Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   RegClean Pro - Rogue Verdacht nach Öffnen eines Fake-Facebookvideos (https://www.trojaner-board.de/107510-regclean-pro-rogue-verdacht-offnen-fake-facebookvideos.html)

Spachtel 17.02.2012 22:09
hallo!

hier das log ;)

Code:
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
C:\Program Files\Microsoft\BingBar\BingExt.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\ deleted successfully.
File C:\Program Files\Microsoft\BingBar\BingExt.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-770839608-2006469700-1870852776-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C424171E-592A-415A-9EB1-DFD6D95D3530} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Registry value HKEY_USERS\S-1-5-21-770839608-2006469700-1870852776-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 327974 bytes
->Flash cache emptied: 343 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Flo
->Temp folder emptied: 31379329 bytes
->Temporary Internet Files folder emptied: 104047900 bytes
->Java cache emptied: 16380227 bytes
->Flash cache emptied: 3122825 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8129132 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 156,00 mb
 
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.31.0 log created on 02172012_213241

Files\Folders moved on Reboot...
C:\windows\temp\HS.log moved successfully.

Registry entries deleted on Reboot...
während ich das poste läuft wieder reg clean pro durch, ohne dass ich es gestartet habe und kann es auch nicht beenden :(

lg spachtel

Spachtel 19.02.2012 11:51
hallo!

ein kurzes update:

mein bruder hat einige updates auf meinem laptop gemacht. da war wohl einiges stark veraltet. hatte das service pack 1 noch nicht installiert, wie auch weitere windows updates, adobe reader wurde geupdatet, wie auch java.

allerdings startet immer noch in unregelmäßigen abständen das reg-clean pro fake programm, scannt, stellt immer um die 200 registry fehler fest und sagt mir, ich solle das programm kaufen zum entfernen dieser fehler :( während des scans kann ich es nicht wegklicken. komisch!

lg spachtel

cosinus 19.02.2012 19:17
Bitte keine Programme oder Updates ohne Abspreche hier installieren wenn wir noch in der Analyse sind!

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehlalarm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg


Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

Spachtel 22.02.2012 18:57
Hallo:)

Hier die neue Log-Datei

Code:
18:48:12.0395 4236        TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
18:48:12.0660 4236        ============================================================
18:48:12.0660 4236        Current date / time: 2012/02/22 18:48:12.0660
18:48:12.0660 4236        SystemInfo:
18:48:12.0660 4236       
18:48:12.0660 4236        OS Version: 6.1.7601 ServicePack: 1.0
18:48:12.0660 4236        Product type: Workstation
18:48:12.0660 4236        ComputerName: MPGF1
18:48:12.0660 4236        UserName: Flo
18:48:12.0660 4236        Windows directory: C:\windows
18:48:12.0660 4236        System windows directory: C:\windows
18:48:12.0660 4236        Processor architecture: Intel x86
18:48:12.0660 4236        Number of processors: 2
18:48:12.0660 4236        Page size: 0x1000
18:48:12.0660 4236        Boot type: Normal boot
18:48:12.0660 4236        ============================================================
18:48:13.0799 4236        Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:48:13.0814 4236        \Device\Harddisk0\DR0:
18:48:13.0814 4236        MBR used
18:48:13.0814 4236        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC800000
18:48:13.0814 4236        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xE600800, BlocksNum 0xEBBB000
18:48:13.0970 4236        Initialize success
18:48:13.0970 4236        ============================================================
18:49:13.0110 1968        ============================================================
18:49:13.0110 1968        Scan started
18:49:13.0110 1968        Mode: Manual; SigCheck; TDLFS;
18:49:13.0110 1968        ============================================================
18:49:14.0311 1968        1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys
18:49:14.0623 1968        1394ohci - ok
18:49:14.0748 1968        ACPI            (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys
18:49:14.0795 1968        ACPI - ok
18:49:14.0842 1968        AcpiPmi        (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys
18:49:14.0935 1968        AcpiPmi - ok
18:49:15.0045 1968        adp94xx        (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
18:49:15.0138 1968        adp94xx - ok
18:49:15.0263 1968        adpahci        (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
18:49:15.0341 1968        adpahci - ok
18:49:15.0357 1968        adpu320        (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
18:49:15.0403 1968        adpu320 - ok
18:49:15.0528 1968        AFD            (9ebbba55060f786f0fcaa3893bfa2806) C:\windows\system32\drivers\afd.sys
18:49:15.0606 1968        AFD - ok
18:49:15.0715 1968        agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys
18:49:15.0762 1968        agp440 - ok
18:49:15.0856 1968        aic78xx        (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
18:49:15.0903 1968        aic78xx - ok
18:49:16.0043 1968        aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys
18:49:16.0090 1968        aliide - ok
18:49:16.0121 1968        amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys
18:49:16.0168 1968        amdagp - ok
18:49:16.0183 1968        amdide          (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys
18:49:16.0215 1968        amdide - ok
18:49:16.0261 1968        AmdK8          (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
18:49:16.0355 1968        AmdK8 - ok
18:49:16.0464 1968        AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
18:49:16.0511 1968        AmdPPM - ok
18:49:16.0636 1968        amdsata        (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys
18:49:16.0667 1968        amdsata - ok
18:49:16.0729 1968        amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
18:49:16.0776 1968        amdsbs - ok
18:49:16.0870 1968        amdxata        (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys
18:49:16.0901 1968        amdxata - ok
18:49:17.0057 1968        AppID          (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys
18:49:17.0275 1968        AppID - ok
18:49:17.0416 1968        arc            (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
18:49:17.0447 1968        arc - ok
18:49:17.0463 1968        arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
18:49:17.0509 1968        arcsas - ok
18:49:17.0572 1968        AsUpIO          (a9a565c669786c402752f609afdd0dd5) C:\windows\system32\drivers\AsUpIO.sys
18:49:17.0650 1968        AsUpIO - ok
18:49:17.0697 1968        AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
18:49:17.0884 1968        AsyncMac - ok
18:49:18.0009 1968        atapi          (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys
18:49:18.0071 1968        atapi - ok
18:49:18.0165 1968        athr            (b01751cc563aecac09bbe36aaa21fbef) C:\windows\system32\DRIVERS\athr.sys
18:49:18.0321 1968        athr - ok
18:49:18.0445 1968        avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\windows\system32\DRIVERS\avgntflt.sys
18:49:18.0477 1968        avgntflt - ok
18:49:18.0523 1968        avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\windows\system32\DRIVERS\avipbb.sys
18:49:18.0555 1968        avipbb - ok
18:49:18.0679 1968        b06bdrv        (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
18:49:18.0789 1968        b06bdrv - ok
18:49:18.0913 1968        b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
18:49:18.0991 1968        b57nd60x - ok
18:49:19.0179 1968        Beep            (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
18:49:19.0303 1968        Beep - ok
18:49:19.0350 1968        blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
18:49:19.0397 1968        blbdrive - ok
18:49:19.0444 1968        bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys
18:49:19.0522 1968        bowser - ok
18:49:19.0631 1968        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
18:49:19.0740 1968        BrFiltLo - ok
18:49:19.0849 1968        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
18:49:19.0927 1968        BrFiltUp - ok
18:49:20.0037 1968        Brserid        (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
18:49:20.0130 1968        Brserid - ok
18:49:20.0208 1968        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
18:49:20.0271 1968        BrSerWdm - ok
18:49:20.0317 1968        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
18:49:20.0411 1968        BrUsbMdm - ok
18:49:20.0473 1968        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
18:49:20.0536 1968        BrUsbSer - ok
18:49:20.0567 1968        BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
18:49:20.0629 1968        BTHMODEM - ok
18:49:20.0676 1968        btwavdt - ok
18:49:20.0707 1968        btwrchid - ok
18:49:20.0770 1968        cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
18:49:20.0879 1968        cdfs - ok
18:49:20.0957 1968        cdrom          (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\drivers\cdrom.sys
18:49:21.0019 1968        cdrom - ok
18:49:21.0113 1968        circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
18:49:21.0175 1968        circlass - ok
18:49:21.0238 1968        CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
18:49:21.0285 1968        CLFS - ok
18:49:21.0363 1968        CmBatt          (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
18:49:21.0425 1968        CmBatt - ok
18:49:21.0487 1968        cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys
18:49:21.0534 1968        cmdide - ok
18:49:21.0581 1968        CNG            (6427525d76f61d0c519b008d3680e8e7) C:\windows\system32\Drivers\cng.sys
18:49:21.0675 1968        CNG - ok
18:49:21.0784 1968        Compbatt        (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
18:49:21.0831 1968        Compbatt - ok
18:49:21.0862 1968        CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys
18:49:21.0940 1968        CompositeBus - ok
18:49:22.0018 1968        crcdisk        (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
18:49:22.0049 1968        crcdisk - ok
18:49:22.0221 1968        DfsC            (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys
18:49:22.0314 1968        DfsC - ok
18:49:22.0361 1968        discache        (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
18:49:22.0455 1968        discache - ok
18:49:22.0579 1968        Disk            (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
18:49:22.0626 1968        Disk - ok
18:49:22.0689 1968        drmkaud        (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
18:49:22.0751 1968        drmkaud - ok
18:49:22.0860 1968        DXGKrnl        (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys
18:49:22.0969 1968        DXGKrnl - ok
18:49:23.0157 1968        ebdrv          (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
18:49:23.0375 1968        ebdrv - ok
18:49:23.0515 1968        elxstor        (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
18:49:23.0578 1968        elxstor - ok
18:49:23.0625 1968        ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys
18:49:23.0687 1968        ErrDev - ok
18:49:23.0827 1968        exfat          (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
18:49:23.0937 1968        exfat - ok
18:49:23.0968 1968        fastfat        (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
18:49:24.0077 1968        fastfat - ok
18:49:24.0202 1968        fdc            (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
18:49:24.0249 1968        fdc - ok
18:49:24.0311 1968        FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
18:49:24.0342 1968        FileInfo - ok
18:49:24.0373 1968        Filetrace      (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
18:49:24.0467 1968        Filetrace - ok
18:49:24.0498 1968        flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
18:49:24.0545 1968        flpydisk - ok
18:49:24.0639 1968        FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
18:49:24.0701 1968        FltMgr - ok
18:49:24.0748 1968        FsDepends      (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
18:49:24.0779 1968        FsDepends - ok
18:49:24.0841 1968        fssfltr        (d909075fa72c090f27aa926c32cb4612) C:\windows\system32\DRIVERS\fssfltr.sys
18:49:24.0888 1968        fssfltr - ok
18:49:24.0951 1968        Fs_Rec          (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys
18:49:24.0982 1968        Fs_Rec - ok
18:49:25.0060 1968        fvevol          (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys
18:49:25.0107 1968        fvevol - ok
18:49:25.0216 1968        gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
18:49:25.0247 1968        gagp30kx - ok
18:49:25.0294 1968        hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
18:49:25.0372 1968        hcw85cir - ok
18:49:25.0481 1968        HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys
18:49:25.0575 1968        HdAudAddService - ok
18:49:25.0699 1968        HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys
18:49:25.0777 1968        HDAudBus - ok
18:49:25.0824 1968        HidBatt        (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
18:49:25.0871 1968        HidBatt - ok
18:49:25.0949 1968        HidBth          (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
18:49:26.0027 1968        HidBth - ok
18:49:26.0043 1968        HidIr          (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
18:49:26.0121 1968        HidIr - ok
18:49:26.0245 1968        HidUsb          (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\drivers\hidusb.sys
18:49:26.0323 1968        HidUsb - ok
18:49:26.0464 1968        HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys
18:49:26.0511 1968        HpSAMD - ok
18:49:26.0573 1968        HTTP            (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys
18:49:26.0713 1968        HTTP - ok
18:49:26.0807 1968        hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys
18:49:26.0854 1968        hwpolicy - ok
18:49:26.0932 1968        i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys
18:49:26.0994 1968        i8042prt - ok
18:49:27.0135 1968        iaStor          (d483687eace0c065ee772481a96e05f5) C:\windows\system32\DRIVERS\iaStor.sys
18:49:27.0181 1968        iaStor - ok
18:49:27.0275 1968        iaStorV        (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys
18:49:27.0322 1968        iaStorV - ok
18:49:27.0525 1968        igfx            (6a2a8e70c4ff9cd870869b025c6478e3) C:\windows\system32\DRIVERS\igdkmd32.sys
18:49:27.0852 1968        igfx - ok
18:49:27.0961 1968        iirsp          (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
18:49:28.0008 1968        iirsp - ok
18:49:28.0164 1968        IntcAzAudAddService (bf9866875edf86aae24dd8bd9418deff) C:\windows\system32\drivers\RTKVHDA.sys
18:49:28.0398 1968        IntcAzAudAddService - ok
18:49:28.0492 1968        intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys
18:49:28.0539 1968        intelide - ok
18:49:28.0601 1968        intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
18:49:28.0663 1968        intelppm - ok
18:49:28.0741 1968        IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
18:49:28.0866 1968        IpFilterDriver - ok
18:49:28.0975 1968        IPMIDRV        (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys
18:49:29.0038 1968        IPMIDRV - ok
18:49:29.0085 1968        IPNAT          (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
18:49:29.0178 1968        IPNAT - ok
18:49:29.0287 1968        IRENUM          (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
18:49:29.0397 1968        IRENUM - ok
18:49:29.0443 1968        isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys
18:49:29.0490 1968        isapnp - ok
18:49:29.0521 1968        iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys
18:49:29.0568 1968        iScsiPrt - ok
18:49:29.0646 1968        kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys
18:49:29.0677 1968        kbdclass - ok
18:49:29.0787 1968        kbdhid          (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys
18:49:29.0849 1968        kbdhid - ok
18:49:29.0911 1968        kbfiltr        (3eb803312987ff44265c87cb960df6ab) C:\windows\system32\DRIVERS\kbfiltr.sys
18:49:29.0943 1968        kbfiltr - ok
18:49:29.0989 1968        KSecDD          (f4647bb23db9038a7536cf6b68f4207f) C:\windows\system32\Drivers\ksecdd.sys
18:49:30.0036 1968        KSecDD - ok
18:49:30.0083 1968        KSecPkg        (e73cae53bbb72ba26918492c6b4c229d) C:\windows\system32\Drivers\ksecpkg.sys
18:49:30.0114 1968        KSecPkg - ok
18:49:30.0177 1968        L1C            (d1f734d9a7aaf078d88ceb51900699a7) C:\windows\system32\DRIVERS\L1C62x86.sys
18:49:30.0223 1968        L1C - ok
18:49:30.0364 1968        lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
18:49:30.0457 1968        lltdio - ok
18:49:30.0520 1968        LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
18:49:30.0567 1968        LSI_FC - ok
18:49:30.0598 1968        LSI_SAS        (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
18:49:30.0629 1968        LSI_SAS - ok
18:49:30.0660 1968        LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
18:49:30.0707 1968        LSI_SAS2 - ok
18:49:30.0738 1968        LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
18:49:30.0769 1968        LSI_SCSI - ok
18:49:30.0816 1968        luafv          (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
18:49:30.0925 1968        luafv - ok
18:49:31.0019 1968        megasas        (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
18:49:31.0066 1968        megasas - ok
18:49:31.0113 1968        MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
18:49:31.0159 1968        MegaSR - ok
18:49:31.0191 1968        Modem          (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
18:49:31.0315 1968        Modem - ok
18:49:31.0425 1968        monitor        (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
18:49:31.0503 1968        monitor - ok
18:49:31.0549 1968        mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\drivers\mouclass.sys
18:49:31.0581 1968        mouclass - ok
18:49:31.0643 1968        mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
18:49:31.0705 1968        mouhid - ok
18:49:31.0768 1968        mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys
18:49:31.0799 1968        mountmgr - ok
18:49:31.0861 1968        mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys
18:49:31.0908 1968        mpio - ok
18:49:31.0955 1968        mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
18:49:32.0064 1968        mpsdrv - ok
18:49:32.0111 1968        MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys
18:49:32.0205 1968        MRxDAV - ok
18:49:32.0329 1968        mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys
18:49:32.0423 1968        mrxsmb - ok
18:49:32.0517 1968        mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys
18:49:32.0579 1968        mrxsmb10 - ok
18:49:32.0626 1968        mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys
18:49:32.0673 1968        mrxsmb20 - ok
18:49:32.0719 1968        msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys
18:49:32.0766 1968        msahci - ok
18:49:32.0797 1968        msdsm          (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys
18:49:32.0844 1968        msdsm - ok
18:49:32.0907 1968        Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
18:49:33.0000 1968        Msfs - ok
18:49:33.0031 1968        mshidkmdf      (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
18:49:33.0125 1968        mshidkmdf - ok
18:49:33.0172 1968        msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys
18:49:33.0203 1968        msisadrv - ok
18:49:33.0312 1968        MSKSSRV        (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
18:49:33.0421 1968        MSKSSRV - ok
18:49:33.0515 1968        MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
18:49:33.0593 1968        MSPCLOCK - ok
18:49:33.0624 1968        MSPQM          (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
18:49:33.0718 1968        MSPQM - ok
18:49:33.0780 1968        MsRPC          (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
18:49:33.0827 1968        MsRPC - ok
18:49:33.0889 1968        mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys
18:49:33.0921 1968        mssmbios - ok
18:49:33.0983 1968        MSTEE          (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
18:49:34.0077 1968        MSTEE - ok
18:49:34.0092 1968        MTConfig        (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
18:49:34.0155 1968        MTConfig - ok
18:49:34.0186 1968        Mup            (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
18:49:34.0217 1968        Mup - ok
18:49:34.0342 1968        NativeWifiP    (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
18:49:34.0404 1968        NativeWifiP - ok
18:49:34.0545 1968        NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\windows\system32\drivers\ndis.sys
18:49:34.0654 1968        NDIS - ok
18:49:34.0716 1968        NdisCap        (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
18:49:34.0841 1968        NdisCap - ok
18:49:34.0950 1968        NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
18:49:35.0059 1968        NdisTapi - ok
18:49:35.0137 1968        Ndisuio        (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys
18:49:35.0247 1968        Ndisuio - ok
18:49:35.0293 1968        NdisWan        (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys
18:49:35.0403 1968        NdisWan - ok
18:49:35.0481 1968        NDProxy        (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys
18:49:35.0590 1968        NDProxy - ok
18:49:35.0715 1968        NetBIOS        (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
18:49:35.0824 1968        NetBIOS - ok
18:49:35.0871 1968        NetBT          (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys
18:49:35.0964 1968        NetBT - ok
18:49:36.0120 1968        nfrd960        (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
18:49:36.0167 1968        nfrd960 - ok
18:49:36.0214 1968        Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
18:49:36.0354 1968        Npfs - ok
18:49:36.0385 1968        nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
18:49:36.0479 1968        nsiproxy - ok
18:49:36.0619 1968        Ntfs            (81189c3d7763838e55c397759d49007a) C:\windows\system32\drivers\Ntfs.sys
18:49:36.0729 1968        Ntfs - ok
18:49:36.0775 1968        Null            (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
18:49:36.0869 1968        Null - ok
18:49:36.0916 1968        nvraid          (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys
18:49:36.0947 1968        nvraid - ok
18:49:36.0994 1968        nvstor          (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys
18:49:37.0041 1968        nvstor - ok
18:49:37.0087 1968        nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys
18:49:37.0134 1968        nv_agp - ok
18:49:37.0212 1968        ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys
18:49:37.0290 1968        ohci1394 - ok
18:49:37.0399 1968        Parport        (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
18:49:37.0462 1968        Parport - ok
18:49:37.0524 1968        partmgr        (bf8f6af06da75b336f07e23aef97d93b) C:\windows\system32\drivers\partmgr.sys
18:49:37.0555 1968        partmgr - ok
18:49:37.0618 1968        Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
18:49:37.0665 1968        Parvdm - ok
18:49:37.0727 1968        pci            (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys
18:49:37.0774 1968        pci - ok
18:49:37.0852 1968        pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys
18:49:37.0899 1968        pciide - ok
18:49:37.0945 1968        pcmcia          (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
18:49:37.0992 1968        pcmcia - ok
18:49:38.0023 1968        pcw            (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
18:49:38.0055 1968        pcw - ok
18:49:38.0101 1968        PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
18:49:38.0226 1968        PEAUTH - ok
18:49:38.0460 1968        PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
18:49:38.0554 1968        PptpMiniport - ok
18:49:38.0585 1968        Processor      (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
18:49:38.0647 1968        Processor - ok
18:49:38.0788 1968        Psched          (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
18:49:38.0913 1968        Psched - ok
18:49:38.0975 1968        ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
18:49:39.0100 1968        ql2300 - ok
18:49:39.0162 1968        ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
18:49:39.0209 1968        ql40xx - ok
18:49:39.0256 1968        QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
18:49:39.0303 1968        QWAVEdrv - ok
18:49:39.0334 1968        RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
18:49:39.0443 1968        RasAcd - ok
18:49:39.0552 1968        RasAgileVpn    (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
18:49:39.0661 1968        RasAgileVpn - ok
18:49:39.0708 1968        Rasl2tp        (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
18:49:39.0817 1968        Rasl2tp - ok
18:49:39.0942 1968        RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
18:49:40.0051 1968        RasPppoe - ok
18:49:40.0083 1968        RasSstp        (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
18:49:40.0176 1968        RasSstp - ok
18:49:40.0223 1968        rdbss          (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys
18:49:40.0332 1968        rdbss - ok
18:49:40.0410 1968        rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
18:49:40.0488 1968        rdpbus - ok
18:49:40.0535 1968        RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys
18:49:40.0629 1968        RDPCDD - ok
18:49:40.0738 1968        RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
18:49:40.0831 1968        RDPENCDD - ok
18:49:40.0863 1968        RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
18:49:40.0956 1968        RDPREFMP - ok
18:49:41.0081 1968        RDPWD          (288b06960d78428ff89e811632684e20) C:\windows\system32\drivers\RDPWD.sys
18:49:41.0206 1968        RDPWD - ok
18:49:41.0315 1968        rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys
18:49:41.0377 1968        rdyboost - ok
18:49:41.0471 1968        rspndr          (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
18:49:41.0565 1968        rspndr - ok
18:49:41.0689 1968        sbp2port        (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys
18:49:41.0736 1968        sbp2port - ok
18:49:41.0783 1968        scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys
18:49:41.0877 1968        scfilter - ok
18:49:41.0939 1968        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
18:49:42.0033 1968        secdrv - ok
18:49:42.0142 1968        Serenum        (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
18:49:42.0189 1968        Serenum - ok
18:49:42.0220 1968        Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
18:49:42.0282 1968        Serial - ok
18:49:42.0329 1968        sermouse        (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
18:49:42.0376 1968        sermouse - ok
18:49:42.0501 1968        sffdisk        (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys
18:49:42.0594 1968        sffdisk - ok
18:49:42.0703 1968        sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys
18:49:42.0766 1968        sffp_mmc - ok
18:49:42.0813 1968        sffp_sd        (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys
18:49:42.0875 1968        sffp_sd - ok
18:49:42.0969 1968        sfloppy        (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
18:49:43.0031 1968        sfloppy - ok
18:49:43.0140 1968        Sftfs          (d9b734638dd8dba9d59aad3189cd0fad) C:\windows\system32\DRIVERS\Sftfslh.sys
18:49:43.0234 1968        Sftfs - ok
18:49:43.0296 1968        Sftplay        (2f61bd46c0bff4eb36e1e359ca17bfc5) C:\windows\system32\DRIVERS\Sftplaylh.sys
18:49:43.0343 1968        Sftplay - ok
18:49:43.0374 1968        Sftredir        (518bac0179f94304f422696b47c0ec12) C:\windows\system32\DRIVERS\Sftredirlh.sys
18:49:43.0405 1968        Sftredir - ok
18:49:43.0437 1968        Sftvol          (747325236d88b3f05ffd27ff9ec711c5) C:\windows\system32\DRIVERS\Sftvollh.sys
18:49:43.0468 1968        Sftvol - ok
18:49:43.0546 1968        sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys
18:49:43.0593 1968        sisagp - ok
18:49:43.0624 1968        SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
18:49:43.0671 1968        SiSRaid2 - ok
18:49:43.0686 1968        SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
18:49:43.0733 1968        SiSRaid4 - ok
18:49:43.0780 1968        Smb            (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
18:49:43.0873 1968        Smb - ok
18:49:43.0936 1968        spldr          (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
18:49:43.0967 1968        spldr - ok
18:49:44.0061 1968        srv            (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys
18:49:44.0139 1968        srv - ok
18:49:44.0248 1968        srv2            (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys
18:49:44.0295 1968        srv2 - ok
18:49:44.0326 1968        srvnet          (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys
18:49:44.0373 1968        srvnet - ok
18:49:44.0482 1968        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\windows\system32\DRIVERS\ssmdrv.sys
18:49:44.0529 1968        ssmdrv - ok
18:49:44.0591 1968        stexstor        (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
18:49:44.0638 1968        stexstor - ok
18:49:44.0763 1968        swenum          (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys
18:49:44.0794 1968        swenum - ok
18:49:44.0887 1968        SynTP          (bd8e7f87de409a745a132a8812de5a96) C:\windows\system32\DRIVERS\SynTP.sys
18:49:44.0919 1968        SynTP - ok
18:49:45.0106 1968        Tcpip          (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\drivers\tcpip.sys
18:49:45.0231 1968        Tcpip - ok
18:49:45.0371 1968        TCPIP6          (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\DRIVERS\tcpip.sys
18:49:45.0465 1968        TCPIP6 - ok
18:49:45.0527 1968        tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\windows\system32\drivers\tcpipreg.sys
18:49:45.0605 1968        tcpipreg - ok
18:49:45.0652 1968        TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys
18:49:45.0745 1968        TDPIPE - ok
18:49:45.0777 1968        TDTCP          (2c10395baa4847f83042813c515cc289) C:\windows\system32\drivers\tdtcp.sys
18:49:45.0870 1968        TDTCP - ok
18:49:45.0901 1968        tdx            (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys
18:49:45.0995 1968        tdx - ok
18:49:46.0042 1968        TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys
18:49:46.0089 1968        TermDD - ok
18:49:46.0276 1968        tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys
18:49:46.0385 1968        tssecsrv - ok
18:49:46.0525 1968        TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys
18:49:46.0619 1968        TsUsbFlt - ok
18:49:46.0759 1968        tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys
18:49:46.0869 1968        tunnel - ok
18:49:46.0915 1968        uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
18:49:46.0962 1968        uagp35 - ok
18:49:47.0009 1968        udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys
18:49:47.0118 1968        udfs - ok
18:49:47.0243 1968        uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys
18:49:47.0290 1968        uliagpkx - ok
18:49:47.0352 1968        umbus          (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys
18:49:47.0415 1968        umbus - ok
18:49:47.0508 1968        UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
18:49:47.0571 1968        UmPass - ok
18:49:47.0617 1968        usbccgp        (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys
18:49:47.0695 1968        usbccgp - ok
18:49:47.0789 1968        usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys
18:49:47.0867 1968        usbcir - ok
18:49:47.0914 1968        usbehci        (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\drivers\usbehci.sys
18:49:47.0992 1968        usbehci - ok
18:49:48.0085 1968        usbhub          (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys
18:49:48.0148 1968        usbhub - ok
18:49:48.0257 1968        usbohci        (e185d44fac515a18d9deddc23c2cdf44) C:\windows\system32\drivers\usbohci.sys
18:49:48.0304 1968        usbohci - ok
18:49:48.0397 1968        usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
18:49:48.0444 1968        usbprint - ok
18:49:48.0507 1968        USBSTOR        (f991ab9cc6b908db552166768176896a) C:\windows\system32\drivers\USBSTOR.SYS
18:49:48.0616 1968        USBSTOR - ok
18:49:48.0709 1968        usbuhci        (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\drivers\usbuhci.sys
18:49:48.0756 1968        usbuhci - ok
18:49:48.0819 1968        usbvideo        (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\System32\Drivers\usbvideo.sys
18:49:48.0881 1968        usbvideo - ok
18:49:48.0943 1968        vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys
18:49:48.0990 1968        vdrvroot - ok
18:49:49.0037 1968        vga            (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
18:49:49.0099 1968        vga - ok
18:49:49.0131 1968        VgaSave        (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
18:49:49.0240 1968        VgaSave - ok
18:49:49.0287 1968        vhdmp          (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys
18:49:49.0333 1968        vhdmp - ok
18:49:49.0380 1968        viaagp          (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys
18:49:49.0427 1968        viaagp - ok
18:49:49.0458 1968        ViaC7          (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
18:49:49.0521 1968        ViaC7 - ok
18:49:49.0567 1968        viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys
18:49:49.0599 1968        viaide - ok
18:49:49.0630 1968        volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys
18:49:49.0677 1968        volmgr - ok
18:49:49.0723 1968        volmgrx        (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
18:49:49.0770 1968        volmgrx - ok
18:49:49.0817 1968        volsnap        (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys
18:49:49.0864 1968        volsnap - ok
18:49:49.0926 1968        vsmraid        (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
18:49:49.0973 1968        vsmraid - ok
18:49:50.0020 1968        vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
18:49:50.0082 1968        vwifibus - ok
18:49:50.0113 1968        vwififlt        (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
18:49:50.0176 1968        vwififlt - ok
18:49:50.0238 1968        WacomPen        (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
18:49:50.0285 1968        WacomPen - ok
18:49:50.0394 1968        WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
18:49:50.0472 1968        WANARP - ok
18:49:50.0488 1968        Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
18:49:50.0613 1968        Wanarpv6 - ok
18:49:50.0737 1968        Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
18:49:50.0784 1968        Wd - ok
18:49:50.0815 1968        Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
18:49:50.0878 1968        Wdf01000 - ok
18:49:51.0502 1968        WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
18:49:51.0611 1968        WfpLwf - ok
18:49:51.0705 1968        WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
18:49:51.0751 1968        WIMMount - ok
18:49:51.0985 1968        WmiAcpi        (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys
18:49:52.0048 1968        WmiAcpi - ok
18:49:52.0204 1968        ws2ifsl        (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
18:49:52.0329 1968        ws2ifsl - ok
18:49:52.0422 1968        WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\windows\system32\drivers\WudfPf.sys
18:49:52.0516 1968        WudfPf - ok
18:49:52.0641 1968        WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\windows\system32\DRIVERS\WUDFRd.sys
18:49:52.0750 1968        WUDFRd - ok
18:49:52.0828 1968        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:49:52.0984 1968        \Device\Harddisk0\DR0 - ok
18:49:52.0999 1968        Boot (0x1200)  (54abc144864b4c958ab2d032a19c42b9) \Device\Harddisk0\DR0\Partition0
18:49:52.0999 1968        \Device\Harddisk0\DR0\Partition0 - ok
18:49:53.0046 1968        Boot (0x1200)  (e561d3855e7409f40c075f86402524ce) \Device\Harddisk0\DR0\Partition1
18:49:53.0046 1968        \Device\Harddisk0\DR0\Partition1 - ok
18:49:53.0046 1968        ============================================================
18:49:53.0046 1968        Scan finished
18:49:53.0046 1968        ============================================================
18:49:53.0093 2192        Detected object count: 0
18:49:53.0093 2192        Actual detected object count: 0

cosinus 22.02.2012 20:30
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

Spachtel 28.02.2012 14:55
Hey hier die neue Log-Datei...
Vielen Dank schonmal:)

Combofix Logfile:
Code:
ComboFix 12-02-27.02 - Flo 28.02.2012  13:35:45.1.2 - x86
Microsoft Windows 7 Starter  6.1.7601.1.1252.49.1031.18.1014.298 [GMT 1:00]
ausgeführt von:: c:\users\Flo\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AV: Trend Micro Titanium *Disabled/Updated* {48929DFC-7A52-A34F-8351-C4DBEDBD9C50}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Trend Micro Titanium *Disabled/Updated* {F3F37C18-5C68-ACC1-B9E1-FFA9963AD6ED}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\users\Flo\4.0
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-01-28 bis 2012-02-28  ))))))))))))))))))))))))))))))
.
.
2030-01-01 14:10 . 2012-02-17 22:24        --------        d-----w-        C:\Boot
2012-02-28 13:42 . 2012-02-28 13:42        --------        d-----w-        c:\users\Flo\AppData\Local\temp
2012-02-28 13:42 . 2012-02-28 13:42        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-02-17 22:35 . 2012-02-17 22:35        --------        d-----w-        c:\users\Flo\AppData\Local\Mozilla
2012-02-17 21:38 . 2012-02-17 21:38        --------        d-----w-        c:\program files\Common Files\Java
2012-02-17 21:35 . 2012-02-17 21:35        --------        d-----w-        c:\windows\system32\SPReview
2012-02-17 21:33 . 2012-02-17 21:33        --------        d-----w-        c:\windows\system32\EventProviders
2012-02-17 20:32 . 2012-02-17 20:32        --------        d-----w-        C:\_OTL
2012-02-17 20:32 . 2011-12-30 05:27        478720        ----a-w-        c:\windows\system32\timedate.cpl
2012-02-17 20:32 . 2011-12-16 07:52        690688        ----a-w-        c:\windows\system32\msvcrt.dll
2012-02-17 20:32 . 2012-01-04 08:58        442880        ----a-w-        c:\windows\system32\ntshrui.dll
2012-02-17 20:32 . 2012-01-14 03:35        2343424        ----a-w-        c:\windows\system32\win32k.sys
2012-02-14 18:41 . 2012-02-14 18:42        --------        d-----w-        c:\users\Flo\.tfo4
2012-02-12 17:16 . 2011-02-19 06:30        1076736        ----a-w-        c:\windows\system32\DWrite.dll
2012-02-12 17:16 . 2011-02-19 06:30        805376        ----a-w-        c:\windows\system32\FntCache.dll
2012-02-12 17:16 . 2011-02-19 06:30        739840        ----a-w-        c:\windows\system32\d2d1.dll
2012-02-05 18:48 . 2012-02-07 22:24        --------        d-----w-        c:\programdata\VirtualizedApplications
2012-02-05 16:07 . 2011-11-17 05:35        314880        ----a-w-        c:\windows\system32\webio.dll
2012-02-05 16:07 . 2011-11-17 05:32        1038848        ----a-w-        c:\windows\system32\lsasrv.dll
2012-02-05 16:07 . 2011-11-17 05:41        134000        ----a-w-        c:\windows\system32\drivers\ksecpkg.sys
2012-02-05 16:07 . 2011-11-17 05:34        224768        ----a-w-        c:\windows\system32\schannel.dll
2012-02-05 16:07 . 2011-11-17 05:41        67440        ----a-w-        c:\windows\system32\drivers\ksecdd.sys
2012-02-05 16:07 . 2011-11-17 05:39        369352        ----a-w-        c:\windows\system32\drivers\cng.sys
2012-02-05 16:07 . 2011-11-17 05:34        15872        ----a-w-        c:\windows\system32\sspisrv.dll
2012-02-05 16:07 . 2011-11-17 05:34        100352        ----a-w-        c:\windows\system32\sspicli.dll
2012-02-05 16:07 . 2011-11-17 05:34        22016        ----a-w-        c:\windows\system32\secur32.dll
2012-02-05 16:07 . 2011-11-17 05:29        22528        ----a-w-        c:\windows\system32\lsass.exe
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-17 22:05 . 2009-07-14 02:05        152576        ----a-w-        c:\windows\system32\msclmd.dll
2012-02-17 21:37 . 2011-05-23 22:27        472808        ----a-w-        c:\windows\system32\deployJava1.dll
2012-01-12 16:22 . 2011-05-23 11:41        414368        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-10 14:24 . 2012-01-03 18:32        20464        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-02-16 14:55 . 2012-02-17 21:48        134104        ----a-w-        c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]
"HotkeyMon"="AsusSender.exe" [2011-07-13 34728]
"HotkeyService"="AsusSender.exe" [2011-07-13 34728]
"SuperHybridEngine"="AsusSender.exe" [2011-07-13 34728]
"CapsHook"="AsusSender.exe" [2011-07-13 34728]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2010-06-10 414384]
"VizorHtmlDialog.exe"="c:\program files\Trend Micro\Titanium\VizorHtmlDialog.exe" [2010-06-07 689488]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-03-19 116008]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-27 9177632]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-11-19 1594664]
"Boingo Wi-Fi"="c:\program files\Boingo\Boingo Wi-Fi\Boingo.lnk" [2011-05-13 2429]
"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-11-19 83240]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-03-28 281768]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-19 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-19 174360]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-19 150808]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages        REG_MULTI_SZ          kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-08-01 08:28        124480        ----a-w-        c:\program files\ICQ7.5\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveUpdate]
2011-07-13 07:38        34728        ----a-w-        c:\windows\System32\AsusSender.exe
.
R2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2011-02-09 11832]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-03-28 136360]
S2 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [2010-09-08 224680]
S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2010-05-10 68208]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 579944]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 194408]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 21864]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 19304]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation        REG_MULTI_SZ          SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
HPZ12        REG_MULTI_SZ          Pml Driver HPZ12 Net Driver HPZ12
.
Inhalt des "geplante Tasks" Ordners
.
2011-12-09 c:\windows\Tasks\RegClean Pro_DEFAULT.job
- c:\program files\RegClean Pro\RegCleanPro.exe [2011-09-21 10:16]
.
2012-02-22 c:\windows\Tasks\RegClean Pro_UPDATES.job
- c:\program files\RegClean Pro\RegCleanPro.exe [2011-09-21 10:16]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://go.web.de/br/ie9_startpage
uInternet Settings,ProxyOverride = <local>
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\5qwb8pbl.default\
FF - prefs.js: network.proxy.type - 0
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
  d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,83,49,cc,6f,44,7c,6f,4d,95,fa,30,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
  d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,83,49,cc,6f,44,7c,6f,4d,95,fa,30,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-02-28  14:49:18
ComboFix-quarantined-files.txt  2012-02-28 13:49
.
Vor Suchlauf: 8 Verzeichnis(se), 85.602.148.352 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 85.254.447.104 Bytes frei
.
- - End Of File - - 26686F452053F037D780F486BF8D6AFB
[/CODE]
--- --- ---

cosinus 28.02.2012 15:40
Zitat:
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AV: Trend Micro Titanium *Disabled/Updated* {48929DFC-7A52-A34F-8351-C4DBEDBD9C50}
Ist bei dir noch beides installiert?
Wenn ja, das geht nicht. Man sollte immer nur eine AV-Lösung nutzen. Einen der beiden umgehend deinstallieren

Spachtel 28.02.2012 19:04
hallo!

oh, das war mir garnicht bewusst. dachte, ich hätte nur avira drauf!
überprüfe bzw. deinstalliere ich das programm besser über den ccleaner, oder über systemsteuerung-> programme? würde dann avira behalten wollen!

kannst du schon aussagen bzgl. des reg clean pro programmes treffen?

:party:

cosinus 28.02.2012 22:11
Deinstallier bitte erst eins der beiden Programme!

Spachtel 02.03.2012 17:33
hi!

sehr eigenartig:
ich habe sowohl über systemsteuerung-> programme deinstallieren, als auch über Ccleaner versucht Trend Micro Titanium zu deinstallieren, aber sobald ich auf "deinstallieren" klicke, passiert nichts. habe es mehrere male versucht, aber das programm ist immer noch da?!

lg spachtel

cosinus 02.03.2012 18:21
Uninstalling Trend Micro program using the Diagnostic Toolkit

Spachtel 12.03.2012 20:20
Hallo,

ich habe jetzt mit Hilfe des Links versucht Trend Micro Titanium zu deinstalieren. Nachdem der Pc neu gestartet wurde bin ich auf CCleaner gegangen, um nachzusehen ob Trend Micro Titanium wirklich deinstaliert wurde. Merkwürdigerweise war Trend Micro Titanium immer noch unter CCleaner zu finden. Heißt das, dass das Programm immer noch auf dem Pc ist und komischerweise nicht deinstaliert wurde?

lg der spachtel

cosinus 12.03.2012 22:21
Probier es mit dem Revo Uninstaller http://filepony.de/download-revo_uninstaller/


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:59 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131