Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: bundespolizei trojaner komme nicht weiter

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 19.10.2011, 17:10   #16
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
bundespolizei trojaner komme nicht weiter - Standard

bundespolizei trojaner komme nicht weiter



Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)


Code:
ATTFilter
:OTL
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=travelmate_8372&r=273610109206l0421z1k5x4671o211
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=travelmate_8372&r=273610109206l0421z1k5x4671o211
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=travelmate_8372&r=273610109206l0421z1k5x4671o211
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=travelmate_8372&r=273610109206l0421z1k5x4671o211
IE - HKLM\..\URLSearchHook: {26647ca4-a2a7-4eac-8a72-761aa9141de7} - C:\Program Files (x86)\www.Freeware-download.com\prxtbwww0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=travelmate_8372&r=273610109206l0421z1k5x4671o211
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2325506
IE - HKCU\..\URLSearchHook: {26647ca4-a2a7-4eac-8a72-761aa9141de7} - C:\Program Files (x86)\www.Freeware-download.com\prxtbwww0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
FF - prefs.js..browser.search.defaultthis.engineName: "www.Freeware-download.com Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2325506&SearchSource=3&q={searchTerms}"
O2 - BHO: (www.Freeware-download.com Toolbar) - {26647ca4-a2a7-4eac-8a72-761aa9141de7} - C:\Program Files (x86)\www.Freeware-download.com\prxtbwww0.dll (Conduit Ltd.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\mcafee\msk\mskapbho.dll ()
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (www.Freeware-download.com Toolbar) - {26647ca4-a2a7-4eac-8a72-761aa9141de7} - C:\Program Files (x86)\www.Freeware-download.com\prxtbwww0.dll (Conduit Ltd.)
O2 - BHO: (Sophos Web Content Scanner) - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosBHO.dll (Sophos Plc)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101014154643.dll File not found
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~2\mcafee\sitead~1\mcieplg.dll File not found
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll File not found
O3 - HKLM\..\Toolbar: (www.Freeware-download.com Toolbar) - {26647ca4-a2a7-4eac-8a72-761aa9141de7} - C:\Program Files (x86)\www.Freeware-download.com\prxtbwww0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (www.Freeware-download.com Toolbar) - {26647CA4-A2A7-4EAC-8A72-761AA9141DE7} - C:\Program Files (x86)\www.Freeware-download.com\prxtbwww0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0bb1023f-fae6-11df-8e8a-001e3328095e}\Shell - "" = AutoRun
O33 - MountPoints2\{0bb1023f-fae6-11df-8e8a-001e3328095e}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{0bb10243-fae6-11df-8e8a-001e3328095e}\Shell - "" = AutoRun
O33 - MountPoints2\{0bb10243-fae6-11df-8e8a-001e3328095e}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{0bb1025e-fae6-11df-8e8a-001e3328095e}\Shell - "" = AutoRun
O33 - MountPoints2\{0bb1025e-fae6-11df-8e8a-001e3328095e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{0bb10262-fae6-11df-8e8a-001e3328095e}\Shell - "" = AutoRun
O33 - MountPoints2\{0bb10262-fae6-11df-8e8a-001e3328095e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{1efcdbf2-8f8c-11e0-a032-001e3328095e}\Shell - "" = AutoRun
O33 - MountPoints2\{1efcdbf2-8f8c-11e0-a032-001e3328095e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{1efcdbfa-8f8c-11e0-a032-001e3328095e}\Shell - "" = AutoRun
O33 - MountPoints2\{1efcdbfa-8f8c-11e0-a032-001e3328095e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{81199b37-d892-11df-a9ca-001e3328095e}\Shell - "" = AutoRun
O33 - MountPoints2\{81199b37-d892-11df-a9ca-001e3328095e}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{81199ba7-d892-11df-a9ca-001e3328095e}\Shell - "" = AutoRun
O33 - MountPoints2\{81199ba7-d892-11df-a9ca-001e3328095e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{9fccb5df-f32c-11df-ad56-001e3328095e}\Shell - "" = AutoRun
O33 - MountPoints2\{9fccb5df-f32c-11df-ad56-001e3328095e}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{b59e516d-e19b-11df-947d-001e3328095e}\Shell - "" = AutoRun
O33 - MountPoints2\{b59e516d-e19b-11df-947d-001e3328095e}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{b59e5172-e19b-11df-947d-001e3328095e}\Shell - "" = AutoRun
O33 - MountPoints2\{b59e5172-e19b-11df-947d-001e3328095e}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{c3098e73-d6cc-11df-87e1-001e3328095e}\Shell - "" = AutoRun
O33 - MountPoints2\{c3098e73-d6cc-11df-87e1-001e3328095e}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f0560524-f1b5-11df-a920-001e3328095e}\Shell - "" = AutoRun
O33 - MountPoints2\{f0560524-f1b5-11df-a920-001e3328095e}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f056052d-f1b5-11df-a920-001e3328095e}\Shell - "" = AutoRun
O33 - MountPoints2\{f056052d-f1b5-11df-a920-001e3328095e}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{f8e06d8c-c002-11e0-8b38-001e3328095e}\Shell - "" = AutoRun
O33 - MountPoints2\{f8e06d8c-c002-11e0-8b38-001e3328095e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{f8e06d90-c002-11e0-8b38-001e3328095e}\Shell - "" = AutoRun
O33 - MountPoints2\{f8e06d90-c002-11e0-8b38-001e3328095e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
:Commands
[emptytemp]
[resethosts]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 26.10.2011, 10:15   #17
ajax
 
bundespolizei trojaner komme nicht weiter - Standard

bundespolizei trojaner komme nicht weiter



Hallo Arne,
hier kommt der Inhalt des Logfiles. Zur Info: während der OTL Fix lief kam ein paar mal die Meldung: "Es befindet suich kein Datenträger im Laufwerk. Legen sie einen Datenträger in Lauwerk\Device\Harddisk1\DR1 ein. Ich habe so lange auf `weiter` geklickt, bis der Fix schließlich lief. Hoffe das war O.K.

Hier der Inhalt des Logfiles:


All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{26647ca4-a2a7-4eac-8a72-761aa9141de7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26647ca4-a2a7-4eac-8a72-761aa9141de7}\ deleted successfully.
C:\Program Files (x86)\www.Freeware-download.com\prxtbwww0.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ deleted successfully.
C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll moved successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{26647ca4-a2a7-4eac-8a72-761aa9141de7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26647ca4-a2a7-4eac-8a72-761aa9141de7}\ not found.
File C:\Program Files (x86)\www.Freeware-download.com\prxtbwww0.dll not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll not found.
Prefs.js: "www.Freeware-download.com Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2325506&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26647ca4-a2a7-4eac-8a72-761aa9141de7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26647ca4-a2a7-4eac-8a72-761aa9141de7}\ not found.
File C:\Program Files (x86)\www.Freeware-download.com\prxtbwww0.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB}\ deleted successfully.
c:\Programme\mcafee\msk\mskapbho.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26647ca4-a2a7-4eac-8a72-761aa9141de7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26647ca4-a2a7-4eac-8a72-761aa9141de7}\ not found.
File C:\Program Files (x86)\www.Freeware-download.com\prxtbwww0.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39EA7695-B3F2-4C44-A4BC-297ADA8FD235}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39EA7695-B3F2-4C44-A4BC-297ADA8FD235}\ deleted successfully.
C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosBHO.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{26647ca4-a2a7-4eac-8a72-761aa9141de7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26647ca4-a2a7-4eac-8a72-761aa9141de7}\ not found.
File download.com\prxtbwww0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{26647CA4-A2A7-4EAC-8A72-761AA9141DE7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26647CA4-A2A7-4EAC-8A72-761AA9141DE7}\ not found.
File download.com\prxtbwww0.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found.
File C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\sacore\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5}\ deleted successfully.
File {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll File not found not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bb1023f-fae6-11df-8e8a-001e3328095e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0bb1023f-fae6-11df-8e8a-001e3328095e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bb1023f-fae6-11df-8e8a-001e3328095e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0bb1023f-fae6-11df-8e8a-001e3328095e}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bb10243-fae6-11df-8e8a-001e3328095e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0bb10243-fae6-11df-8e8a-001e3328095e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bb10243-fae6-11df-8e8a-001e3328095e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0bb10243-fae6-11df-8e8a-001e3328095e}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bb1025e-fae6-11df-8e8a-001e3328095e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0bb1025e-fae6-11df-8e8a-001e3328095e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bb1025e-fae6-11df-8e8a-001e3328095e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0bb1025e-fae6-11df-8e8a-001e3328095e}\ not found.
File move failed. E:\AutoRun.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bb10262-fae6-11df-8e8a-001e3328095e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0bb10262-fae6-11df-8e8a-001e3328095e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bb10262-fae6-11df-8e8a-001e3328095e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0bb10262-fae6-11df-8e8a-001e3328095e}\ not found.
File move failed. E:\AutoRun.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1efcdbf2-8f8c-11e0-a032-001e3328095e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1efcdbf2-8f8c-11e0-a032-001e3328095e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1efcdbf2-8f8c-11e0-a032-001e3328095e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1efcdbf2-8f8c-11e0-a032-001e3328095e}\ not found.
File move failed. E:\AutoRun.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1efcdbfa-8f8c-11e0-a032-001e3328095e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1efcdbfa-8f8c-11e0-a032-001e3328095e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1efcdbfa-8f8c-11e0-a032-001e3328095e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1efcdbfa-8f8c-11e0-a032-001e3328095e}\ not found.
File move failed. E:\AutoRun.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{81199b37-d892-11df-a9ca-001e3328095e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{81199b37-d892-11df-a9ca-001e3328095e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{81199b37-d892-11df-a9ca-001e3328095e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{81199b37-d892-11df-a9ca-001e3328095e}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{81199ba7-d892-11df-a9ca-001e3328095e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{81199ba7-d892-11df-a9ca-001e3328095e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{81199ba7-d892-11df-a9ca-001e3328095e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{81199ba7-d892-11df-a9ca-001e3328095e}\ not found.
File move failed. E:\AutoRun.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9fccb5df-f32c-11df-ad56-001e3328095e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9fccb5df-f32c-11df-ad56-001e3328095e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9fccb5df-f32c-11df-ad56-001e3328095e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9fccb5df-f32c-11df-ad56-001e3328095e}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b59e516d-e19b-11df-947d-001e3328095e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b59e516d-e19b-11df-947d-001e3328095e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b59e516d-e19b-11df-947d-001e3328095e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b59e516d-e19b-11df-947d-001e3328095e}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b59e5172-e19b-11df-947d-001e3328095e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b59e5172-e19b-11df-947d-001e3328095e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b59e5172-e19b-11df-947d-001e3328095e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b59e5172-e19b-11df-947d-001e3328095e}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c3098e73-d6cc-11df-87e1-001e3328095e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c3098e73-d6cc-11df-87e1-001e3328095e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c3098e73-d6cc-11df-87e1-001e3328095e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c3098e73-d6cc-11df-87e1-001e3328095e}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f0560524-f1b5-11df-a920-001e3328095e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f0560524-f1b5-11df-a920-001e3328095e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f0560524-f1b5-11df-a920-001e3328095e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f0560524-f1b5-11df-a920-001e3328095e}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f056052d-f1b5-11df-a920-001e3328095e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f056052d-f1b5-11df-a920-001e3328095e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f056052d-f1b5-11df-a920-001e3328095e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f056052d-f1b5-11df-a920-001e3328095e}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f8e06d8c-c002-11e0-8b38-001e3328095e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f8e06d8c-c002-11e0-8b38-001e3328095e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f8e06d8c-c002-11e0-8b38-001e3328095e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f8e06d8c-c002-11e0-8b38-001e3328095e}\ not found.
File move failed. E:\AutoRun.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f8e06d90-c002-11e0-8b38-001e3328095e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f8e06d90-c002-11e0-8b38-001e3328095e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f8e06d90-c002-11e0-8b38-001e3328095e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f8e06d90-c002-11e0-8b38-001e3328095e}\ not found.
File move failed. E:\AutoRun.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
File move failed. E:\AutoRun.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found.
File F:\AutoRun.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Anette
->Temp folder emptied: 1042663283 bytes
->Temporary Internet Files folder emptied: 289516913 bytes
->Java cache emptied: 1671912 bytes
->FireFox cache emptied: 107498140 bytes
->Flash cache emptied: 12359 bytes

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Wieland
->Temp folder emptied: 159548498 bytes
->Temporary Internet Files folder emptied: 156619927 bytes
->Java cache emptied: 4525233 bytes
->FireFox cache emptied: 89580987 bytes
->Flash cache emptied: 73994 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 551629071 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 25120919862 bytes

Total Files Cleaned = 26.249,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.29.1 log created on 10262011_104205

Files\Folders moved on Reboot...
File move failed. E:\AutoRun.exe scheduled to be moved on reboot.
C:\Users\Anette\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.
File\Folder C:\Windows\temp\JET7020.tmp not found!

Registry entries deleted on Reboot...
__________________


Alt 26.10.2011, 12:01   #18
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
bundespolizei trojaner komme nicht weiter - Standard

bundespolizei trojaner komme nicht weiter



Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!




Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________
__________________

Alt 26.10.2011, 15:34   #19
ajax
 
bundespolizei trojaner komme nicht weiter - Standard

bundespolizei trojaner komme nicht weiter



Hallo Arne,
hier das Log von Kapersky:


16:13:05.0108 7524 TDSS rootkit removing tool 2.6.13.0 Oct 25 2011 13:56:21
16:13:05.0123 7524 ============================================================
16:13:05.0123 7524 Current date / time: 2011/10/26 16:13:05.0123
16:13:05.0123 7524 SystemInfo:
16:13:05.0123 7524
16:13:05.0123 7524 OS Version: 6.1.7600 ServicePack: 0.0
16:13:05.0123 7524 Product type: Workstation
16:13:05.0123 7524 ComputerName: LAPTOP-TM8372
16:13:05.0123 7524 UserName: Anette
16:13:05.0123 7524 Windows directory: C:\Windows
16:13:05.0123 7524 System windows directory: C:\Windows
16:13:05.0123 7524 Running under WOW64
16:13:05.0123 7524 Processor architecture: Intel x64
16:13:05.0123 7524 Number of processors: 4
16:13:05.0123 7524 Page size: 0x1000
16:13:05.0123 7524 Boot type: Normal boot
16:13:05.0123 7524 ============================================================
16:13:05.0669 7524 Initialize success
16:14:33.0451 7744 ============================================================
16:14:33.0451 7744 Scan started
16:14:33.0451 7744 Mode: Manual;
16:14:33.0451 7744 ============================================================
16:14:34.0433 7744 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
16:14:34.0465 7744 1394ohci - ok
16:14:34.0574 7744 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
16:14:34.0574 7744 ACPI - ok
16:14:34.0683 7744 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
16:14:34.0714 7744 AcpiPmi - ok
16:14:34.0839 7744 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:14:34.0870 7744 adp94xx - ok
16:14:35.0011 7744 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:14:35.0026 7744 adpahci - ok
16:14:35.0135 7744 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:14:35.0167 7744 adpu320 - ok
16:14:35.0291 7744 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
16:14:35.0338 7744 AFD - ok
16:14:35.0432 7744 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
16:14:35.0447 7744 agp440 - ok
16:14:35.0572 7744 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
16:14:35.0588 7744 aliide - ok
16:14:35.0713 7744 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
16:14:35.0728 7744 amdide - ok
16:14:35.0853 7744 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:14:35.0869 7744 AmdK8 - ok
16:14:35.0947 7744 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:14:35.0962 7744 AmdPPM - ok
16:14:36.0040 7744 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
16:14:36.0056 7744 amdsata - ok
16:14:36.0134 7744 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:14:36.0149 7744 amdsbs - ok
16:14:36.0259 7744 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
16:14:36.0259 7744 amdxata - ok
16:14:36.0368 7744 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
16:14:36.0383 7744 AppID - ok
16:14:36.0461 7744 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:14:36.0493 7744 arc - ok
16:14:36.0508 7744 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:14:36.0524 7744 arcsas - ok
16:14:36.0555 7744 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:14:36.0555 7744 AsyncMac - ok
16:14:36.0617 7744 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
16:14:36.0617 7744 atapi - ok
16:14:36.0695 7744 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\Windows\system32\DRIVERS\athrx.sys
16:14:36.0773 7744 athr - ok
16:14:36.0883 7744 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:14:36.0929 7744 b06bdrv - ok
16:14:37.0007 7744 b57nd60a (57cf39f0754e8afe8a7d4470b8c87d3b) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:14:37.0039 7744 b57nd60a - ok
16:14:37.0241 7744 BCM43XX (2d659b569a76cdb83b815675a80d7096) C:\Windows\system32\DRIVERS\bcmwl664.sys
16:14:37.0351 7744 BCM43XX - ok
16:14:37.0491 7744 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:14:37.0507 7744 Beep - ok
16:14:37.0647 7744 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:14:37.0663 7744 blbdrive - ok
16:14:37.0709 7744 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
16:14:37.0709 7744 bowser - ok
16:14:37.0741 7744 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:14:37.0756 7744 BrFiltLo - ok
16:14:37.0834 7744 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:14:37.0850 7744 BrFiltUp - ok
16:14:37.0912 7744 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:14:37.0943 7744 Brserid - ok
16:14:38.0006 7744 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:14:38.0021 7744 BrSerWdm - ok
16:14:38.0053 7744 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:14:38.0068 7744 BrUsbMdm - ok
16:14:38.0131 7744 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:14:38.0146 7744 BrUsbSer - ok
16:14:38.0271 7744 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
16:14:38.0287 7744 BthEnum - ok
16:14:38.0318 7744 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:14:38.0333 7744 BTHMODEM - ok
16:14:38.0443 7744 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
16:14:38.0458 7744 BthPan - ok
16:14:38.0552 7744 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
16:14:38.0567 7744 BTHPORT - ok
16:14:38.0708 7744 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
16:14:38.0723 7744 BTHUSB - ok
16:14:38.0770 7744 btwampfl (e1ddc25788a1d6fecf155cce8159be9b) C:\Windows\system32\drivers\btwampfl.sys
16:14:38.0801 7744 btwampfl - ok
16:14:38.0895 7744 btwaudio (ebc9e33c13cdd6c51c1134eae46466a1) C:\Windows\system32\drivers\btwaudio.sys
16:14:38.0911 7744 btwaudio - ok
16:14:38.0926 7744 btwavdt (43fb7fa896d87aa5a9f3e743d7e2303f) C:\Windows\system32\drivers\btwavdt.sys
16:14:38.0942 7744 btwavdt - ok
16:14:39.0051 7744 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
16:14:39.0067 7744 btwl2cap - ok
16:14:39.0129 7744 btwrchid (1aed551a8cb2f2343eda09109eef4807) C:\Windows\system32\DRIVERS\btwrchid.sys
16:14:39.0145 7744 btwrchid - ok
16:14:39.0191 7744 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:14:39.0191 7744 cdfs - ok
16:14:39.0316 7744 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
16:14:39.0316 7744 cdrom - ok
16:14:39.0425 7744 cfwids (0f75ec1c9e21f0fb4648a1d9bb322e5d) C:\Windows\system32\drivers\cfwids.sys
16:14:39.0457 7744 cfwids - ok
16:14:39.0519 7744 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:14:39.0535 7744 circlass - ok
16:14:39.0581 7744 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:14:39.0581 7744 CLFS - ok
16:14:39.0706 7744 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:14:39.0722 7744 CmBatt - ok
16:14:39.0753 7744 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
16:14:39.0784 7744 cmdide - ok
16:14:39.0815 7744 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
16:14:39.0815 7744 CNG - ok
16:14:39.0940 7744 CnxtHdAudService (c1ee6fa6a870132bb71f2c8830779c59) C:\Windows\system32\drivers\CHDRT64.sys
16:14:39.0987 7744 CnxtHdAudService - ok
16:14:40.0096 7744 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:14:40.0096 7744 Compbatt - ok
16:14:40.0159 7744 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
16:14:40.0174 7744 CompositeBus - ok
16:14:40.0299 7744 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:14:40.0315 7744 crcdisk - ok
16:14:40.0471 7744 CVirtA (44bddeb03c84a1c993c992ffb5700357) C:\Windows\system32\DRIVERS\CVirtA64.sys
16:14:40.0502 7744 CVirtA - ok
16:14:40.0611 7744 CVPNDRVA (cc8e52daa9826064ba464dbe531f2bb5) C:\Windows\system32\Drivers\CVPNDRVA.sys
16:14:40.0642 7744 CVPNDRVA - ok
16:14:40.0783 7744 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
16:14:40.0783 7744 DfsC - ok
16:14:40.0829 7744 DgiVecp - ok
16:14:40.0892 7744 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:14:40.0907 7744 discache - ok
16:14:41.0017 7744 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:14:41.0017 7744 Disk - ok
16:14:41.0079 7744 DNE (05cb5910b3ca6019fc3cca815ee06ffb) C:\Windows\system32\DRIVERS\dne64x.sys
16:14:41.0079 7744 DNE - ok
16:14:41.0219 7744 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:14:41.0235 7744 drmkaud - ok
16:14:41.0360 7744 DVMIO (fcfac62c7b95a2d4f791b89e09b07432) C:\Program Files (x86)\InstantView\tools\dvmio_x64.sys
16:14:41.0375 7744 DVMIO - ok
16:14:41.0516 7744 DXGKrnl (24ce1ecf9d0ae0301775b07f5fea175b) C:\Windows\System32\drivers\dxgkrnl.sys
16:14:41.0547 7744 DXGKrnl - ok
16:14:41.0687 7744 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:14:41.0797 7744 ebdrv - ok
16:14:41.0937 7744 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:14:41.0984 7744 elxstor - ok
16:14:42.0077 7744 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
16:14:42.0093 7744 ErrDev - ok
16:14:42.0187 7744 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:14:42.0202 7744 exfat - ok
16:14:42.0296 7744 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:14:42.0296 7744 fastfat - ok
16:14:42.0405 7744 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:14:42.0421 7744 fdc - ok
16:14:42.0545 7744 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:14:42.0545 7744 FileInfo - ok
16:14:42.0577 7744 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:14:42.0592 7744 Filetrace - ok
16:14:42.0701 7744 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:14:42.0717 7744 flpydisk - ok
16:14:42.0748 7744 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
16:14:42.0764 7744 FltMgr - ok
16:14:42.0889 7744 FPSensor (54a9c5a6aa0bb0041a4af7172ffc3d9f) C:\Windows\system32\Drivers\FPSensor.sys
16:14:42.0889 7744 FPSensor - ok
16:14:42.0920 7744 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:14:42.0935 7744 FsDepends - ok
16:14:42.0982 7744 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
16:14:42.0998 7744 Fs_Rec - ok
16:14:43.0107 7744 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:14:43.0107 7744 fvevol - ok
16:14:43.0216 7744 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:14:43.0232 7744 gagp30kx - ok
16:14:43.0388 7744 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:14:43.0403 7744 hcw85cir - ok
16:14:43.0481 7744 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
16:14:43.0497 7744 HdAudAddService - ok
16:14:43.0591 7744 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:14:43.0606 7744 HDAudBus - ok
16:14:43.0715 7744 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
16:14:43.0731 7744 HECIx64 - ok
16:14:43.0793 7744 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:14:43.0809 7744 HidBatt - ok
16:14:43.0856 7744 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:14:43.0871 7744 HidBth - ok
16:14:43.0918 7744 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:14:43.0934 7744 HidIr - ok
16:14:44.0027 7744 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
16:14:44.0027 7744 HidUsb - ok
16:14:44.0168 7744 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
16:14:44.0183 7744 HpSAMD - ok
16:14:44.0261 7744 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
16:14:44.0293 7744 HTTP - ok
16:14:44.0371 7744 hwdatacard (cdaa8e257bb625b2387219e605dde37d) C:\Windows\system32\DRIVERS\ewusbmdm.sys
16:14:44.0386 7744 hwdatacard - ok
16:14:44.0417 7744 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
16:14:44.0417 7744 hwpolicy - ok
16:14:44.0480 7744 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:14:44.0495 7744 i8042prt - ok
16:14:44.0527 7744 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
16:14:44.0527 7744 iaStor - ok
16:14:44.0651 7744 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
16:14:44.0683 7744 iaStorV - ok
16:14:44.0745 7744 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:14:44.0761 7744 iirsp - ok
16:14:44.0807 7744 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
16:14:44.0823 7744 intelide - ok
16:14:44.0854 7744 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:14:44.0854 7744 intelppm - ok
16:14:44.0948 7744 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:14:44.0963 7744 IPMIDRV - ok
16:14:45.0041 7744 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:14:45.0057 7744 IPNAT - ok
16:14:45.0088 7744 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:14:45.0104 7744 IRENUM - ok
16:14:45.0135 7744 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
16:14:45.0151 7744 isapnp - ok
16:14:45.0166 7744 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
16:14:45.0182 7744 iScsiPrt - ok
16:14:45.0307 7744 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:14:45.0322 7744 kbdclass - ok
16:14:45.0369 7744 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
16:14:45.0369 7744 kbdhid - ok
16:14:45.0385 7744 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
16:14:45.0385 7744 KSecDD - ok
16:14:45.0416 7744 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
16:14:45.0416 7744 KSecPkg - ok
16:14:45.0509 7744 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:14:45.0541 7744 ksthunk - ok
16:14:45.0681 7744 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:14:45.0697 7744 lltdio - ok
16:14:45.0853 7744 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:14:45.0868 7744 LSI_FC - ok
16:14:45.0899 7744 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:14:45.0915 7744 LSI_SAS - ok
16:14:45.0931 7744 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:14:45.0931 7744 LSI_SAS2 - ok
16:14:45.0946 7744 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:14:45.0962 7744 LSI_SCSI - ok
16:14:45.0993 7744 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:14:45.0993 7744 luafv - ok
16:14:46.0087 7744 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
16:14:46.0087 7744 MBAMProtector - ok
16:14:46.0243 7744 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:14:46.0258 7744 megasas - ok
16:14:46.0305 7744 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:14:46.0321 7744 MegaSR - ok
16:14:46.0430 7744 mfeapfk (487f6ce8fc99da5ba55266c0fecc81fa) C:\Windows\system32\drivers\mfeapfk.sys
16:14:46.0445 7744 mfeapfk - ok
16:14:46.0477 7744 mfefirek (041435b0e11a7be7aec199d790b2ce90) C:\Windows\system32\drivers\mfefirek.sys
16:14:46.0523 7744 mfefirek - ok
16:14:46.0555 7744 mfehidk (a3c142a8d5cccd4acb145d8e0bd347fd) C:\Windows\system32\drivers\mfehidk.sys
16:14:46.0570 7744 mfehidk - ok
16:14:46.0586 7744 mfenlfk (89c623961f8e4fcb1c3cf6576aae06ef) C:\Windows\system32\DRIVERS\mfenlfk.sys
16:14:46.0617 7744 mfenlfk - ok
16:14:46.0711 7744 mferkdet (37dc16dd53e407cbb1a7c530288b7151) C:\Windows\system32\drivers\mferkdet.sys
16:14:46.0726 7744 mferkdet - ok
16:14:46.0773 7744 mfewfpk (1680dd5958520e04cddc5faf51dbd781) C:\Windows\system32\drivers\mfewfpk.sys
16:14:46.0773 7744 mfewfpk - ok
16:14:46.0867 7744 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:14:46.0882 7744 Modem - ok
16:14:46.0976 7744 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:14:46.0976 7744 monitor - ok
16:14:47.0054 7744 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:14:47.0069 7744 mouclass - ok
16:14:47.0194 7744 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:14:47.0194 7744 mouhid - ok
16:14:47.0225 7744 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
16:14:47.0225 7744 mountmgr - ok
16:14:47.0335 7744 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
16:14:47.0350 7744 mpio - ok
16:14:47.0397 7744 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:14:47.0413 7744 mpsdrv - ok
16:14:47.0475 7744 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
16:14:47.0491 7744 MRxDAV - ok
16:14:47.0522 7744 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:14:47.0522 7744 mrxsmb - ok
16:14:47.0569 7744 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:14:47.0569 7744 mrxsmb10 - ok
16:14:47.0662 7744 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:14:47.0662 7744 mrxsmb20 - ok
16:14:47.0709 7744 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
16:14:47.0725 7744 msahci - ok
16:14:47.0787 7744 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
16:14:47.0803 7744 msdsm - ok
16:14:47.0881 7744 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:14:47.0881 7744 Msfs - ok
16:14:47.0990 7744 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:14:48.0021 7744 mshidkmdf - ok
16:14:48.0052 7744 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
16:14:48.0052 7744 msisadrv - ok
16:14:48.0177 7744 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:14:48.0193 7744 MSKSSRV - ok
16:14:48.0239 7744 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:14:48.0255 7744 MSPCLOCK - ok
16:14:48.0271 7744 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:14:48.0271 7744 MSPQM - ok
16:14:48.0302 7744 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
16:14:48.0302 7744 MsRPC - ok
16:14:48.0333 7744 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
16:14:48.0333 7744 mssmbios - ok
16:14:48.0473 7744 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:14:48.0489 7744 MSTEE - ok
16:14:48.0520 7744 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:14:48.0551 7744 MTConfig - ok
16:14:48.0567 7744 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:14:48.0567 7744 Mup - ok
16:14:48.0645 7744 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:14:48.0676 7744 NativeWifiP - ok
16:14:48.0817 7744 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
16:14:48.0848 7744 NDIS - ok
16:14:48.0973 7744 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:14:48.0988 7744 NdisCap - ok
16:14:49.0035 7744 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:14:49.0051 7744 NdisTapi - ok
16:14:49.0097 7744 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
16:14:49.0097 7744 Ndisuio - ok
16:14:49.0129 7744 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
16:14:49.0144 7744 NdisWan - ok
16:14:49.0191 7744 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
16:14:49.0207 7744 NDProxy - ok
16:14:49.0331 7744 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:14:49.0331 7744 NetBIOS - ok
16:14:49.0363 7744 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
16:14:49.0394 7744 NetBT - ok
16:14:49.0519 7744 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:14:49.0534 7744 nfrd960 - ok
16:14:49.0690 7744 npf (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys
16:14:49.0706 7744 npf - ok
16:14:49.0753 7744 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:14:49.0753 7744 Npfs - ok
16:14:49.0784 7744 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:14:49.0799 7744 nsiproxy - ok
16:14:49.0877 7744 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
16:14:49.0909 7744 Ntfs - ok
16:14:50.0033 7744 NTIDrvr (710263b44c1d1aee07525a53401fbe48) C:\Windows\system32\drivers\NTIDrvr.sys
16:14:50.0049 7744 NTIDrvr - ok
16:14:50.0096 7744 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:14:50.0111 7744 Null - ok
16:14:50.0423 7744 nvlddmkm (f835a94df1770addea7a40782747682c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:14:50.0704 7744 nvlddmkm - ok
16:14:50.0813 7744 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
16:14:50.0845 7744 nvraid - ok
16:14:50.0969 7744 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
16:14:50.0985 7744 nvstor - ok
16:14:51.0125 7744 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
16:14:51.0141 7744 nv_agp - ok
16:14:51.0266 7744 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
16:14:51.0266 7744 ohci1394 - ok
16:14:51.0422 7744 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:14:51.0437 7744 Parport - ok
16:14:51.0484 7744 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
16:14:51.0484 7744 partmgr - ok
16:14:51.0515 7744 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
16:14:51.0515 7744 pci - ok
16:14:51.0531 7744 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
16:14:51.0547 7744 pciide - ok
16:14:51.0593 7744 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:14:51.0609 7744 pcmcia - ok
16:14:51.0640 7744 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:14:51.0640 7744 pcw - ok
16:14:51.0671 7744 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:14:51.0718 7744 PEAUTH - ok
16:14:51.0859 7744 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
16:14:51.0874 7744 PptpMiniport - ok
16:14:51.0937 7744 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:14:51.0952 7744 Processor - ok
16:14:52.0061 7744 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
16:14:52.0077 7744 Psched - ok
16:14:52.0186 7744 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:14:52.0264 7744 ql2300 - ok
16:14:52.0389 7744 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:14:52.0405 7744 ql40xx - ok
16:14:52.0451 7744 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:14:52.0467 7744 QWAVEdrv - ok
16:14:52.0483 7744 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:14:52.0498 7744 RasAcd - ok
16:14:52.0592 7744 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:14:52.0607 7744 RasAgileVpn - ok
16:14:52.0654 7744 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:14:52.0654 7744 Rasl2tp - ok
16:14:52.0779 7744 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:14:52.0795 7744 RasPppoe - ok
16:14:52.0826 7744 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:14:52.0841 7744 RasSstp - ok
16:14:52.0888 7744 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
16:14:52.0888 7744 rdbss - ok
16:14:52.0919 7744 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:14:52.0935 7744 rdpbus - ok
16:14:53.0044 7744 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:14:53.0060 7744 RDPCDD - ok
16:14:53.0107 7744 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:14:53.0122 7744 RDPENCDD - ok
16:14:53.0169 7744 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:14:53.0185 7744 RDPREFMP - ok
16:14:53.0216 7744 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
16:14:53.0231 7744 RDPWD - ok
16:14:53.0278 7744 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
16:14:53.0278 7744 rdyboost - ok
16:14:53.0403 7744 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
16:14:53.0434 7744 RFCOMM - ok
16:14:53.0497 7744 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
16:14:53.0512 7744 RimUsb - ok
16:14:53.0637 7744 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:14:53.0653 7744 rspndr - ok
16:14:53.0777 7744 RSUSBSTOR (44ed82612403021e36998e1ecb1198f1) C:\Windows\system32\Drivers\RtsUStor.sys
16:14:53.0777 7744 RSUSBSTOR - ok
16:14:53.0918 7744 SAVOnAccess (2bb45e1528ebb0f2a105ecdc0dd28333) C:\Windows\system32\DRIVERS\savonaccess.sys
16:14:53.0918 7744 SAVOnAccess - ok
16:14:53.0980 7744 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
16:14:53.0996 7744 sbp2port - ok
16:14:54.0121 7744 scfdriver (318cf32b1e89fc8b14695c1179ed1482) C:\Windows\system32\Drivers\scfdriver.sys
16:14:54.0136 7744 scfdriver - ok
16:14:54.0183 7744 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
16:14:54.0214 7744 scfilter - ok
16:14:54.0339 7744 scflwf (9ee12c975f9968ace96760bd28077f26) C:\Windows\system32\DRIVERS\scflwf.sys
16:14:54.0370 7744 scflwf - ok
16:14:54.0495 7744 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:14:54.0511 7744 secdrv - ok
16:14:54.0635 7744 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:14:54.0651 7744 Serenum - ok
16:14:54.0698 7744 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:14:54.0713 7744 Serial - ok
16:14:54.0807 7744 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:14:54.0823 7744 sermouse - ok
16:14:54.0854 7744 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
16:14:54.0885 7744 sffdisk - ok
16:14:54.0885 7744 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:14:54.0901 7744 sffp_mmc - ok
16:14:54.0916 7744 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
16:14:54.0932 7744 sffp_sd - ok
16:14:54.0979 7744 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:14:54.0994 7744 sfloppy - ok
16:14:55.0119 7744 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:14:55.0135 7744 SiSRaid2 - ok
16:14:55.0166 7744 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:14:55.0181 7744 SiSRaid4 - ok
16:14:55.0213 7744 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:14:55.0228 7744 Smb - ok
16:14:55.0384 7744 SophosBootDriver (69fbe35a8165adbc313aa7f64b868ca1) C:\Windows\system32\DRIVERS\SophosBootDriver.sys
16:14:55.0400 7744 SophosBootDriver - ok
16:14:55.0509 7744 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:14:55.0509 7744 spldr - ok
16:14:55.0587 7744 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
16:14:55.0603 7744 srv - ok
16:14:55.0649 7744 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
16:14:55.0665 7744 srv2 - ok
16:14:55.0696 7744 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
16:14:55.0712 7744 srvnet - ok
16:14:55.0727 7744 SSPORT - ok
16:14:55.0774 7744 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:14:55.0790 7744 stexstor - ok
16:14:55.0946 7744 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
16:14:55.0961 7744 swenum - ok
16:14:56.0086 7744 SynTP (a0066e04d89e1ccdc8b24af4c7f41416) C:\Windows\system32\DRIVERS\SynTP.sys
16:14:56.0117 7744 SynTP - ok
16:14:56.0273 7744 Tcpip (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\drivers\tcpip.sys
16:14:56.0336 7744 Tcpip - ok
16:14:56.0507 7744 TCPIP6 (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\DRIVERS\tcpip.sys
16:14:56.0523 7744 TCPIP6 - ok
16:14:56.0585 7744 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
16:14:56.0601 7744 tcpipreg - ok
16:14:56.0632 7744 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:14:56.0648 7744 TDPIPE - ok
16:14:56.0679 7744 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
16:14:56.0695 7744 TDTCP - ok
16:14:56.0726 7744 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
16:14:56.0741 7744 tdx - ok
16:14:56.0757 7744 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
16:14:56.0773 7744 TermDD - ok
16:14:56.0897 7744 TPM (dbcc20c02e8a3e43b03c304a4e40a84f) C:\Windows\system32\drivers\tpm.sys
16:14:56.0913 7744 TPM - ok
16:14:56.0975 7744 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:14:56.0991 7744 tssecsrv - ok
16:14:57.0085 7744 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
16:14:57.0100 7744 tunnel - ok
16:14:57.0131 7744 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:14:57.0147 7744 uagp35 - ok
16:14:57.0178 7744 UBHelper (40079b0b801c5432ba435b5ad61ce6e3) C:\Windows\system32\drivers\UBHelper.sys
16:14:57.0194 7744 UBHelper - ok
16:14:57.0241 7744 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
16:14:57.0272 7744 udfs - ok
16:14:57.0303 7744 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
16:14:57.0319 7744 uliagpkx - ok
16:14:57.0428 7744 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
16:14:57.0443 7744 umbus - ok
16:14:57.0475 7744 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:14:57.0490 7744 UmPass - ok
16:14:57.0615 7744 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
16:14:57.0631 7744 usbaudio - ok
16:14:57.0677 7744 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
16:14:57.0693 7744 usbccgp - ok
16:14:57.0740 7744 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
16:14:57.0755 7744 usbcir - ok
16:14:57.0849 7744 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys
16:14:57.0865 7744 usbehci - ok
16:14:57.0911 7744 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
16:14:57.0943 7744 usbhub - ok
16:14:57.0974 7744 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
16:14:57.0989 7744 usbohci - ok
16:14:58.0021 7744 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:14:58.0021 7744 usbprint - ok
16:14:58.0052 7744 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:14:58.0052 7744 USBSTOR - ok
16:14:58.0145 7744 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
16:14:58.0161 7744 usbuhci - ok
16:14:58.0208 7744 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
16:14:58.0223 7744 usbvideo - ok
16:14:58.0348 7744 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys
16:14:58.0364 7744 VClone - ok
16:14:58.0426 7744 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
16:14:58.0426 7744 vdrvroot - ok
16:14:58.0520 7744 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:14:58.0535 7744 vga - ok
16:14:58.0567 7744 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:14:58.0567 7744 VgaSave - ok
16:14:58.0598 7744 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
16:14:58.0613 7744 vhdmp - ok
16:14:58.0645 7744 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
16:14:58.0660 7744 viaide - ok
16:14:58.0691 7744 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
16:14:58.0691 7744 volmgr - ok
16:14:58.0707 7744 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
16:14:58.0707 7744 volmgrx - ok
16:14:58.0723 7744 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
16:14:58.0723 7744 volsnap - ok
16:14:58.0769 7744 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:14:58.0785 7744 vsmraid - ok
16:14:58.0816 7744 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:14:58.0832 7744 vwifibus - ok
16:14:58.0863 7744 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:14:58.0879 7744 vwififlt - ok
16:14:58.0988 7744 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:14:58.0988 7744 vwifimp - ok
16:14:59.0019 7744 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:14:59.0035 7744 WacomPen - ok
16:14:59.0113 7744 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:14:59.0128 7744 WANARP - ok
16:14:59.0159 7744 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:14:59.0159 7744 Wanarpv6 - ok
16:14:59.0269 7744 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:14:59.0269 7744 Wd - ok
16:14:59.0315 7744 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:14:59.0315 7744 Wdf01000 - ok
16:14:59.0456 7744 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:14:59.0471 7744 WfpLwf - ok
16:14:59.0534 7744 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:14:59.0549 7744 WIMMount - ok
16:14:59.0721 7744 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
16:14:59.0737 7744 WinUsb - ok
16:14:59.0815 7744 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:14:59.0815 7744 WmiAcpi - ok
16:14:59.0955 7744 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:14:59.0971 7744 ws2ifsl - ok
16:15:00.0127 7744 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
16:15:00.0142 7744 WudfPf - ok
16:15:00.0189 7744 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:15:00.0205 7744 WUDFRd - ok
16:15:00.0267 7744 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:15:00.0283 7744 \Device\Harddisk0\DR0 - ok
16:15:00.0283 7744 Boot (0x1200) (4b4c2e21950575a2c2bc63e242a06777) \Device\Harddisk0\DR0\Partition0
16:15:00.0283 7744 \Device\Harddisk0\DR0\Partition0 - ok
16:15:00.0298 7744 Boot (0x1200) (7287ad35c6d8cf96d8d8ef82415ebc21) \Device\Harddisk0\DR0\Partition1
16:15:00.0298 7744 \Device\Harddisk0\DR0\Partition1 - ok
16:15:00.0314 7744 Boot (0x1200) (0718f066f55c7a9299494bd5e86fa1fd) \Device\Harddisk0\DR0\Partition2
16:15:00.0314 7744 \Device\Harddisk0\DR0\Partition2 - ok
16:15:00.0314 7744 ============================================================
16:15:00.0314 7744 Scan finished
16:15:00.0314 7744 ============================================================
16:15:00.0329 7736 Detected object count: 0
16:15:00.0329 7736 Actual detected object count: 0
16:29:55.0578 7448 ============================================================
16:29:55.0578 7448 Scan started
16:29:55.0578 7448 Mode: Manual; SigCheck; TDLFS;
16:29:55.0578 7448 ============================================================
16:29:55.0905 7448 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
16:29:56.0093 7448 1394ohci - ok
16:29:56.0202 7448 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
16:29:56.0233 7448 ACPI - ok
16:29:56.0327 7448 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
16:29:56.0420 7448 AcpiPmi - ok
16:29:56.0514 7448 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:29:56.0545 7448 adp94xx - ok
16:29:56.0654 7448 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:29:56.0670 7448 adpahci - ok
16:29:56.0763 7448 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:29:56.0795 7448 adpu320 - ok
16:29:56.0919 7448 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
16:29:57.0013 7448 AFD - ok
16:29:57.0107 7448 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
16:29:57.0138 7448 agp440 - ok
16:29:57.0231 7448 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
16:29:57.0263 7448 aliide - ok
16:29:57.0372 7448 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
16:29:57.0387 7448 amdide - ok
16:29:57.0497 7448 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:29:57.0559 7448 AmdK8 - ok
16:29:57.0668 7448 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:29:57.0715 7448 AmdPPM - ok
16:29:57.0824 7448 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
16:29:57.0855 7448 amdsata - ok
16:29:57.0980 7448 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:29:57.0996 7448 amdsbs - ok
16:29:58.0121 7448 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
16:29:58.0136 7448 amdxata - ok
16:29:58.0183 7448 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
16:29:58.0308 7448 AppID - ok
16:29:58.0401 7448 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:29:58.0433 7448 arc - ok
16:29:58.0464 7448 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:29:58.0479 7448 arcsas - ok
16:29:58.0511 7448 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:29:58.0713 7448 AsyncMac - ok
16:29:58.0807 7448 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
16:29:58.0823 7448 atapi - ok
16:29:58.0901 7448 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\Windows\system32\DRIVERS\athrx.sys
16:29:58.0947 7448 athr - ok
16:29:59.0072 7448 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:29:59.0135 7448 b06bdrv - ok
16:29:59.0244 7448 b57nd60a (57cf39f0754e8afe8a7d4470b8c87d3b) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:29:59.0337 7448 b57nd60a - ok
16:29:59.0525 7448 BCM43XX (2d659b569a76cdb83b815675a80d7096) C:\Windows\system32\DRIVERS\bcmwl664.sys
16:29:59.0603 7448 BCM43XX - ok
16:29:59.0727 7448 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:29:59.0805 7448 Beep - ok
16:29:59.0852 7448 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:29:59.0883 7448 blbdrive - ok
16:29:59.0961 7448 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
16:30:00.0024 7448 bowser - ok
16:30:00.0117 7448 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:30:00.0164 7448 BrFiltLo - ok
16:30:00.0258 7448 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:30:00.0289 7448 BrFiltUp - ok
16:30:00.0305 7448 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:30:00.0367 7448 Brserid - ok
16:30:00.0476 7448 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:30:00.0523 7448 BrSerWdm - ok
16:30:00.0539 7448 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:30:00.0601 7448 BrUsbMdm - ok
16:30:00.0617 7448 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:30:00.0632 7448 BrUsbSer - ok
16:30:00.0679 7448 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
16:30:00.0741 7448 BthEnum - ok
16:30:00.0835 7448 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:30:00.0882 7448 BTHMODEM - ok
16:30:00.0929 7448 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
16:30:00.0991 7448 BthPan - ok
16:30:01.0038 7448 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
16:30:01.0116 7448 BTHPORT - ok
16:30:01.0225 7448 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
16:30:01.0256 7448 BTHUSB - ok
16:30:01.0303 7448 btwampfl (e1ddc25788a1d6fecf155cce8159be9b) C:\Windows\system32\drivers\btwampfl.sys
16:30:01.0319 7448 btwampfl - ok
16:30:01.0334 7448 btwaudio (ebc9e33c13cdd6c51c1134eae46466a1) C:\Windows\system32\drivers\btwaudio.sys
16:30:01.0350 7448 btwaudio - ok
16:30:01.0381 7448 btwavdt (43fb7fa896d87aa5a9f3e743d7e2303f) C:\Windows\system32\drivers\btwavdt.sys
16:30:01.0397 7448 btwavdt - ok
16:30:01.0397 7448 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
16:30:01.0412 7448 btwl2cap - ok
16:30:01.0443 7448 btwrchid (1aed551a8cb2f2343eda09109eef4807) C:\Windows\system32\DRIVERS\btwrchid.sys
16:30:01.0459 7448 btwrchid - ok
16:30:01.0490 7448 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:30:01.0568 7448 cdfs - ok
16:30:01.0677 7448 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
16:30:01.0724 7448 cdrom - ok
16:30:01.0833 7448 cfwids (0f75ec1c9e21f0fb4648a1d9bb322e5d) C:\Windows\system32\drivers\cfwids.sys
16:30:01.0849 7448 cfwids - ok
16:30:01.0880 7448 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:30:01.0943 7448 circlass - ok
16:30:01.0974 7448 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:30:02.0005 7448 CLFS - ok
16:30:02.0083 7448 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:30:02.0114 7448 CmBatt - ok
16:30:02.0208 7448 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
16:30:02.0223 7448 cmdide - ok
16:30:02.0270 7448 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
16:30:02.0348 7448 CNG - ok
16:30:02.0489 7448 CnxtHdAudService (c1ee6fa6a870132bb71f2c8830779c59) C:\Windows\system32\drivers\CHDRT64.sys
16:30:02.0520 7448 CnxtHdAudService - ok
16:30:02.0567 7448 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:30:02.0598 7448 Compbatt - ok
16:30:02.0613 7448 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
16:30:02.0645 7448 CompositeBus - ok
16:30:02.0691 7448 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:30:02.0707 7448 crcdisk - ok
16:30:02.0754 7448 CVirtA (44bddeb03c84a1c993c992ffb5700357) C:\Windows\system32\DRIVERS\CVirtA64.sys
16:30:02.0769 7448 CVirtA - ok
16:30:02.0801 7448 CVPNDRVA (cc8e52daa9826064ba464dbe531f2bb5) C:\Windows\system32\Drivers\CVPNDRVA.sys
16:30:02.0816 7448 CVPNDRVA - ok
16:30:02.0879 7448 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
16:30:02.0941 7448 DfsC - ok
16:30:02.0988 7448 DgiVecp - ok
16:30:03.0050 7448 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:30:03.0128 7448 discache - ok
16:30:03.0222 7448 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:30:03.0237 7448 Disk - ok
16:30:03.0284 7448 DNE (05cb5910b3ca6019fc3cca815ee06ffb) C:\Windows\system32\DRIVERS\dne64x.sys
16:30:03.0300 7448 DNE - ok
16:30:03.0347 7448 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:30:03.0378 7448 drmkaud - ok
16:30:03.0456 7448 DVMIO (fcfac62c7b95a2d4f791b89e09b07432) C:\Program Files (x86)\InstantView\tools\dvmio_x64.sys
16:30:03.0471 7448 DVMIO - ok
16:30:03.0612 7448 DXGKrnl (24ce1ecf9d0ae0301775b07f5fea175b) C:\Windows\System32\drivers\dxgkrnl.sys
16:30:03.0659 7448 DXGKrnl - ok
16:30:03.0783 7448 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:30:03.0861 7448 ebdrv - ok
16:30:03.0986 7448 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:30:04.0017 7448 elxstor - ok
16:30:04.0049 7448 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
16:30:04.0095 7448 ErrDev - ok
16:30:04.0127 7448 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:30:04.0173 7448 exfat - ok
16:30:04.0205 7448 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:30:04.0267 7448 fastfat - ok
16:30:04.0298 7448 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:30:04.0329 7448 fdc - ok
16:30:04.0376 7448 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:30:04.0376 7448 FileInfo - ok
16:30:04.0407 7448 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:30:04.0470 7448 Filetrace - ok
16:30:04.0485 7448 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:30:04.0501 7448 flpydisk - ok
16:30:04.0532 7448 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
16:30:04.0548 7448 FltMgr - ok
16:30:04.0595 7448 FPSensor (54a9c5a6aa0bb0041a4af7172ffc3d9f) C:\Windows\system32\Drivers\FPSensor.sys
16:30:04.0595 7448 FPSensor - ok
16:30:04.0688 7448 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:30:04.0704 7448 FsDepends - ok
16:30:04.0735 7448 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
16:30:04.0751 7448 Fs_Rec - ok
16:30:04.0797 7448 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:30:04.0829 7448 fvevol - ok
16:30:04.0860 7448 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:30:04.0875 7448 gagp30kx - ok
16:30:04.0907 7448 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:30:04.0969 7448 hcw85cir - ok
16:30:05.0063 7448 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
16:30:05.0125 7448 HdAudAddService - ok
16:30:05.0172 7448 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:30:05.0219 7448 HDAudBus - ok
16:30:05.0312 7448 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
16:30:05.0343 7448 HECIx64 - ok
16:30:05.0390 7448 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:30:05.0421 7448 HidBatt - ok
16:30:05.0468 7448 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:30:05.0515 7448 HidBth - ok
16:30:05.0546 7448 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:30:05.0577 7448 HidIr - ok
16:30:05.0609 7448 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
16:30:05.0624 7448 HidUsb - ok
16:30:05.0655 7448 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
16:30:05.0671 7448 HpSAMD - ok
16:30:05.0718 7448 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
16:30:05.0811 7448 HTTP - ok
16:30:05.0858 7448 hwdatacard (cdaa8e257bb625b2387219e605dde37d) C:\Windows\system32\DRIVERS\ewusbmdm.sys
16:30:05.0921 7448 hwdatacard - ok
16:30:06.0014 7448 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
16:30:06.0030 7448 hwpolicy - ok
16:30:06.0061 7448 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:30:06.0077 7448 i8042prt - ok
16:30:06.0108 7448 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
16:30:06.0123 7448 iaStor - ok
16:30:06.0170 7448 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
16:30:06.0201 7448 iaStorV - ok
16:30:06.0248 7448 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:30:06.0248 7448 iirsp - ok
16:30:06.0279 7448 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
16:30:06.0295 7448 intelide - ok
16:30:06.0326 7448 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:30:06.0357 7448 intelppm - ok
16:30:06.0389 7448 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:30:06.0435 7448 IPMIDRV - ok
16:30:06.0467 7448 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:30:06.0545 7448 IPNAT - ok
16:30:06.0560 7448 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:30:06.0623 7448 IRENUM - ok
16:30:06.0654 7448 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
16:30:06.0654 7448 isapnp - ok
16:30:06.0701 7448 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
16:30:06.0716 7448 iScsiPrt - ok
16:30:06.0732 7448 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:30:06.0747 7448 kbdclass - ok
16:30:06.0779 7448 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
16:30:06.0810 7448 kbdhid - ok
16:30:06.0935 7448 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
16:30:06.0966 7448 KSecDD - ok
16:30:06.0997 7448 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
16:30:07.0013 7448 KSecPkg - ok
16:30:07.0075 7448 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:30:07.0153 7448 ksthunk - ok
16:30:07.0231 7448 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:30:07.0325 7448 lltdio - ok
16:30:07.0356 7448 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:30:07.0371 7448 LSI_FC - ok
16:30:07.0387 7448 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:30:07.0403 7448 LSI_SAS - ok
16:30:07.0403 7448 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:30:07.0418 7448 LSI_SAS2 - ok
16:30:07.0434 7448 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:30:07.0449 7448 LSI_SCSI - ok
16:30:07.0465 7448 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:30:07.0543 7448 luafv - ok
16:30:07.0590 7448 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
16:30:07.0605 7448 MBAMProtector - ok
16:30:07.0668 7448 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:30:07.0683 7448 megasas - ok
16:30:07.0761 7448 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:30:07.0793 7448 MegaSR - ok
16:30:07.0824 7448 mfeapfk (487f6ce8fc99da5ba55266c0fecc81fa) C:\Windows\system32\drivers\mfeapfk.sys
16:30:07.0839 7448 mfeapfk - ok
16:30:07.0871 7448 mfefirek (041435b0e11a7be7aec199d790b2ce90) C:\Windows\system32\drivers\mfefirek.sys
16:30:07.0886 7448 mfefirek - ok
16:30:07.0917 7448 mfehidk (a3c142a8d5cccd4acb145d8e0bd347fd) C:\Windows\system32\drivers\mfehidk.sys
16:30:07.0933 7448 mfehidk - ok
16:30:07.0964 7448 mfenlfk (89c623961f8e4fcb1c3cf6576aae06ef) C:\Windows\system32\DRIVERS\mfenlfk.sys
16:30:07.0980 7448 mfenlfk - ok
16:30:07.0995 7448 mferkdet (37dc16dd53e407cbb1a7c530288b7151) C:\Windows\system32\drivers\mferkdet.sys
16:30:08.0011 7448 mferkdet - ok
16:30:08.0058 7448 mfewfpk (1680dd5958520e04cddc5faf51dbd781) C:\Windows\system32\drivers\mfewfpk.sys
16:30:08.0073 7448 mfewfpk - ok
16:30:08.0120 7448 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:30:08.0198 7448 Modem - ok
16:30:08.0229 7448 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:30:08.0261 7448 monitor - ok
16:30:08.0292 7448 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:30:08.0307 7448 mouclass - ok
16:30:08.0323 7448 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:30:08.0354 7448 mouhid - ok
16:30:08.0385 7448 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
16:30:08.0401 7448 mountmgr - ok
16:30:08.0432 7448 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
16:30:08.0448 7448 mpio - ok
16:30:08.0479 7448 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:30:08.0541 7448 mpsdrv - ok
16:30:08.0666 7448 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
16:30:08.0713 7448 MRxDAV - ok
16:30:08.0760 7448 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:30:08.0807 7448 mrxsmb - ok
16:30:08.0853 7448 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:30:08.0900 7448 mrxsmb10 - ok
16:30:08.0947 7448 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:30:08.0978 7448 mrxsmb20 - ok
16:30:09.0025 7448 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
16:30:09.0056 7448 msahci - ok
16:30:09.0072 7448 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
16:30:09.0103 7448 msdsm - ok
16:30:09.0119 7448 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:30:09.0165 7448 Msfs - ok
16:30:09.0197 7448 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:30:09.0275 7448 mshidkmdf - ok
16:30:09.0290 7448 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
16:30:09.0306 7448 msisadrv - ok
16:30:09.0321 7448 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:30:09.0368 7448 MSKSSRV - ok
16:30:09.0384 7448 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:30:09.0462 7448 MSPCLOCK - ok
16:30:09.0477 7448 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:30:09.0540 7448 MSPQM - ok
16:30:09.0571 7448 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
16:30:09.0587 7448 MsRPC - ok
16:30:09.0602 7448 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
16:30:09.0618 7448 mssmbios - ok
16:30:09.0649 7448 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:30:09.0711 7448 MSTEE - ok
16:30:09.0727 7448 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:30:09.0758 7448 MTConfig - ok
16:30:09.0789 7448 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:30:09.0805 7448 Mup - ok
16:30:09.0836 7448 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:30:09.0883 7448 NativeWifiP - ok
16:30:10.0008 7448 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
16:30:10.0055 7448 NDIS - ok
16:30:10.0164 7448 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:30:10.0257 7448 NdisCap - ok
16:30:10.0304 7448 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:30:10.0351 7448 NdisTapi - ok
16:30:10.0398 7448 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
16:30:10.0460 7448 Ndisuio - ok
16:30:10.0476 7448 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
16:30:10.0538 7448 NdisWan - ok
16:30:10.0569 7448 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
16:30:10.0616 7448 NDProxy - ok
16:30:10.0647 7448 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:30:10.0725 7448 NetBIOS - ok
16:30:10.0835 7448 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
16:30:10.0944 7448 NetBT - ok
16:30:10.0991 7448 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:30:11.0006 7448 nfrd960 - ok
16:30:11.0053 7448 npf (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys
16:30:11.0069 7448 npf - ok
16:30:11.0115 7448 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:30:11.0193 7448 Npfs - ok
16:30:11.0256 7448 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:30:11.0318 7448 nsiproxy - ok
16:30:11.0427 7448 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
16:30:11.0474 7448 Ntfs - ok
16:30:11.0521 7448 NTIDrvr (710263b44c1d1aee07525a53401fbe48) C:\Windows\system32\drivers\NTIDrvr.sys
16:30:11.0537 7448 NTIDrvr - ok
16:30:11.0583 7448 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:30:11.0646 7448 Null - ok
16:30:11.0911 7448 nvlddmkm (f835a94df1770addea7a40782747682c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:30:12.0098 7448 nvlddmkm - ok
16:30:12.0192 7448 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
16:30:12.0223 7448 nvraid - ok
16:30:12.0239 7448 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
16:30:12.0254 7448 nvstor - ok
16:30:12.0301 7448 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
16:30:12.0317 7448 nv_agp - ok
16:30:12.0348 7448 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
16:30:12.0363 7448 ohci1394 - ok
16:30:12.0488 7448 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:30:12.0504 7448 Parport - ok
16:30:12.0551 7448 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
16:30:12.0566 7448 partmgr - ok
16:30:12.0597 7448 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
16:30:12.0613 7448 pci - ok
16:30:12.0629 7448 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
16:30:12.0644 7448 pciide - ok
16:30:12.0675 7448 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:30:12.0691 7448 pcmcia - ok
16:30:12.0707 7448 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:30:12.0722 7448 pcw - ok
16:30:12.0753 7448 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:30:12.0816 7448 PEAUTH - ok
16:30:12.0863 7448 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
16:30:12.0956 7448 PptpMiniport - ok
16:30:12.0972 7448 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:30:13.0003 7448 Processor - ok
16:30:13.0050 7448 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
16:30:13.0128 7448 Psched - ok
16:30:13.0175 7448 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:30:13.0221 7448 ql2300 - ok
16:30:13.0237 7448 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:30:13.0253 7448 ql40xx - ok
16:30:13.0268 7448 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:30:13.0315 7448 QWAVEdrv - ok
16:30:13.0346 7448 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:30:13.0409 7448 RasAcd - ok
16:30:13.0440 7448 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:30:13.0518 7448 RasAgileVpn - ok
16:30:13.0596 7448 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:30:13.0658 7448 Rasl2tp - ok
16:30:13.0752 7448 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:30:13.0845 7448 RasPppoe - ok
16:30:13.0908 7448 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:30:13.0986 7448 RasSstp - ok
16:30:14.0017 7448 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
16:30:14.0095 7448 rdbss - ok
16:30:14.0157 7448 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:30:14.0204 7448 rdpbus - ok
16:30:14.0251 7448 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:30:14.0313 7448 RDPCDD - ok
16:30:14.0329 7448 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:30:14.0376 7448 RDPENCDD - ok
16:30:14.0407 7448 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:30:14.0438 7448 RDPREFMP - ok
16:30:14.0469 7448 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
16:30:14.0532 7448 RDPWD - ok
16:30:14.0563 7448 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
16:30:14.0579 7448 rdyboost - ok
16:30:14.0610 7448 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
16:30:14.0657 7448 RFCOMM - ok
16:30:14.0688 7448 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
16:30:14.0750 7448 RimUsb - ok
16:30:14.0797 7448 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:30:14.0875 7448 rspndr - ok
16:30:14.0969 7448 RSUSBSTOR (44ed82612403021e36998e1ecb1198f1) C:\Windows\system32\Drivers\RtsUStor.sys
16:30:15.0000 7448 RSUSBSTOR - ok
16:30:15.0140 7448 SAVOnAccess (2bb45e1528ebb0f2a105ecdc0dd28333) C:\Windows\system32\DRIVERS\savonaccess.sys
16:30:15.0156 7448 SAVOnAccess - ok
16:30:15.0218 7448 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
16:30:15.0249 7448 sbp2port - ok
16:30:15.0296 7448 scfdriver (318cf32b1e89fc8b14695c1179ed1482) C:\Windows\system32\Drivers\scfdriver.sys
16:30:15.0327 7448 scfdriver - ok
16:30:15.0359 7448 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
16:30:15.0437 7448 scfilter - ok
16:30:15.0483 7448 scflwf (9ee12c975f9968ace96760bd28077f26) C:\Windows\system32\DRIVERS\scflwf.sys
16:30:15.0499 7448 scflwf - ok
16:30:15.0546 7448 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:30:15.0608 7448 secdrv - ok
16:30:15.0639 7448 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:30:15.0655 7448 Serenum - ok
16:30:15.0671 7448 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:30:15.0702 7448 Serial - ok
16:30:15.0733 7448 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:30:15.0749 7448 sermouse - ok
16:30:15.0780 7448 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
16:30:15.0842 7448 sffdisk - ok
16:30:15.0920 7448 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:30:15.0967 7448 sffp_mmc - ok
16:30:15.0998 7448 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
16:30:16.0029 7448 sffp_sd - ok
16:30:16.0045 7448 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:30:16.0076 7448 sfloppy - ok
16:30:16.0107 7448 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:30:16.0107 7448 SiSRaid2 - ok
16:30:16.0139 7448 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:30:16.0154 7448 SiSRaid4 - ok
16:30:16.0170 7448 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:30:16.0217 7448 Smb - ok
16:30:16.0263 7448 SophosBootDriver (69fbe35a8165adbc313aa7f64b868ca1) C:\Windows\system32\DRIVERS\SophosBootDriver.sys
16:30:16.0279 7448 SophosBootDriver - ok
16:30:16.0310 7448 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:30:16.0326 7448 spldr - ok
16:30:16.0388 7448 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
16:30:16.0451 7448 srv - ok
16:30:16.0560 7448 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
16:30:16.0607 7448 srv2 - ok
16:30:16.0653 7448 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
16:30:16.0685 7448 srvnet - ok
16:30:16.0700 7448 SSPORT - ok
16:30:16.0731 7448 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:30:16.0747 7448 stexstor - ok
16:30:16.0763 7448 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
16:30:16.0778 7448 swenum - ok
16:30:16.0809 7448 SynTP (a0066e04d89e1ccdc8b24af4c7f41416) C:\Windows\system32\DRIVERS\SynTP.sys
16:30:16.0825 7448 SynTP - ok
16:30:16.0919 7448 Tcpip (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\drivers\tcpip.sys
16:30:16.0965 7448 Tcpip - ok
16:30:17.0028 7448 TCPIP6 (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\DRIVERS\tcpip.sys
16:30:17.0075 7448 TCPIP6 - ok
16:30:17.0121 7448 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
16:30:17.0199 7448 tcpipreg - ok
16:30:17.0215 7448 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:30:17.0293 7448 TDPIPE - ok
16:30:17.0309 7448 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
16:30:17.0355 7448 TDTCP - ok
16:30:17.0387 7448 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
16:30:17.0433 7448 tdx - ok
16:30:17.0465 7448 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
16:30:17.0480 7448 TermDD - ok
16:30:17.0511 7448 TPM (dbcc20c02e8a3e43b03c304a4e40a84f) C:\Windows\system32\drivers\tpm.sys
16:30:17.0527 7448 TPM - ok
16:30:17.0558 7448 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:30:17.0667 7448 tssecsrv - ok
16:30:17.0792 7448 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
16:30:17.0886 7448 tunnel - ok
16:30:17.0933 7448 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:30:17.0948 7448 uagp35 - ok
16:30:17.0979 7448 UBHelper (40079b0b801c5432ba435b5ad61ce6e3) C:\Windows\system32\drivers\UBHelper.sys
16:30:18.0011 7448 UBHelper - ok
16:30:18.0042 7448 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
16:30:18.0120 7448 udfs - ok
16:30:18.0151 7448 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
16:30:18.0151 7448 uliagpkx - ok
16:30:18.0182 7448 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
16:30:18.0229 7448 umbus - ok
16:30:18.0260 7448 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:30:18.0276 7448 UmPass - ok
16:30:18.0323 7448 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
16:30:18.0369 7448 usbaudio - ok
16:30:18.0432 7448 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
16:30:18.0479 7448 usbccgp - ok
16:30:18.0525 7448 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
16:30:18.0557 7448 usbcir - ok
16:30:18.0635 7448 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys
16:30:18.0666 7448 usbehci - ok
16:30:18.0713 7448 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
16:30:18.0775 7448 usbhub - ok
16:30:18.0837 7448 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
16:30:18.0884 7448 usbohci - ok
16:30:18.0947 7448 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:30:18.0993 7448 usbprint - ok
16:30:19.0071 7448 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:30:19.0134 7448 USBSTOR - ok
16:30:19.0243 7448 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
16:30:19.0274 7448 usbuhci - ok
16:30:19.0321 7448 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
16:30:19.0368 7448 usbvideo - ok
16:30:19.0399 7448 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys
16:30:19.0430 7448 VClone - ok
16:30:19.0446 7448 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
16:30:19.0461 7448 vdrvroot - ok
16:30:19.0539 7448 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:30:19.0571 7448 vga - ok
16:30:19.0586 7448 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:30:19.0664 7448 VgaSave - ok
16:30:19.0695 7448 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
16:30:19.0711 7448 vhdmp - ok
16:30:19.0727 7448 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
16:30:19.0742 7448 viaide - ok
16:30:19.0773 7448 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
16:30:19.0773 7448 volmgr - ok
16:30:19.0805 7448 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
16:30:19.0820 7448 volmgrx - ok
16:30:19.0836 7448 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
16:30:19.0851 7448 volsnap - ok
16:30:19.0867 7448 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:30:19.0883 7448 vsmraid - ok
16:30:19.0914 7448 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:30:19.0929 7448 vwifibus - ok
16:30:19.0945 7448 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:30:19.0992 7448 vwififlt - ok
16:30:20.0023 7448 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:30:20.0039 7448 vwifimp - ok
16:30:20.0070 7448 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:30:20.0117 7448 WacomPen - ok
16:30:20.0148 7448 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:30:20.0226 7448 WANARP - ok
16:30:20.0226 7448 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:30:20.0273 7448 Wanarpv6 - ok
16:30:20.0304 7448 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:30:20.0304 7448 Wd - ok
16:30:20.0335 7448 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:30:20.0366 7448 Wdf01000 - ok
16:30:20.0397 7448 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:30:20.0429 7448 WfpLwf - ok
16:30:20.0444 7448 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:30:20.0460 7448 WIMMount - ok
16:30:20.0522 7448 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
16:30:20.0553 7448 WinUsb - ok
16:30:20.0600 7448 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:30:20.0616 7448 WmiAcpi - ok
16:30:20.0663 7448 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:30:20.0725 7448 ws2ifsl - ok
16:30:20.0756 7448 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
16:30:20.0834 7448 WudfPf - ok
16:30:20.0865 7448 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:30:20.0928 7448 WUDFRd - ok
16:30:20.0990 7448 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:30:21.0099 7448 \Device\Harddisk0\DR0 - ok
16:30:21.0099 7448 Boot (0x1200) (4b4c2e21950575a2c2bc63e242a06777) \Device\Harddisk0\DR0\Partition0
16:30:21.0115 7448 \Device\Harddisk0\DR0\Partition0 - ok
16:30:21.0146 7448 Boot (0x1200) (7287ad35c6d8cf96d8d8ef82415ebc21) \Device\Harddisk0\DR0\Partition1
16:30:21.0146 7448 \Device\Harddisk0\DR0\Partition1 - ok
16:30:21.0162 7448 Boot (0x1200) (0718f066f55c7a9299494bd5e86fa1fd) \Device\Harddisk0\DR0\Partition2
16:30:21.0162 7448 \Device\Harddisk0\DR0\Partition2 - ok
16:30:21.0162 7448 ============================================================
16:30:21.0162 7448 Scan finished
16:30:21.0162 7448 ============================================================
16:30:21.0193 5184 Detected object count: 0
16:30:21.0193 5184 Actual detected object count: 0

Alt 26.10.2011, 18:59   #20
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
bundespolizei trojaner komme nicht weiter - Standard

bundespolizei trojaner komme nicht weiter



Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 23.11.2011, 19:20   #21
ajax
 
bundespolizei trojaner komme nicht weiter - Standard

bundespolizei trojaner komme nicht weiter



Hallo Arne,
CF habe ich ausgeführt. Hier kommt die ComboFix.txt Datei:



Combofix Logfile:
Code:
ATTFilter
ComboFix 11-11-23.01 - XXXXX 23.11.2011  18:42:57.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.XXXX.XXXX [GMT 1:00]
ausgeführt von:: c:\users\XXXXX\Downloads\ComboFix.exe
AV: Sophos Anti-Virus *Enabled/Outdated* {479CCF92-4960-B3E0-7373-BF453B467D2C}
FW: Sophos Client Firewall *Enabled* {7FA74EB7-030F-B2B8-582C-1670C5953A57}
SP: Sophos Anti-Virus *Enabled/Outdated* {FCFD2E76-6F5A-BC6E-49C3-843740C13791}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\7z.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-10-23 bis 2011-11-23  ))))))))))))))))))))))))))))))
.
.
2011-11-23 17:55 . 2011-11-23 17:55	--------	d-----w-	c:\users\XXXXXX\AppData\Local\temp
2011-11-23 17:55 . 2011-11-23 17:55	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-11-09 20:52 . 2011-10-01 05:28	886784	----a-w-	c:\program files\Common Files\System\wab32.dll
2011-11-09 20:52 . 2011-10-01 04:43	708608	----a-w-	c:\program files (x86)\Common Files\System\wab32.dll
2011-11-09 20:52 . 2011-09-29 16:24	1897328	----a-w-	c:\windows\system32\drivers\tcpip.sys
2011-11-09 20:52 . 2011-09-29 04:09	3141120	----a-w-	c:\windows\system32\win32k.sys
2011-10-26 07:14 . 2011-08-15 05:08	6144	----a-w-	c:\program files\Internet Explorer\iecompat.dll
2011-10-26 07:14 . 2011-08-15 04:25	6144	----a-w-	c:\program files (x86)\Internet Explorer\iecompat.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-01 03:21 . 2011-10-17 19:05	1638912	----a-w-	c:\windows\system32\mshtml.tlb
2011-10-01 02:59 . 2011-10-17 19:05	1638912	----a-w-	c:\windows\SysWow64\mshtml.tlb
2011-08-31 15:00 . 2011-10-09 13:17	25416	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-08-27 05:40 . 2011-10-17 19:10	861184	----a-w-	c:\windows\system32\oleaut32.dll
2011-08-27 05:40 . 2011-10-17 19:10	331776	----a-w-	c:\windows\system32\oleacc.dll
2011-08-27 04:43 . 2011-10-17 19:10	571904	----a-w-	c:\windows\SysWow64\oleaut32.dll
2011-08-27 04:43 . 2011-10-17 19:10	233472	----a-w-	c:\windows\SysWow64\oleacc.dll
2009-02-03 10:21 . 2009-02-03 10:21	140288	----a-w-	c:\program files (x86)\7z.sfx
2009-02-03 10:21 . 2009-02-03 10:21	139776	----a-w-	c:\program files (x86)\7zCon.sfx
2009-02-03 10:18 . 2009-02-03 10:18	1124864	----a-w-	c:\program files (x86)\7z.dll
2009-02-03 10:12 . 2009-02-03 10:12	363520	----a-w-	c:\program files (x86)\7zG.exe
2009-02-03 10:11 . 2009-02-03 10:11	677888	----a-w-	c:\program files (x86)\7zFM.exe
2009-02-03 10:10 . 2009-02-03 10:10	104960	----a-w-	c:\program files (x86)\7-zip.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-07-15 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-06-21 968272]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-09-10 1484856]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2009-12-24 401192]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2009-12-24 201512]
"VitaKeyTSR"="c:\program files (x86)\Acer Bio Protection\EgisTSR.exe" [2010-07-13 186224]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"Sophos AutoUpdate Monitor"="c:\program files (x86)\Sophos\AutoUpdate\almon.exe" [2010-06-14 439536]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Communicator"="c:\program files (x86)\Microsoft Office Communicator\communicator.exe" [2011-09-06 5152096]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\ssmmgr.exe" [2010-01-19 618496]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2010-7-15 704032]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-5-21 1127712]
WISO Mein Steuer-Sparbuch heute.lnk - c:\program files (x86)\WISO\Steuersoftware 2011\mshaktuell.exe [2011-3-7 1199400]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\Sophos\SOPHOS~1\sophos_detoured.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SophosAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [x]
R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
R3 GSService;GSService;c:\windows\SysWOW64\GSService.exe [2011-02-16 122880]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2010-04-17 50432]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 STSService;STSService;c:\program files (x86)\SoundTaxi Media Suite\STSService.exe [2011-02-16 385024]
R4 SophosBootDriver;SophosBootDriver;c:\windows\system32\DRIVERS\SophosBootDriver.sys [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S1 DVMIO;DVMIO;c:\program files (x86)\InstantView\tools\dvmio_x64.sys [2010-04-20 19560]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S1 SAVOnAccess;SAVOnAccess;c:\windows\system32\DRIVERS\savonaccess.sys [x]
S1 scfdriver;SCF Kernel Driver;c:\windows\system32\Drivers\scfdriver.sys [x]
S1 scflwf;Sophos Client Firewall packet filter;c:\windows\system32\DRIVERS\scflwf.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-06-21 321104]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\program files (x86)\InstantView\tools\DVMExportService.exe [2010-07-27 420088]
S2 EgisTec Service;EgisTec Service;c:\program files (x86)\Acer Bio Protection\EgisService.exe [2010-07-13 314736]
S2 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-07-13 257904]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-06-11 821792]
S2 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys);c:\windows\system32\Drivers\FPSensor.sys [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-03-04 584488]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2010-04-17 144640]
S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-04-22 171040]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S2 SAVAdminService;Sophos Anti-Virus Statusreporter;c:\program files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [2010-06-14 162032]
S2 SAVService;Sophos Anti-Virus;c:\program files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [2010-06-14 97520]
S2 Sophos Client Firewall Manager;Sophos Client Firewall Manager;c:\program files (x86)\Sophos\Sophos Client Firewall\SCFManager.exe [2010-06-14 128240]
S2 Sophos Client Firewall;Sophos Client Firewall;c:\program files (x86)\Sophos\Sophos Client Firewall\SCFService.exe [2010-06-14 32496]
S2 swi_service;Sophos Web Intelligence Service;c:\program files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2010-06-14 1530608]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-02-08 2320920]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S2 WTGService;WTGService;c:\program files (x86)\Verbindungsassistent\WTGService.exe [2011-01-23 330696]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2010-04-22 223264]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-20 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-20 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-20 413720]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-27 16413288]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-04-23 520760]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-08-08 206208]
"InstantView Agent"="c:\program files (x86)\InstantView\tools\aoiosnap.exe" [2010-06-22 1130176]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2010-06-11 496160]
"combofix"="c:\combofix\CF9238.3XE" [2009-07-14 344576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\progra~2\Sophos\SOPHOS~1\sophos_detoured_x64.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = 
mStart Page = 
mLocal Page = 
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\XXXXX\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\XXXXXX\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: {{F15096F1-C84C-4c24-875A-189ABBA3BD38} - {b289cf57-0878-36e1-9cbd-8bb7fc2da46d} - mscoree.dll
LSP: c:\programdata\Sophos Web Intelligence\swi_lsp.dll
FF - ProfilePath - c:\users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\numlir2h.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Password Bank Extension : {41ecbc0b-34d5-4cd4-935f-253a30e2cb7e} - c:\program files (x86)\Acer Bio Protection\FFExt
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe
c:\program files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Sophos\AutoUpdate\ALsvc.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\windows\SysWOW64\RunDll32.exe
c:\program files (x86)\Launch Manager\LMworker.exe
c:\program files (x86)\Microsoft Office\Office14\WINWORD.EXE
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-11-23  19:03:48 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-11-23 18:03
.
Vor Suchlauf: 10 Verzeichnis(se), 238.506.946.560 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 237.908.414.464 Bytes frei
.
- - End Of File - - E7FCF191CBA243B23ADDEEB19071FAF3
         
--- --- ---



Gruß,
Ajax

Alt 23.11.2011, 19:35   #22
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
bundespolizei trojaner komme nicht weiter - Standard

bundespolizei trojaner komme nicht weiter



Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 24.11.2011, 17:50   #23
ajax
 
bundespolizei trojaner komme nicht weiter - Standard

bundespolizei trojaner komme nicht weiter



Hallo Arne,
hier kommt die txt. datei vom Scan:


aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-24 17:24:13
-----------------------------
17:24:13.307 OS Version: Windows x64 6.1.7600
17:24:13.307 Number of processors: 4 586 0x2502
17:24:13.310 ComputerName: LAPTOP-TMXXXX UserName: XXXX
17:24:16.547 Initialize success
17:24:20.945 AVAST engine defs: 11112302
17:24:59.335 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:24:59.341 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
17:24:59.357 Disk 0 MBR read successfully
17:24:59.361 Disk 0 MBR scan
17:24:59.368 Disk 0 Windows 7 default MBR code
17:24:59.373 Service scanning
17:25:06.758 Modules scanning
17:25:06.766 Disk 0 trace - called modules:
17:25:06.812 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
17:25:06.819 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800706b060]
17:25:06.826 3 CLASSPNP.SYS[fffff8800165a43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004fd5050]
17:25:07.677 AVAST engine scan C:\Windows
17:25:12.539 AVAST engine scan C:\Windows\system32
17:28:31.432 AVAST engine scan C:\Windows\system32\drivers
17:28:44.942 AVAST engine scan C:\Users\XXXXX
17:33:38.909 AVAST engine scan C:\ProgramData
17:35:45.109 Scan finished successfully
17:45:51.431 Disk 0 MBR has been saved successfully to "C:\Users\XXXX\Desktop\infected\7\MBR.dat"
17:45:51.445 The log file has been saved successfully to "C:\Users\XXXX\Desktop\infected\7\aswMBR.txt"



VG,
Ajax

Alt 24.11.2011, 18:43   #24
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
bundespolizei trojaner komme nicht weiter - Standard

bundespolizei trojaner komme nicht weiter



Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 21.12.2011, 19:58   #25
ajax
 
bundespolizei trojaner komme nicht weiter - Standard

bundespolizei trojaner komme nicht weiter



Hallo Arne,
habe die Scans nun endlich durchgeführt. Hier die Logs:

Malwarbytes:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8402

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

20.12.2011 13:22:58
mbam-log-2011-12-20 (13-22-34).txt

Scan type: Quick scan
Objects scanned: 198897
Time elapsed: 6 minute(s), 25 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\$RECYCLE.BIN\s-1-5-21-1368683291-1757046450-491288050-1004\$R6GP3K6.exe (Adware.InstallCore) -> No action taken.





SUPERAntiSpyware:

SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 12/21/2011 at 09:36 AM

Application Version : 5.0.1142

Core Rules Database Version : 8076
Trace Rules Database Version: 5888

Scan type : Complete Scan
Total Scan Time : 01:19:58

Operating System Information
Windows 7 Home Premium 64-bit (Build 6.01.7600)
UAC On - Administrator

Memory items scanned : 695
Memory threats detected : 0
Registry items scanned : 74092
Registry threats detected : 0
File items scanned : 51870
File threats detected : 93

Adware.Tracking Cookie
C:\USERS\XXXX\AppData\Roaming\Microsoft\Windows\Cookies\Low\XXXX@doubleclick[1].txt [ Cookie:XXXX@doubleclick.net/ ]
C:\USERS\XXXX\AppData\Roaming\Microsoft\Windows\Cookies\Low\XXXX@statse.webtrendslive[2].txt [ Cookie:XXXX@statse.webtrendslive.com/ ]
delivery.ibanner.de [ C:\USERS\XXXX\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\EG9BQTT9 ]
media.mtvnservices.com [ C:\USERS\XXXX\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\EG9BQTT9 ]
.doubleclick.net [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\XXXXD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.harrenmedianetwork.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\XXXX\APPDAXXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
tracking.mobile.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.stepstone.112.2o7.net [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
studivz.adfarm1.adition.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.hightraffic.hugoboss.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
s1.trafficmaxx.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
imagesrv.adition.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\XXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IUCNHHY.DEFAULT\COOKIES.SQLITE ]

Trojan.Agent/Gen-FakeAlert[Local]
C:\PROGRAMDATA\ALDI SUED FOTOSERVICE\{0FD33A41-BDFB-4947-880F-2321FA248AA1}\UPDATE\OPD_JP2.EXE


Jetzt noch Eset:

ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=12
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=75bd2781c4045e41b9ddb266f7961db4
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-10-10 09:53:29
# local_time=2011-10-10 11:53:29 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=5121 16777213 100 75 31189840 46957890 0 0
# compatibility_mode=5893 16776574 66 85 36937448 69905250 0 0
# compatibility_mode=8192 67108863 100 0 1044 1044 0 0
# compatibility_mode=8449 16775165 50 96 31012081 50716927 0 0
# scanned=174133
# found=11
# cleaned=0
# scan_time=8210
C:\Users\xxx\AppData\Local\Temp\ish1115378717\defaultOffer\offer_html.txt Win32/Toolbar.Facemoods application (unable to clean) 00000000000000000000000000000000 I
C:\Users\xxx\AppData\Local\Temp\ish153585592\defaultOffer\offer_html.txt Win32/Toolbar.Facemoods application (unable to clean) 00000000000000000000000000000000 I
C:\Users\xxx\AppData\Local\Temp\ish2077485352\defaultOffer\offer_html.txt Win32/Toolbar.Facemoods application (unable to clean) 00000000000000000000000000000000 I
C:\Users\xxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\52d04023-341ca123 a variant of Java/Agent.DU trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\xxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-1622a0b6 a variant of Java/Agent.DT trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\xxxe\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-425ed644 a variant of Java/Agent.DT trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\xxx\Downloads\PDFConverterSetup(5).exe a variant of Win32/InstallCore.D application (unable to clean) 00000000000000000000000000000000 I
C:\Users\xxx\Downloads\SoftonicDownloader_fuer_free-download-manager(2).exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
C:\Users\xxx\Downloads\SoftonicDownloader_fuer_free-download-manager.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
C:\Users\xxx\Downloads\SoftonicDownloader_fuer_free-youtube-download(2).exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
C:\Users\xxx\Downloads\SoftonicDownloader_fuer_free-youtube-download.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=75bd2781c4045e41b9ddb266f7961db4
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-12-21 04:08:35
# local_time=2011-12-21 05:08:35 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=5121 16777214 100 75 37391652 53159702 0 0
# compatibility_mode=5893 16776574 66 85 43139260 76107062 0 0
# compatibility_mode=8192 67108863 100 0 6202856 6202856 0 0
# compatibility_mode=8449 16775165 50 95 4857984 56918739 0 0
# scanned=196796
# found=0
# cleaned=0
# scan_time=6503



Danke und viele Grüße
Ajax

Alt 21.12.2011, 20:42   #26
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
bundespolizei trojaner komme nicht weiter - Standard

bundespolizei trojaner komme nicht weiter



Zitat:
Art des Suchlaufs: Quick-Scan
Sry aber ich wollte einen Vollscan sehen...bitte nachholen und Log posten!
Denk dran vorher die Signaturen von Malwarebytes zu aktualisieren, da gibt es sehr häufig neue Updates!
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu bundespolizei trojaner komme nicht weiter
anmelde, anmelden, anti, aufforderung, bundespolizei trojaner, compu, computer, euro, fehler, forum, gestern, konnte, laufe, laufen, malwarebytes, melde, melden, objekte, rechner, schritt, software, starte, systemwiederherstellung, troja, trojaner



Ähnliche Themen: bundespolizei trojaner komme nicht weiter


  1. Windows7: GUV/Interpol-Trojaner mit Sperrbildschirm... Komme nicht weiter
    Log-Analyse und Auswertung - 05.02.2014 (6)
  2. win xp / verschlüsselung nach Trojaner , komme nicht weiter
    Diskussionsforum - 25.12.2013 (4)
  3. Auch ich habe den Trojaner mit dem weissen Bildschirm und komme nicht weiter.
    Log-Analyse und Auswertung - 29.10.2012 (16)
  4. Komme nicht weiter mit Entschlüsselung nach einem Trojaner-Befall
    Überwachung, Datenschutz und Spam - 14.07.2012 (1)
  5. Bundespolizei Trojaner / OTL.txt vorhanden komme nicht weiter und schnelle HILFE
    Log-Analyse und Auswertung - 12.07.2012 (2)
  6. Windows Verschlüsselungs Trojaner- Komme nicht weiter!
    Plagegeister aller Art und deren Bekämpfung - 07.06.2012 (5)
  7. Bundespolizei Ich komme nicht weiter bin Anfänger
    Plagegeister aller Art und deren Bekämpfung - 22.03.2012 (2)
  8. BKA Trojaner, boote ueber CD aber komme nicht weiter
    Log-Analyse und Auswertung - 09.08.2011 (1)
  9. Ich komme nicht weiter
    Alles rund um Windows - 07.04.2011 (15)
  10. Volksbank Trojaner mit TAN-Eingabe Aufforderung - komme nicht weiter!
    Plagegeister aller Art und deren Bekämpfung - 15.09.2010 (4)
  11. Trojaner TR/Vundo (komme nicht weiter)
    Log-Analyse und Auswertung - 19.04.2008 (8)
  12. Ständig Werbung Trojaner komme nicht weiter
    Log-Analyse und Auswertung - 23.11.2007 (1)
  13. hab trojaner drauf und komme nicht weiter :S
    Log-Analyse und Auswertung - 17.12.2006 (11)
  14. Komme nicht weiter
    Plagegeister aller Art und deren Bekämpfung - 11.02.2006 (1)
  15. Trojaner in svchst.exe (?) - Komme nicht mehr weiter!
    Plagegeister aller Art und deren Bekämpfung - 31.07.2005 (3)
  16. Trojaner martfinder.com ? Komme nicht weiter
    Plagegeister aller Art und deren Bekämpfung - 03.11.2004 (1)

Zum Thema bundespolizei trojaner komme nicht weiter - Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert - bundespolizei trojaner komme nicht weiter...
Archiv
Du betrachtest: bundespolizei trojaner komme nicht weiter auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.