| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Nach Trojaner-Befall -> PC unglaublich langsamWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.04.2012, 16:57
| #16 |
 |  Nach Trojaner-Befall -> PC unglaublich langsam Sorry, ich hab beim ersten Durchlauf eine Bedrohung gelöscht, weil ich nach der Anleitung im Link vorgegangen bin. Hoffe, dass war nichts wichtiges. So hier das Log nach dem zweiten Scan mit den entsprechenden Voreinstellungen (die ich beim ersten mal auch nicht gemacht habe, weil ich, wie gesagt, zuerst alles so durchgeführt hatte, wie im Link beschrieben war. Entschuldige bitte!): Code:
ATTFilter 17:48:28.0515 3180 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
17:48:30.0546 3180 ============================================================
17:48:30.0546 3180 Current date / time: 2012/04/12 17:48:30.0546
17:48:30.0546 3180 SystemInfo:
17:48:30.0546 3180
17:48:30.0546 3180 OS Version: 5.1.2600 ServicePack: 3.0
17:48:30.0546 3180 Product type: Workstation
17:48:30.0546 3180 ComputerName: IBM-5D34BDAD641
17:48:30.0546 3180 UserName: Marc Nikolaus
17:48:30.0546 3180 Windows directory: C:\WINDOWS
17:48:30.0546 3180 System windows directory: C:\WINDOWS
17:48:30.0546 3180 Processor architecture: Intel x86
17:48:30.0546 3180 Number of processors: 1
17:48:30.0546 3180 Page size: 0x1000
17:48:30.0546 3180 Boot type: Normal boot
17:48:30.0546 3180 ============================================================
17:48:34.0375 3180 Drive \Device\Harddisk0\DR0 - Size: 0x951240000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:48:34.0484 3180 \Device\Harddisk0\DR0:
17:48:34.0500 3180 MBR used
17:48:34.0500 3180 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x432A8E1
17:48:34.0578 3180 Initialize success
17:48:34.0578 3180 ============================================================
17:53:14.0812 2948 ============================================================
17:53:14.0812 2948 Scan started
17:53:14.0812 2948 Mode: Manual; SigCheck; TDLFS;
17:53:14.0812 2948 ============================================================
17:53:15.0437 2948 Abiosdsk - ok
17:53:15.0515 2948 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
17:53:18.0296 2948 abp480n5 - ok
17:53:18.0406 2948 ac97intc (0f2d66d5f08ebe2f77bb904288dcf6f0) C:\WINDOWS\system32\drivers\ac97intc.sys
17:53:18.0671 2948 ac97intc - ok
17:53:18.0781 2948 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:53:19.0000 2948 ACPI - ok
17:53:19.0109 2948 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:53:19.0359 2948 ACPIEC - ok
17:53:19.0468 2948 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:53:19.0531 2948 AdobeFlashPlayerUpdateSvc - ok
17:53:19.0625 2948 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\System32\DRIVERS\adpu160m.sys
17:53:19.0875 2948 adpu160m - ok
17:53:19.0968 2948 aeaudio (3cb6ae5435987b1f8c83fd2730479878) C:\WINDOWS\system32\drivers\aeaudio.sys
17:53:20.0015 2948 aeaudio - ok
17:53:20.0140 2948 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:53:20.0375 2948 aec - ok
17:53:20.0500 2948 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
17:53:20.0578 2948 AFD - ok
17:53:20.0687 2948 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
17:53:20.0921 2948 agp440 - ok
17:53:21.0015 2948 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
17:53:21.0250 2948 agpCPQ - ok
17:53:21.0328 2948 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\System32\DRIVERS\aha154x.sys
17:53:21.0484 2948 Aha154x - ok
17:53:21.0593 2948 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\System32\DRIVERS\aic78u2.sys
17:53:21.0812 2948 aic78u2 - ok
17:53:21.0890 2948 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\System32\DRIVERS\aic78xx.sys
17:53:22.0125 2948 aic78xx - ok
17:53:22.0203 2948 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
17:53:22.0437 2948 Alerter - ok
17:53:22.0546 2948 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
17:53:22.0765 2948 ALG - ok
17:53:22.0859 2948 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\System32\DRIVERS\aliide.sys
17:53:23.0078 2948 AliIde - ok
17:53:23.0171 2948 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\System32\DRIVERS\alim1541.sys
17:53:23.0406 2948 alim1541 - ok
17:53:23.0500 2948 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\System32\DRIVERS\amdagp.sys
17:53:23.0734 2948 amdagp - ok
17:53:23.0828 2948 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\System32\DRIVERS\amsint.sys
17:53:23.0984 2948 amsint - ok
17:53:24.0062 2948 AntiVirSchedulerService (c27d46b06d340293670450fce9dfb166) C:\Programme\Avira\AntiVir Desktop\sched.exe
17:53:24.0093 2948 AntiVirSchedulerService - ok
17:53:24.0171 2948 AntiVirService (72d90e56563165984224493069c69ed4) C:\Programme\Avira\AntiVir Desktop\avguard.exe
17:53:24.0203 2948 AntiVirService - ok
17:53:24.0296 2948 AppMgmt (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
17:53:24.0515 2948 AppMgmt - ok
17:53:24.0625 2948 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\System32\DRIVERS\asc.sys
17:53:24.0859 2948 asc - ok
17:53:24.0953 2948 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\System32\DRIVERS\asc3350p.sys
17:53:25.0093 2948 asc3350p - ok
17:53:25.0187 2948 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\System32\DRIVERS\asc3550.sys
17:53:25.0421 2948 asc3550 - ok
17:53:25.0531 2948 Aspi32 - ok
17:53:25.0640 2948 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:53:25.0734 2948 aspnet_state - ok
17:53:25.0828 2948 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:53:26.0046 2948 AsyncMac - ok
17:53:26.0140 2948 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:53:26.0359 2948 atapi - ok
17:53:26.0453 2948 Atdisk - ok
17:53:26.0531 2948 atksgt (5b80e84af6b02ecab72dae9afee06309) C:\WINDOWS\system32\DRIVERS\atksgt.sys
17:53:26.0562 2948 atksgt ( UnsignedFile.Multi.Generic ) - warning
17:53:26.0562 2948 atksgt - detected UnsignedFile.Multi.Generic (1)
17:53:26.0656 2948 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:53:26.0890 2948 Atmarpc - ok
17:53:26.0968 2948 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
17:53:27.0187 2948 AudioSrv - ok
17:53:27.0359 2948 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:53:27.0593 2948 audstub - ok
17:53:27.0671 2948 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
17:53:27.0687 2948 avgio - ok
17:53:27.0796 2948 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
17:53:27.0937 2948 avgntflt - ok
17:53:28.0046 2948 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
17:53:28.0062 2948 avipbb - ok
17:53:28.0171 2948 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:53:28.0390 2948 Beep - ok
17:53:28.0484 2948 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
17:53:28.0781 2948 BITS - ok
17:53:28.0859 2948 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
17:53:29.0078 2948 Browser - ok
17:53:29.0156 2948 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
17:53:29.0390 2948 cbidf - ok
17:53:29.0484 2948 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:53:29.0687 2948 cbidf2k - ok
17:53:29.0765 2948 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
17:53:29.0906 2948 cd20xrnt - ok
17:53:29.0984 2948 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:53:30.0218 2948 Cdaudio - ok
17:53:30.0296 2948 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:53:30.0515 2948 Cdfs - ok
17:53:30.0593 2948 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:53:30.0828 2948 Cdrom - ok
17:53:30.0906 2948 Changer - ok
17:53:30.0984 2948 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
17:53:31.0187 2948 CiSvc - ok
17:53:31.0265 2948 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
17:53:31.0484 2948 ClipSrv - ok
17:53:31.0609 2948 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:53:31.0812 2948 clr_optimization_v4.0.30319_32 - ok
17:53:31.0906 2948 CmdIde (c687f81290303d90099b027a6474f99f) C:\WINDOWS\System32\DRIVERS\cmdide.sys
17:53:32.0125 2948 CmdIde - ok
17:53:32.0171 2948 COMSysApp - ok
17:53:32.0250 2948 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\System32\DRIVERS\cpqarray.sys
17:53:32.0484 2948 Cpqarray - ok
17:53:32.0562 2948 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
17:53:32.0781 2948 CryptSvc - ok
17:53:32.0875 2948 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
17:53:33.0093 2948 dac2w2k - ok
17:53:33.0187 2948 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\System32\DRIVERS\dac960nt.sys
17:53:33.0406 2948 dac960nt - ok
17:53:33.0500 2948 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
17:53:33.0765 2948 DcomLaunch - ok
17:53:33.0843 2948 delprot - ok
17:53:33.0968 2948 DfSdkS (92ae26f2caf4a67e24a0ba6ddf32cc3c) C:\Programme\Ashampoo\Ashampoo WinOptimizer 9\DfsdkS.exe
17:53:34.0046 2948 DfSdkS ( UnsignedFile.Multi.Generic ) - warning
17:53:34.0046 2948 DfSdkS - detected UnsignedFile.Multi.Generic (1)
17:53:34.0140 2948 DgiVecp (a5034f77b278f07e224fe07cf98a8b76) C:\WINDOWS\system32\Drivers\DgiVecp.sys
17:53:34.0187 2948 DgiVecp ( UnsignedFile.Multi.Generic ) - warning
17:53:34.0187 2948 DgiVecp - detected UnsignedFile.Multi.Generic (1)
17:53:34.0250 2948 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
17:53:34.0468 2948 Dhcp - ok
17:53:34.0546 2948 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:53:34.0765 2948 Disk - ok
17:53:34.0812 2948 dmadmin - ok
17:53:34.0921 2948 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
17:53:35.0187 2948 dmboot - ok
17:53:35.0265 2948 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
17:53:35.0484 2948 dmio - ok
17:53:35.0578 2948 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:53:35.0796 2948 dmload - ok
17:53:35.0890 2948 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
17:53:36.0093 2948 dmserver - ok
17:53:36.0187 2948 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:53:36.0421 2948 DMusic - ok
17:53:36.0484 2948 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
17:53:36.0593 2948 Dnscache - ok
17:53:36.0671 2948 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
17:53:36.0890 2948 Dot3svc - ok
17:53:36.0984 2948 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\System32\DRIVERS\dpti2o.sys
17:53:37.0203 2948 dpti2o - ok
17:53:37.0296 2948 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:53:37.0515 2948 drmkaud - ok
17:53:37.0625 2948 dtscsi (6461e57bb51a848aae26f52427b7cf9e) C:\WINDOWS\System32\Drivers\dtscsi.sys
17:53:37.0718 2948 dtscsi - ok
17:53:38.0078 2948 E100B (98b46b331404a951cabad8b4877e1276) C:\WINDOWS\system32\DRIVERS\e100b325.sys
17:53:38.0140 2948 E100B - ok
17:53:38.0218 2948 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
17:53:38.0437 2948 EapHost - ok
17:53:38.0500 2948 EGATHDRV (7f220875288944c9c7856e2bc8613b1f) C:\WINDOWS\SYSTEM32\EGATHDRV.SYS
17:53:38.0531 2948 EGATHDRV ( UnsignedFile.Multi.Generic ) - warning
17:53:38.0531 2948 EGATHDRV - detected UnsignedFile.Multi.Generic (1)
17:53:38.0609 2948 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
17:53:38.0812 2948 ERSvc - ok
17:53:38.0890 2948 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
17:53:39.0015 2948 Eventlog - ok
17:53:39.0125 2948 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\System32\es.dll
17:53:39.0187 2948 EventSystem - ok
17:53:39.0312 2948 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:53:39.0515 2948 Fastfat - ok
17:53:39.0593 2948 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
17:53:39.0687 2948 FastUserSwitchingCompatibility - ok
17:53:39.0781 2948 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
17:53:39.0984 2948 Fdc - ok
17:53:40.0078 2948 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
17:53:40.0281 2948 Fips - ok
17:53:40.0375 2948 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:53:40.0593 2948 Flpydisk - ok
17:53:40.0687 2948 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
17:53:40.0906 2948 FltMgr - ok
17:53:41.0000 2948 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:53:41.0234 2948 Fs_Rec - ok
17:53:41.0328 2948 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:53:41.0562 2948 Ftdisk - ok
17:53:41.0671 2948 GEARAspiWDM (6f55305289a0765bd8ae8e8d32f17117) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:53:41.0703 2948 GEARAspiWDM - ok
17:53:41.0812 2948 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:53:42.0015 2948 Gpc - ok
17:53:42.0109 2948 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe
17:53:42.0125 2948 gupdate - ok
17:53:42.0140 2948 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe
17:53:42.0171 2948 gupdatem - ok
17:53:42.0250 2948 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:53:42.0468 2948 helpsvc - ok
17:53:42.0531 2948 HidServ (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
17:53:42.0921 2948 HidServ - ok
17:53:43.0046 2948 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:53:43.0250 2948 HidUsb - ok
17:53:43.0328 2948 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
17:53:43.0546 2948 hkmsvc - ok
17:53:43.0625 2948 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\System32\DRIVERS\hpn.sys
17:53:43.0843 2948 hpn - ok
17:53:43.0937 2948 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:53:44.0000 2948 HTTP - ok
17:53:44.0078 2948 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
17:53:44.0296 2948 HTTPFilter - ok
17:53:44.0406 2948 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
17:53:44.0609 2948 i2omgmt - ok
17:53:44.0703 2948 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\System32\DRIVERS\i2omp.sys
17:53:44.0906 2948 i2omp - ok
17:53:45.0000 2948 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:53:45.0187 2948 i8042prt - ok
17:53:45.0281 2948 ialm (cfc89f98c436c6687bd818abb6a4480b) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
17:53:45.0515 2948 ialm - ok
17:53:45.0609 2948 IBM Rapid Restore Ultra Service (1a1b8fd95d598d9d772333283154a1b5) C:\Programme\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
17:53:45.0687 2948 IBM Rapid Restore Ultra Service ( UnsignedFile.Multi.Generic ) - warning
17:53:45.0687 2948 IBM Rapid Restore Ultra Service - detected UnsignedFile.Multi.Generic (1)
17:53:45.0796 2948 ibmfilter (4dc41ab5aa3f96fa7f01587dd9ccf467) C:\WINDOWS\system32\drivers\ibmfilter.sys
17:53:45.0812 2948 ibmfilter ( UnsignedFile.Multi.Generic ) - warning
17:53:45.0812 2948 ibmfilter - detected UnsignedFile.Multi.Generic (1)
17:53:45.0921 2948 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:53:46.0000 2948 IDriverT ( UnsignedFile.Multi.Generic ) - warning
17:53:46.0000 2948 IDriverT - detected UnsignedFile.Multi.Generic (1)
17:53:46.0109 2948 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:53:46.0328 2948 Imapi - ok
17:53:46.0406 2948 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\System32\imapi.exe
17:53:46.0625 2948 ImapiService - ok
17:53:46.0718 2948 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\System32\DRIVERS\ini910u.sys
17:53:46.0953 2948 ini910u - ok
17:53:47.0046 2948 IntelIde (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\System32\DRIVERS\intelide.sys
17:53:47.0250 2948 IntelIde - ok
17:53:47.0343 2948 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:53:47.0562 2948 intelppm - ok
17:53:47.0640 2948 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
17:53:47.0843 2948 ip6fw - ok
17:53:47.0937 2948 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:53:48.0156 2948 IpFilterDriver - ok
17:53:48.0250 2948 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:53:48.0453 2948 IpInIp - ok
17:53:48.0531 2948 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:53:48.0734 2948 IpNat - ok
17:53:48.0843 2948 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:53:49.0062 2948 IPSec - ok
17:53:49.0156 2948 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:53:49.0359 2948 IRENUM - ok
17:53:49.0468 2948 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:53:49.0687 2948 isapnp - ok
17:53:49.0781 2948 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:53:50.0000 2948 Kbdclass - ok
17:53:50.0093 2948 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:53:50.0312 2948 kmixer - ok
17:53:50.0437 2948 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:53:50.0718 2948 KSecDD - ok
17:53:50.0796 2948 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
17:53:50.0859 2948 lanmanserver - ok
17:53:50.0921 2948 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
17:53:50.0984 2948 lanmanworkstation - ok
17:53:51.0062 2948 lbrtfdc - ok
17:53:51.0156 2948 lirsgt (975b6cf65f44e95883f3855bae8cecaf) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
17:53:51.0171 2948 lirsgt ( UnsignedFile.Multi.Generic ) - warning
17:53:51.0171 2948 lirsgt - detected UnsignedFile.Multi.Generic (1)
17:53:51.0281 2948 LiveTunerPM (1307c0131756a1160b1821ce8293fe64) C:\Programme\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerProcessMonitor32.sys
17:53:51.0296 2948 LiveTunerPM - ok
17:53:51.0359 2948 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
17:53:51.0578 2948 LmHosts - ok
17:53:51.0687 2948 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
17:53:51.0703 2948 MBAMProtector - ok
17:53:51.0765 2948 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
17:53:51.0843 2948 MBAMService - ok
17:53:51.0937 2948 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
17:53:51.0953 2948 MBAMSwissArmy - ok
17:53:52.0031 2948 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
17:53:52.0234 2948 Messenger - ok
17:53:52.0328 2948 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe
17:53:52.0375 2948 Microsoft Office Groove Audit Service - ok
17:53:52.0453 2948 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:53:52.0671 2948 mnmdd - ok
17:53:52.0750 2948 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\System32\mnmsrvc.exe
17:53:52.0968 2948 mnmsrvc - ok
17:53:53.0062 2948 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
17:53:53.0281 2948 Modem - ok
17:53:53.0406 2948 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:53:53.0625 2948 Mouclass - ok
17:53:53.0734 2948 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:53:53.0937 2948 mouhid - ok
17:53:54.0031 2948 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:53:54.0234 2948 MountMgr - ok
17:53:54.0312 2948 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\System32\DRIVERS\mraid35x.sys
17:53:54.0546 2948 mraid35x - ok
17:53:54.0671 2948 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:53:54.0875 2948 MRxDAV - ok
17:53:54.0984 2948 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:53:55.0109 2948 MRxSmb - ok
17:53:55.0171 2948 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
17:53:55.0375 2948 MSDTC - ok
17:53:55.0484 2948 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:53:55.0703 2948 Msfs - ok
17:53:55.0781 2948 MSIServer - ok
17:53:55.0859 2948 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:53:56.0062 2948 MSKSSRV - ok
17:53:56.0171 2948 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:53:56.0375 2948 MSPCLOCK - ok
17:53:56.0484 2948 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:53:56.0687 2948 MSPQM - ok
17:53:56.0781 2948 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:53:56.0984 2948 mssmbios - ok
17:53:57.0109 2948 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:53:57.0171 2948 Mup - ok
17:53:57.0265 2948 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
17:53:57.0515 2948 napagent - ok
17:53:57.0625 2948 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:53:57.0843 2948 NDIS - ok
17:53:57.0937 2948 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:53:58.0000 2948 NdisTapi - ok
17:53:58.0109 2948 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:53:58.0328 2948 Ndisuio - ok
17:53:58.0437 2948 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:53:58.0640 2948 NdisWan - ok
17:53:58.0750 2948 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:53:58.0828 2948 NDProxy - ok
17:53:58.0921 2948 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:53:59.0109 2948 NetBIOS - ok
17:53:59.0218 2948 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:53:59.0437 2948 NetBT - ok
17:53:59.0531 2948 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
17:53:59.0765 2948 NetDDE - ok
17:53:59.0812 2948 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
17:54:00.0031 2948 NetDDEdsdm - ok
17:54:00.0109 2948 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe
17:54:00.0328 2948 Netlogon - ok
17:54:00.0437 2948 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
17:54:00.0656 2948 Netman - ok
17:54:00.0765 2948 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:54:00.0812 2948 NetTcpPortSharing - ok
17:54:00.0921 2948 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
17:54:01.0062 2948 Nla - ok
17:54:01.0125 2948 NMSAccess (7aea4df1ca68fd45dd4bbe1f0243ce7f) C:\Programme\CDBurnerXP\NMSAccessU.exe
17:54:01.0171 2948 NMSAccess - ok
17:54:01.0265 2948 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:54:01.0453 2948 Npfs - ok
17:54:01.0531 2948 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:54:01.0796 2948 Ntfs - ok
17:54:01.0890 2948 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe
17:54:02.0078 2948 NtLmSsp - ok
17:54:02.0187 2948 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
17:54:02.0453 2948 NtmsSvc - ok
17:54:02.0562 2948 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:54:02.0781 2948 Null - ok
17:54:02.0906 2948 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:54:03.0218 2948 nv - ok
17:54:03.0343 2948 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:54:03.0578 2948 NwlnkFlt - ok
17:54:03.0671 2948 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:54:03.0890 2948 NwlnkFwd - ok
17:54:04.0000 2948 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
17:54:04.0203 2948 NwlnkIpx - ok
17:54:04.0296 2948 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
17:54:04.0515 2948 NwlnkNb - ok
17:54:04.0593 2948 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
17:54:04.0812 2948 NwlnkSpx - ok
17:54:04.0859 2948 obvious - ok
17:54:04.0968 2948 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
17:54:05.0031 2948 odserv - ok
17:54:05.0125 2948 ose (5a432a042dae460abe7199b758e8606c) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
17:54:05.0156 2948 ose - ok
17:54:05.0281 2948 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
17:54:05.0500 2948 Parport - ok
17:54:05.0593 2948 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:54:05.0796 2948 PartMgr - ok
17:54:05.0875 2948 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
17:54:06.0093 2948 ParVdm - ok
17:54:06.0156 2948 PCDRSRVC - ok
17:54:06.0218 2948 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
17:54:06.0421 2948 PCI - ok
17:54:06.0500 2948 PCIDump - ok
17:54:06.0578 2948 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:54:06.0812 2948 PCIIde - ok
17:54:06.0906 2948 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:54:07.0125 2948 Pcmcia - ok
17:54:07.0187 2948 PDCOMP - ok
17:54:07.0250 2948 PDFRAME - ok
17:54:07.0312 2948 PDRELI - ok
17:54:07.0375 2948 PDRFRAME - ok
17:54:07.0453 2948 pelmouse (e541a80cdffd6077c761b4578efc0450) C:\WINDOWS\system32\DRIVERS\pelmouse.sys
17:54:07.0500 2948 pelmouse - ok
17:54:07.0609 2948 pelusblf (6432858a4493e906a7d61b9b17a0672a) C:\WINDOWS\system32\DRIVERS\pelusblf.sys
17:54:07.0640 2948 pelusblf - ok
17:54:07.0734 2948 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\System32\DRIVERS\perc2.sys
17:54:07.0968 2948 perc2 - ok
17:54:08.0046 2948 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\System32\DRIVERS\perc2hib.sys
17:54:08.0281 2948 perc2hib - ok
17:54:08.0375 2948 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
17:54:08.0500 2948 PlugPlay - ok
17:54:08.0578 2948 PMEM (fa292805788528c083f416e151b60ab6) C:\WINDOWS\system32\drivers\PMEMNT.SYS
17:54:08.0609 2948 PMEM ( UnsignedFile.Multi.Generic ) - warning
17:54:08.0609 2948 PMEM - detected UnsignedFile.Multi.Generic (1)
17:54:08.0687 2948 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe
17:54:08.0890 2948 PolicyAgent - ok
17:54:08.0984 2948 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:54:09.0187 2948 PptpMiniport - ok
17:54:09.0265 2948 Processor (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
17:54:09.0468 2948 Processor - ok
17:54:09.0578 2948 prodrv06 (6d3b2fc5dec2f59b28fe5fa17250a7b0) C:\WINDOWS\System32\drivers\prodrv06.sys
17:54:09.0609 2948 prodrv06 ( UnsignedFile.Multi.Generic ) - warning
17:54:09.0609 2948 prodrv06 - detected UnsignedFile.Multi.Generic (1)
17:54:09.0718 2948 prohlp02 (c5f47b7ec2ec906847d5f80ba779a5bd) C:\WINDOWS\system32\drivers\prohlp02.sys
17:54:09.0750 2948 prohlp02 ( UnsignedFile.Multi.Generic ) - warning
17:54:09.0750 2948 prohlp02 - detected UnsignedFile.Multi.Generic (1)
17:54:09.0859 2948 prosync1 (f3471e7971ee62420451d958da635064) C:\WINDOWS\system32\drivers\prosync1.sys
17:54:09.0875 2948 prosync1 ( UnsignedFile.Multi.Generic ) - warning
17:54:09.0875 2948 prosync1 - detected UnsignedFile.Multi.Generic (1)
17:54:09.0953 2948 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
17:54:10.0156 2948 ProtectedStorage - ok
17:54:10.0234 2948 psadd (dc23b0d9a0282cb0d8281dbda431ac14) C:\WINDOWS\system32\Drivers\psadd.sys
17:54:10.0312 2948 psadd ( UnsignedFile.Multi.Generic ) - warning
17:54:10.0312 2948 psadd - detected UnsignedFile.Multi.Generic (1)
17:54:10.0437 2948 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:54:10.0640 2948 PSched - ok
17:54:10.0718 2948 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:54:10.0953 2948 Ptilink - ok
17:54:11.0015 2948 PxHelp20 (86724469cd077901706854974cd13c3e) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
17:54:11.0046 2948 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
17:54:11.0046 2948 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
17:54:11.0156 2948 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\System32\DRIVERS\ql1080.sys
17:54:11.0375 2948 ql1080 - ok
17:54:11.0468 2948 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\System32\DRIVERS\ql10wnt.sys
17:54:11.0687 2948 Ql10wnt - ok
17:54:11.0781 2948 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\System32\DRIVERS\ql12160.sys
17:54:11.0984 2948 ql12160 - ok
17:54:12.0062 2948 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\System32\DRIVERS\ql1240.sys
17:54:12.0296 2948 ql1240 - ok
17:54:12.0390 2948 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\System32\DRIVERS\ql1280.sys
17:54:12.0609 2948 ql1280 - ok
17:54:12.0687 2948 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:54:12.0890 2948 RasAcd - ok
17:54:12.0968 2948 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
17:54:13.0187 2948 RasAuto - ok
17:54:13.0296 2948 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:54:13.0500 2948 Rasl2tp - ok
17:54:13.0578 2948 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
17:54:13.0781 2948 RasMan - ok
17:54:13.0875 2948 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:54:14.0078 2948 RasPppoe - ok
17:54:14.0187 2948 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:54:14.0437 2948 Raspti - ok
17:54:14.0531 2948 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:54:14.0750 2948 Rdbss - ok
17:54:14.0859 2948 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:54:15.0062 2948 RDPCDD - ok
17:54:15.0140 2948 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:54:15.0359 2948 rdpdr - ok
17:54:15.0468 2948 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
17:54:15.0531 2948 RDPWD - ok
17:54:15.0625 2948 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
17:54:15.0828 2948 RDSessMgr - ok
17:54:15.0921 2948 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:54:16.0125 2948 redbook - ok
17:54:16.0203 2948 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
17:54:16.0406 2948 RemoteAccess - ok
17:54:16.0500 2948 RemoteRegistry (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
17:54:16.0718 2948 RemoteRegistry - ok
17:54:16.0796 2948 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
17:54:17.0031 2948 ROOTMODEM - ok
17:54:17.0093 2948 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\System32\locator.exe
17:54:17.0296 2948 RpcLocator - ok
17:54:17.0375 2948 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
17:54:17.0500 2948 RpcSs - ok
17:54:17.0578 2948 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\System32\rsvp.exe
17:54:17.0796 2948 RSVP - ok
17:54:17.0875 2948 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
17:54:18.0062 2948 SamSs - ok
17:54:18.0140 2948 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
17:54:18.0359 2948 SCardSvr - ok
17:54:18.0453 2948 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
17:54:18.0671 2948 Schedule - ok
17:54:18.0781 2948 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:54:19.0046 2948 Secdrv - ok
17:54:19.0109 2948 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
17:54:19.0328 2948 seclogon - ok
17:54:19.0437 2948 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
17:54:19.0656 2948 SENS - ok
17:54:19.0750 2948 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:54:19.0953 2948 serenum - ok
17:54:20.0078 2948 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
17:54:20.0281 2948 Serial - ok
17:54:20.0421 2948 sfhlp01 (462aee0ea0481ea8bd45cac876a4ccc4) C:\WINDOWS\system32\drivers\sfhlp01.sys
17:54:20.0453 2948 sfhlp01 ( UnsignedFile.Multi.Generic ) - warning
17:54:20.0453 2948 sfhlp01 - detected UnsignedFile.Multi.Generic (1)
17:54:20.0546 2948 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:54:20.0750 2948 Sfloppy - ok
17:54:20.0843 2948 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
17:54:21.0093 2948 SharedAccess - ok
17:54:21.0156 2948 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
17:54:21.0203 2948 ShellHWDetection - ok
17:54:21.0296 2948 Simbad - ok
17:54:21.0343 2948 SipIMNDI - ok
17:54:21.0421 2948 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\System32\DRIVERS\sisagp.sys
17:54:21.0640 2948 sisagp - ok
17:54:21.0765 2948 smwdm (f41896d591106713649b7eba668324e6) C:\WINDOWS\system32\drivers\smwdm.sys
17:54:21.0843 2948 smwdm - ok
17:54:21.0937 2948 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\System32\DRIVERS\sparrow.sys
17:54:22.0062 2948 Sparrow - ok
17:54:22.0156 2948 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:54:22.0359 2948 splitter - ok
17:54:22.0437 2948 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
17:54:22.0484 2948 Spooler - ok
17:54:22.0578 2948 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
17:54:22.0796 2948 sr - ok
17:54:22.0890 2948 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\System32\srsvc.dll
17:54:23.0093 2948 srservice - ok
17:54:23.0218 2948 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:54:23.0296 2948 Srv - ok
17:54:23.0359 2948 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
17:54:23.0593 2948 SSDPSRV - ok
17:54:23.0703 2948 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
17:54:23.0718 2948 ssmdrv - ok
17:54:23.0796 2948 StarOpen (e57b778208c783d8debab320c16a1b82) C:\WINDOWS\system32\drivers\StarOpen.sys
17:54:23.0812 2948 StarOpen ( UnsignedFile.Multi.Generic ) - warning
17:54:23.0812 2948 StarOpen - detected UnsignedFile.Multi.Generic (1)
17:54:23.0890 2948 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
17:54:24.0156 2948 stisvc - ok
17:54:24.0250 2948 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:54:24.0453 2948 swenum - ok
17:54:24.0546 2948 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:54:24.0765 2948 swmidi - ok
17:54:24.0812 2948 SwPrv - ok
17:54:24.0890 2948 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\System32\DRIVERS\symc810.sys
17:54:25.0109 2948 symc810 - ok
17:54:25.0203 2948 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\System32\DRIVERS\symc8xx.sys
17:54:25.0421 2948 symc8xx - ok
17:54:25.0531 2948 SymEvent (403bd24fa5c55fc648abdd039629a954) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
17:54:25.0578 2948 SymEvent - ok
17:54:25.0671 2948 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\System32\DRIVERS\sym_hi.sys
17:54:25.0890 2948 sym_hi - ok
17:54:25.0968 2948 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\System32\DRIVERS\sym_u3.sys
17:54:26.0187 2948 sym_u3 - ok
17:54:26.0265 2948 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:54:26.0484 2948 sysaudio - ok
17:54:26.0562 2948 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
17:54:26.0765 2948 SysmonLog - ok
17:54:26.0859 2948 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
17:54:27.0062 2948 TapiSrv - ok
17:54:27.0171 2948 tbhsd (adeb5b39e08282a81ef6998e8c76e269) C:\WINDOWS\system32\drivers\tbhsd.sys
17:54:27.0203 2948 tbhsd ( UnsignedFile.Multi.Generic ) - warning
17:54:27.0203 2948 tbhsd - detected UnsignedFile.Multi.Generic (1)
17:54:27.0312 2948 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:54:27.0453 2948 Tcpip - ok
17:54:27.0531 2948 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:54:27.0718 2948 TDPIPE - ok
17:54:27.0796 2948 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:54:28.0015 2948 TDTCP - ok
17:54:28.0093 2948 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:54:28.0312 2948 TermDD - ok
17:54:28.0406 2948 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
17:54:28.0625 2948 TermService - ok
17:54:28.0703 2948 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
17:54:28.0734 2948 Themes - ok
17:54:28.0812 2948 TlntSvr (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\System32\tlntsvr.exe
17:54:29.0015 2948 TlntSvr - ok
17:54:29.0125 2948 toshidpt (62c57e7411b5f20980e70530ca69d5a7) C:\WINDOWS\system32\drivers\Toshidpt.sys
17:54:29.0140 2948 toshidpt ( UnsignedFile.Multi.Generic ) - warning
17:54:29.0140 2948 toshidpt - detected UnsignedFile.Multi.Generic (1)
17:54:29.0250 2948 TosIde (d213a9247dc347f305a2d4cc9b951487) C:\WINDOWS\System32\DRIVERS\toside.sys
17:54:29.0468 2948 TosIde - ok
17:54:29.0562 2948 tosporte (09505abeae3de953442417a48256684a) C:\WINDOWS\system32\DRIVERS\tosporte.sys
17:54:29.0593 2948 tosporte ( UnsignedFile.Multi.Generic ) - warning
17:54:29.0593 2948 tosporte - detected UnsignedFile.Multi.Generic (1)
17:54:29.0687 2948 Tosrfbd (9b478a68d0f627ed3c4c4a48e86c5509) C:\WINDOWS\system32\Drivers\tosrfbd.sys
17:54:29.0703 2948 Tosrfbd ( UnsignedFile.Multi.Generic ) - warning
17:54:29.0703 2948 Tosrfbd - detected UnsignedFile.Multi.Generic (1)
17:54:29.0812 2948 Tosrfbnp (fe200eece7521061cdad658c6ee4f341) C:\WINDOWS\system32\Drivers\tosrfbnp.sys
17:54:29.0843 2948 Tosrfbnp ( UnsignedFile.Multi.Generic ) - warning
17:54:29.0843 2948 Tosrfbnp - detected UnsignedFile.Multi.Generic (1)
17:54:29.0953 2948 Tosrfcom (d185be751021bcf1e5d58566d408314a) C:\WINDOWS\system32\Drivers\tosrfcom.sys
17:54:29.0984 2948 Tosrfcom ( UnsignedFile.Multi.Generic ) - warning
17:54:29.0984 2948 Tosrfcom - detected UnsignedFile.Multi.Generic (1)
17:54:30.0078 2948 Tosrfhid (341612b9758054e5965bcd6ae111b8f9) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
17:54:30.0109 2948 Tosrfhid ( UnsignedFile.Multi.Generic ) - warning
17:54:30.0109 2948 Tosrfhid - detected UnsignedFile.Multi.Generic (1)
17:54:30.0203 2948 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
17:54:30.0218 2948 tosrfnds ( UnsignedFile.Multi.Generic ) - warning
17:54:30.0218 2948 tosrfnds - detected UnsignedFile.Multi.Generic (1)
17:54:30.0328 2948 TosRfSnd (350814a87f8ba3b0e28278feddf36f82) C:\WINDOWS\system32\drivers\TosRfSnd.sys
17:54:30.0343 2948 TosRfSnd ( UnsignedFile.Multi.Generic ) - warning
17:54:30.0343 2948 TosRfSnd - detected UnsignedFile.Multi.Generic (1)
17:54:30.0453 2948 Tosrfusb (ddb8a339e57d514768f45d33b11bdb50) C:\WINDOWS\system32\Drivers\tosrfusb.sys
17:54:30.0484 2948 Tosrfusb ( UnsignedFile.Multi.Generic ) - warning
17:54:30.0484 2948 Tosrfusb - detected UnsignedFile.Multi.Generic (1)
17:54:30.0578 2948 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
17:54:30.0781 2948 TrkWks - ok
17:54:30.0890 2948 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:54:31.0109 2948 Udfs - ok
17:54:31.0203 2948 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\System32\DRIVERS\ultra.sys
17:54:31.0328 2948 ultra - ok
17:54:31.0453 2948 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:54:31.0703 2948 Update - ok
17:54:31.0796 2948 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
17:54:32.0015 2948 upnphost - ok
17:54:32.0109 2948 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
17:54:32.0312 2948 UPS - ok
17:54:32.0437 2948 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
17:54:32.0671 2948 usbaudio - ok
17:54:32.0765 2948 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:54:32.0968 2948 usbccgp - ok
17:54:33.0078 2948 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:54:33.0265 2948 usbehci - ok
17:54:33.0343 2948 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:54:33.0578 2948 usbhub - ok
17:54:33.0671 2948 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:54:33.0875 2948 usbprint - ok
17:54:33.0968 2948 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:54:34.0171 2948 usbscan - ok
17:54:34.0265 2948 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:54:34.0484 2948 USBSTOR - ok
17:54:34.0546 2948 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:54:34.0750 2948 usbuhci - ok
17:54:34.0859 2948 UxTuneUp (1ff581035c4ea7a75dfb3939c7b7cbd2) C:\WINDOWS\System32\uxtuneup.dll
17:54:34.0875 2948 UxTuneUp - ok
17:54:34.0968 2948 vaxscsi (92cebc2bc7be2c8d49391b365569f306) C:\WINDOWS\System32\Drivers\vaxscsi.sys
17:54:35.0000 2948 vaxscsi - ok
17:54:35.0093 2948 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:54:35.0296 2948 VgaSave - ok
17:54:35.0375 2948 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\System32\DRIVERS\viaagp.sys
17:54:35.0593 2948 viaagp - ok
17:54:35.0703 2948 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\System32\DRIVERS\viaide.sys
17:54:35.0906 2948 ViaIde - ok
17:54:35.0984 2948 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
17:54:36.0171 2948 VolSnap - ok
17:54:36.0281 2948 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
17:54:36.0515 2948 VSS - ok
17:54:36.0625 2948 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\System32\w32time.dll
17:54:36.0843 2948 W32Time - ok
17:54:36.0937 2948 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:54:37.0140 2948 Wanarp - ok
17:54:37.0203 2948 WDICA - ok
17:54:37.0281 2948 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:54:37.0500 2948 wdmaud - ok
17:54:37.0578 2948 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
17:54:37.0781 2948 WebClient - ok
17:54:37.0921 2948 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
17:54:38.0125 2948 winmgmt - ok
17:54:38.0250 2948 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
17:54:38.0359 2948 WmdmPmSN - ok
17:54:38.0468 2948 Wmi (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
17:54:38.0640 2948 Wmi - ok
17:54:38.0750 2948 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\System32\wbem\wmiapsrv.exe
17:54:38.0953 2948 WmiApSrv - ok
17:54:39.0062 2948 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
17:54:39.0156 2948 WMPNetworkSvc - ok
17:54:39.0281 2948 WO_LiveService (f491c8e5ee9d75a06dc36ede5a7a8938) C:\Programme\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerService.exe
17:54:39.0375 2948 WO_LiveService - ok
17:54:39.0546 2948 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:54:39.0625 2948 WPFFontCache_v0400 - ok
17:54:39.0718 2948 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:54:39.0937 2948 WS2IFSL - ok
17:54:40.0031 2948 wscsvc (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
17:54:40.0250 2948 wscsvc - ok
17:54:40.0328 2948 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
17:54:40.0531 2948 wuauserv - ok
17:54:40.0656 2948 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:54:40.0718 2948 WudfPf - ok
17:54:40.0828 2948 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:54:40.0859 2948 WudfRd - ok
17:54:40.0953 2948 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
17:54:40.0984 2948 WudfSvc - ok
17:54:41.0078 2948 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
17:54:41.0328 2948 WZCSVC - ok
17:54:41.0406 2948 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
17:54:41.0625 2948 xmlprov - ok
17:54:41.0718 2948 {6080A529-897E-4629-A488-ABA0C29B635E} (5ff57eedf48f189859d6e9bf81e297c5) C:\WINDOWS\system32\drivers\ialmsbw.sys
17:54:41.0781 2948 {6080A529-897E-4629-A488-ABA0C29B635E} - ok
17:54:41.0875 2948 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} (c2eb14d84069443437f1b3b856bcb665) C:\WINDOWS\system32\drivers\ialmkchw.sys
17:54:41.0921 2948 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
17:54:41.0937 2948 MBR (0x1B8) (eb5d8b1054084399a9e2887ab969ae15) \Device\Harddisk0\DR0
17:54:42.0015 2948 \Device\Harddisk0\DR0 - ok
17:54:42.0031 2948 Boot (0x1200) (29ba236c840db6ae0978678f9ce8cdb8) \Device\Harddisk0\DR0\Partition0
17:54:42.0031 2948 \Device\Harddisk0\DR0\Partition0 - ok
17:54:42.0031 2948 ============================================================
17:54:42.0031 2948 Scan finished
17:54:42.0031 2948 ============================================================
17:54:42.0187 2940 Detected object count: 26
17:54:42.0187 2940 Actual detected object count: 26
17:54:57.0843 2940 atksgt ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0843 2940 atksgt ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0843 2940 DfSdkS ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0843 2940 DfSdkS ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0843 2940 DgiVecp ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0843 2940 DgiVecp ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0843 2940 EGATHDRV ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0843 2940 EGATHDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0843 2940 IBM Rapid Restore Ultra Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0843 2940 IBM Rapid Restore Ultra Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0843 2940 ibmfilter ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0843 2940 ibmfilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0843 2940 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0843 2940 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0843 2940 lirsgt ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0843 2940 lirsgt ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0843 2940 PMEM ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0843 2940 PMEM ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0843 2940 prodrv06 ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0843 2940 prodrv06 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0843 2940 prohlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0843 2940 prohlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0843 2940 prosync1 ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0843 2940 prosync1 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0843 2940 psadd ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0843 2940 psadd ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0859 2940 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0859 2940 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0859 2940 sfhlp01 ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0859 2940 sfhlp01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0859 2940 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0859 2940 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0859 2940 tbhsd ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0859 2940 tbhsd ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0859 2940 toshidpt ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0859 2940 toshidpt ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0859 2940 tosporte ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0859 2940 tosporte ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0859 2940 Tosrfbd ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0859 2940 Tosrfbd ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0875 2940 Tosrfbnp ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0875 2940 Tosrfbnp ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0875 2940 Tosrfcom ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0875 2940 Tosrfcom ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0875 2940 Tosrfhid ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0875 2940 Tosrfhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0875 2940 tosrfnds ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0875 2940 tosrfnds ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0875 2940 TosRfSnd ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0875 2940 TosRfSnd ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:57.0875 2940 Tosrfusb ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:57.0875 2940 Tosrfusb ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
12.04.2012, 19:26
| #17 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Nach Trojaner-Befall -> PC unglaublich langsam Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
13.04.2012, 08:53
| #18 |
| | Nach Trojaner-Befall -> PC unglaublich langsam Ich hatte combofix über Nacht laufen lassen, doch glaube ich nicht, dass sich was getan hat. Heut morgen lief zwar der Rechner doch der Bildschirm war schwarz und ich konnte auch nichts tun. Die combofix.txt habe ich auch nicht gefunden. Soll ichs nochmal im abgesicherten Modus durchführen? Danke für alles :-)
__________________ |
|
13.04.2012, 11:39
| #19 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach Trojaner-Befall -> PC unglaublich langsam Ja probier es nochmal im abgesicherten mit Netzwerk Lad die combofix.exe bitte vorher neu runter
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
14.04.2012, 07:04
| #20 |
| | Nach Trojaner-Befall -> PC unglaublich langsam Habe combofix noch mehrmals deinstalliert und wieder neu runtergeladen und ausprobiert. Sowohl im abgesicherten Modus mit Netzwerk, als auch nur im abgesicherten Modus und im normalen Modus. Jedes mal hängt sich der Rechner auf und zwar immer nachdem combofix den Systemwiederherstellungspunkt erstellt hat und dann in etwa so was da steht: "Vorgang kann ca. 10 min dauern. Dieser kann sich jedoch bei stark infizierten Rechnern leicht verdoppeln." Was soll ich jetzt machen? |
|
15.04.2012, 15:30
| #21 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach Trojaner-Befall -> PC unglaublich langsam Dann überspringen wir CF erstmal Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ --> Nach Trojaner-Befall -> PC unglaublich langsam |
|
15.04.2012, 17:30
| #22 |
| | Nach Trojaner-Befall -> PC unglaublich langsam Hallo cosinus, ich habe leider für längere Zeit keinen Zugriff mehr auf den zu behandelnden PC. Kann man hier den Thread vorübergehend schließen und dann wieder öffnen? Wenn das nicht geht, kann ich leider erst in einigen Monaten wieder antworten. Bis hierher vielen Dank. Ich werde auf jeden Fall deine Anweisungen, sobald es möglich ist durchführen. Danke nochmal :-) |
|
15.04.2012, 18:35
| #23 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach Trojaner-Befall -> PC unglaublich langsam Wir warten einfach ab was bis dahin passiert. Normalerweise können in diesen Strang nur du, die Helfer/Kompetenzler und Mods/Admins hier posten, ich seh daher keinen Anlass zur Schließung. Meld dich hier einfacher wieder wenn du an den PC rankommst
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Nach Trojaner-Befall -> PC unglaublich langsam |
| administrator, adware.webhancer, anti-malware, antivir, autostart, ccleaner, dateien, dateisystem, explorer, gelöscht, heuristiks/extra, heuristiks/shuriken, hijack.controlpanelstyle, langsam, log-file, malwarebytes, microsoft, pup.spyware.marketscore, quarantäne, service pack 3, services, software, speicher, spyware, system32, test, trojan.agent, trojan.antileechplugin, trojaner, version, webhancer |
Linear-Darstellung
