17:54:17.0375 2948        RpcSs          (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
17:54:17.0500 2948        RpcSs - ok
17:54:17.0578 2948        RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\System32\rsvp.exe
17:54:17.0796 2948        RSVP - ok
17:54:17.0875 2948        SamSs          (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
17:54:18.0062 2948        SamSs - ok
17:54:18.0140 2948        SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
17:54:18.0359 2948        SCardSvr - ok
17:54:18.0453 2948        Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
17:54:18.0671 2948        Schedule - ok
17:54:18.0781 2948        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:54:19.0046 2948        Secdrv - ok
17:54:19.0109 2948        seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
17:54:19.0328 2948        seclogon - ok
17:54:19.0437 2948        SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
17:54:19.0656 2948        SENS - ok
17:54:19.0750 2948        serenum        (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:54:19.0953 2948        serenum - ok
17:54:20.0078 2948        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
17:54:20.0281 2948        Serial - ok
17:54:20.0421 2948        sfhlp01        (462aee0ea0481ea8bd45cac876a4ccc4) C:\WINDOWS\system32\drivers\sfhlp01.sys
17:54:20.0453 2948        sfhlp01 ( UnsignedFile.Multi.Generic ) - warning
17:54:20.0453 2948        sfhlp01 - detected UnsignedFile.Multi.Generic (1)
17:54:20.0546 2948        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:54:20.0750 2948        Sfloppy - ok
17:54:20.0843 2948        SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
17:54:21.0093 2948        SharedAccess - ok
17:54:21.0156 2948        ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
17:54:21.0203 2948        ShellHWDetection - ok
17:54:21.0296 2948        Simbad - ok
17:54:21.0343 2948        SipIMNDI - ok
17:54:21.0421 2948        sisagp          (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\System32\DRIVERS\sisagp.sys
17:54:21.0640 2948        sisagp - ok
17:54:21.0765 2948        smwdm          (f41896d591106713649b7eba668324e6) C:\WINDOWS\system32\drivers\smwdm.sys
17:54:21.0843 2948        smwdm - ok
17:54:21.0937 2948        Sparrow        (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\System32\DRIVERS\sparrow.sys
17:54:22.0062 2948        Sparrow - ok
17:54:22.0156 2948        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:54:22.0359 2948        splitter - ok
17:54:22.0437 2948        Spooler        (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
17:54:22.0484 2948        Spooler - ok
17:54:22.0578 2948        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
17:54:22.0796 2948        sr - ok
17:54:22.0890 2948        srservice      (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\System32\srsvc.dll
17:54:23.0093 2948        srservice - ok
17:54:23.0218 2948        Srv            (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:54:23.0296 2948        Srv - ok
17:54:23.0359 2948        SSDPSRV        (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
17:54:23.0593 2948        SSDPSRV - ok
17:54:23.0703 2948        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
17:54:23.0718 2948        ssmdrv - ok
17:54:23.0796 2948        StarOpen        (e57b778208c783d8debab320c16a1b82) C:\WINDOWS\system32\drivers\StarOpen.sys
17:54:23.0812 2948        StarOpen ( UnsignedFile.Multi.Generic ) - warning
17:54:23.0812 2948        StarOpen - detected UnsignedFile.Multi.Generic (1)
17:54:23.0890 2948        stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
17:54:24.0156 2948        stisvc - ok
17:54:24.0250 2948        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:54:24.0453 2948        swenum - ok
17:54:24.0546 2948        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:54:24.0765 2948        swmidi - ok
17:54:24.0812 2948        SwPrv - ok
17:54:24.0890 2948        symc810        (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\System32\DRIVERS\symc810.sys
17:54:25.0109 2948        symc810 - ok
17:54:25.0203 2948        symc8xx        (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\System32\DRIVERS\symc8xx.sys
17:54:25.0421 2948        symc8xx - ok
17:54:25.0531 2948        SymEvent        (403bd24fa5c55fc648abdd039629a954) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
17:54:25.0578 2948        SymEvent - ok
17:54:25.0671 2948        sym_hi          (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\System32\DRIVERS\sym_hi.sys
17:54:25.0890 2948        sym_hi - ok
17:54:25.0968 2948        sym_u3          (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\System32\DRIVERS\sym_u3.sys
17:54:26.0187 2948        sym_u3 - ok
17:54:26.0265 2948        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:54:26.0484 2948        sysaudio - ok
17:54:26.0562 2948        SysmonLog      (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
17:54:26.0765 2948        SysmonLog - ok
17:54:26.0859 2948        TapiSrv        (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
17:54:27.0062 2948        TapiSrv - ok
17:54:27.0171 2948        tbhsd          (adeb5b39e08282a81ef6998e8c76e269) C:\WINDOWS\system32\drivers\tbhsd.sys
17:54:27.0203 2948        tbhsd ( UnsignedFile.Multi.Generic ) - warning
17:54:27.0203 2948        tbhsd - detected UnsignedFile.Multi.Generic (1)
17:54:27.0312 2948        Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:54:27.0453 2948        Tcpip - ok
17:54:27.0531 2948        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:54:27.0718 2948        TDPIPE - ok
17:54:27.0796 2948        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:54:28.0015 2948        TDTCP - ok
17:54:28.0093 2948        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:54:28.0312 2948        TermDD - ok
17:54:28.0406 2948        TermService    (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
17:54:28.0625 2948        TermService - ok
17:54:28.0703 2948        Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
17:54:28.0734 2948        Themes - ok
17:54:28.0812 2948        TlntSvr        (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\System32\tlntsvr.exe
17:54:29.0015 2948        TlntSvr - ok
17:54:29.0125 2948        toshidpt        (62c57e7411b5f20980e70530ca69d5a7) C:\WINDOWS\system32\drivers\Toshidpt.sys
17:54:29.0140 2948        toshidpt ( UnsignedFile.Multi.Generic ) - warning
17:54:29.0140 2948        toshidpt - detected UnsignedFile.Multi.Generic (1)
17:54:29.0250 2948        TosIde          (d213a9247dc347f305a2d4cc9b951487) C:\WINDOWS\System32\DRIVERS\toside.sys
17:54:29.0468 2948        TosIde - ok
17:54:29.0562 2948        tosporte        (09505abeae3de953442417a48256684a) C:\WINDOWS\system32\DRIVERS\tosporte.sys
17:54:29.0593 2948        tosporte ( UnsignedFile.Multi.Generic ) - warning
17:54:29.0593 2948        tosporte - detected UnsignedFile.Multi.Generic (1)
17:54:29.0687 2948        Tosrfbd        (9b478a68d0f627ed3c4c4a48e86c5509) C:\WINDOWS\system32\Drivers\tosrfbd.sys
17:54:29.0703 2948        Tosrfbd ( UnsignedFile.Multi.Generic ) - warning
17:54:29.0703 2948        Tosrfbd - detected UnsignedFile.Multi.Generic (1)
17:54:29.0812 2948        Tosrfbnp        (fe200eece7521061cdad658c6ee4f341) C:\WINDOWS\system32\Drivers\tosrfbnp.sys
17:54:29.0843 2948        Tosrfbnp ( UnsignedFile.Multi.Generic ) - warning
17:54:29.0843 2948        Tosrfbnp - detected UnsignedFile.Multi.Generic (1)
17:54:29.0953 2948        Tosrfcom        (d185be751021bcf1e5d58566d408314a) C:\WINDOWS\system32\Drivers\tosrfcom.sys
17:54:29.0984 2948        Tosrfcom ( UnsignedFile.Multi.Generic ) - warning
17:54:29.0984 2948        Tosrfcom - detected UnsignedFile.Multi.Generic (1)
17:54:30.0078 2948        Tosrfhid        (341612b9758054e5965bcd6ae111b8f9) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
17:54:30.0109 2948        Tosrfhid ( UnsignedFile.Multi.Generic ) - warning
17:54:30.0109 2948        Tosrfhid - detected UnsignedFile.Multi.Generic (1)
17:54:30.0203 2948        tosrfnds        (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
17:54:30.0218 2948        tosrfnds ( UnsignedFile.Multi.Generic ) - warning
17:54:30.0218 2948        tosrfnds - detected UnsignedFile.Multi.Generic (1)
17:54:30.0328 2948        TosRfSnd        (350814a87f8ba3b0e28278feddf36f82) C:\WINDOWS\system32\drivers\TosRfSnd.sys
17:54:30.0343 2948        TosRfSnd ( UnsignedFile.Multi.Generic ) - warning
17:54:30.0343 2948        TosRfSnd - detected UnsignedFile.Multi.Generic (1)
17:54:30.0453 2948        Tosrfusb        (ddb8a339e57d514768f45d33b11bdb50) C:\WINDOWS\system32\Drivers\tosrfusb.sys
17:54:30.0484 2948        Tosrfusb ( UnsignedFile.Multi.Generic ) - warning
17:54:30.0484 2948        Tosrfusb - detected UnsignedFile.Multi.Generic (1)
17:54:30.0578 2948        TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
17:54:30.0781 2948        TrkWks - ok
17:54:30.0890 2948        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:54:31.0109 2948        Udfs - ok
17:54:31.0203 2948        ultra          (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\System32\DRIVERS\ultra.sys
17:54:31.0328 2948        ultra - ok
17:54:31.0453 2948        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:54:31.0703 2948        Update - ok
17:54:31.0796 2948        upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
17:54:32.0015 2948        upnphost - ok
17:54:32.0109 2948        UPS            (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
17:54:32.0312 2948        UPS - ok
17:54:32.0437 2948        usbaudio        (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
17:54:32.0671 2948        usbaudio - ok
17:54:32.0765 2948        usbccgp        (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:54:32.0968 2948        usbccgp - ok
17:54:33.0078 2948        usbehci        (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:54:33.0265 2948        usbehci - ok
17:54:33.0343 2948        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:54:33.0578 2948        usbhub - ok
17:54:33.0671 2948        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:54:33.0875 2948        usbprint - ok
17:54:33.0968 2948        usbscan        (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:54:34.0171 2948        usbscan - ok
17:54:34.0265 2948        USBSTOR        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:54:34.0484 2948        USBSTOR - ok
17:54:34.0546 2948        usbuhci        (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:54:34.0750 2948        usbuhci - ok
17:54:34.0859 2948        UxTuneUp        (1ff581035c4ea7a75dfb3939c7b7cbd2) C:\WINDOWS\System32\uxtuneup.dll
17:54:34.0875 2948        UxTuneUp - ok
17:54:34.0968 2948        vaxscsi        (92cebc2bc7be2c8d49391b365569f306) C:\WINDOWS\System32\Drivers\vaxscsi.sys
17:54:35.0000 2948        vaxscsi - ok
17:54:35.0093 2948        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:54:35.0296 2948        VgaSave - ok
17:54:35.0375 2948        viaagp          (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\System32\DRIVERS\viaagp.sys
17:54:35.0593 2948        viaagp - ok
17:54:35.0703 2948        ViaIde          (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\System32\DRIVERS\viaide.sys
17:54:35.0906 2948        ViaIde - ok
17:54:35.0984 2948        VolSnap        (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
17:54:36.0171 2948        VolSnap - ok
17:54:36.0281 2948        VSS            (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
17:54:36.0515 2948        VSS - ok
17:54:36.0625 2948        W32Time        (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\System32\w32time.dll
17:54:36.0843 2948        W32Time - ok
17:54:36.0937 2948        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:54:37.0140 2948        Wanarp - ok
17:54:37.0203 2948        WDICA - ok
17:54:37.0281 2948        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:54:37.0500 2948        wdmaud - ok
17:54:37.0578 2948        WebClient      (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
17:54:37.0781 2948        WebClient - ok
17:54:37.0921 2948        winmgmt        (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
17:54:38.0125 2948        winmgmt - ok
17:54:38.0250 2948        WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
17:54:38.0359 2948        WmdmPmSN - ok
17:54:38.0468 2948        Wmi            (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
17:54:38.0640 2948        Wmi - ok
17:54:38.0750 2948        WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\System32\wbem\wmiapsrv.exe
17:54:38.0953 2948        WmiApSrv - ok
17:54:39.0062 2948        WMPNetworkSvc  (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
17:54:39.0156 2948        WMPNetworkSvc - ok
17:54:39.0281 2948        WO_LiveService  (f491c8e5ee9d75a06dc36ede5a7a8938) C:\Programme\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerService.exe
17:54:39.0375 2948        WO_LiveService - ok
17:54:39.0546 2948        WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:54:39.0625 2948        WPFFontCache_v0400 - ok
17:54:39.0718 2948        WS2IFSL        (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:54:39.0937 2948        WS2IFSL - ok
17:54:40.0031 2948        wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
17:54:40.0250 2948        wscsvc - ok
17:54:40.0328 2948        wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
17:54:40.0531 2948        wuauserv - ok
17:54:40.0656 2948        WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:54:40.0718 2948        WudfPf - ok
17:54:40.0828 2948        WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:54:40.0859 2948        WudfRd - ok
17:54:40.0953 2948        WudfSvc        (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
17:54:40.0984 2948        WudfSvc - ok
17:54:41.0078 2948        WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
17:54:41.0328 2948        WZCSVC - ok
17:54:41.0406 2948        xmlprov        (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
17:54:41.0625 2948        xmlprov - ok
17:54:41.0718 2948        {6080A529-897E-4629-A488-ABA0C29B635E} (5ff57eedf48f189859d6e9bf81e297c5) C:\WINDOWS\system32\drivers\ialmsbw.sys
17:54:41.0781 2948        {6080A529-897E-4629-A488-ABA0C29B635E} - ok
17:54:41.0875 2948        {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} (c2eb14d84069443437f1b3b856bcb665) C:\WINDOWS\system32\drivers\ialmkchw.sys
17:54:41.0921 2948        {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
17:54:41.0937 2948        MBR (0x1B8)    (eb5d8b1054084399a9e2887ab969ae15) \Device\Harddisk0\DR0
17:54:42.0015 2948        \Device\Harddisk0\DR0 - ok
17:54:42.0031 2948        Boot (0x1200)  (29ba236c840db6ae0978678f9ce8cdb8) \Device\Harddisk0\DR0\Partition0
17:54:42.0031 2948        \Device\Harddisk0\DR0\Partition0 - ok
17:54:42.0031 2948        ============================================================
17:54:42.0031 2948        Scan finished
17:54:42.0031 2948        ============================================================
17:54:42.0187 2940        Detected object count: 26
17:54:42.0187 2940        Actual detected object count: 26
17:54:57.0843 2940        atksgt ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0843 2940        atksgt ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0843 2940        DfSdkS ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0843 2940        DfSdkS ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0843 2940        DgiVecp ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0843 2940        DgiVecp ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0843 2940        EGATHDRV ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0843 2940        EGATHDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0843 2940        IBM Rapid Restore Ultra Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0843 2940        IBM Rapid Restore Ultra Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0843 2940        ibmfilter ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0843 2940        ibmfilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0843 2940        IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0843 2940        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0843 2940        lirsgt ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0843 2940        lirsgt ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0843 2940        PMEM ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0843 2940        PMEM ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0843 2940        prodrv06 ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0843 2940        prodrv06 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0843 2940        prohlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0843 2940        prohlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0843 2940        prosync1 ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0843 2940        prosync1 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0843 2940        psadd ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0843 2940        psadd ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0859 2940        PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0859 2940        PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0859 2940        sfhlp01 ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0859 2940        sfhlp01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0859 2940        StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0859 2940        StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0859 2940        tbhsd ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0859 2940        tbhsd ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0859 2940        toshidpt ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0859 2940        toshidpt ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0859 2940        tosporte ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0859 2940        tosporte ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0859 2940        Tosrfbd ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0859 2940        Tosrfbd ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0875 2940        Tosrfbnp ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0875 2940        Tosrfbnp ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0875 2940        Tosrfcom ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0875 2940        Tosrfcom ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0875 2940        Tosrfhid ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0875 2940        Tosrfhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0875 2940        tosrfnds ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0875 2940        tosrfnds ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0875 2940        TosRfSnd ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0875 2940        TosRfSnd ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0875 2940        Tosrfusb ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0875 2940        Tosrfusb ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus 12.04.2012 19:26
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

dirknik 13.04.2012 08:53
Ich hatte combofix über Nacht laufen lassen, doch glaube ich nicht, dass sich was getan hat. Heut morgen lief zwar der Rechner doch der Bildschirm war schwarz und ich konnte auch nichts tun. Die combofix.txt habe ich auch nicht gefunden. Soll ichs nochmal im abgesicherten Modus durchführen? Danke für alles :-)

cosinus 13.04.2012 11:39
Ja probier es nochmal im abgesicherten mit Netzwerk
Lad die combofix.exe bitte vorher neu runter

dirknik 14.04.2012 07:04
Habe combofix noch mehrmals deinstalliert und wieder neu runtergeladen und ausprobiert. Sowohl im abgesicherten Modus mit Netzwerk, als auch nur im abgesicherten Modus und im normalen Modus. Jedes mal hängt sich der Rechner auf und zwar immer nachdem combofix den Systemwiederherstellungspunkt erstellt hat und dann in etwa so was da steht: "Vorgang kann ca. 10 min dauern. Dieser kann sich jedoch bei stark infizierten Rechnern leicht verdoppeln." Was soll ich jetzt machen?

cosinus 15.04.2012 15:30
Dann überspringen wir CF erstmal

Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

dirknik 15.04.2012 17:30
Hallo cosinus,
ich habe leider für längere Zeit keinen Zugriff mehr auf den zu behandelnden PC. Kann man hier den Thread vorübergehend schließen und dann wieder öffnen? Wenn das nicht geht, kann ich leider erst in einigen Monaten wieder antworten. Bis hierher vielen Dank. Ich werde auf jeden Fall deine Anweisungen, sobald es möglich ist durchführen. Danke nochmal :-)

cosinus 15.04.2012 18:35
Wir warten einfach ab was bis dahin passiert. Normalerweise können in diesen Strang nur du, die Helfer/Kompetenzler und Mods/Admins hier posten, ich seh daher keinen Anlass zur Schließung. Meld dich hier einfacher wieder wenn du an den PC rankommst


Alle Zeitangaben in WEZ +1. Es ist jetzt 01:02 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55