Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Trojaner: 2048 bit pgp-rsa (https://www.trojaner-board.de/114212-trojaner-2048-bit-pgp-rsa.html)

cosinus 03.05.2012 18:56
Zitat:
Dateien sind noch verschlüsselt
Ja was denn sonst? :balla:
Wie die entschlüsselt werden dazu gibt es hier genug Hinweise!!

Ich brauch den Quarantäneordner von OTL. Bitte folgendes machen:

1.) GANZ WICHTIG!! Virenscanner deaktivieren, der darf das Packen nicht beeinflussen!
2.) Ordner MovedFiles in C:\_OTL in eine Datei zippen
3.) Die erstellte ZIP-Datei hier hochladen => http://www.trojaner-board.de/54791-a...ner-board.html

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten!

4.) Wenns erfolgreich war Bescheid sagen
5.) Erst dann wieder den Virenscanner einschalten

fharry 03.05.2012 19:59
Hallo Arne,
die Zip-Datei ist Hochgeladen
Gruß
Harry

cosinus 04.05.2012 09:24
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten, Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

fharry 04.05.2012 18:50
Hallo Arne,
hie der Log vom TDSS
Code:
19:27:06.0490 1472        TDSS rootkit removing tool 2.7.34.0 May  2 2012 09:59:18
19:27:06.0850 1472        ============================================================
19:27:06.0850 1472        Current date / time: 2012/05/04 19:27:06.0850
19:27:06.0850 1472        SystemInfo:
19:27:06.0850 1472       
19:27:06.0850 1472        OS Version: 5.1.2600 ServicePack: 3.0
19:27:06.0850 1472        Product type: Workstation
19:27:06.0850 1472        ComputerName: TUS
19:27:06.0850 1472        UserName: Admin
19:27:06.0850 1472        Windows directory: C:\WINDOWS
19:27:06.0850 1472        System windows directory: C:\WINDOWS
19:27:06.0850 1472        Processor architecture: Intel x86
19:27:06.0850 1472        Number of processors: 1
19:27:06.0850 1472        Page size: 0x1000
19:27:06.0850 1472        Boot type: Normal boot
19:27:06.0850 1472        ============================================================
19:27:08.0444 1472        Drive \Device\Harddisk0\DR0 - Size: 0x9516AE000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:27:08.0459 1472        Drive \Device\Harddisk1\DR1 - Size: 0xC0720000 (3.01 Gb), SectorSize: 0x200, Cylinders: 0x30E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x80, Type 'K0', Flags 0x00000054
19:27:08.0459 1472        ============================================================
19:27:08.0459 1472        \Device\Harddisk0\DR0:
19:27:08.0459 1472        MBR partitions:
19:27:08.0459 1472        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1388AFC
19:27:08.0475 1472        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388B7A, BlocksNum 0x3700647
19:27:08.0475 1472        \Device\Harddisk1\DR1:
19:27:08.0475 1472        MBR partitions:
19:27:08.0475 1472        \Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x6038C1
19:27:08.0475 1472        ============================================================
19:27:08.0709 1472        C: <-> \Device\Harddisk0\DR0\Partition0
19:27:08.0740 1472        D: <-> \Device\Harddisk0\DR0\Partition1
19:27:08.0756 1472        E: <-> \Device\Harddisk1\DR1\Partition0
19:27:08.0756 1472        ============================================================
19:27:08.0756 1472        Initialize success
19:27:08.0756 1472        ============================================================
19:27:17.0709 1548        ============================================================
19:27:17.0709 1548        Scan started
19:27:17.0709 1548        Mode: Manual; SigCheck; TDLFS;
19:27:17.0709 1548        ============================================================
19:27:17.0959 1548        Abiosdsk - ok
19:27:17.0990 1548        abp480n5 - ok
19:27:18.0053 1548        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:27:18.0990 1548        ACPI - ok
19:27:19.0022 1548        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
19:27:19.0209 1548        ACPIEC - ok
19:27:19.0225 1548        adpu160m - ok
19:27:19.0256 1548        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:27:19.0459 1548        aec - ok
19:27:19.0506 1548        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
19:27:19.0553 1548        AFD - ok
19:27:19.0569 1548        Aha154x - ok
19:27:19.0600 1548        aic78u2 - ok
19:27:19.0615 1548        aic78xx - ok
19:27:19.0803 1548        ALCXWDM        (35045a23957a71ba649740741e69408c) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
19:27:20.0178 1548        ALCXWDM - ok
19:27:20.0272 1548        Alerter        (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
19:27:20.0459 1548        Alerter - ok
19:27:20.0506 1548        ALG            (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
19:27:20.0600 1548        ALG - ok
19:27:20.0631 1548        AliIde - ok
19:27:20.0662 1548        amsint - ok
19:27:20.0709 1548        AN983          (e2ad6cc7d407f2b5cb2899775cf84f51) C:\WINDOWS\system32\DRIVERS\AN983.sys
19:27:20.0772 1548        AN983 - ok
19:27:20.0881 1548        AntiVirSchedulerService (b4837fe56d76b2e9ea90e5365cf6a2be) C:\Programme\Avira\AntiVir Desktop\sched.exe
19:27:20.0912 1548        AntiVirSchedulerService - ok
19:27:20.0959 1548        AntiVirService  (df5a3016052755c910a206058b4a1729) C:\Programme\Avira\AntiVir Desktop\avguard.exe
19:27:21.0006 1548        AntiVirService - ok
19:27:21.0022 1548        AppMgmt - ok
19:27:21.0037 1548        asc - ok
19:27:21.0053 1548        asc3350p - ok
19:27:21.0084 1548        asc3550 - ok
19:27:21.0178 1548        aspnet_state    (e1a1206a4fb19b675e947b29ccd25fba) C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
19:27:21.0209 1548        aspnet_state ( UnsignedFile.Multi.Generic ) - warning
19:27:21.0209 1548        aspnet_state - detected UnsignedFile.Multi.Generic (1)
19:27:21.0240 1548        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:27:21.0428 1548        AsyncMac - ok
19:27:21.0475 1548        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:27:21.0709 1548        atapi - ok
19:27:21.0725 1548        Atdisk - ok
19:27:21.0787 1548        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:27:22.0006 1548        Atmarpc - ok
19:27:22.0053 1548        AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
19:27:22.0256 1548        AudioSrv - ok
19:27:22.0287 1548        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:27:22.0490 1548        audstub - ok
19:27:22.0537 1548        Automatisches LiveUpdate - Scheduler - ok
19:27:22.0584 1548        avgio          (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
19:27:22.0600 1548        avgio - ok
19:27:22.0631 1548        avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
19:27:22.0694 1548        avgntflt - ok
19:27:22.0725 1548        avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
19:27:22.0772 1548        avipbb - ok
19:27:22.0834 1548        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:27:23.0053 1548        Beep - ok
19:27:23.0115 1548        BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
19:27:23.0381 1548        BITS - ok
19:27:23.0444 1548        Brother XP spl Service (d3facb34fff5db91adb70987838f8ba7) C:\WINDOWS\system32\brsvc01a.exe
19:27:23.0490 1548        Brother XP spl Service - ok
19:27:23.0537 1548        Browser        (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
19:27:23.0756 1548        Browser - ok
19:27:23.0819 1548        BrScnUsb        (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\Drivers\BrScnUsb.sys
19:27:23.0881 1548        BrScnUsb - ok
19:27:23.0912 1548        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:27:24.0131 1548        cbidf2k - ok
19:27:24.0147 1548        cd20xrnt - ok
19:27:24.0194 1548        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:27:24.0412 1548        Cdaudio - ok
19:27:24.0475 1548        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:27:24.0694 1548        Cdfs - ok
19:27:24.0725 1548        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:27:24.0928 1548        Cdrom - ok
19:27:24.0944 1548        Changer - ok
19:27:25.0006 1548        CiSvc          (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
19:27:25.0209 1548        CiSvc - ok
19:27:25.0256 1548        ClipSrv        (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
19:27:25.0490 1548        ClipSrv - ok
19:27:25.0506 1548        CmdIde - ok
19:27:25.0522 1548        COMSysApp - ok
19:27:25.0553 1548        Cpqarray - ok
19:27:25.0600 1548        CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
19:27:25.0819 1548        CryptSvc - ok
19:27:25.0834 1548        dac2w2k - ok
19:27:25.0850 1548        dac960nt - ok
19:27:25.0928 1548        DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
19:27:26.0006 1548        DcomLaunch - ok
19:27:26.0069 1548        Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
19:27:26.0287 1548        Dhcp - ok
19:27:26.0319 1548        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:27:26.0537 1548        Disk - ok
19:27:26.0569 1548        dmadmin - ok
19:27:26.0662 1548        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
19:27:26.0944 1548        dmboot - ok
19:27:26.0975 1548        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
19:27:27.0225 1548        dmio - ok
19:27:27.0272 1548        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:27:27.0506 1548        dmload - ok
19:27:27.0537 1548        dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
19:27:27.0756 1548        dmserver - ok
19:27:27.0803 1548        DMusic          (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
19:27:27.0944 1548        DMusic - ok
19:27:27.0990 1548        Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
19:27:28.0037 1548        Dnscache - ok
19:27:28.0069 1548        Dot3svc        (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
19:27:28.0287 1548        Dot3svc - ok
19:27:28.0350 1548        Dot4            (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
19:27:28.0600 1548        Dot4 - ok
19:27:28.0647 1548        Dot4Print      (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
19:27:28.0850 1548        Dot4Print - ok
19:27:28.0897 1548        Dot4Scan        (bd05306428da63369692477ddc0f6f5f) C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys
19:27:29.0147 1548        Dot4Scan - ok
19:27:29.0162 1548        dpti2o - ok
19:27:29.0209 1548        drmkaud        (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
19:27:29.0350 1548        drmkaud - ok
19:27:29.0381 1548        EapHost        (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
19:27:29.0600 1548        EapHost - ok
19:27:29.0678 1548        EraserUtilRebootDrv - ok
19:27:29.0725 1548        ERSvc          (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
19:27:29.0944 1548        ERSvc - ok
19:27:29.0975 1548        Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
19:27:30.0022 1548        Eventlog - ok
19:27:30.0084 1548        EventSystem    (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
19:27:30.0131 1548        EventSystem - ok
19:27:30.0209 1548        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:27:30.0412 1548        Fastfat - ok
19:27:30.0475 1548        FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
19:27:30.0522 1548        FastUserSwitchingCompatibility - ok
19:27:30.0553 1548        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
19:27:30.0772 1548        Fdc - ok
19:27:30.0803 1548        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
19:27:31.0006 1548        Fips - ok
19:27:31.0037 1548        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:27:31.0272 1548        Flpydisk - ok
19:27:31.0319 1548        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
19:27:31.0522 1548        FltMgr - ok
19:27:31.0569 1548        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:27:31.0787 1548        Fs_Rec - ok
19:27:31.0850 1548        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:27:32.0037 1548        Ftdisk - ok
19:27:32.0115 1548        fwdrv          (1ff2eef447a177df2c544b80f8f7f879) C:\WINDOWS\system32\drivers\fwdrv.sys
19:27:32.0147 1548        fwdrv - ok
19:27:32.0194 1548        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:27:32.0412 1548        Gpc - ok
19:27:32.0537 1548        gupdate        (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
19:27:32.0553 1548        gupdate - ok
19:27:32.0569 1548        gupdatem        (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
19:27:32.0600 1548        gupdatem - ok
19:27:32.0662 1548        gusvc          (cc839e8d766cc31a7710c9f38cf3e375) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
19:27:32.0694 1548        gusvc - ok
19:27:32.0772 1548        helpsvc        (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:27:32.0975 1548        helpsvc - ok
19:27:32.0990 1548        HidServ - ok
19:27:33.0037 1548        hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
19:27:33.0256 1548        hkmsvc - ok
19:27:33.0272 1548        hpn - ok
19:27:33.0350 1548        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
19:27:33.0412 1548        HTTP - ok
19:27:33.0459 1548        HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
19:27:33.0678 1548        HTTPFilter - ok
19:27:33.0694 1548        i2omgmt - ok
19:27:33.0709 1548        i2omp - ok
19:27:33.0756 1548        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:27:33.0959 1548        i8042prt - ok
19:27:34.0069 1548        IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:27:34.0100 1548        IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:27:34.0100 1548        IDriverT - detected UnsignedFile.Multi.Generic (1)
19:27:34.0147 1548        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:27:34.0365 1548        Imapi - ok
19:27:34.0412 1548        ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
19:27:34.0615 1548        ImapiService - ok
19:27:34.0647 1548        ini910u - ok
19:27:34.0678 1548        IntelIde - ok
19:27:34.0725 1548        intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:27:34.0928 1548        intelppm - ok
19:27:34.0959 1548        Ip6Fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
19:27:35.0178 1548        Ip6Fw - ok
19:27:35.0240 1548        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:27:35.0444 1548        IpFilterDriver - ok
19:27:35.0490 1548        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:27:35.0709 1548        IpInIp - ok
19:27:35.0756 1548        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:27:35.0959 1548        IpNat - ok
19:27:36.0022 1548        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:27:36.0225 1548        IPSec - ok
19:27:36.0256 1548        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:27:36.0350 1548        IRENUM - ok
19:27:36.0412 1548        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:27:36.0615 1548        isapnp - ok
19:27:36.0740 1548        JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Programme\Java\jre6\bin\jqs.exe
19:27:36.0772 1548        JavaQuickStarterService - ok
19:27:36.0819 1548        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:27:37.0022 1548        Kbdclass - ok
19:27:37.0084 1548        khips          (304ce9fb3d64caa07b940bef4f8c2dcd) C:\WINDOWS\system32\drivers\khips.sys
19:27:37.0115 1548        khips - ok
19:27:37.0162 1548        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:27:37.0365 1548        kmixer - ok
19:27:37.0475 1548        KPF4            (9ef600c64435ccfdea01c991289e76ec) C:\Programme\Sunbelt Software\Personal Firewall\kpf4ss.exe
19:27:37.0615 1548        KPF4 - ok
19:27:37.0740 1548        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
19:27:37.0819 1548        KSecDD - ok
19:27:37.0865 1548        lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
19:27:37.0928 1548        lanmanserver - ok
19:27:37.0975 1548        lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
19:27:38.0022 1548        lanmanworkstation - ok
19:27:38.0037 1548        lbrtfdc - ok
19:27:38.0100 1548        LmHosts        (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
19:27:38.0303 1548        LmHosts - ok
19:27:38.0350 1548        MBAMSwissArmy  (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
19:27:38.0365 1548        MBAMSwissArmy - ok
19:27:38.0475 1548        McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe
19:27:38.0506 1548        McComponentHostService - ok
19:27:38.0553 1548        Messenger      (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
19:27:38.0756 1548        Messenger - ok
19:27:38.0803 1548        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:27:39.0022 1548        mnmdd - ok
19:27:39.0069 1548        mnmsrvc        (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
19:27:39.0272 1548        mnmsrvc - ok
19:27:39.0303 1548        Modem          (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
19:27:39.0506 1548        Modem - ok
19:27:39.0537 1548        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:27:39.0740 1548        Mouclass - ok
19:27:39.0756 1548        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:27:39.0928 1548        MountMgr - ok
19:27:39.0959 1548        mraid35x - ok
19:27:40.0006 1548        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:27:40.0209 1548        MRxDAV - ok
19:27:40.0272 1548        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:27:40.0350 1548        MRxSmb - ok
19:27:40.0381 1548        MSDTC          (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
19:27:40.0569 1548        MSDTC - ok
19:27:40.0615 1548        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:27:40.0819 1548        Msfs - ok
19:27:40.0834 1548        MSIServer - ok
19:27:40.0881 1548        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:27:41.0084 1548        MSKSSRV - ok
19:27:41.0100 1548        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:27:41.0287 1548        MSPCLOCK - ok
19:27:41.0334 1548        MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:27:41.0537 1548        MSPQM - ok
19:27:41.0584 1548        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:27:41.0772 1548        mssmbios - ok
19:27:41.0819 1548        Mup            (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
19:27:41.0865 1548        Mup - ok
19:27:41.0912 1548        napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
19:27:42.0115 1548        napagent - ok
19:27:42.0178 1548        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:27:42.0397 1548        NDIS - ok
19:27:42.0444 1548        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:27:42.0475 1548        NdisTapi - ok
19:27:42.0506 1548        Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:27:42.0709 1548        Ndisuio - ok
19:27:42.0740 1548        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:27:42.0959 1548        NdisWan - ok
19:27:43.0006 1548        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
19:27:43.0053 1548        NDProxy - ok
19:27:43.0069 1548        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:27:43.0272 1548        NetBIOS - ok
19:27:43.0334 1548        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:27:43.0537 1548        NetBT - ok
19:27:43.0600 1548        NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
19:27:43.0803 1548        NetDDE - ok
19:27:43.0834 1548        NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
19:27:44.0006 1548        NetDDEdsdm - ok
19:27:44.0022 1548        Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:27:44.0240 1548        Netlogon - ok
19:27:44.0272 1548        Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
19:27:44.0475 1548        Netman - ok
19:27:44.0522 1548        Nla            (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
19:27:44.0569 1548        Nla - ok
19:27:44.0615 1548        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:27:44.0803 1548        Npfs - ok
19:27:44.0881 1548        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:27:45.0115 1548        Ntfs - ok
19:27:45.0131 1548        NtLmSsp        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:27:45.0334 1548        NtLmSsp - ok
19:27:45.0381 1548        NtmsSvc        (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
19:27:45.0615 1548        NtmsSvc - ok
19:27:45.0678 1548        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:27:45.0865 1548        Null - ok
19:27:45.0897 1548        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:27:46.0115 1548        NwlnkFlt - ok
19:27:46.0147 1548        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:27:46.0365 1548        NwlnkFwd - ok
19:27:46.0444 1548        ose            (7a56cf3e3f12e8af599963b16f50fb6a) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
19:27:46.0506 1548        ose - ok
19:27:46.0553 1548        Parport        (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
19:27:46.0740 1548        Parport - ok
19:27:46.0772 1548        PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:27:46.0975 1548        PartMgr - ok
19:27:47.0022 1548        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
19:27:47.0209 1548        ParVdm - ok
19:27:47.0256 1548        PCANDIS5        (d0084a9ade989fe703e4f22171f4e4dc) C:\PROGRA~1\T-DSLS~1\PCANDIS5.SYS
19:27:47.0287 1548        PCANDIS5 ( UnsignedFile.Multi.Generic ) - warning
19:27:47.0287 1548        PCANDIS5 - detected UnsignedFile.Multi.Generic (1)
19:27:47.0334 1548        PCI            (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
19:27:47.0522 1548        PCI - ok
19:27:47.0553 1548        PCIDump - ok
19:27:47.0600 1548        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:27:47.0787 1548        PCIIde - ok
19:27:47.0819 1548        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
19:27:48.0022 1548        Pcmcia - ok
19:27:48.0037 1548        PDCOMP - ok
19:27:48.0069 1548        PDFRAME - ok
19:27:48.0084 1548        PDRELI - ok
19:27:48.0115 1548        PDRFRAME - ok
19:27:48.0131 1548        perc2 - ok
19:27:48.0162 1548        perc2hib - ok
19:27:48.0240 1548        PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
19:27:48.0256 1548        PlugPlay - ok
19:27:48.0272 1548        PolicyAgent    (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:27:48.0475 1548        PolicyAgent - ok
19:27:48.0506 1548        PortTalk        (7d5a2d755b6c6579f63657b527d6ff1b) C:\WINDOWS\system32\Drivers\PtbTalk.sys
19:27:48.0522 1548        PortTalk ( UnsignedFile.Multi.Generic ) - warning
19:27:48.0522 1548        PortTalk - detected UnsignedFile.Multi.Generic (1)
19:27:48.0569 1548        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:27:48.0756 1548        PptpMiniport - ok
19:27:48.0772 1548        ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:27:48.0959 1548        ProtectedStorage - ok
19:27:48.0975 1548        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
19:27:49.0178 1548        PSched - ok
19:27:49.0240 1548        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:27:49.0412 1548        Ptilink - ok
19:27:49.0428 1548        ql1080 - ok
19:27:49.0444 1548        Ql10wnt - ok
19:27:49.0475 1548        ql12160 - ok
19:27:49.0490 1548        ql1240 - ok
19:27:49.0522 1548        ql1280 - ok
19:27:49.0553 1548        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:27:49.0740 1548        RasAcd - ok
19:27:49.0787 1548        RasAuto        (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
19:27:50.0006 1548        RasAuto - ok
19:27:50.0037 1548        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:27:50.0225 1548        Rasl2tp - ok
19:27:50.0287 1548        RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
19:27:50.0490 1548        RasMan - ok
19:27:50.0522 1548        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:27:50.0709 1548        RasPppoe - ok
19:27:50.0725 1548        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:27:50.0912 1548        Raspti - ok
19:27:50.0959 1548        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:27:51.0147 1548        Rdbss - ok
19:27:51.0194 1548        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:27:51.0412 1548        RDPCDD - ok
19:27:51.0459 1548        RDPWD          (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
19:27:51.0522 1548        RDPWD - ok
19:27:51.0569 1548        RDSessMgr      (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
19:27:51.0787 1548        RDSessMgr - ok
19:27:51.0850 1548        redbook        (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:27:52.0037 1548        redbook - ok
19:27:52.0084 1548        RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
19:27:52.0287 1548        RemoteAccess - ok
19:27:52.0334 1548        RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
19:27:52.0553 1548        RpcLocator - ok
19:27:52.0615 1548        RpcSs          (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
19:27:52.0662 1548        RpcSs - ok
19:27:52.0709 1548        RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
19:27:52.0912 1548        RSVP - ok
19:27:52.0959 1548        rtl8139        (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
19:27:53.0162 1548        rtl8139 - ok
19:27:53.0209 1548        SamSs          (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:27:53.0397 1548        SamSs - ok
19:27:53.0444 1548        SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
19:27:53.0647 1548        SCardSvr - ok
19:27:53.0694 1548        Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
19:27:53.0912 1548        Schedule - ok
19:27:53.0959 1548        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:27:54.0037 1548        Secdrv - ok
19:27:54.0100 1548        seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
19:27:54.0303 1548        seclogon - ok
19:27:54.0334 1548        SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
19:27:54.0522 1548        SENS - ok
19:27:54.0553 1548        serenum        (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
19:27:54.0756 1548        serenum - ok
19:27:54.0819 1548        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
19:27:54.0990 1548        Serial - ok
19:27:55.0037 1548        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:27:55.0225 1548        Sfloppy - ok
19:27:55.0272 1548        SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
19:27:55.0490 1548        SharedAccess - ok
19:27:55.0553 1548        ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
19:27:55.0584 1548        ShellHWDetection - ok
19:27:55.0600 1548        Simbad - ok
19:27:55.0662 1548        SiS315          (7469858341a5b6f22dedd2995f4d2ff2) C:\WINDOWS\system32\DRIVERS\sisgrp.sys
19:27:55.0725 1548        SiS315 - ok
19:27:55.0756 1548        SiSkp          (9a0f86efa0ef99115a23c8624e2e6bc7) C:\WINDOWS\system32\DRIVERS\srvkp.sys
19:27:55.0803 1548        SiSkp - ok
19:27:55.0819 1548        Sparrow - ok
19:27:55.0865 1548        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:27:56.0053 1548        splitter - ok
19:27:56.0100 1548        Spooler        (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
19:27:56.0147 1548        Spooler - ok
19:27:56.0194 1548        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
19:27:56.0303 1548        sr - ok
19:27:56.0365 1548        srservice      (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
19:27:56.0459 1548        srservice - ok
19:27:56.0522 1548        Srv            (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
19:27:56.0584 1548        Srv - ok
19:27:56.0647 1548        SSDPSRV        (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
19:27:56.0756 1548        SSDPSRV - ok
19:27:56.0803 1548        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
19:27:56.0819 1548        ssmdrv - ok
19:27:56.0881 1548        stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
19:27:57.0115 1548        stisvc - ok
19:27:57.0147 1548        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:27:57.0350 1548        swenum - ok
19:27:57.0412 1548        swmidi          (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
19:27:57.0428 1548        swmidi ( UnsignedFile.Multi.Generic ) - warning
19:27:57.0428 1548        swmidi - detected UnsignedFile.Multi.Generic (1)
19:27:57.0428 1548        SwPrv - ok
19:27:57.0459 1548        symc810 - ok
19:27:57.0490 1548        symc8xx - ok
19:27:57.0537 1548        symlcbrd        (b226f8a4d780acdf76145b58bb791d5b) C:\WINDOWS\system32\drivers\symlcbrd.sys
19:27:57.0569 1548        symlcbrd - ok
19:27:57.0584 1548        sym_hi - ok
19:27:57.0600 1548        sym_u3 - ok
19:27:57.0647 1548        sysaudio        (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
19:27:57.0787 1548        sysaudio - ok
19:27:57.0834 1548        SysmonLog      (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
19:27:58.0053 1548        SysmonLog - ok
19:27:58.0100 1548        TapiSrv        (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
19:27:58.0287 1548        TapiSrv - ok
19:27:58.0350 1548        Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:27:58.0428 1548        Tcpip - ok
19:27:58.0475 1548        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:27:58.0662 1548        TDPIPE - ok
19:27:58.0709 1548        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:27:58.0928 1548        TDTCP - ok
19:27:58.0975 1548        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:27:59.0178 1548        TermDD - ok
19:27:59.0240 1548        TermService    (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
19:27:59.0459 1548        TermService - ok
19:27:59.0506 1548        Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
19:27:59.0537 1548        Themes - ok
19:27:59.0647 1548        TNPacket        (52ab2f2b0d2fd7cc2fdb489c449feb8e) C:\Programme\T-DSL SpeedManager\TNPACKET.SYS
19:27:59.0662 1548        TNPacket ( UnsignedFile.Multi.Generic ) - warning
19:27:59.0662 1548        TNPacket - detected UnsignedFile.Multi.Generic (1)
19:27:59.0694 1548        TosIde - ok
19:27:59.0756 1548        TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
19:27:59.0944 1548        TrkWks - ok
19:27:59.0975 1548        TSMService      (bf2236a5a39b21f694ccd7b5a6639e71) C:\Programme\T-DSL SpeedManager\tsmsvc.exe
19:28:00.0006 1548        TSMService ( UnsignedFile.Multi.Generic ) - warning
19:28:00.0006 1548        TSMService - detected UnsignedFile.Multi.Generic (1)
19:28:00.0053 1548        uagp35          (49c805d42d75eddc9b6a7130999c9054) C:\WINDOWS\system32\DRIVERS\uagp35.sys
19:28:00.0209 1548        uagp35 - ok
19:28:00.0240 1548        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:28:00.0428 1548        Udfs - ok
19:28:00.0444 1548        ultra - ok
19:28:00.0490 1548        UMWdf          (c81b8635dee0d3ef5f64b3dd643023a5) C:\WINDOWS\system32\wdfmgr.exe
19:28:00.0537 1548        UMWdf - ok
19:28:00.0615 1548        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:28:00.0834 1548        Update - ok
19:28:00.0897 1548        upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
19:28:01.0022 1548        upnphost - ok
19:28:01.0069 1548        UPS            (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
19:28:01.0287 1548        UPS - ok
19:28:01.0350 1548        usbccgp        (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:28:01.0522 1548        usbccgp - ok
19:28:01.0569 1548        usbehci        (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:28:01.0772 1548        usbehci - ok
19:28:01.0819 1548        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:28:02.0006 1548        usbhub - ok
19:28:02.0053 1548        usbohci        (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:28:02.0240 1548        usbohci - ok
19:28:02.0287 1548        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:28:02.0459 1548        usbprint - ok
19:28:02.0506 1548        USBSTOR        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:28:02.0709 1548        USBSTOR - ok
19:28:02.0756 1548        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:28:02.0944 1548        VgaSave - ok
19:28:02.0959 1548        ViaIde - ok
19:28:03.0022 1548        VolSnap        (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
19:28:03.0194 1548        VolSnap - ok
19:28:03.0256 1548        VSS            (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
19:28:03.0365 1548        VSS - ok
19:28:03.0428 1548        W32Time        (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
19:28:03.0631 1548        W32Time - ok
19:28:03.0678 1548        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:28:03.0865 1548        Wanarp - ok
19:28:03.0881 1548        WDICA - ok
19:28:03.0944 1548        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:28:04.0131 1548        wdmaud - ok
19:28:04.0178 1548        WebClient      (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
19:28:04.0365 1548        WebClient - ok
19:28:04.0428 1548        winmgmt        (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
19:28:04.0631 1548        winmgmt - ok
19:28:04.0694 1548        WmdmPmSN        (a477391b7a8b0a0daabadb17cf533a4b) C:\WINDOWS\system32\MsPMSNSv.dll
19:28:04.0772 1548        WmdmPmSN - ok
19:28:04.0819 1548        WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:28:05.0037 1548        WmiApSrv - ok
19:28:05.0365 1548        wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
19:28:05.0553 1548        wscsvc - ok
19:28:05.0600 1548        wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
19:28:05.0787 1548        wuauserv - ok
19:28:05.0850 1548        WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
19:28:06.0100 1548        WZCSVC - ok
19:28:06.0131 1548        xmlprov        (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
19:28:06.0334 1548        xmlprov - ok
19:28:06.0381 1548        MBR (0x1B8)    (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
19:28:06.0709 1548        \Device\Harddisk0\DR0 - ok
19:28:06.0740 1548        MBR (0x1B8)    (672d49b92adfa952c7ad0fb98d4ad10b) \Device\Harddisk1\DR1
19:28:08.0600 1548        \Device\Harddisk1\DR1 - ok
19:28:08.0631 1548        Boot (0x1200)  (ab4fc60439735b5e605b431d684929ce) \Device\Harddisk0\DR0\Partition0
19:28:08.0631 1548        \Device\Harddisk0\DR0\Partition0 - ok
19:28:08.0662 1548        Boot (0x1200)  (08a5f8063296affba09d99ec332eaefa) \Device\Harddisk0\DR0\Partition1
19:28:08.0662 1548        \Device\Harddisk0\DR0\Partition1 - ok
19:28:08.0678 1548        Boot (0x1200)  (8596dc2f1ffbde405285adfb8f432d16) \Device\Harddisk1\DR1\Partition0
19:28:08.0678 1548        \Device\Harddisk1\DR1\Partition0 - ok
19:28:08.0694 1548        ============================================================
19:28:08.0694 1548        Scan finished
19:28:08.0694 1548        ============================================================
19:28:08.0834 2416        Detected object count: 7
19:28:08.0834 2416        Actual detected object count: 7
19:30:44.0490 2416        C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe - copied to quarantine
19:30:44.0490 2416        aspnet_state ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
19:30:44.0662 2416        C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe - copied to quarantine
19:30:44.0662 2416        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
19:30:44.0772 2416        C:\PROGRA~1\T-DSLS~1\PCANDIS5.SYS - copied to quarantine
19:30:44.0772 2416        PCANDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
19:30:44.0850 2416        C:\WINDOWS\system32\Drivers\PtbTalk.sys - copied to quarantine
19:30:44.0850 2416        PortTalk ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
19:30:44.0944 2416        C:\WINDOWS\system32\drivers\swmidi.sys - copied to quarantine
19:30:44.0944 2416        swmidi ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
19:30:44.0990 2416        C:\Programme\T-DSL SpeedManager\TNPACKET.SYS - copied to quarantine
19:30:44.0990 2416        TNPacket ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
19:30:45.0084 2416        C:\Programme\T-DSL SpeedManager\tsmsvc.exe - copied to quarantine
19:30:45.0084 2416        TSMService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
19:31:05.0037 4040        ============================================================
19:31:05.0037 4040        Scan started
19:31:05.0037 4040        Mode: Manual; SigCheck; TDLFS;
19:31:05.0037 4040        ============================================================
19:31:05.0225 4040        Abiosdsk - ok
19:31:05.0240 4040        abp480n5 - ok
19:31:05.0319 4040        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:31:05.0600 4040        ACPI - ok
19:31:05.0647 4040        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
19:31:05.0850 4040        ACPIEC - ok
19:31:05.0865 4040        adpu160m - ok
19:31:05.0912 4040        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:31:06.0131 4040        aec - ok
19:31:06.0194 4040        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
19:31:06.0225 4040        AFD - ok
19:31:06.0256 4040        Aha154x - ok
19:31:06.0272 4040        aic78u2 - ok
19:31:06.0303 4040        aic78xx - ok
19:31:06.0459 4040        ALCXWDM        (35045a23957a71ba649740741e69408c) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
19:31:06.0709 4040        ALCXWDM - ok
19:31:06.0819 4040        Alerter        (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
19:31:07.0037 4040        Alerter - ok
19:31:07.0069 4040        ALG            (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
19:31:07.0162 4040        ALG - ok
19:31:07.0194 4040        AliIde - ok
19:31:07.0209 4040        amsint - ok
19:31:07.0272 4040        AN983          (e2ad6cc7d407f2b5cb2899775cf84f51) C:\WINDOWS\system32\DRIVERS\AN983.sys
19:31:07.0303 4040        AN983 - ok
19:31:07.0412 4040        AntiVirSchedulerService (b4837fe56d76b2e9ea90e5365cf6a2be) C:\Programme\Avira\AntiVir Desktop\sched.exe
19:31:07.0428 4040        AntiVirSchedulerService - ok
19:31:07.0490 4040        AntiVirService  (df5a3016052755c910a206058b4a1729) C:\Programme\Avira\AntiVir Desktop\avguard.exe
19:31:07.0506 4040        AntiVirService - ok
19:31:07.0522 4040        AppMgmt - ok
19:31:07.0553 4040        asc - ok
19:31:07.0553 4040        asc3350p - ok
19:31:07.0584 4040        asc3550 - ok
19:31:07.0678 4040        aspnet_state    (e1a1206a4fb19b675e947b29ccd25fba) C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
19:31:07.0709 4040        aspnet_state ( UnsignedFile.Multi.Generic ) - warning
19:31:07.0709 4040        aspnet_state - detected UnsignedFile.Multi.Generic (1)
19:31:07.0772 4040        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:31:07.0959 4040        AsyncMac - ok
19:31:08.0006 4040        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:31:08.0256 4040        atapi - ok
19:31:08.0272 4040        Atdisk - ok
19:31:08.0303 4040        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:31:08.0506 4040        Atmarpc - ok
19:31:08.0537 4040        AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
19:31:08.0740 4040        AudioSrv - ok
19:31:08.0772 4040        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:31:08.0975 4040        audstub - ok
19:31:09.0022 4040        Automatisches LiveUpdate - Scheduler - ok
19:31:09.0069 4040        avgio          (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
19:31:09.0084 4040        avgio - ok
19:31:09.0131 4040        avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
19:31:09.0162 4040        avgntflt - ok
19:31:09.0194 4040        avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
19:31:09.0209 4040        avipbb - ok
19:31:09.0256 4040        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:31:09.0444 4040        Beep - ok
19:31:09.0522 4040        BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
19:31:09.0725 4040        BITS - ok
19:31:09.0787 4040        Brother XP spl Service (d3facb34fff5db91adb70987838f8ba7) C:\WINDOWS\system32\brsvc01a.exe
19:31:09.0819 4040        Brother XP spl Service - ok
19:31:09.0865 4040        Browser        (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
19:31:10.0084 4040        Browser - ok
19:31:10.0147 4040        BrScnUsb        (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\Drivers\BrScnUsb.sys
19:31:10.0178 4040        BrScnUsb - ok
19:31:10.0240 4040        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:31:10.0444 4040        cbidf2k - ok
19:31:10.0459 4040        cd20xrnt - ok
19:31:10.0506 4040        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:31:10.0709 4040        Cdaudio - ok
19:31:10.0756 4040        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:31:10.0959 4040        Cdfs - ok
19:31:10.0990 4040        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:31:11.0209 4040        Cdrom - ok
19:31:11.0225 4040        Changer - ok
19:31:11.0272 4040        CiSvc          (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
19:31:11.0459 4040        CiSvc - ok
19:31:11.0490 4040        ClipSrv        (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
19:31:11.0709 4040        ClipSrv - ok
19:31:11.0725 4040        CmdIde - ok
19:31:11.0740 4040        COMSysApp - ok
19:31:11.0772 4040        Cpqarray - ok
19:31:11.0819 4040        CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
19:31:12.0037 4040        CryptSvc - ok
19:31:12.0053 4040        dac2w2k - ok
19:31:12.0069 4040        dac960nt - ok
19:31:12.0147 4040        DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
19:31:12.0209 4040        DcomLaunch - ok
19:31:12.0287 4040        Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
19:31:12.0475 4040        Dhcp - ok
19:31:12.0537 4040        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:31:12.0756 4040        Disk - ok
19:31:12.0772 4040        dmadmin - ok
19:31:12.0865 4040        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
19:31:13.0069 4040        dmboot - ok
19:31:13.0131 4040        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
19:31:13.0350 4040        dmio - ok
19:31:13.0381 4040        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:31:13.0584 4040        dmload - ok
19:31:13.0631 4040        dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
19:31:13.0834 4040        dmserver - ok
19:31:13.0881 4040        DMusic          (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
19:31:14.0022 4040        DMusic - ok
19:31:14.0069 4040        Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
19:31:14.0100 4040        Dnscache - ok
19:31:14.0162 4040        Dot3svc        (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
19:31:14.0365 4040        Dot3svc - ok
19:31:14.0428 4040        Dot4            (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
19:31:14.0631 4040        Dot4 - ok
19:31:14.0662 4040        Dot4Print      (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
19:31:14.0865 4040        Dot4Print - ok
19:31:14.0912 4040        Dot4Scan        (bd05306428da63369692477ddc0f6f5f) C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys
19:31:15.0115 4040        Dot4Scan - ok
19:31:15.0131 4040        dpti2o - ok
19:31:15.0178 4040        drmkaud        (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
19:31:15.0319 4040        drmkaud - ok
19:31:15.0381 4040        EapHost        (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
19:31:15.0600 4040        EapHost - ok
19:31:15.0678 4040        EraserUtilRebootDrv - ok
19:31:15.0725 4040        ERSvc          (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
19:31:15.0912 4040        ERSvc - ok
19:31:15.0959 4040        Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
19:31:15.0990 4040        Eventlog - ok
19:31:16.0037 4040        EventSystem    (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
19:31:16.0084 4040        EventSystem - ok
19:31:16.0131 4040        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:31:16.0334 4040        Fastfat - ok
19:31:16.0381 4040        FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
19:31:16.0412 4040        FastUserSwitchingCompatibility - ok
19:31:16.0459 4040        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
19:31:16.0662 4040        Fdc - ok
19:31:16.0709 4040        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
19:31:16.0912 4040        Fips - ok
19:31:16.0944 4040        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:31:17.0162 4040        Flpydisk - ok
19:31:17.0209 4040        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
19:31:17.0381 4040        FltMgr - ok
19:31:17.0444 4040        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:31:17.0647 4040        Fs_Rec - ok
19:31:17.0678 4040        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:31:17.0881 4040        Ftdisk - ok
19:31:17.0928 4040        fwdrv          (1ff2eef447a177df2c544b80f8f7f879) C:\WINDOWS\system32\drivers\fwdrv.sys
19:31:17.0959 4040        fwdrv - ok
19:31:18.0006 4040        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:31:18.0209 4040        Gpc - ok
19:31:18.0334 4040        gupdate        (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
19:31:18.0365 4040        gupdate - ok
19:31:18.0381 4040        gupdatem        (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
19:31:18.0412 4040        gupdatem - ok
19:31:18.0475 4040        gusvc          (cc839e8d766cc31a7710c9f38cf3e375) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
19:31:18.0490 4040        gusvc - ok
19:31:18.0569 4040        helpsvc        (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:31:18.0756 4040        helpsvc - ok
19:31:18.0772 4040        HidServ - ok
19:31:18.0819 4040        hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
19:31:19.0022 4040        hkmsvc - ok
19:31:19.0037 4040        hpn - ok
19:31:19.0100 4040        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
19:31:19.0162 4040        HTTP - ok
19:31:19.0209 4040        HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
19:31:19.0428 4040        HTTPFilter - ok
19:31:19.0444 4040        i2omgmt - ok
19:31:19.0475 4040        i2omp - ok
19:31:19.0506 4040        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:31:19.0694 4040        i8042prt - ok
19:31:19.0819 4040        IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:31:19.0850 4040        IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:31:19.0850 4040        IDriverT - detected UnsignedFile.Multi.Generic (1)
19:31:19.0881 4040        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:31:20.0084 4040        Imapi - ok
19:31:20.0131 4040        ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
19:31:20.0319 4040        ImapiService - ok
19:31:20.0350 4040        ini910u - ok
19:31:20.0381 4040        IntelIde - ok
19:31:20.0428 4040        intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:31:20.0615 4040        intelppm - ok
19:31:20.0662 4040        Ip6Fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
19:31:20.0865 4040        Ip6Fw - ok
19:31:20.0912 4040        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:31:21.0100 4040        IpFilterDriver - ok
19:31:21.0162 4040        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:31:21.0365 4040        IpInIp - ok
19:31:21.0412 4040        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:31:21.0600 4040        IpNat - ok
19:31:21.0647 4040        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:31:21.0850 4040        IPSec - ok
19:31:21.0881 4040        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:31:21.0990 4040        IRENUM - ok
19:31:22.0053 4040        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:31:22.0256 4040        isapnp - ok
19:31:22.0365 4040        JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Programme\Java\jre6\bin\jqs.exe
19:31:22.0381 4040        JavaQuickStarterService - ok
19:31:22.0428 4040        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:31:22.0615 4040        Kbdclass - ok
19:31:22.0662 4040        khips          (304ce9fb3d64caa07b940bef4f8c2dcd) C:\WINDOWS\system32\drivers\khips.sys
19:31:22.0678 4040        khips - ok
19:31:22.0740 4040        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:31:22.0928 4040        kmixer - ok
19:31:23.0037 4040        KPF4            (9ef600c64435ccfdea01c991289e76ec) C:\Programme\Sunbelt Software\Personal Firewall\kpf4ss.exe
19:31:23.0147 4040        KPF4 - ok
19:31:23.0256 4040        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
19:31:23.0287 4040        KSecDD - ok
19:31:23.0350 4040        lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
19:31:23.0381 4040        lanmanserver - ok
19:31:23.0444 4040        lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
19:31:23.0475 4040        lanmanworkstation - ok
19:31:23.0490 4040        lbrtfdc - ok
19:31:23.0537 4040        LmHosts        (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
19:31:23.0725 4040        LmHosts - ok
19:31:23.0772 4040        MBAMSwissArmy  (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
19:31:23.0803 4040        MBAMSwissArmy - ok
19:31:23.0897 4040        McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe
19:31:23.0912 4040        McComponentHostService - ok
19:31:23.0959 4040        Messenger      (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
19:31:24.0147 4040        Messenger - ok
19:31:24.0194 4040        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:31:24.0397 4040        mnmdd - ok
19:31:24.0444 4040        mnmsrvc        (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
19:31:24.0631 4040        mnmsrvc - ok
19:31:24.0662 4040        Modem          (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
19:31:24.0865 4040        Modem - ok
19:31:24.0897 4040        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:31:25.0100 4040        Mouclass - ok
19:31:25.0131 4040        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:31:25.0350 4040        MountMgr - ok
19:31:25.0365 4040        mraid35x - ok
19:31:25.0412 4040        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:31:25.0584 4040        MRxDAV - ok
19:31:25.0647 4040        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:31:25.0694 4040        MRxSmb - ok
19:31:25.0725 4040        MSDTC          (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
19:31:25.0912 4040        MSDTC - ok
19:31:25.0959 4040        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:31:26.0147 4040        Msfs - ok
19:31:26.0162 4040        MSIServer - ok
19:31:26.0194 4040        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:31:26.0397 4040        MSKSSRV - ok
19:31:26.0428 4040        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:31:26.0600 4040        MSPCLOCK - ok
19:31:26.0631 4040        MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:31:26.0819 4040        MSPQM - ok
19:31:26.0865 4040        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:31:27.0022 4040        mssmbios - ok
19:31:27.0084 4040        Mup            (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
19:31:27.0115 4040        Mup - ok
19:31:27.0209 4040        napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
19:31:27.0397 4040        napagent - ok
19:31:27.0475 4040        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:31:27.0662 4040        NDIS - ok
19:31:27.0694 4040        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:31:27.0725 4040        NdisTapi - ok
19:31:27.0756 4040        Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:31:27.0944 4040        Ndisuio - ok
19:31:27.0990 4040        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:31:28.0194 4040        NdisWan - ok
19:31:28.0240 4040        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
19:31:28.0272 4040        NDProxy - ok
19:31:28.0303 4040        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:31:28.0475 4040        NetBIOS - ok
19:31:28.0537 4040        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:31:28.0709 4040        NetBT - ok
19:31:28.0772 4040        NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
19:31:28.0959 4040        NetDDE - ok
19:31:28.0959 4040        NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
19:31:29.0178 4040        NetDDEdsdm - ok
19:31:29.0209 4040        Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:31:29.0412 4040        Netlogon - ok
19:31:29.0459 4040        Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
19:31:29.0647 4040        Netman - ok
19:31:29.0694 4040        Nla            (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
19:31:29.0725 4040        Nla - ok
19:31:29.0772 4040        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:31:29.0959 4040        Npfs - ok
19:31:30.0037 4040        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:31:30.0256 4040        Ntfs - ok
19:31:30.0272 4040        NtLmSsp        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:31:30.0459 4040        NtLmSsp - ok
19:31:30.0506 4040        NtmsSvc        (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
19:31:30.0709 4040        NtmsSvc - ok
19:31:30.0756 4040        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:31:30.0928 4040        Null - ok
19:31:30.0975 4040        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:31:31.0178 4040        NwlnkFlt - ok
19:31:31.0225 4040        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:31:31.0412 4040        NwlnkFwd - ok
19:31:31.0490 4040        ose            (7a56cf3e3f12e8af599963b16f50fb6a) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
19:31:31.0506 4040        ose - ok
19:31:31.0569 4040        Parport        (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
19:31:31.0756 4040        Parport - ok
19:31:31.0787 4040        PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:31:32.0006 4040        PartMgr - ok
19:31:32.0053 4040        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
19:31:32.0225 4040        ParVdm - ok
19:31:32.0287 4040        PCANDIS5        (d0084a9ade989fe703e4f22171f4e4dc) C:\PROGRA~1\T-DSLS~1\PCANDIS5.SYS
19:31:32.0319 4040        PCANDIS5 ( UnsignedFile.Multi.Generic ) - warning
19:31:32.0319 4040        PCANDIS5 - detected UnsignedFile.Multi.Generic (1)
19:31:32.0365 4040        PCI            (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
19:31:32.0569 4040        PCI - ok
19:31:32.0584 4040        PCIDump - ok
19:31:32.0647 4040        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:31:32.0834 4040        PCIIde - ok
19:31:32.0881 4040        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
19:31:33.0069 4040        Pcmcia - ok
19:31:33.0084 4040        PDCOMP - ok
19:31:33.0115 4040        PDFRAME - ok
19:31:33.0131 4040        PDRELI - ok
19:31:33.0162 4040        PDRFRAME - ok
19:31:33.0194 4040        perc2 - ok
19:31:33.0209 4040        perc2hib - ok
19:31:33.0287 4040        PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
19:31:33.0319 4040        PlugPlay - ok
19:31:33.0334 4040        PolicyAgent    (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:31:33.0537 4040        PolicyAgent - ok
19:31:33.0569 4040        PortTalk        (7d5a2d755b6c6579f63657b527d6ff1b) C:\WINDOWS\system32\Drivers\PtbTalk.sys
19:31:33.0584 4040        PortTalk ( UnsignedFile.Multi.Generic ) - warning
19:31:33.0584 4040        PortTalk - detected UnsignedFile.Multi.Generic (1)
19:31:33.0631 4040        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:31:33.0819 4040        PptpMiniport - ok
19:31:33.0850 4040        ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:31:34.0022 4040        ProtectedStorage - ok
19:31:34.0053 4040        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
19:31:34.0240 4040        PSched - ok
19:31:34.0287 4040        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:31:34.0475 4040        Ptilink - ok
19:31:34.0490 4040        ql1080 - ok
19:31:34.0522 4040        Ql10wnt - ok
19:31:34.0537 4040        ql12160 - ok
19:31:34.0569 4040        ql1240 - ok
19:31:34.0584 4040        ql1280 - ok
19:31:34.0615 4040        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:31:34.0803 4040        RasAcd - ok
19:31:34.0850 4040        RasAuto        (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
19:31:35.0053 4040        RasAuto - ok
19:31:35.0069 4040        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:31:35.0272 4040        Rasl2tp - ok
19:31:35.0334 4040        RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
19:31:35.0522 4040        RasMan - ok
19:31:35.0537 4040        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:31:35.0725 4040        RasPppoe - ok
19:31:35.0756 4040        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:31:35.0912 4040        Raspti - ok
19:31:35.0975 4040        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:31:36.0147 4040        Rdbss - ok
19:31:36.0194 4040        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:31:36.0365 4040        RDPCDD - ok
19:31:36.0412 4040        RDPWD          (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
19:31:36.0459 4040        RDPWD - ok
19:31:36.0506 4040        RDSessMgr      (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
19:31:36.0694 4040        RDSessMgr - ok
19:31:36.0756 4040        redbook        (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:31:36.0944 4040        redbook - ok
19:31:36.0990 4040        RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
19:31:37.0178 4040        RemoteAccess - ok
19:31:37.0225 4040        RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
19:31:37.0412 4040        RpcLocator - ok
19:31:37.0475 4040        RpcSs          (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
19:31:37.0522 4040        RpcSs - ok
19:31:37.0584 4040        RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
19:31:37.0756 4040        RSVP - ok
19:31:37.0819 4040        rtl8139        (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
19:31:37.0975 4040        rtl8139 - ok
19:31:38.0037 4040        SamSs          (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:31:38.0225 4040        SamSs - ok
19:31:38.0272 4040        SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
19:31:38.0444 4040        SCardSvr - ok
19:31:38.0490 4040        Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
19:31:38.0662 4040        Schedule - ok
19:31:38.0709 4040        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:31:38.0787 4040        Secdrv - ok
19:31:38.0850 4040        seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
19:31:39.0022 4040        seclogon - ok
19:31:39.0069 4040        SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
19:31:39.0240 4040        SENS - ok
19:31:39.0287 4040        serenum        (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
19:31:39.0506 4040        serenum - ok
19:31:39.0537 4040        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
19:31:39.0709 4040        Serial - ok
19:31:39.0740 4040        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:31:39.0928 4040        Sfloppy - ok
19:31:39.0990 4040        SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
19:31:40.0209 4040        SharedAccess - ok
19:31:40.0256 4040        ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
19:31:40.0272 4040        ShellHWDetection - ok
19:31:40.0287 4040        Simbad - ok
19:31:40.0350 4040        SiS315          (7469858341a5b6f22dedd2995f4d2ff2) C:\WINDOWS\system32\DRIVERS\sisgrp.sys
19:31:40.0397 4040        SiS315 - ok
19:31:40.0412 4040        SiSkp          (9a0f86efa0ef99115a23c8624e2e6bc7) C:\WINDOWS\system32\DRIVERS\srvkp.sys
19:31:40.0444 4040        SiSkp - ok
19:31:40.0475 4040        Sparrow - ok
19:31:40.0506 4040        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:31:40.0694 4040        splitter - ok
19:31:40.0740 4040        Spooler        (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
19:31:40.0787 4040        Spooler - ok
19:31:40.0834 4040        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
19:31:40.0928 4040        sr - ok
19:31:40.0959 4040        srservice      (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
19:31:41.0069 4040        srservice - ok
19:31:41.0115 4040        Srv            (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
19:31:41.0178 4040        Srv - ok
19:31:41.0240 4040        SSDPSRV        (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
19:31:41.0334 4040        SSDPSRV - ok
19:31:41.0365 4040        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
19:31:41.0381 4040        ssmdrv - ok
19:31:41.0459 4040        stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
19:31:41.0662 4040        stisvc - ok
19:31:41.0709 4040        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:31:41.0912 4040        swenum - ok
19:31:41.0959 4040        swmidi          (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
19:31:41.0975 4040        swmidi ( UnsignedFile.Multi.Generic ) - warning
19:31:41.0975 4040        swmidi - detected UnsignedFile.Multi.Generic (1)
19:31:41.0990 4040        SwPrv - ok
19:31:42.0022 4040        symc810 - ok
19:31:42.0053 4040        symc8xx - ok
19:31:42.0100 4040        symlcbrd        (b226f8a4d780acdf76145b58bb791d5b) C:\WINDOWS\system32\drivers\symlcbrd.sys
19:31:42.0115 4040        symlcbrd - ok
19:31:42.0131 4040        sym_hi - ok
19:31:42.0162 4040        sym_u3 - ok
19:31:42.0209 4040        sysaudio        (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
19:31:42.0334 4040        sysaudio - ok
19:31:42.0397 4040        SysmonLog      (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
19:31:42.0584 4040        SysmonLog - ok
19:31:42.0631 4040        TapiSrv        (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
19:31:42.0819 4040        TapiSrv - ok
19:31:42.0897 4040        Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:31:42.0944 4040        Tcpip - ok
19:31:43.0006 4040        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:31:43.0178 4040        TDPIPE - ok
19:31:43.0225 4040        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:31:43.0428 4040        TDTCP - ok
19:31:43.0475 4040        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:31:43.0662 4040        TermDD - ok
19:31:43.0740 4040        TermService    (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
19:31:43.0912 4040        TermService - ok
19:31:43.0959 4040        Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
19:31:43.0990 4040        Themes - ok
19:31:44.0084 4040        TNPacket        (52ab2f2b0d2fd7cc2fdb489c449feb8e) C:\Programme\T-DSL SpeedManager\TNPACKET.SYS
19:31:44.0100 4040        TNPacket ( UnsignedFile.Multi.Generic ) - warning
19:31:44.0100 4040        TNPacket - detected UnsignedFile.Multi.Generic (1)
19:31:44.0115 4040        TosIde - ok
19:31:44.0178 4040        TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
19:31:44.0381 4040        TrkWks - ok
19:31:44.0428 4040        TSMService      (bf2236a5a39b21f694ccd7b5a6639e71) C:\Programme\T-DSL SpeedManager\tsmsvc.exe
19:31:44.0444 4040        TSMService ( UnsignedFile.Multi.Generic ) - warning
19:31:44.0444 4040        TSMService - detected UnsignedFile.Multi.Generic (1)
19:31:44.0506 4040        uagp35          (49c805d42d75eddc9b6a7130999c9054) C:\WINDOWS\system32\DRIVERS\uagp35.sys
19:31:44.0647 4040        uagp35 - ok
19:31:44.0694 4040        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:31:44.0850 4040        Udfs - ok
19:31:44.0865 4040        ultra - ok
19:31:44.0912 4040        UMWdf          (c81b8635dee0d3ef5f64b3dd643023a5) C:\WINDOWS\system32\wdfmgr.exe
19:31:44.0944 4040        UMWdf - ok
19:31:45.0006 4040        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:31:45.0225 4040        Update - ok
19:31:45.0272 4040        upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
19:31:45.0381 4040        upnphost - ok
19:31:45.0428 4040        UPS            (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
19:31:45.0600 4040        UPS - ok
19:31:45.0662 4040        usbccgp        (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:31:45.0834 4040        usbccgp - ok
19:31:45.0881 4040        usbehci        (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:31:46.0069 4040        usbehci - ok
19:31:46.0115 4040        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:31:46.0303 4040        usbhub - ok
19:31:46.0350 4040        usbohci        (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:31:46.0522 4040        usbohci - ok
19:31:46.0569 4040        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:31:46.0772 4040        usbprint - ok
19:31:46.0803 4040        USBSTOR        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:31:46.0975 4040        USBSTOR - ok
19:31:47.0022 4040        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:31:47.0209 4040        VgaSave - ok
19:31:47.0240 4040        ViaIde - ok
19:31:47.0287 4040        VolSnap        (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
19:31:47.0459 4040        VolSnap - ok
19:31:47.0522 4040        VSS            (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
19:31:47.0615 4040        VSS - ok
19:31:47.0678 4040        W32Time        (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
19:31:47.0834 4040        W32Time - ok
19:31:47.0897 4040        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:31:48.0100 4040        Wanarp - ok
19:31:48.0115 4040        WDICA - ok
19:31:48.0162 4040        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:31:48.0334 4040        wdmaud - ok
19:31:48.0381 4040        WebClient      (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
19:31:48.0553 4040        WebClient - ok
19:31:48.0647 4040        winmgmt        (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
19:31:48.0819 4040        winmgmt - ok
19:31:48.0881 4040        WmdmPmSN        (a477391b7a8b0a0daabadb17cf533a4b) C:\WINDOWS\system32\MsPMSNSv.dll
19:31:48.0928 4040        WmdmPmSN - ok
19:31:48.0990 4040        WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:31:49.0178 4040        WmiApSrv - ok
19:31:49.0240 4040        wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
19:31:49.0412 4040        wscsvc - ok
19:31:49.0459 4040        wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
19:31:49.0631 4040        wuauserv - ok
19:31:49.0694 4040        WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
19:31:49.0897 4040        WZCSVC - ok
19:31:49.0928 4040        xmlprov        (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
19:31:50.0115 4040        xmlprov - ok
19:31:50.0147 4040        MBR (0x1B8)    (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
19:31:50.0459 4040        \Device\Harddisk0\DR0 - ok
19:31:50.0475 4040        MBR (0x1B8)    (672d49b92adfa952c7ad0fb98d4ad10b) \Device\Harddisk1\DR1
19:31:52.0334 4040        \Device\Harddisk1\DR1 - ok
19:31:52.0365 4040        Boot (0x1200)  (ab4fc60439735b5e605b431d684929ce) \Device\Harddisk0\DR0\Partition0
19:31:52.0365 4040        \Device\Harddisk0\DR0\Partition0 - ok
19:31:52.0397 4040        Boot (0x1200)  (08a5f8063296affba09d99ec332eaefa) \Device\Harddisk0\DR0\Partition1
19:31:52.0397 4040        \Device\Harddisk0\DR0\Partition1 - ok
19:31:52.0428 4040        Boot (0x1200)  (8596dc2f1ffbde405285adfb8f432d16) \Device\Harddisk1\DR1\Partition0
19:31:52.0428 4040        \Device\Harddisk1\DR1\Partition0 - ok
19:31:52.0444 4040        ============================================================
19:31:52.0444 4040        Scan finished
19:31:52.0444 4040        ============================================================
19:31:52.0475 4068        Detected object count: 7
19:31:52.0475 4068        Actual detected object count: 7
19:32:06.0412 4068        C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe - copied to quarantine
19:32:06.0412 4068        aspnet_state ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
19:32:06.0553 4068        C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe - copied to quarantine
19:32:06.0553 4068        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
19:32:06.0647 4068        C:\PROGRA~1\T-DSLS~1\PCANDIS5.SYS - copied to quarantine
19:32:06.0647 4068        PCANDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
19:32:06.0725 4068        C:\WINDOWS\system32\Drivers\PtbTalk.sys - copied to quarantine
19:32:06.0725 4068        PortTalk ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
19:32:06.0834 4068        C:\WINDOWS\system32\drivers\swmidi.sys - copied to quarantine
19:32:06.0850 4068        swmidi ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
19:32:06.0881 4068        C:\Programme\T-DSL SpeedManager\TNPACKET.SYS - copied to quarantine
19:32:06.0881 4068        TNPacket ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
19:32:06.0959 4068        C:\Programme\T-DSL SpeedManager\tsmsvc.exe - copied to quarantine
19:32:06.0959 4068        TSMService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
19:32:22.0725 2176        Deinitialize success
Gruß
Harry

cosinus 04.05.2012 18:54
Was bitte hast du eigentlich an diesem Hinweis nicht verstanden?!

Zitat:
Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!
Du solltest erstmal jeden Fund mit dem TDSS-Killer nur überspringen (skippen) und nichts anderes machen!!

fharry 04.05.2012 23:40
Hallo Arne,
ich habe nichts gelöscht nur in Quarantie gelegt.
Hier ein neuer lauf vom TDSS
Code:
00:26:51.0878 2264        TDSS rootkit removing tool 2.7.34.0 May  2 2012 09:59:18
00:26:53.0878 2264        ============================================================
00:26:53.0878 2264        Current date / time: 2012/05/05 00:26:53.0878
00:26:53.0878 2264        SystemInfo:
00:26:53.0878 2264       
00:26:53.0878 2264        OS Version: 5.1.2600 ServicePack: 3.0
00:26:53.0878 2264        Product type: Workstation
00:26:53.0878 2264        ComputerName: TUS
00:26:53.0878 2264        UserName: Admin
00:26:53.0878 2264        Windows directory: C:\WINDOWS
00:26:53.0878 2264        System windows directory: C:\WINDOWS
00:26:53.0878 2264        Processor architecture: Intel x86
00:26:53.0878 2264        Number of processors: 1
00:26:53.0878 2264        Page size: 0x1000
00:26:53.0878 2264        Boot type: Normal boot
00:26:53.0878 2264        ============================================================
00:27:07.0300 2264        Drive \Device\Harddisk0\DR0 - Size: 0x9516AE000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
00:27:07.0316 2264        Drive \Device\Harddisk1\DR1 - Size: 0xC0720000 (3.01 Gb), SectorSize: 0x200, Cylinders: 0x30E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x80, Type 'K0', Flags 0x00000054
00:27:07.0425 2264        ============================================================
00:27:07.0425 2264        \Device\Harddisk0\DR0:
00:27:07.0503 2264        MBR partitions:
00:27:07.0503 2264        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1388AFC
00:27:07.0550 2264        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388B7A, BlocksNum 0x3700647
00:27:07.0550 2264        \Device\Harddisk1\DR1:
00:27:07.0597 2264        MBR partitions:
00:27:07.0597 2264        \Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x6038C1
00:27:07.0597 2264        ============================================================
00:27:07.0769 2264        C: <-> \Device\Harddisk0\DR0\Partition0
00:27:07.0988 2264        D: <-> \Device\Harddisk0\DR0\Partition1
00:27:08.0082 2264        E: <-> \Device\Harddisk1\DR1\Partition0
00:27:08.0253 2264        ============================================================
00:27:08.0253 2264        Initialize success
00:27:08.0253 2264        ============================================================
00:27:15.0754 2716        ============================================================
00:27:15.0754 2716        Scan started
00:27:15.0754 2716        Mode: Manual; SigCheck; TDLFS;
00:27:15.0754 2716        ============================================================
00:27:17.0394 2716        Abiosdsk - ok
00:27:17.0410 2716        abp480n5 - ok
00:27:17.0785 2716        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:27:22.0442 2716        ACPI - ok
00:27:22.0504 2716        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
00:27:22.0863 2716        ACPIEC - ok
00:27:22.0879 2716        adpu160m - ok
00:27:23.0238 2716        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
00:27:23.0535 2716        aec - ok
00:27:23.0848 2716        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
00:27:24.0004 2716        AFD - ok
00:27:24.0020 2716        Aha154x - ok
00:27:24.0035 2716        aic78u2 - ok
00:27:24.0067 2716        aic78xx - ok
00:27:28.0332 2716        ALCXWDM        (35045a23957a71ba649740741e69408c) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
00:27:29.0848 2716        ALCXWDM - ok
00:27:32.0083 2716        Alerter        (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
00:27:32.0317 2716        Alerter - ok
00:27:32.0426 2716        ALG            (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
00:27:32.0614 2716        ALG - ok
00:27:32.0770 2716        AliIde - ok
00:27:32.0786 2716        amsint - ok
00:27:32.0973 2716        AN983          (e2ad6cc7d407f2b5cb2899775cf84f51) C:\WINDOWS\system32\DRIVERS\AN983.sys
00:27:33.0223 2716        AN983 - ok
00:27:34.0255 2716        AntiVirSchedulerService (b4837fe56d76b2e9ea90e5365cf6a2be) C:\Programme\Avira\AntiVir Desktop\sched.exe
00:27:34.0411 2716        AntiVirSchedulerService - ok
00:27:34.0942 2716        AntiVirService  (df5a3016052755c910a206058b4a1729) C:\Programme\Avira\AntiVir Desktop\avguard.exe
00:27:35.0036 2716        AntiVirService - ok
00:27:35.0036 2716        AppMgmt - ok
00:27:35.0051 2716        asc - ok
00:27:35.0083 2716        asc3350p - ok
00:27:35.0098 2716        asc3550 - ok
00:27:35.0426 2716        aspnet_state    (e1a1206a4fb19b675e947b29ccd25fba) C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
00:27:35.0552 2716        aspnet_state ( UnsignedFile.Multi.Generic ) - warning
00:27:35.0552 2716        aspnet_state - detected UnsignedFile.Multi.Generic (1)
00:27:35.0708 2716        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:27:35.0958 2716        AsyncMac - ok
00:27:36.0114 2716        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
00:27:36.0348 2716        atapi - ok
00:27:36.0380 2716        Atdisk - ok
00:27:36.0911 2716        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:27:37.0192 2716        Atmarpc - ok
00:27:37.0286 2716        AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
00:27:37.0520 2716        AudioSrv - ok
00:27:37.0630 2716        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
00:27:37.0880 2716        audstub - ok
00:27:38.0036 2716        Automatisches LiveUpdate - Scheduler - ok
00:27:38.0114 2716        avgio          (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
00:27:38.0145 2716        avgio - ok
00:27:38.0708 2716        avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
00:27:38.0927 2716        avgntflt - ok
00:27:39.0364 2716        avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
00:27:39.0458 2716        avipbb - ok
00:27:39.0536 2716        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
00:27:39.0770 2716        Beep - ok
00:27:40.0505 2716        BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
00:27:41.0114 2716        BITS - ok
00:27:41.0224 2716        Brother XP spl Service (d3facb34fff5db91adb70987838f8ba7) C:\WINDOWS\system32\brsvc01a.exe
00:27:41.0286 2716        Brother XP spl Service - ok
00:27:41.0614 2716        Browser        (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
00:27:41.0911 2716        Browser - ok
00:27:41.0974 2716        BrScnUsb        (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\Drivers\BrScnUsb.sys
00:27:42.0130 2716        BrScnUsb - ok
00:27:42.0255 2716        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
00:27:42.0646 2716        cbidf2k - ok
00:27:42.0661 2716        cd20xrnt - ok
00:27:42.0708 2716        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
00:27:42.0974 2716        Cdaudio - ok
00:27:43.0052 2716        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
00:27:43.0302 2716        Cdfs - ok
00:27:43.0411 2716        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:27:43.0692 2716        Cdrom - ok
00:27:43.0692 2716        Changer - ok
00:27:43.0802 2716        CiSvc          (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
00:27:44.0021 2716        CiSvc - ok
00:27:44.0099 2716        ClipSrv        (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
00:27:44.0396 2716        ClipSrv - ok
00:27:44.0411 2716        CmdIde - ok
00:27:44.0443 2716        COMSysApp - ok
00:27:44.0474 2716        Cpqarray - ok
00:27:44.0864 2716        CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
00:27:45.0114 2716        CryptSvc - ok
00:27:45.0114 2716        dac2w2k - ok
00:27:45.0146 2716        dac960nt - ok
00:27:46.0083 2716        DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
00:27:46.0318 2716        DcomLaunch - ok
00:27:46.0646 2716        Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
00:27:46.0896 2716        Dhcp - ok
00:27:47.0083 2716        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
00:27:47.0380 2716        Disk - ok
00:27:47.0396 2716        dmadmin - ok
00:27:48.0943 2716        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
00:27:49.0583 2716        dmboot - ok
00:27:49.0927 2716        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
00:27:50.0287 2716        dmio - ok
00:27:50.0412 2716        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
00:27:50.0662 2716        dmload - ok
00:27:50.0802 2716        dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
00:27:51.0099 2716        dmserver - ok
00:27:51.0177 2716        DMusic          (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
00:27:51.0349 2716        DMusic - ok
00:27:51.0583 2716        Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
00:27:51.0740 2716        Dnscache - ok
00:27:52.0146 2716        Dot3svc        (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
00:27:52.0443 2716        Dot3svc - ok
00:27:52.0896 2716        Dot4            (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
00:27:53.0209 2716        Dot4 - ok
00:27:53.0287 2716        Dot4Print      (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
00:27:53.0537 2716        Dot4Print - ok
00:27:53.0787 2716        Dot4Scan        (bd05306428da63369692477ddc0f6f5f) C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys
00:27:54.0037 2716        Dot4Scan - ok
00:27:54.0052 2716        dpti2o - ok
00:27:54.0099 2716        drmkaud        (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
00:27:54.0271 2716        drmkaud - ok
00:27:54.0505 2716        EapHost        (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
00:27:54.0787 2716        EapHost - ok
00:27:54.0990 2716        EraserUtilRebootDrv - ok
00:27:55.0146 2716        ERSvc          (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
00:27:55.0381 2716        ERSvc - ok
00:27:56.0177 2716        Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
00:27:56.0240 2716        Eventlog - ok
00:27:56.0677 2716        EventSystem    (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
00:27:56.0865 2716        EventSystem - ok
00:27:57.0099 2716        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
00:27:57.0381 2716        Fastfat - ok
00:27:57.0896 2716        FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
00:27:58.0146 2716        FastUserSwitchingCompatibility - ok
00:27:58.0349 2716        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
00:27:58.0709 2716        Fdc - ok
00:27:58.0943 2716        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
00:27:59.0240 2716        Fips - ok
00:27:59.0318 2716        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
00:27:59.0568 2716        Flpydisk - ok
00:27:59.0834 2716        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
00:28:00.0193 2716        FltMgr - ok
00:28:00.0365 2716        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:28:00.0615 2716        Fs_Rec - ok
00:28:01.0553 2716        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:28:01.0928 2716        Ftdisk - ok
00:28:02.0475 2716        fwdrv          (1ff2eef447a177df2c544b80f8f7f879) C:\WINDOWS\system32\drivers\fwdrv.sys
00:28:02.0646 2716        fwdrv - ok
00:28:02.0709 2716        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:28:02.0943 2716        Gpc - ok
00:28:03.0365 2716        gupdate        (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
00:28:03.0443 2716        gupdate - ok
00:28:03.0459 2716        gupdatem        (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
00:28:03.0490 2716        gupdatem - ok
00:28:03.0912 2716        gusvc          (cc839e8d766cc31a7710c9f38cf3e375) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
00:28:04.0100 2716        gusvc - ok
00:28:04.0162 2716        helpsvc        (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:28:05.0303 2716        helpsvc - ok
00:28:05.0318 2716        HidServ - ok
00:28:05.0803 2716        hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
00:28:09.0241 2716        hkmsvc - ok
00:28:09.0272 2716        hpn - ok
00:28:09.0350 2716        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
00:28:09.0522 2716        HTTP - ok
00:28:09.0584 2716        HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
00:28:10.0787 2716        HTTPFilter - ok
00:28:10.0803 2716        i2omgmt - ok
00:28:10.0819 2716        i2omp - ok
00:28:10.0944 2716        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
00:28:11.0225 2716        i8042prt - ok
00:28:11.0553 2716        IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
00:28:11.0725 2716        IDriverT ( UnsignedFile.Multi.Generic ) - warning
00:28:11.0756 2716        IDriverT - detected UnsignedFile.Multi.Generic (1)
00:28:11.0944 2716        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
00:28:12.0209 2716        Imapi - ok
00:28:12.0709 2716        ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
00:28:19.0335 2716        ImapiService - ok
00:28:19.0366 2716        ini910u - ok
00:28:19.0397 2716        IntelIde - ok
00:28:19.0710 2716        intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
00:28:20.0022 2716        intelppm - ok
00:28:20.0116 2716        Ip6Fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
00:28:20.0397 2716        Ip6Fw - ok
00:28:20.0475 2716        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:28:20.0741 2716        IpFilterDriver - ok
00:28:20.0975 2716        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:28:21.0288 2716        IpInIp - ok
00:28:21.0757 2716        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:28:22.0054 2716        IpNat - ok
00:28:22.0335 2716        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:28:22.0616 2716        IPSec - ok
00:28:22.0694 2716        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
00:28:22.0819 2716        IRENUM - ok
00:28:23.0116 2716        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:28:23.0366 2716        isapnp - ok
00:28:24.0491 2716        JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Programme\Java\jre6\bin\jqs.exe
00:28:25.0116 2716        JavaQuickStarterService - ok
00:28:25.0647 2716        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:28:25.0944 2716        Kbdclass - ok
00:28:26.0585 2716        khips          (304ce9fb3d64caa07b940bef4f8c2dcd) C:\WINDOWS\system32\drivers\khips.sys
00:28:26.0710 2716        khips - ok
00:28:28.0069 2716        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
00:28:28.0491 2716        kmixer - ok
00:28:32.0023 2716        KPF4            (9ef600c64435ccfdea01c991289e76ec) C:\Programme\Sunbelt Software\Personal Firewall\kpf4ss.exe
00:28:33.0210 2716        KPF4 - ok
00:28:34.0617 2716        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
00:28:34.0929 2716        KSecDD - ok
00:28:35.0335 2716        lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
00:28:35.0554 2716        lanmanserver - ok
00:28:35.0851 2716        lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
00:28:36.0132 2716        lanmanworkstation - ok
00:28:36.0148 2716        lbrtfdc - ok
00:28:36.0226 2716        LmHosts        (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
00:28:36.0507 2716        LmHosts - ok
00:28:36.0789 2716        MBAMSwissArmy  (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
00:28:36.0898 2716        MBAMSwissArmy - ok
00:28:37.0382 2716        McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe
00:28:37.0507 2716        McComponentHostService - ok
00:28:37.0601 2716        Messenger      (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
00:28:37.0836 2716        Messenger - ok
00:28:37.0898 2716        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
00:28:38.0132 2716        mnmdd - ok
00:28:38.0414 2716        mnmsrvc        (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
00:28:38.0711 2716        mnmsrvc - ok
00:28:38.0867 2716        Modem          (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
00:28:39.0164 2716        Modem - ok
00:28:39.0289 2716        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:28:39.0539 2716        Mouclass - ok
00:28:39.0851 2716        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
00:28:40.0086 2716        MountMgr - ok
00:28:40.0117 2716        mraid35x - ok
00:28:40.0258 2716        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:28:40.0476 2716        MRxDAV - ok
00:28:40.0883 2716        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:28:41.0242 2716        MRxSmb - ok
00:28:41.0304 2716        MSDTC          (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
00:28:41.0586 2716        MSDTC - ok
00:28:41.0664 2716        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
00:28:41.0898 2716        Msfs - ok
00:28:41.0914 2716        MSIServer - ok
00:28:41.0976 2716        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:28:42.0195 2716        MSKSSRV - ok
00:28:42.0258 2716        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:28:42.0523 2716        MSPCLOCK - ok
00:28:42.0586 2716        MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
00:28:42.0820 2716        MSPQM - ok
00:28:42.0883 2716        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:28:43.0133 2716        mssmbios - ok
00:28:43.0226 2716        Mup            (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
00:28:43.0398 2716        Mup - ok
00:28:43.0742 2716        napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
00:28:43.0992 2716        napagent - ok
00:28:44.0101 2716        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
00:28:44.0351 2716        NDIS - ok
00:28:44.0430 2716        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:28:44.0539 2716        NdisTapi - ok
00:28:44.0570 2716        Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:28:44.0789 2716        Ndisuio - ok
00:28:44.0867 2716        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:28:45.0133 2716        NdisWan - ok
00:28:45.0227 2716        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
00:28:45.0320 2716        NDProxy - ok
00:28:45.0398 2716        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
00:28:45.0617 2716        NetBIOS - ok
00:28:45.0742 2716        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
00:28:45.0977 2716        NetBT - ok
00:28:46.0055 2716        NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
00:28:46.0289 2716        NetDDE - ok
00:28:46.0305 2716        NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
00:28:46.0539 2716        NetDDEdsdm - ok
00:28:46.0586 2716        Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
00:28:46.0852 2716        Netlogon - ok
00:28:47.0352 2716        Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
00:28:47.0711 2716        Netman - ok
00:28:47.0961 2716        Nla            (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
00:28:48.0133 2716        Nla - ok
00:28:48.0227 2716        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
00:28:48.0477 2716        Npfs - ok
00:28:48.0961 2716        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
00:28:49.0570 2716        Ntfs - ok
00:28:49.0586 2716        NtLmSsp        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
00:28:49.0820 2716        NtLmSsp - ok
00:28:50.0008 2716        NtmsSvc        (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
00:28:50.0305 2716        NtmsSvc - ok
00:28:50.0336 2716        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
00:28:50.0586 2716        Null - ok
00:28:50.0633 2716        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:28:50.0867 2716        NwlnkFlt - ok
00:28:50.0992 2716        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:28:51.0289 2716        NwlnkFwd - ok
00:28:51.0508 2716        ose            (7a56cf3e3f12e8af599963b16f50fb6a) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
00:28:51.0633 2716        ose - ok
00:28:51.0774 2716        Parport        (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
00:28:52.0055 2716        Parport - ok
00:28:52.0086 2716        PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
00:28:52.0336 2716        PartMgr - ok
00:28:52.0414 2716        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
00:28:52.0602 2716        ParVdm - ok
00:28:52.0727 2716        PCANDIS5        (d0084a9ade989fe703e4f22171f4e4dc) C:\PROGRA~1\T-DSLS~1\PCANDIS5.SYS
00:28:52.0805 2716        PCANDIS5 ( UnsignedFile.Multi.Generic ) - warning
00:28:52.0805 2716        PCANDIS5 - detected UnsignedFile.Multi.Generic (1)
00:28:52.0883 2716        PCI            (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
00:28:53.0117 2716        PCI - ok
00:28:53.0133 2716        PCIDump - ok
00:28:53.0164 2716        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
00:28:53.0399 2716        PCIIde - ok
00:28:53.0492 2716        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
00:28:53.0711 2716        Pcmcia - ok
00:28:53.0727 2716        PDCOMP - ok
00:28:53.0758 2716        PDFRAME - ok
00:28:53.0774 2716        PDRELI - ok
00:28:53.0805 2716        PDRFRAME - ok
00:28:53.0821 2716        perc2 - ok
00:28:53.0836 2716        perc2hib - ok
00:28:53.0993 2716        PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
00:28:54.0071 2716        PlugPlay - ok
00:28:54.0086 2716        PolicyAgent    (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
00:28:54.0305 2716        PolicyAgent - ok
00:28:54.0399 2716        PortTalk        (7d5a2d755b6c6579f63657b527d6ff1b) C:\WINDOWS\system32\Drivers\PtbTalk.sys
00:28:54.0446 2716        PortTalk ( UnsignedFile.Multi.Generic ) - warning
00:28:54.0446 2716        PortTalk - detected UnsignedFile.Multi.Generic (1)
00:28:54.0571 2716        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:28:54.0805 2716        PptpMiniport - ok
00:28:54.0836 2716        ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
00:28:55.0008 2716        ProtectedStorage - ok
00:28:55.0227 2716        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
00:28:55.0477 2716        PSched - ok
00:28:55.0539 2716        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:28:55.0758 2716        Ptilink - ok
00:28:55.0774 2716        ql1080 - ok
00:28:55.0789 2716        Ql10wnt - ok
00:28:55.0821 2716        ql12160 - ok
00:28:55.0836 2716        ql1240 - ok
00:28:55.0852 2716        ql1280 - ok
00:28:55.0899 2716        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:28:56.0118 2716        RasAcd - ok
00:28:56.0211 2716        RasAuto        (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
00:28:56.0446 2716        RasAuto - ok
00:28:56.0540 2716        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:28:56.0758 2716        Rasl2tp - ok
00:28:56.0993 2716        RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
00:28:57.0243 2716        RasMan - ok
00:28:57.0321 2716        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:28:57.0555 2716        RasPppoe - ok
00:28:57.0586 2716        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
00:28:57.0805 2716        Raspti - ok
00:28:57.0977 2716        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:28:58.0227 2716        Rdbss - ok
00:28:58.0290 2716        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:28:58.0524 2716        RDPCDD - ok
00:28:58.0696 2716        RDPWD          (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
00:28:58.0836 2716        RDPWD - ok
00:28:58.0930 2716        RDSessMgr      (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
00:28:59.0133 2716        RDSessMgr - ok
00:28:59.0227 2716        redbook        (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
00:28:59.0477 2716        redbook - ok
00:28:59.0555 2716        RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
00:28:59.0774 2716        RemoteAccess - ok
00:28:59.0821 2716        RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
00:29:00.0055 2716        RpcLocator - ok
00:29:00.0415 2716        RpcSs          (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
00:29:00.0555 2716        RpcSs - ok
00:29:00.0696 2716        RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
00:29:00.0930 2716        RSVP - ok
00:29:01.0118 2716        rtl8139        (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
00:29:01.0399 2716        rtl8139 - ok
00:29:01.0430 2716        SamSs          (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
00:29:01.0618 2716        SamSs - ok
00:29:01.0680 2716        SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
00:29:01.0930 2716        SCardSvr - ok
00:29:02.0102 2716        Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
00:29:02.0321 2716        Schedule - ok
00:29:02.0415 2716        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:29:02.0540 2716        Secdrv - ok
00:29:02.0634 2716        seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
00:29:02.0868 2716        seclogon - ok
00:29:02.0930 2716        SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
00:29:03.0134 2716        SENS - ok
00:29:03.0180 2716        serenum        (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
00:29:03.0462 2716        serenum - ok
00:29:03.0602 2716        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
00:29:03.0852 2716        Serial - ok
00:29:03.0884 2716        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
00:29:04.0118 2716        Sfloppy - ok
00:29:04.0446 2716        SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
00:29:04.0759 2716        SharedAccess - ok
00:29:04.0899 2716        ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
00:29:05.0009 2716        ShellHWDetection - ok
00:29:05.0024 2716        Simbad - ok
00:29:05.0352 2716        SiS315          (7469858341a5b6f22dedd2995f4d2ff2) C:\WINDOWS\system32\DRIVERS\sisgrp.sys
00:29:05.0477 2716        SiS315 - ok
00:29:05.0540 2716        SiSkp          (9a0f86efa0ef99115a23c8624e2e6bc7) C:\WINDOWS\system32\DRIVERS\srvkp.sys
00:29:05.0602 2716        SiSkp - ok
00:29:05.0602 2716        Sparrow - ok
00:29:05.0665 2716        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
00:29:05.0915 2716        splitter - ok
00:29:05.0977 2716        Spooler        (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
00:29:06.0040 2716        Spooler - ok
00:29:06.0165 2716        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
00:29:06.0274 2716        sr - ok
00:29:06.0524 2716        srservice      (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
00:29:06.0649 2716        srservice - ok
00:29:07.0040 2716        Srv            (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
00:29:07.0290 2716        Srv - ok
00:29:07.0415 2716        SSDPSRV        (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
00:29:07.0524 2716        SSDPSRV - ok
00:29:07.0603 2716        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
00:29:07.0634 2716        ssmdrv - ok
00:29:07.0931 2716        stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
00:29:08.0228 2716        stisvc - ok
00:29:08.0368 2716        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
00:29:08.0634 2716        swenum - ok
00:29:08.0728 2716        swmidi          (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
00:29:08.0774 2716        swmidi ( UnsignedFile.Multi.Generic ) - warning
00:29:08.0774 2716        swmidi - detected UnsignedFile.Multi.Generic (1)
00:29:08.0790 2716        SwPrv - ok
00:29:08.0837 2716        symc810 - ok
00:29:08.0853 2716        symc8xx - ok
00:29:08.0931 2716        symlcbrd        (b226f8a4d780acdf76145b58bb791d5b) C:\WINDOWS\system32\drivers\symlcbrd.sys
00:29:08.0962 2716        symlcbrd - ok
00:29:08.0978 2716        sym_hi - ok
00:29:08.0993 2716        sym_u3 - ok
00:29:09.0103 2716        sysaudio        (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
00:29:09.0290 2716        sysaudio - ok
00:29:09.0368 2716        SysmonLog      (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
00:29:09.0603 2716        SysmonLog - ok
00:29:09.0884 2716        TapiSrv        (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
00:29:10.0149 2716        TapiSrv - ok
00:29:10.0384 2716        Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:29:10.0650 2716        Tcpip - ok
00:29:10.0712 2716        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
00:29:10.0946 2716        TDPIPE - ok
00:29:11.0009 2716        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
00:29:11.0243 2716        TDTCP - ok
00:29:11.0306 2716        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
00:29:11.0525 2716        TermDD - ok
00:29:11.0837 2716        TermService    (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
00:29:12.0165 2716        TermService - ok
00:29:12.0337 2716        Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
00:29:12.0400 2716        Themes - ok
00:29:12.0556 2716        TNPacket        (52ab2f2b0d2fd7cc2fdb489c449feb8e) C:\Programme\T-DSL SpeedManager\TNPACKET.SYS
00:29:12.0587 2716        TNPacket ( UnsignedFile.Multi.Generic ) - warning
00:29:12.0587 2716        TNPacket - detected UnsignedFile.Multi.Generic (1)
00:29:12.0618 2716        TosIde - ok
00:29:12.0696 2716        TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
00:29:12.0915 2716        TrkWks - ok
00:29:13.0150 2716        TSMService      (bf2236a5a39b21f694ccd7b5a6639e71) C:\Programme\T-DSL SpeedManager\tsmsvc.exe
00:29:13.0228 2716        TSMService ( UnsignedFile.Multi.Generic ) - warning
00:29:13.0228 2716        TSMService - detected UnsignedFile.Multi.Generic (1)
00:29:13.0337 2716        uagp35          (49c805d42d75eddc9b6a7130999c9054) C:\WINDOWS\system32\DRIVERS\uagp35.sys
00:29:13.0525 2716        uagp35 - ok
00:29:13.0618 2716        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
00:29:13.0822 2716        Udfs - ok
00:29:13.0853 2716        ultra - ok
00:29:13.0947 2716        UMWdf          (c81b8635dee0d3ef5f64b3dd643023a5) C:\WINDOWS\system32\wdfmgr.exe
00:29:14.0009 2716        UMWdf - ok
00:29:14.0368 2716        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
00:29:14.0728 2716        Update - ok
00:29:14.0853 2716        upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
00:29:14.0978 2716        upnphost - ok
00:29:15.0040 2716        UPS            (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
00:29:15.0306 2716        UPS - ok
00:29:15.0431 2716        usbccgp        (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
00:29:15.0665 2716        usbccgp - ok
00:29:15.0728 2716        usbehci        (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
00:29:15.0947 2716        usbehci - ok
00:29:16.0025 2716        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
00:29:16.0259 2716        usbhub - ok
00:29:16.0337 2716        usbohci        (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
00:29:16.0540 2716        usbohci - ok
00:29:16.0650 2716        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
00:29:16.0900 2716        usbprint - ok
00:29:16.0978 2716        USBSTOR        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:29:17.0197 2716        USBSTOR - ok
00:29:17.0337 2716        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
00:29:17.0540 2716        VgaSave - ok
00:29:17.0556 2716        ViaIde - ok
00:29:17.0665 2716        VolSnap        (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
00:29:17.0900 2716        VolSnap - ok
00:29:18.0197 2716        VSS            (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
00:29:18.0415 2716        VSS - ok
00:29:18.0603 2716        W32Time        (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
00:29:18.0806 2716        W32Time - ok
00:29:18.0978 2716        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:29:19.0244 2716        Wanarp - ok
00:29:19.0275 2716        WDICA - ok
00:29:19.0384 2716        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
00:29:19.0603 2716        wdmaud - ok
00:29:19.0759 2716        WebClient      (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
00:29:19.0978 2716        WebClient - ok
00:29:20.0228 2716        winmgmt        (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
00:29:20.0431 2716        winmgmt - ok
00:29:20.0494 2716        WmdmPmSN        (a477391b7a8b0a0daabadb17cf533a4b) C:\WINDOWS\system32\MsPMSNSv.dll
00:29:20.0603 2716        WmdmPmSN - ok
00:29:20.0744 2716        WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
00:29:20.0978 2716        WmiApSrv - ok
00:29:21.0166 2716        wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
00:29:21.0431 2716        wscsvc - ok
00:29:21.0494 2716        wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
00:29:21.0775 2716        wuauserv - ok
00:29:22.0228 2716        WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
00:29:22.0572 2716        WZCSVC - ok
00:29:22.0666 2716        xmlprov        (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
00:29:22.0916 2716        xmlprov - ok
00:29:22.0978 2716        MBR (0x1B8)    (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
00:29:24.0134 2716        \Device\Harddisk0\DR0 - ok
00:29:24.0166 2716        MBR (0x1B8)    (672d49b92adfa952c7ad0fb98d4ad10b) \Device\Harddisk1\DR1
00:29:26.0150 2716        \Device\Harddisk1\DR1 - ok
00:29:26.0166 2716        Boot (0x1200)  (ab4fc60439735b5e605b431d684929ce) \Device\Harddisk0\DR0\Partition0
00:29:26.0166 2716        \Device\Harddisk0\DR0\Partition0 - ok
00:29:26.0213 2716        Boot (0x1200)  (08a5f8063296affba09d99ec332eaefa) \Device\Harddisk0\DR0\Partition1
00:29:26.0228 2716        \Device\Harddisk0\DR0\Partition1 - ok
00:29:26.0260 2716        Boot (0x1200)  (8596dc2f1ffbde405285adfb8f432d16) \Device\Harddisk1\DR1\Partition0
00:29:26.0260 2716        \Device\Harddisk1\DR1\Partition0 - ok
00:29:26.0275 2716        ============================================================
00:29:26.0275 2716        Scan finished
00:29:26.0275 2716        ============================================================
00:29:26.0681 0348        Detected object count: 7
00:29:26.0681 0348        Actual detected object count: 7
00:30:06.0465 0348        aspnet_state ( UnsignedFile.Multi.Generic ) - skipped by user
00:30:06.0465 0348        aspnet_state ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:30:06.0465 0348        IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
00:30:06.0465 0348        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:30:06.0480 0348        PCANDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
00:30:06.0480 0348        PCANDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:30:06.0480 0348        PortTalk ( UnsignedFile.Multi.Generic ) - skipped by user
00:30:06.0480 0348        PortTalk ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:30:06.0496 0348        swmidi ( UnsignedFile.Multi.Generic ) - skipped by user
00:30:06.0496 0348        swmidi ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:30:06.0511 0348        TNPacket ( UnsignedFile.Multi.Generic ) - skipped by user
00:30:06.0511 0348        TNPacket ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:30:06.0511 0348        TSMService ( UnsignedFile.Multi.Generic ) - skipped by user
00:30:06.0511 0348        TSMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:30:18.0715 1076        Deinitialize success
ich hoffe das ist besser.
Gruß
Harry

cosinus 04.05.2012 23:44
Na gut ok, sry für den Rüffel :o
Ich habs jetzt aber schon ein paar mal erlebt, dass sich manche dann trotzdem was weggefixt haben und man den Kram nicht mehr wiederhergestellt bekam :killpc:

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

fharry 05.05.2012 16:36
Hallo Arne,
hier der Text.
Code:
ComboFix 12-05-05.05 - Admin 05.05.2012  16:47:33.1.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.49.1031.18.479.137 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Admin\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Norton Internet Security 2006 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security 2006 *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
FW: Sunbelt Kerio Personal Firewall *Enabled* {E659E0EE-10E6-49B7-8696-60F38D0EB174}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\Admin\4.0
c:\dokumente und einstellungen\Admin\Favoriten\locked-DFBnet - Das Servicenetz des deutschen Fußballs.url.geky
c:\dokumente und einstellungen\Admin\Favoriten\locked-Hördter Auwald-Lauf 2011 (20 km), Deutschland - Termine & Ergebnisse.url.sfxn
c:\dokumente und einstellungen\Admin\Favoriten\locked-KiK Textilien & Non-Food GmbH.url.qtkc
c:\dokumente und einstellungen\Admin\Favoriten\locked-Verlag + Druck Linus Wittich - Ihr Mitteilungsblatt online lesen & bestellen.url.rehz
c:\windows\system\comdlg32.ocx
c:\windows\system\dbgrid32.ocx
c:\windows\system\dblist32.ocx
c:\windows\system\msrdc32.ocx
c:\windows\system\richtx32.ocx
c:\windows\system\tabctl32.ocx
c:\windows\system\threed32.ocx
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-04-05 bis 2012-05-05  ))))))))))))))))))))))))))))))
.
.
2012-05-04 22:12 . 2012-05-04 22:12        --------        d-----w-        c:\windows\system32\wbem\Repository
2012-05-04 17:30 . 2012-05-04 17:30        --------        dc----w-        C:\TDSSKiller_Quarantine
2012-05-02 18:23 . 2012-05-03 18:39        --------        dc----w-        C:\_OTL
2012-04-28 17:24 . 2012-04-28 17:24        --------        d-----w-        c:\programme\ESET
2012-04-28 17:14 . 2012-04-28 17:14        40776        ----a-w-        c:\windows\system32\drivers\mbamswissarmy.sys
2012-04-28 16:29 . 2012-04-28 16:29        --------        dc----w-        c:\dokumente und einstellungen\Admin\Anwendungsdaten\Malwarebytes
2012-04-28 16:29 . 2012-04-28 16:29        --------        dc----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2012-04-25 09:22 . 2012-04-25 09:26        --------        dc----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\MFAData
2012-04-25 08:59 . 2012-04-25 08:59        --------        dcsh--w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-04-25 08:59 . 2012-04-25 08:59        --------        dc-h--w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Common Files
2012-04-24 19:37 . 2012-04-28 16:19        --------        dc----w-        c:\dokumente und einstellungen\Admin\Anwendungsdaten\Realtec
2012-04-17 18:50 . 2012-04-17 18:50        --------        d-----w-        c:\programme\Microsoft
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-29 14:09 . 2004-08-04 12:00        177664        ----a-w-        c:\windows\system32\wintrust.dll
2012-02-29 14:09 . 2004-08-04 12:00        148480        ----a-w-        c:\windows\system32\imagehlp.dll
2012-02-28 18:49 . 2004-08-04 12:00        672768        ----a-w-        c:\windows\system32\wininet.dll
2012-02-28 18:49 . 2004-08-04 12:00        61952        ----a-w-        c:\windows\system32\tdc.ocx
2012-02-28 18:49 . 2004-08-04 12:00        81920        ----a-w-        c:\windows\system32\ieencode.dll
2012-02-28 18:47 . 2004-08-04 12:00        371200        ----a-w-        c:\windows\system32\html.iec
2012-02-22 19:34 . 2007-04-10 17:30        73728        ----a-w-        c:\windows\system32\javacpl.cpl
2012-02-22 19:34 . 2010-05-22 08:03        472808        ----a-w-        c:\windows\system32\deployJava1.dll
2012-03-22 22:21 . 2012-02-17 21:24        97208        ----a-w-        c:\programme\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-20 68856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2005-06-20 77824]
"SiSPower"="SiSPower.dll" [2005-08-25 49152]
"SSBkgdUpdate"="c:\programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\programme\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 57393]
"IndexSearch"="c:\programme\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 40960]
"SetDefPrt"="c:\programme\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 49152]
"ControlCenter2.0"="c:\programme\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 933888]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2010-11-07 281768]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
Adobe Reader - Schnellstart.lnk - c:\programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
McAfee Security Scan Plus.lnk - c:\programme\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
OnlineControl.lnk - c:\programme\OnlineControl\ocontrol.exe [2004-7-19 94208]
Status Monitor.lnk - c:\programme\Brother\Brmfcmon\BrMfcWnd.exe [2007-8-6 802816]
Zahlungserinnerung.lnk - c:\programme\Profi cash\wzed.exe [2007-7-10 147456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 02:22        1695232        ----a-w-        c:\programme\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTBSync]
2006-11-15 16:57        318976        ----a-w-        c:\programme\PTBSync\PTBSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-DSL SpeedMgr]
2004-07-14 14:01        397312        ----a-w-        c:\progra~1\T-DSLS~1\SpeedMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
.
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [18.07.2006 12:02 284184]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [18.07.2006 12:02 91672]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\programme\Avira\AntiVir Desktop\sched.exe [22.08.2010 17:42 136360]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\programme\Avira\AntiVir Desktop\avwebgrd.exe [01.07.2011 18:43 428200]
R2 PortTalk;PortTalk;c:\windows\system32\drivers\ptbtalk.sys [15.11.2006 18:57 3567]
S2 Automatisches LiveUpdate - Scheduler;Automatisches LiveUpdate - Scheduler;"c:\programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe" --> c:\programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe [?]
S2 gupdate;Google Update Service (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [30.03.2012 17:33 135664]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;\??\c:\programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys --> c:\programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [?]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\Google\Update\GoogleUpdate.exe [30.03.2012 17:33 135664]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [28.04.2012 19:14 40776]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\programme\McAfee Security Scan\2.0.181\McCHSvc.exe [15.01.2010 14:49 227232]
S3 TNPacket;T-Systems Nova Packet Capture Driver;c:\programme\T-DSL SpeedManager\TNPACKET.SYS [11.03.2004 17:44 9696]
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - ANTIVIRWEBSERVICE
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-05-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2012-03-30 15:31]
.
2012-05-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2012-03-30 15:31]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\programme\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\dokumente und einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\iyyti28e.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-05-05 17:00
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•6~*]
"7040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
Zeit der Fertigstellung: 2012-05-05  17:05:40
ComboFix-quarantined-files.txt  2012-05-05 15:05
.
Vor Suchlauf: 1.196.625.920 Bytes frei
Nach Suchlauf: 1.164.247.040 Bytes frei
.
WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - DCC2F0AA8C950FD2BE4B4245FF0CAAD3
ich hoffe zu deiner Zufriedenheit!
Gruß
Harry

cosinus 06.05.2012 18:30
Zitat:
AV: AntiVir Desktop *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Norton Internet Security 2006 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security 2006 *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
FW: Sunbelt Kerio Personal Firewall *Enabled* {E659E0EE-10E6-49B7-8696-60F38D0EB174}
.
Ist das tatsächlich noch alles installiert oder sind das nur Überbleibst und wie werden fälschlicherweise als aktiv im System noch angezeigt?
Ich würde die Finger von jeder Suite und PersonalFirewall lassen! Nimm immer nur einen reinen Virenscanner plus Windows-Firewall!

fharry 06.05.2012 19:28
Hallo Arne,
wie schon zu anfang gesagt das ist ein Vereins PC
und ich habe den erst im Novembert 2010 übernommen.
Ich denke das das alles noch drauf ist!
ist alles noch von meinem Vorgänger.
Soll ich den ganzen Kram runter schmeißen?
wie soll ich jetzt vorgehen?
wenn der Gram weg ist soll ich dann ComboFix
nochmal Starten?
Gruß
Harry

cosinus 06.05.2012 19:39
Ja deinstalliere bitte alles, meintwegen kann aber AntiVir draufbleiben

fharry 06.05.2012 19:41
Und dann ComboFix
nochmal Starten?
Gruß
Harry

cosinus 06.05.2012 19:42
Nein, erstmal nur die Programme deinstallieren

fharry 06.05.2012 19:44
Mach ich Morgen
dann melde ich mich wieder.
Gruß
Harry

Hallo Arne,
habe diese Programme deinstalliert
AntiVir Desktop
Norton Internet Security 2006
Norton Internet Security 2006
Norton Internet Worm Protection
Sunbelt Kerio Personal Firewall
Gruß
Harry


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:31 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131