Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Wgsdgsdgdsgsd.dll Löschen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 26.12.2012, 15:44   #1
Hinz
 
Wgsdgsdgdsgsd.dll Löschen - Standard

Wgsdgsdgdsgsd.dll Löschen



Hallo,
nachdem ich Ihre Anweisungen gefolgt bin, das heißt
1. AdwCleaner angewendet
2. Temporäre Dateien gelöscht
und 3. Combofix angewendet,
kam bei mir die Logfile:

Können Sie mir helfen?

ComboFix 12-12-25.02 - Hinzmann 26.12.2012 15:19:51.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8157.6482 [GMT 1:00]
ausgeführt von:: c:\users\Hinzmann\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\dsgsdgdsgdsgw.pad
c:\users\Hinzmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
c:\users\Hinzmann\wgsdgsdgdsgsd.dll
c:\windows\isRS-000.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-11-26 bis 2012-12-26 ))))))))))))))))))))))))))))))
.
.
2012-12-26 14:23 . 2012-12-26 14:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-23 10:05 . 2012-12-23 10:05 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2012-12-23 10:03 . 2012-12-23 10:04 -------- d-----w- c:\program files\Adobe
2012-12-23 10:01 . 2012-12-23 10:04 -------- d-----w- c:\program files\Common Files\Adobe
2012-12-22 16:56 . 2012-10-19 08:38 82160 ----a-w- c:\windows\system32\drivers\PDFsFilter.sys
2012-12-22 16:56 . 2012-12-22 16:56 74703 ----a-w- c:\windows\SysWow64\mfc45.dat
2012-12-22 16:09 . 2008-12-09 09:59 23464 ----a-w- c:\windows\system32\drivers\ElRawDsk.sys
2012-12-22 16:09 . 2012-10-19 09:12 2135552 ----a-w- c:\windows\system32\Incinerator64.dll
2012-12-22 16:09 . 2012-10-19 09:12 2077696 ----a-w- c:\windows\SysWow64\Incinerator32.dll
2012-12-22 16:09 . 2012-10-19 09:02 57680 ----a-w- c:\windows\system32\iolobtdfg.exe
2012-12-22 16:09 . 2012-10-19 09:01 25744 ----a-w- c:\windows\system32\smrgdf.exe
2012-12-22 16:09 . 2010-09-23 12:29 511328 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\CAPICOM\CAPICOM.DLL
2012-12-22 16:09 . 2012-12-22 16:09 -------- d-----w- c:\program files (x86)\iolo
2012-12-22 16:09 . 2010-02-08 22:36 69000 ----a-w- c:\windows\system32\offreg.dll
2012-12-22 16:09 . 2010-02-08 21:59 56200 ----a-w- c:\windows\SysWow64\offreg.dll
2012-12-22 16:06 . 2012-12-23 09:55 -------- d-----w- c:\programdata\iolo
2012-12-22 12:32 . 2012-12-22 12:32 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2012-12-22 12:32 . 2012-12-22 12:32 -------- d--h--w- c:\programdata\CanonBJ
2012-12-22 12:32 . 2012-03-14 04:00 99840 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPPAM.DLL
2012-12-22 12:32 . 2012-03-14 04:00 30208 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPDAM.DLL
2012-12-22 12:32 . 2012-12-22 12:32 -------- d--h--w- c:\programdata\CanonIJFAX
2012-12-22 12:32 . 2012-03-14 04:00 385024 ----a-w- c:\windows\system32\CNMLMAM.DLL
2012-12-22 12:32 . 2010-10-21 04:00 302080 ----a-w- c:\windows\system32\CNCALAM.DLL
2012-12-22 11:40 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-12-22 11:40 . 2012-08-24 18:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2012-12-22 11:40 . 2012-08-24 18:05 340992 ----a-w- c:\windows\system32\schannel.dll
2012-12-22 11:40 . 2012-08-24 18:04 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-12-22 11:40 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2012-12-22 11:40 . 2012-08-24 16:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2012-12-22 11:40 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-12-22 11:40 . 2012-08-24 16:57 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-12-22 11:40 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-12-22 11:40 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-12-22 11:40 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-12-21 22:19 . 2012-12-25 21:59 2964 ----a-w- c:\programdata\dsgsdgdsgdsgw.js
2012-12-21 16:29 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2012-12-21 16:29 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-12-21 16:29 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-12-21 15:19 . 2012-12-21 08:26 -------- d-----w- c:\windows\Panther
2012-12-21 10:17 . 2012-12-21 10:17 -------- d-----w- c:\windows\SysWow64\wbem\en-US
2012-12-21 10:17 . 2012-12-21 10:17 -------- d-----w- c:\windows\system32\wbem\en-US
2012-12-21 09:59 . 2012-07-26 07:46 2560 ----a-w- c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2012-12-21 09:59 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-21 09:59 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-21 09:59 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-21 09:56 . 2012-11-28 14:58 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-21 09:54 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-12-21 09:52 . 2012-12-21 09:52 757296 ----a-w- c:\program files (x86)\Internet Explorer\iexplore.exe
2012-12-21 09:52 . 2012-12-21 09:52 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-12-21 09:52 . 2012-12-21 09:52 307200 ----a-w- c:\program files (x86)\Internet Explorer\iediagcmd.exe
2012-12-21 09:52 . 2012-12-21 09:52 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-12-21 09:52 . 2012-12-21 09:52 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-12-21 09:52 . 2012-12-21 09:52 107008 ----a-w- c:\program files (x86)\Internet Explorer\iecleanup.exe
2012-12-21 09:44 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 09:44 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 09:44 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-21 09:44 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 09:44 . 2010-09-30 10:41 100864 ----a-w- c:\windows\system32\fontsub.dll
2012-12-21 09:44 . 2010-09-30 06:47 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2012-12-21 09:44 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-21 09:44 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-21 09:44 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-21 09:44 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-21 09:44 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-21 09:44 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-21 09:44 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-21 09:41 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-12-21 09:41 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-12-21 09:41 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-12-21 09:41 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-12-21 09:41 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-12-21 09:37 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-12-21 09:36 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
2012-12-21 09:36 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-12-21 09:36 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-12-21 09:36 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-12-21 09:36 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-12-21 09:36 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-12-21 09:34 . 2012-06-02 05:41 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-12-21 09:34 . 2012-06-02 05:41 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-12-21 09:34 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll
2012-12-21 09:34 . 2012-06-02 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-12-21 09:34 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-12-21 09:34 . 2012-06-02 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-12-21 09:31 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-12-21 09:31 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-12-21 09:31 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-12-21 09:31 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-12-21 09:24 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-12-21 09:24 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-12-21 09:24 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-12-21 09:24 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-12-21 09:24 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-12-21 09:21 . 2012-12-21 09:21 -------- d-----w- c:\users\Public\CyberLink
2012-12-21 09:21 . 2012-12-21 09:21 -------- d-----w- c:\programdata\ATI
2012-12-21 09:20 . 2012-12-21 09:20 0 ----a-w- c:\windows\ativpsrm.bin
2012-12-21 09:17 . 2012-12-21 09:17 -------- d-----w- c:\programdata\AMD
2012-12-21 09:17 . 2012-12-21 09:17 -------- d-----w- c:\program files (x86)\AMD AVT
2012-12-21 09:17 . 2012-12-21 09:17 -------- d-----w- c:\program files (x86)\AMD APP
2012-12-21 09:17 . 2012-12-21 09:17 -------- d-----w- c:\program files\Common Files\ATI Technologies
2012-12-21 09:17 . 2012-12-21 09:17 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2012-12-21 09:17 . 2012-12-21 09:17 -------- d-----w- c:\program files (x86)\ATI Technologies
2012-12-21 09:08 . 2012-12-21 09:08 -------- d-----w- c:\programdata\AVG2013
2012-12-21 09:08 . 2012-12-21 09:08 -------- d-----w- C:\$AVG
2012-12-21 09:08 . 2012-12-21 09:08 -------- d-----w- c:\program files (x86)\AVG
2012-12-21 09:07 . 2012-12-26 13:52 -------- d-----w- c:\programdata\MFAData
2012-12-21 09:07 . 2012-12-21 09:07 -------- d--h--w- c:\programdata\Common Files
2012-12-21 09:07 . 2012-12-21 09:07 -------- d-----w- c:\program files (x86)\OpenOffice.org 3
2012-12-21 09:05 . 2012-12-21 09:11 -------- dc----w- c:\windows\system32\DRVSTORE
2012-12-21 09:05 . 2012-08-21 12:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-12-21 09:05 . 2012-12-21 09:05 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-12-21 09:05 . 2012-12-21 09:05 -------- d-----w- c:\program files\iTunes
2012-12-21 09:05 . 2012-12-21 09:05 -------- d-----w- c:\program files (x86)\iTunes
2012-12-21 09:05 . 2012-12-21 09:05 -------- d-----w- c:\programdata\Apple Computer
2012-12-21 09:05 . 2012-12-21 09:05 -------- d-----w- c:\program files\iPod
2012-12-21 09:04 . 2012-12-21 09:04 -------- d-----w- c:\program files\Common Files\Apple
2012-12-21 09:04 . 2012-12-21 09:04 -------- d-----w- c:\program files (x86)\Apple Software Update
2012-12-21 09:04 . 2012-12-21 09:04 -------- d-----w- c:\program files\Bonjour
2012-12-21 09:04 . 2012-12-21 09:04 -------- d-----w- c:\program files (x86)\Bonjour
2012-12-21 09:04 . 2012-12-21 09:05 -------- d-----w- c:\program files (x86)\Common Files\Apple
2012-12-21 09:04 . 2012-12-21 09:04 -------- d-----w- c:\programdata\Apple
2012-12-21 09:03 . 2012-12-23 10:03 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-12-21 09:03 . 2012-12-21 09:03 -------- d-----w- c:\program files (x86)\VideoLAN
2012-12-21 09:03 . 2012-12-21 09:03 959976 ----a-w- c:\windows\system32\deployJava1.dll
2012-12-21 09:03 . 2012-12-21 09:03 308200 ----a-w- c:\windows\system32\javaws.exe
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-22 12:02 . 2012-10-22 12:02 154464 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2012-10-16 08:38 . 2012-12-21 09:38 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-12-21 09:38 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-12-21 09:38 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-15 02:48 . 2012-10-15 02:48 63328 ----a-w- c:\windows\system32\drivers\avgidsha.sys
2012-10-05 02:32 . 2012-10-05 02:32 111456 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2012-10-04 16:40 . 2012-12-21 09:38 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-02 02:30 . 2012-10-02 02:30 185696 ----a-w- c:\windows\system32\drivers\avgldx64.sys
2012-09-28 14:37 . 2012-09-28 14:37 221696 ----a-w- c:\windows\system32\clinfo.exe
2012-09-28 14:36 . 2012-09-28 14:36 75776 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-09-28 14:36 . 2012-09-28 14:36 65536 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-09-28 14:36 . 2012-09-28 14:36 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-09-28 14:36 . 2012-09-28 14:36 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-09-28 14:36 . 2012-09-28 14:36 32635904 ----a-w- c:\windows\system32\amdocl64.dll
2012-09-28 14:32 . 2012-09-28 14:32 27341824 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-09-28 14:28 . 2012-09-28 14:28 54784 ----a-w- c:\windows\system32\OpenCL.dll
2012-09-28 14:28 . 2012-09-28 14:28 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-09-28 02:23 . 2012-09-28 02:23 5557928 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-09-28 02:21 . 2012-09-28 02:21 10697216 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-09-28 02:05 . 2012-09-28 02:05 70144 ----a-w- c:\windows\system32\coinst_9.002.dll
2012-09-28 02:03 . 2012-09-28 02:03 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-09-28 02:02 . 2012-09-28 02:02 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-09-28 02:02 . 2012-09-28 02:02 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-09-28 02:02 . 2012-09-28 02:02 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-09-28 02:02 . 2012-09-28 02:02 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-09-28 02:02 . 2012-09-28 02:02 16082432 ----a-w- c:\windows\system32\aticaldd64.dll
2012-09-28 01:59 . 2012-09-28 01:59 23825920 ----a-w- c:\windows\system32\atio6axx.dll
2012-09-28 01:57 . 2012-09-28 01:57 13703168 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-09-28 01:43 . 2012-09-28 01:43 935424 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-09-28 01:41 . 2012-09-28 01:41 1120768 ----a-w- c:\windows\system32\aticfx64.dll
2012-09-28 01:41 . 2012-09-28 01:41 19624960 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-09-28 01:39 . 2012-09-28 01:39 6536192 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-09-28 01:39 . 2012-09-28 01:39 442368 ----a-w- c:\windows\system32\atidemgy.dll
2012-09-28 01:39 . 2012-09-28 01:39 538112 ----a-w- c:\windows\system32\atieclxx.exe
2012-09-28 01:38 . 2012-09-28 01:38 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2012-09-28 01:36 . 2012-09-28 01:36 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-09-28 01:36 . 2012-09-28 01:36 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-09-28 01:36 . 2012-09-28 01:36 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-09-28 01:36 . 2012-09-28 01:36 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-09-28 01:31 . 2012-09-28 01:31 3127296 ----a-w- c:\windows\system32\atiumd6a.dll
2012-09-28 01:25 . 2012-09-28 01:25 6704640 ----a-w- c:\windows\system32\atiumd64.dll
2012-09-28 01:22 . 2012-09-28 01:22 7167488 ----a-w- c:\windows\system32\atidxx64.dll
2012-09-28 01:22 . 2012-09-28 01:22 2691584 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-09-28 01:13 . 2012-09-28 01:13 595456 ----a-w- c:\windows\system32\atiadlxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 405504 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-09-28 01:13 . 2012-09-28 01:13 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-09-28 01:13 . 2012-09-28 01:13 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-09-28 01:12 . 2012-09-28 01:12 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-09-28 01:12 . 2012-09-28 01:12 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-09-28 01:12 . 2012-09-28 01:12 460288 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-09-28 01:11 . 2012-09-28 01:11 129536 ----a-w- c:\windows\system32\atiuxp64.dll
2012-09-28 01:11 . 2012-09-28 01:11 109568 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-09-28 01:11 . 2012-09-28 01:11 103424 ----a-w- c:\windows\system32\atiu9p64.dll
2012-09-28 01:10 . 2012-09-28 01:10 82944 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-09-28 01:09 . 2012-09-28 01:09 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Hinzmann\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Hinzmann\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Hinzmann\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-10-17 284440]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-11-06 3143800]
"InstantBurn"="c:\progra~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe" [2010-11-12 697640]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2010-08-20 107816]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2011-03-30 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2011-09-28 75048]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 642728]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
.
c:\users\Hinzmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Hinzmann\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-12-22 28538560]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0c:\progra~2\AVG\AVG2013\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService]
@="Service"
.
R2 CLKMSVC10_38F51D56;CyberLink Product - 2012/12/21 10:14;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-04-20 241648]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-10-05 111456]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
S1 CLBStor;InstantBurn Storage Helper Driver;c:\windows\system32\DRIVERS\CLBStor.sys [2010-07-15 24560]
S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys [2008-12-09 23464]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-09-28 239616]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-06 5814392]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
S2 CLBUDF;CyberLink InstantBurn UDF Filesystem; [x]
S2 CyberLink PowerDVD 10 MS Monitor Service;CyberLink PowerDVD 10 MS Monitor Service;c:\program files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [2011-04-13 70952]
S2 CyberLink PowerDVD 10 MS Service;CyberLink PowerDVD 10 MS Service;c:\program files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [2011-04-13 312616]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-01-10 627936]
S2 ioloSystemService;iolo System Service;c:\program files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2012-10-19 1028464]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-01-20 161560]
S2 PDFsFilter;PDFsFilter;c:\windows\system32\DRIVERS\PDFsFilter.sys [2012-10-19 82160]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-01-20 363800]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-03-04 126952]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-03-04 390632]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-05 331264]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-03-21 452200]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - CLKMDRV10_38F51D56
*Deregistered* - ioloSGuardDriver
.
Inhalt des "geplante Tasks" Ordners
.
2012-12-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-21 09:02]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Hinzmann\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Hinzmann\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Hinzmann\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Hinzmann\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-24 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-24 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-02-24 440600]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
------- Zusätzlicher Suchlauf -------
.
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Hinzmann\AppData\Roaming\Mozilla\Firefox\Profiles\auprx28n.default\
FF - prefs.js: browser.startup.homepage - www.google.de
.
.
------- Dateityp-Verknüpfung -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-12-26 15:25:41
ComboFix-quarantined-files.txt 2012-12-26 14:25
.
Vor Suchlauf: 8 Verzeichnis(se), 463.730.159.616 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 463.594.504.192 Bytes frei
.
- - End Of File - - 962AE8E02B71F2CD02BAC99254B2E6CB

Alt 27.12.2012, 13:35   #2
markusg
/// Malware-holic
 
Wgsdgsdgdsgsd.dll Löschen - Standard

Wgsdgsdgdsgsd.dll Löschen



Hi,
hättest du die Anleitungen gelesen, hättest du gesehen, das wir davon abraten, Combofix einfach mal so einzusetzen!
wo ist das AdwCleaner Log?
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
__________________

__________________

Alt 27.12.2012, 17:44   #3
Hinz
 
Wgsdgsdgdsgsd.dll Löschen - Standard

Wgsdgsdgdsgsd.dll Löschen



Hi Markusg,
vielen Dank schon mal für deinen Hilfe. Hier ist ist der Log von tdss Killer:

17:38:36.0617 0940 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:38:36.0773 0940 ============================================================
17:38:36.0773 0940 Current date / time: 2012/12/27 17:38:36.0773
17:38:36.0773 0940 SystemInfo:
17:38:36.0773 0940
17:38:36.0773 0940 OS Version: 6.1.7601 ServicePack: 1.0
17:38:36.0773 0940 Product type: Workstation
17:38:36.0773 0940 ComputerName: WOHNZIMMER-PC
17:38:36.0773 0940 UserName: Hinzmann
17:38:36.0773 0940 Windows directory: C:\Windows
17:38:36.0773 0940 System windows directory: C:\Windows
17:38:36.0773 0940 Running under WOW64
17:38:36.0773 0940 Processor architecture: Intel x64
17:38:36.0773 0940 Number of processors: 4
17:38:36.0773 0940 Page size: 0x1000
17:38:36.0773 0940 Boot type: Normal boot
17:38:36.0773 0940 ============================================================
17:38:37.0085 0940 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:38:37.0085 0940 ============================================================
17:38:37.0085 0940 \Device\Harddisk0\DR0:
17:38:37.0085 0940 MBR partitions:
17:38:37.0085 0940 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:38:37.0085 0940 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
17:38:37.0085 0940 ============================================================
17:38:37.0100 0940 C: <-> \Device\Harddisk0\DR0\Partition2
17:38:37.0100 0940 ============================================================
17:38:37.0100 0940 Initialize success
17:38:37.0100 0940 ============================================================
17:38:46.0492 5032 ============================================================
17:38:46.0492 5032 Scan started
17:38:46.0492 5032 Mode: Manual; SigCheck; TDLFS;
17:38:46.0492 5032 ============================================================
17:38:46.0492 5032 ============================================================
17:38:46.0492 5032 Scan finished
17:38:46.0492 5032 ============================================================
17:38:46.0492 2544 Detected object count: 0
17:38:46.0492 2544 Actual detected object count: 0
17:38:52.0123 0852 ============================================================
17:38:52.0123 0852 Scan started
17:38:52.0123 0852 Mode: Manual; SigCheck; TDLFS;
17:38:52.0123 0852 ============================================================
17:38:52.0716 0852 ================ Scan system memory ========================
17:38:52.0716 0852 System memory - ok
17:38:52.0716 0852 ================ Scan services =============================
17:38:53.0231 0852 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:38:53.0340 0852 1394ohci - ok
17:38:53.0371 0852 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:38:53.0371 0852 ACPI - ok
17:38:53.0418 0852 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:38:53.0512 0852 AcpiPmi - ok
17:38:53.0621 0852 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:38:53.0636 0852 AdobeARMservice - ok
17:38:53.0917 0852 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:38:53.0933 0852 AdobeFlashPlayerUpdateSvc - ok
17:38:54.0011 0852 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:38:54.0026 0852 adp94xx - ok
17:38:54.0120 0852 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:38:54.0136 0852 adpahci - ok
17:38:54.0182 0852 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:38:54.0198 0852 adpu320 - ok
17:38:54.0260 0852 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:38:54.0416 0852 AeLookupSvc - ok
17:38:54.0541 0852 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:38:54.0604 0852 AFD - ok
17:38:54.0650 0852 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:38:54.0666 0852 agp440 - ok
17:38:54.0697 0852 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:38:54.0728 0852 ALG - ok
17:38:54.0775 0852 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:38:54.0775 0852 aliide - ok
17:38:54.0822 0852 [ 4C1E3649C89C7D542CD18ECC5210099D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:38:54.0916 0852 AMD External Events Utility - ok
17:38:54.0947 0852 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:38:54.0962 0852 amdide - ok
17:38:54.0994 0852 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:38:55.0040 0852 AmdK8 - ok
17:38:55.0290 0852 [ A3C0A15B39F979E8F3EABA901D72ECD7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:38:55.0399 0852 amdkmdag - ok
17:38:55.0446 0852 [ 20F3CD38B107C1BD747C0EA37D450165 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:38:55.0493 0852 amdkmdap - ok
17:38:55.0524 0852 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:38:55.0555 0852 AmdPPM - ok
17:38:55.0586 0852 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:38:55.0602 0852 amdsata - ok
17:38:55.0649 0852 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:38:55.0664 0852 amdsbs - ok
17:38:55.0664 0852 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:38:55.0680 0852 amdxata - ok
17:38:55.0680 0852 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:38:55.0883 0852 AppID - ok
17:38:55.0914 0852 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:38:55.0976 0852 AppIDSvc - ok
17:38:55.0992 0852 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:38:56.0070 0852 Appinfo - ok
17:38:56.0117 0852 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:38:56.0132 0852 Apple Mobile Device - ok
17:38:56.0195 0852 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
17:38:56.0210 0852 arc - ok
17:38:56.0210 0852 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:38:56.0226 0852 arcsas - ok
17:38:56.0242 0852 [ 6FE3237C1177E66437E7AD0E8AC1A6E5 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
17:38:56.0288 0852 asmthub3 - ok
17:38:56.0304 0852 [ C4043E39A2ABBC56581CA25DF161E9F7 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
17:38:56.0335 0852 asmtxhci - ok
17:38:56.0351 0852 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:38:56.0413 0852 AsyncMac - ok
17:38:56.0429 0852 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:38:56.0444 0852 atapi - ok
17:38:56.0460 0852 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
17:38:56.0460 0852 AtiHDAudioService - ok
17:38:56.0694 0852 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:38:56.0756 0852 AudioEndpointBuilder - ok
17:38:56.0756 0852 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:38:56.0788 0852 AudioSrv - ok
17:38:57.0334 0852 [ 56C73C5BC1656656CAC38A23B4310466 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
17:38:57.0396 0852 AVGIDSAgent - ok
17:38:57.0458 0852 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
17:38:57.0474 0852 AVGIDSDriver - ok
17:38:57.0490 0852 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
17:38:57.0505 0852 AVGIDSHA - ok
17:38:57.0568 0852 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
17:38:57.0583 0852 Avgldx64 - ok
17:38:57.0646 0852 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
17:38:57.0661 0852 Avgloga - ok
17:38:57.0661 0852 [ 767B4A485FB22AA0FC0BF5EEF00572B9 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
17:38:57.0677 0852 Avgmfx64 - ok
17:38:57.0708 0852 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
17:38:57.0708 0852 Avgrkx64 - ok
17:38:57.0755 0852 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
17:38:57.0770 0852 Avgtdia - ok
17:38:57.0833 0852 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
17:38:57.0848 0852 avgwd - ok
17:38:57.0895 0852 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:38:57.0989 0852 AxInstSV - ok
17:38:58.0082 0852 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:38:58.0129 0852 b06bdrv - ok
17:38:58.0160 0852 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:38:58.0207 0852 b57nd60a - ok
17:38:58.0238 0852 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:38:58.0301 0852 BDESVC - ok
17:38:58.0301 0852 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:38:58.0332 0852 Beep - ok
17:38:58.0410 0852 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:38:58.0472 0852 BFE - ok
17:38:58.0582 0852 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
17:38:58.0675 0852 BITS - ok
17:38:58.0738 0852 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:38:58.0769 0852 blbdrive - ok
17:38:58.0925 0852 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:38:58.0940 0852 Bonjour Service - ok
17:38:58.0972 0852 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:38:59.0034 0852 bowser - ok
17:38:59.0034 0852 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:38:59.0081 0852 BrFiltLo - ok
17:38:59.0081 0852 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:38:59.0096 0852 BrFiltUp - ok
17:38:59.0128 0852 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:38:59.0159 0852 BridgeMP - ok
17:38:59.0221 0852 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:38:59.0237 0852 Browser - ok
17:38:59.0252 0852 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:38:59.0299 0852 Brserid - ok
17:38:59.0315 0852 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:38:59.0346 0852 BrSerWdm - ok
17:38:59.0346 0852 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:38:59.0377 0852 BrUsbMdm - ok
17:38:59.0377 0852 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:38:59.0393 0852 BrUsbSer - ok
17:38:59.0393 0852 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:38:59.0408 0852 BTHMODEM - ok
17:38:59.0424 0852 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:38:59.0455 0852 bthserv - ok
17:38:59.0471 0852 catchme - ok
17:38:59.0502 0852 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:38:59.0549 0852 cdfs - ok
17:38:59.0564 0852 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:38:59.0611 0852 cdrom - ok
17:38:59.0627 0852 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:38:59.0720 0852 CertPropSvc - ok
17:38:59.0720 0852 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
17:38:59.0783 0852 circlass - ok
17:38:59.0783 0852 [ 2B6B01F0B1DE1B9A0285F9CF36FD6B22 ] CLBStor C:\Windows\system32\DRIVERS\CLBStor.sys
17:38:59.0798 0852 CLBStor - ok
17:38:59.0814 0852 [ 454DD4628AA72673FE62470D8995D172 ] CLBUDF C:\Windows\system32\drivers\CLBUDF.sys
17:38:59.0830 0852 CLBUDF - ok
17:38:59.0845 0852 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:38:59.0861 0852 CLFS - ok
17:39:00.0079 0852 [ 524DC3807CB1746225F9D26ADD19C319 ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
17:39:00.0095 0852 CLKMSVC10_38F51D56 - ok
17:39:00.0438 0852 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:39:00.0438 0852 clr_optimization_v2.0.50727_32 - ok
17:39:00.0610 0852 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:39:00.0625 0852 clr_optimization_v2.0.50727_64 - ok
17:39:00.0953 0852 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:39:00.0968 0852 clr_optimization_v4.0.30319_32 - ok
17:39:01.0390 0852 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:39:01.0405 0852 clr_optimization_v4.0.30319_64 - ok
17:39:01.0452 0852 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
17:39:01.0499 0852 CmBatt - ok
17:39:01.0514 0852 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:39:01.0530 0852 cmdide - ok
17:39:01.0561 0852 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
17:39:01.0608 0852 CNG - ok
17:39:01.0608 0852 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:39:01.0624 0852 Compbatt - ok
17:39:01.0639 0852 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:39:01.0686 0852 CompositeBus - ok
17:39:01.0702 0852 COMSysApp - ok
17:39:01.0717 0852 [ BEBCA166BCB82427CB1D029404BCBBC3 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
17:39:01.0733 0852 cphs - ok
17:39:01.0733 0852 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:39:01.0748 0852 crcdisk - ok
17:39:01.0826 0852 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:39:01.0889 0852 CryptSvc - ok
17:39:01.0951 0852 [ 7F5CD87CA5BDB4D83F992D8C77201483 ] CyberLink PowerDVD 10 MS Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
17:39:01.0967 0852 CyberLink PowerDVD 10 MS Monitor Service - ok
17:39:02.0045 0852 [ 9FAF58E876A3B1DB3030A0A5805F2D86 ] CyberLink PowerDVD 10 MS Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
17:39:02.0060 0852 CyberLink PowerDVD 10 MS Service - ok
17:39:02.0185 0852 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:39:02.0263 0852 DcomLaunch - ok
17:39:02.0372 0852 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:39:02.0435 0852 defragsvc - ok
17:39:02.0466 0852 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:39:02.0528 0852 DfsC - ok
17:39:02.0606 0852 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:39:02.0669 0852 Dhcp - ok
17:39:02.0716 0852 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:39:02.0778 0852 discache - ok
17:39:02.0794 0852 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
17:39:02.0794 0852 Disk - ok
17:39:02.0840 0852 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:39:02.0887 0852 Dnscache - ok
17:39:02.0903 0852 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:39:02.0950 0852 dot3svc - ok
17:39:02.0965 0852 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:39:03.0028 0852 DPS - ok
17:39:03.0043 0852 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:39:03.0074 0852 drmkaud - ok
17:39:03.0121 0852 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:39:03.0152 0852 DXGKrnl - ok
17:39:03.0215 0852 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:39:03.0277 0852 EapHost - ok
17:39:03.0979 0852 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:39:04.0042 0852 ebdrv - ok
17:39:04.0073 0852 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:39:04.0120 0852 EFS - ok
17:39:04.0385 0852 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:39:04.0463 0852 ehRecvr - ok
17:39:04.0510 0852 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:39:04.0541 0852 ehSched - ok
17:39:04.0556 0852 [ D38A883309E04B9FBFFE1ACA60EA3BBF ] ElRawDisk C:\Windows\system32\drivers\ElRawDsk.sys
17:39:04.0619 0852 ElRawDisk - ok
17:39:04.0634 0852 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:39:04.0650 0852 elxstor - ok
17:39:04.0650 0852 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:39:04.0666 0852 ErrDev - ok
17:39:04.0697 0852 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:39:04.0728 0852 EventSystem - ok
17:39:04.0790 0852 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:39:04.0853 0852 exfat - ok
17:39:04.0868 0852 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:39:04.0915 0852 fastfat - ok
17:39:04.0946 0852 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:39:05.0024 0852 Fax - ok
17:39:05.0024 0852 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
17:39:05.0056 0852 fdc - ok
17:39:05.0071 0852 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:39:05.0102 0852 fdPHost - ok
17:39:05.0118 0852 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:39:05.0149 0852 FDResPub - ok
17:39:05.0165 0852 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:39:05.0180 0852 FileInfo - ok
17:39:05.0180 0852 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:39:05.0212 0852 Filetrace - ok
17:39:05.0212 0852 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:39:05.0227 0852 flpydisk - ok
17:39:05.0258 0852 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:39:05.0274 0852 FltMgr - ok
17:39:05.0648 0852 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:39:05.0726 0852 FontCache - ok
17:39:05.0820 0852 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:39:05.0820 0852 FontCache3.0.0.0 - ok
17:39:05.0836 0852 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:39:05.0851 0852 FsDepends - ok
17:39:05.0929 0852 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:39:05.0945 0852 Fs_Rec - ok
17:39:05.0992 0852 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:39:06.0007 0852 fvevol - ok
17:39:06.0038 0852 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:39:06.0054 0852 gagp30kx - ok
17:39:06.0085 0852 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:39:06.0101 0852 GEARAspiWDM - ok
17:39:06.0382 0852 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:39:06.0428 0852 gpsvc - ok
17:39:06.0491 0852 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:39:06.0569 0852 hcw85cir - ok
17:39:06.0631 0852 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:39:06.0678 0852 HdAudAddService - ok
17:39:06.0709 0852 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:39:06.0740 0852 HDAudBus - ok
17:39:06.0756 0852 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:39:06.0787 0852 HidBatt - ok
17:39:06.0803 0852 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:39:06.0818 0852 HidBth - ok
17:39:06.0834 0852 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:39:06.0850 0852 HidIr - ok
17:39:06.0865 0852 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
17:39:06.0928 0852 hidserv - ok
17:39:06.0943 0852 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:39:06.0959 0852 HidUsb - ok
17:39:06.0990 0852 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:39:07.0068 0852 hkmsvc - ok
17:39:07.0146 0852 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:39:07.0162 0852 HomeGroupListener - ok
17:39:07.0224 0852 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:39:07.0255 0852 HomeGroupProvider - ok
17:39:07.0302 0852 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:39:07.0318 0852 HpSAMD - ok
17:39:07.0333 0852 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:39:07.0411 0852 HTTP - ok
17:39:07.0411 0852 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:39:07.0411 0852 hwpolicy - ok
17:39:07.0411 0852 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:39:07.0427 0852 i8042prt - ok
17:39:07.0458 0852 [ 8180A2392E732E8871589B54FAB6991F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:39:07.0458 0852 iaStor - ok
17:39:07.0598 0852 [ 17125B7D2F56B4B35441561C780C2CCB ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:39:07.0614 0852 IAStorDataMgrSvc - ok
17:39:07.0645 0852 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:39:07.0661 0852 iaStorV - ok
17:39:07.0910 0852 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:39:07.0942 0852 idsvc - ok
17:39:09.0798 0852 [ 7054941241807E91663A83A38BCE3F0D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
17:39:09.0985 0852 igfx - ok
17:39:10.0001 0852 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:39:10.0016 0852 iirsp - ok
17:39:10.0204 0852 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:39:10.0266 0852 IKEEXT - ok
17:39:10.0297 0852 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
17:39:10.0328 0852 IntcDAud - ok
17:39:10.0375 0852 [ 7C76466F4E0F76CE259C6005D161E9E8 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:39:10.0406 0852 Intel(R) Capability Licensing Service Interface - ok
17:39:10.0406 0852 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:39:10.0406 0852 intelide - ok
17:39:10.0438 0852 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:39:10.0500 0852 intelppm - ok
17:39:10.0562 0852 [ D0929AB037C900558E46C168DD40E709 ] ioloSystemService C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
17:39:10.0594 0852 ioloSystemService - ok
17:39:10.0640 0852 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:39:10.0718 0852 IPBusEnum - ok
17:39:10.0718 0852 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:39:10.0734 0852 IpFilterDriver - ok
17:39:10.0890 0852 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:39:10.0952 0852 iphlpsvc - ok
17:39:10.0968 0852 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:39:11.0030 0852 IPMIDRV - ok
17:39:11.0030 0852 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:39:11.0062 0852 IPNAT - ok
17:39:11.0202 0852 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:39:11.0233 0852 iPod Service - ok
17:39:11.0233 0852 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:39:11.0280 0852 IRENUM - ok
17:39:11.0280 0852 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:39:11.0296 0852 isapnp - ok
17:39:11.0358 0852 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:39:11.0374 0852 iScsiPrt - ok
17:39:11.0608 0852 [ D22982C269775BCBDDA8A0F82A9ADE9E ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
17:39:11.0623 0852 jhi_service - ok
17:39:11.0623 0852 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:39:11.0639 0852 kbdclass - ok
17:39:11.0639 0852 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:39:11.0670 0852 kbdhid - ok
17:39:11.0701 0852 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:39:11.0701 0852 KeyIso - ok
17:39:11.0732 0852 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:39:11.0748 0852 KSecDD - ok
17:39:11.0764 0852 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:39:11.0779 0852 KSecPkg - ok
17:39:11.0779 0852 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:39:11.0857 0852 ksthunk - ok
17:39:11.0982 0852 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:39:12.0044 0852 KtmRm - ok
17:39:12.0122 0852 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
17:39:12.0200 0852 LanmanServer - ok
17:39:12.0263 0852 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:39:12.0325 0852 LanmanWorkstation - ok
17:39:12.0356 0852 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:39:12.0419 0852 lltdio - ok
17:39:12.0481 0852 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:39:12.0544 0852 lltdsvc - ok
17:39:12.0544 0852 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:39:12.0590 0852 lmhosts - ok
17:39:12.0606 0852 [ 5C08357C65F658E29B5DDC2EF18D575C ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:39:12.0622 0852 LMS - ok
17:39:12.0637 0852 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:39:12.0653 0852 LSI_FC - ok
17:39:12.0653 0852 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:39:12.0653 0852 LSI_SAS - ok
17:39:12.0684 0852 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:39:12.0684 0852 LSI_SAS2 - ok
17:39:12.0700 0852 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:39:12.0700 0852 LSI_SCSI - ok
17:39:12.0731 0852 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:39:12.0778 0852 luafv - ok
17:39:12.0793 0852 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:39:12.0809 0852 Mcx2Svc - ok
17:39:12.0809 0852 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
17:39:12.0824 0852 megasas - ok
17:39:12.0840 0852 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:39:12.0840 0852 MegaSR - ok
17:39:12.0856 0852 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:39:12.0871 0852 MEIx64 - ok
17:39:12.0918 0852 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:39:12.0980 0852 MMCSS - ok
17:39:12.0980 0852 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:39:13.0058 0852 Modem - ok
17:39:13.0058 0852 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:39:13.0105 0852 monitor - ok
17:39:13.0121 0852 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:39:13.0121 0852 mouclass - ok
17:39:13.0121 0852 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:39:13.0136 0852 mouhid - ok
17:39:13.0136 0852 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:39:13.0152 0852 mountmgr - ok
17:39:13.0199 0852 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:39:13.0214 0852 MozillaMaintenance - ok
17:39:13.0214 0852 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:39:13.0230 0852 mpio - ok
17:39:13.0230 0852 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:39:13.0261 0852 mpsdrv - ok
17:39:13.0464 0852 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:39:13.0511 0852 MpsSvc - ok
17:39:13.0526 0852 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:39:13.0573 0852 MRxDAV - ok
17:39:13.0589 0852 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:39:13.0636 0852 mrxsmb - ok
17:39:13.0636 0852 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:39:13.0651 0852 mrxsmb10 - ok
17:39:13.0651 0852 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:39:13.0651 0852 mrxsmb20 - ok
17:39:13.0667 0852 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:39:13.0667 0852 msahci - ok
17:39:13.0667 0852 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:39:13.0682 0852 msdsm - ok
17:39:13.0745 0852 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:39:13.0792 0852 MSDTC - ok
17:39:13.0792 0852 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:39:13.0838 0852 Msfs - ok
17:39:13.0838 0852 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:39:13.0870 0852 mshidkmdf - ok
17:39:13.0885 0852 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:39:13.0885 0852 msisadrv - ok
17:39:13.0979 0852 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:39:14.0057 0852 MSiSCSI - ok
17:39:14.0057 0852 msiserver - ok
17:39:14.0072 0852 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:39:14.0135 0852 MSKSSRV - ok
17:39:14.0166 0852 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:39:14.0228 0852 MSPCLOCK - ok
17:39:14.0244 0852 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:39:14.0291 0852 MSPQM - ok
17:39:14.0322 0852 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:39:14.0338 0852 MsRPC - ok
17:39:14.0353 0852 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:39:14.0369 0852 mssmbios - ok
17:39:14.0384 0852 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:39:14.0462 0852 MSTEE - ok
17:39:14.0478 0852 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:39:14.0509 0852 MTConfig - ok
17:39:14.0509 0852 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:39:14.0525 0852 Mup - ok
17:39:14.0556 0852 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:39:14.0618 0852 napagent - ok
17:39:14.0634 0852 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:39:14.0665 0852 NativeWifiP - ok
17:39:14.0774 0852 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:39:14.0806 0852 NDIS - ok
17:39:14.0821 0852 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:39:14.0837 0852 NdisCap - ok
17:39:14.0852 0852 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:39:14.0868 0852 NdisTapi - ok
17:39:14.0868 0852 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:39:14.0946 0852 Ndisuio - ok
17:39:14.0946 0852 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:39:14.0977 0852 NdisWan - ok
17:39:14.0977 0852 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:39:15.0008 0852 NDProxy - ok
17:39:15.0008 0852 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:39:15.0040 0852 NetBIOS - ok
17:39:15.0040 0852 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:39:15.0055 0852 NetBT - ok
17:39:15.0086 0852 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:39:15.0086 0852 Netlogon - ok
17:39:15.0211 0852 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:39:15.0289 0852 Netman - ok
17:39:15.0320 0852 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:39:15.0383 0852 netprofm - ok
17:39:15.0414 0852 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:39:15.0430 0852 NetTcpPortSharing - ok
17:39:15.0461 0852 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:39:15.0476 0852 nfrd960 - ok
17:39:15.0492 0852 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:39:15.0523 0852 NlaSvc - ok
17:39:15.0523 0852 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:39:15.0539 0852 Npfs - ok
17:39:15.0554 0852 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:39:15.0601 0852 nsi - ok
17:39:15.0601 0852 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:39:15.0632 0852 nsiproxy - ok
17:39:15.0679 0852 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:39:15.0695 0852 Ntfs - ok
17:39:15.0710 0852 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:39:15.0742 0852 Null - ok
17:39:15.0742 0852 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:39:15.0757 0852 nvraid - ok
17:39:15.0757 0852 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:39:15.0773 0852 nvstor - ok
17:39:15.0788 0852 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:39:15.0804 0852 nv_agp - ok
17:39:15.0804 0852 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:39:15.0820 0852 ohci1394 - ok
17:39:15.0851 0852 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:39:15.0898 0852 p2pimsvc - ok
17:39:15.0913 0852 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:39:15.0944 0852 p2psvc - ok
17:39:15.0944 0852 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
17:39:15.0960 0852 Parport - ok
17:39:15.0991 0852 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:39:15.0991 0852 partmgr - ok
17:39:16.0022 0852 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:39:16.0038 0852 PcaSvc - ok
17:39:16.0054 0852 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:39:16.0054 0852 pci - ok
17:39:16.0054 0852 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:39:16.0069 0852 pciide - ok
17:39:16.0069 0852 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:39:16.0085 0852 pcmcia - ok
17:39:16.0085 0852 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:39:16.0085 0852 pcw - ok
17:39:16.0100 0852 [ 8570C04D9DBFDDD2CCF655DEB4D84715 ] PDFsFilter C:\Windows\system32\DRIVERS\PDFsFilter.sys
17:39:16.0100 0852 PDFsFilter - ok
17:39:16.0132 0852 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:39:16.0178 0852 PEAUTH - ok
17:39:16.0210 0852 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:39:16.0225 0852 PerfHost - ok
17:39:16.0272 0852 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:39:16.0319 0852 pla - ok
17:39:16.0381 0852 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:39:16.0428 0852 PlugPlay - ok
17:39:16.0444 0852 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:39:16.0475 0852 PNRPAutoReg - ok
17:39:16.0490 0852 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:39:16.0506 0852 PNRPsvc - ok
17:39:16.0537 0852 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:39:16.0584 0852 PolicyAgent - ok
17:39:16.0600 0852 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:39:16.0646 0852 Power - ok
17:39:16.0678 0852 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:39:16.0724 0852 PptpMiniport - ok
17:39:16.0740 0852 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
17:39:16.0771 0852 Processor - ok
17:39:16.0834 0852 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:39:16.0896 0852 ProfSvc - ok
17:39:16.0912 0852 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:39:16.0912 0852 ProtectedStorage - ok
17:39:16.0927 0852 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:39:16.0990 0852 Psched - ok
17:39:17.0021 0852 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:39:17.0052 0852 ql2300 - ok
17:39:17.0068 0852 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:39:17.0068 0852 ql40xx - ok
17:39:17.0099 0852 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:39:17.0114 0852 QWAVE - ok
17:39:17.0114 0852 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:39:17.0130 0852 QWAVEdrv - ok
17:39:17.0130 0852 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:39:17.0161 0852 RasAcd - ok
17:39:17.0192 0852 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:39:17.0208 0852 RasAgileVpn - ok
17:39:17.0239 0852 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:39:17.0302 0852 RasAuto - ok
17:39:17.0302 0852 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:39:17.0333 0852 Rasl2tp - ok
17:39:17.0348 0852 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:39:17.0380 0852 RasMan - ok
17:39:17.0380 0852 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:39:17.0426 0852 RasPppoe - ok
17:39:17.0458 0852 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:39:17.0489 0852 RasSstp - ok
17:39:17.0489 0852 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:39:17.0520 0852 rdbss - ok
17:39:17.0520 0852 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
17:39:17.0536 0852 rdpbus - ok
17:39:17.0536 0852 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:39:17.0551 0852 RDPCDD - ok
17:39:17.0551 0852 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:39:17.0582 0852 RDPENCDD - ok
17:39:17.0582 0852 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:39:17.0614 0852 RDPREFMP - ok
17:39:17.0629 0852 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:39:17.0660 0852 RdpVideoMiniport - ok
17:39:17.0707 0852 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:39:17.0754 0852 RDPWD - ok
17:39:17.0754 0852 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:39:17.0770 0852 rdyboost - ok
17:39:17.0801 0852 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:39:17.0863 0852 RemoteAccess - ok
17:39:17.0910 0852 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:39:17.0957 0852 RemoteRegistry - ok
17:39:17.0972 0852 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:39:18.0004 0852 RpcEptMapper - ok
17:39:18.0035 0852 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:39:18.0066 0852 RpcLocator - ok
17:39:18.0128 0852 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:39:18.0160 0852 RpcSs - ok
17:39:18.0191 0852 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:39:18.0222 0852 rspndr - ok
17:39:18.0362 0852 [ 16D4E350420BAA7E63E16E3FC033E1F5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:39:18.0378 0852 RTL8167 - ok
17:39:18.0409 0852 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:39:18.0425 0852 SamSs - ok
17:39:18.0456 0852 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:39:18.0472 0852 sbp2port - ok
17:39:18.0565 0852 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:39:18.0643 0852 SCardSvr - ok
17:39:18.0643 0852 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:39:18.0674 0852 scfilter - ok
17:39:18.0706 0852 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:39:18.0737 0852 Schedule - ok
17:39:18.0784 0852 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:39:18.0815 0852 SCPolicySvc - ok
17:39:18.0877 0852 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:39:18.0924 0852 SDRSVC - ok
17:39:18.0955 0852 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:39:18.0986 0852 secdrv - ok
17:39:19.0002 0852 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:39:19.0033 0852 seclogon - ok
17:39:19.0049 0852 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
17:39:19.0080 0852 SENS - ok
17:39:19.0080 0852 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:39:19.0127 0852 SensrSvc - ok
17:39:19.0127 0852 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:39:19.0142 0852 Serenum - ok
17:39:19.0158 0852 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:39:19.0174 0852 Serial - ok
17:39:19.0174 0852 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:39:19.0189 0852 sermouse - ok
17:39:19.0205 0852 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:39:19.0252 0852 SessionEnv - ok
17:39:19.0252 0852 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:39:19.0267 0852 sffdisk - ok
17:39:19.0267 0852 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:39:19.0267 0852 sffp_mmc - ok
17:39:19.0283 0852 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:39:19.0298 0852 sffp_sd - ok
17:39:19.0298 0852 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:39:19.0298 0852 sfloppy - ok
17:39:19.0345 0852 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:39:19.0408 0852 SharedAccess - ok
17:39:19.0454 0852 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:39:19.0501 0852 ShellHWDetection - ok
17:39:19.0501 0852 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:39:19.0517 0852 SiSRaid2 - ok
17:39:19.0517 0852 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:39:19.0532 0852 SiSRaid4 - ok
17:39:19.0532 0852 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:39:19.0564 0852 Smb - ok
17:39:19.0579 0852 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:39:19.0610 0852 SNMPTRAP - ok
17:39:19.0610 0852 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:39:19.0610 0852 spldr - ok
17:39:19.0642 0852 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:39:19.0688 0852 Spooler - ok
17:39:19.0782 0852 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:39:19.0829 0852 sppsvc - ok
17:39:19.0876 0852 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:39:19.0891 0852 sppuinotify - ok
17:39:19.0922 0852 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:39:19.0969 0852 srv - ok
17:39:19.0969 0852 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:39:20.0000 0852 srv2 - ok
17:39:20.0000 0852 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:39:20.0016 0852 srvnet - ok
17:39:20.0047 0852 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:39:20.0063 0852 SSDPSRV - ok
17:39:20.0094 0852 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:39:20.0110 0852 SstpSvc - ok
17:39:20.0125 0852 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:39:20.0141 0852 stexstor - ok
17:39:20.0312 0852 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:39:20.0344 0852 stisvc - ok
17:39:20.0375 0852 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:39:20.0375 0852 swenum - ok
17:39:20.0562 0852 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:39:20.0593 0852 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
17:39:20.0593 0852 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
17:39:20.0609 0852 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:39:20.0671 0852 swprv - ok
17:39:20.0734 0852 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:39:20.0780 0852 SysMain - ok
17:39:20.0812 0852 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:39:20.0812 0852 TabletInputService - ok
17:39:20.0827 0852 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:39:20.0874 0852 TapiSrv - ok
17:39:20.0890 0852 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:39:20.0905 0852 TBS - ok
17:39:20.0968 0852 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:39:20.0999 0852 Tcpip - ok
17:39:21.0467 0852 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:39:21.0498 0852 TCPIP6 - ok
17:39:21.0514 0852 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:39:21.0529 0852 tcpipreg - ok
17:39:21.0529 0852 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:39:21.0560 0852 TDPIPE - ok
17:39:21.0576 0852 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:39:21.0592 0852 TDTCP - ok
17:39:21.0607 0852 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:39:21.0623 0852 tdx - ok
17:39:21.0623 0852 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:39:21.0638 0852 TermDD - ok
17:39:21.0670 0852 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:39:21.0716 0852 TermService - ok
17:39:21.0732 0852 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:39:21.0763 0852 Themes - ok
17:39:21.0779 0852 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:39:21.0810 0852 THREADORDER - ok
17:39:21.0826 0852 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:39:21.0841 0852 TrkWks - ok
17:39:21.0904 0852 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:39:21.0935 0852 TrustedInstaller - ok
17:39:21.0966 0852 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:39:21.0997 0852 tssecsrv - ok
17:39:22.0028 0852 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:39:22.0075 0852 TsUsbFlt - ok
17:39:22.0091 0852 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:39:22.0106 0852 TsUsbGD - ok
17:39:22.0122 0852 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:39:22.0153 0852 tunnel - ok
17:39:22.0153 0852 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:39:22.0169 0852 uagp35 - ok
17:39:22.0184 0852 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:39:22.0231 0852 udfs - ok
17:39:22.0262 0852 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:39:22.0278 0852 UI0Detect - ok
17:39:22.0278 0852 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:39:22.0294 0852 uliagpkx - ok
17:39:22.0294 0852 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:39:22.0294 0852 umbus - ok
17:39:22.0294 0852 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
17:39:22.0309 0852 UmPass - ok
17:39:22.0450 0852 [ 0DFC9713D117B349E41A2A477448107A ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:39:22.0481 0852 UNS - ok
17:39:22.0496 0852 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:39:22.0559 0852 upnphost - ok
17:39:22.0559 0852 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:39:22.0590 0852 usbccgp - ok
17:39:22.0621 0852 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:39:22.0637 0852 usbcir - ok
17:39:22.0637 0852 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
17:39:22.0652 0852 usbehci - ok
17:39:22.0684 0852 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:39:22.0715 0852 usbhub - ok
17:39:22.0715 0852 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:39:22.0730 0852 usbohci - ok
17:39:22.0746 0852 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
17:39:22.0746 0852 usbprint - ok
17:39:22.0762 0852 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:39:22.0793 0852 USBSTOR - ok
17:39:22.0793 0852 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:39:22.0824 0852 usbuhci - ok
17:39:22.0840 0852 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:39:22.0918 0852 UxSms - ok
17:39:22.0933 0852 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:39:22.0933 0852 VaultSvc - ok
17:39:22.0933 0852 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:39:22.0949 0852 vdrvroot - ok
17:39:23.0074 0852 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:39:23.0120 0852 vds - ok
17:39:23.0120 0852 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:39:23.0136 0852 vga - ok
17:39:23.0136 0852 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:39:23.0167 0852 VgaSave - ok
17:39:23.0183 0852 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:39:23.0198 0852 vhdmp - ok
17:39:23.0198 0852 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:39:23.0198 0852 viaide - ok
17:39:23.0214 0852 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:39:23.0214 0852 volmgr - ok
17:39:23.0230 0852 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:39:23.0230 0852 volmgrx - ok
17:39:23.0230 0852 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:39:23.0245 0852 volsnap - ok
17:39:23.0245 0852 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:39:23.0261 0852 vsmraid - ok
17:39:23.0495 0852 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:39:23.0557 0852 VSS - ok
17:39:23.0557 0852 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:39:23.0604 0852 vwifibus - ok
17:39:23.0604 0852 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:39:23.0635 0852 W32Time - ok
17:39:23.0651 0852 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:39:23.0666 0852 WacomPen - ok
17:39:23.0666 0852 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:39:23.0698 0852 WANARP - ok
17:39:23.0698 0852 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:39:23.0729 0852 Wanarpv6 - ok
17:39:23.0744 0852 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:39:23.0791 0852 wbengine - ok
17:39:23.0822 0852 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:39:23.0822 0852 WbioSrvc - ok
17:39:23.0885 0852 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:39:23.0916 0852 wcncsvc - ok
17:39:23.0932 0852 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:39:23.0978 0852 WcsPlugInService - ok
17:39:24.0025 0852 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
17:39:24.0025 0852 Wd - ok
17:39:24.0244 0852 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:39:24.0275 0852 Wdf01000 - ok
17:39:24.0290 0852 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:39:24.0353 0852 WdiServiceHost - ok
17:39:24.0353 0852 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:39:24.0368 0852 WdiSystemHost - ok
17:39:24.0400 0852 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:39:24.0415 0852 WebClient - ok
17:39:24.0446 0852 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:39:24.0509 0852 Wecsvc - ok
17:39:24.0540 0852 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:39:24.0587 0852 wercplsupport - ok
17:39:24.0649 0852 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:39:24.0696 0852 WerSvc - ok
17:39:24.0727 0852 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:39:24.0758 0852 WfpLwf - ok
17:39:24.0790 0852 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:39:24.0790 0852 WIMMount - ok
17:39:24.0852 0852 WinDefend - ok
17:39:24.0852 0852 WinHttpAutoProxySvc - ok
17:39:24.0977 0852 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:39:25.0008 0852 Winmgmt - ok
17:39:25.0398 0852 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:39:25.0460 0852 WinRM - ok
17:39:25.0616 0852 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:39:25.0679 0852 Wlansvc - ok
17:39:25.0710 0852 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:39:25.0741 0852 WmiAcpi - ok
17:39:25.0772 0852 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:39:25.0819 0852 wmiApSrv - ok
17:39:25.0850 0852 WMPNetworkSvc - ok
17:39:25.0866 0852 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:39:25.0897 0852 WPCSvc - ok
17:39:25.0913 0852 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:39:25.0928 0852 WPDBusEnum - ok
17:39:25.0960 0852 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:39:25.0991 0852 ws2ifsl - ok
17:39:26.0022 0852 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
17:39:26.0053 0852 wscsvc - ok
17:39:26.0100 0852 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
17:39:26.0131 0852 WSDPrintDevice - ok
17:39:26.0147 0852 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
17:39:26.0162 0852 WSDScan - ok
17:39:26.0162 0852 WSearch - ok
17:39:26.0256 0852 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:39:26.0303 0852 wuauserv - ok
17:39:26.0318 0852 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:39:26.0365 0852 WudfPf - ok
17:39:26.0412 0852 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:39:26.0443 0852 wudfsvc - ok
17:39:26.0474 0852 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:39:26.0521 0852 WwanSvc - ok
17:39:26.0521 0852 ================ Scan global ===============================
17:39:26.0599 0852 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:39:26.0646 0852 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
17:39:26.0662 0852 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
17:39:26.0708 0852 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:39:26.0818 0852 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:39:26.0818 0852 [Global] - ok
17:39:26.0818 0852 ================ Scan MBR ==================================
17:39:26.0833 0852 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:39:29.0173 0852 \Device\Harddisk0\DR0 - ok
17:39:29.0173 0852 ================ Scan VBR ==================================
17:39:29.0204 0852 [ D8887373C0538862C3DE4629AEB94145 ] \Device\Harddisk0\DR0\Partition1
17:39:29.0204 0852 \Device\Harddisk0\DR0\Partition1 - ok
17:39:29.0251 0852 [ 354F4611131E124DAA0C87A28F38BB76 ] \Device\Harddisk0\DR0\Partition2
17:39:29.0251 0852 \Device\Harddisk0\DR0\Partition2 - ok
17:39:29.0251 0852 ============================================================
17:39:29.0251 0852 Scan finished
17:39:29.0251 0852 ============================================================
17:39:29.0251 3912 Detected object count: 1
17:39:29.0251 3912 Actual detected object count: 1
17:39:35.0819 3912 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
17:39:35.0819 3912 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip

Der Log vom AdwCleaner sieht so aus:

# AdwCleaner v2.103 - Datei am 27/12/2012 um 17:45:30 erstellt
# Aktualisiert am 25/12/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Hinzmann - WOHNZIMMER-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Hinzmann\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v17.0.1 (de)

Datei : C:\Users\Hinzmann\AppData\Roaming\Mozilla\Firefox\Profiles\auprx28n.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [866 octets] - [26/12/2012 15:04:44]
AdwCleaner[R2].txt - [984 octets] - [27/12/2012 17:45:19]
AdwCleaner[S1].txt - [927 octets] - [26/12/2012 15:05:21]
AdwCleaner[S2].txt - [918 octets] - [27/12/2012 17:45:30]

########## EOF - C:\AdwCleaner[S2].txt - [977 octets] ##########
__________________

Alt 27.12.2012, 19:49   #4
markusg
/// Malware-holic
 
Wgsdgsdgdsgsd.dll Löschen - Standard

Wgsdgsdgdsgsd.dll Löschen



das war ein neues ADW cleaner log, ich hatte gesagt, ich will die alten logs sehen.
combofix:
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 28.12.2012, 11:03   #5
Hinz
 
Wgsdgsdgdsgsd.dll Löschen - Standard

Wgsdgsdgdsgsd.dll Löschen



Hallo Herr Markusg,
bitte entschuldigen Sie, dass ich es auf eigene Faust angefangen habe. Ich weiß es war falsch. Aber hier ist der Log von Combofix:
Combofix Logfile:
Code:
ATTFilter
ComboFix 12-12-27.03 - Hinzmann 28.12.2012  10:44:57.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8157.6603 [GMT 1:00]
ausgeführt von:: c:\users\Hinzmann\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-11-28 bis 2012-12-28  ))))))))))))))))))))))))))))))
.
.
2012-12-28 09:48 . 2012-12-28 09:48	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-12-23 10:05 . 2012-12-23 10:05	--------	d-----w-	c:\programdata\regid.1986-12.com.adobe
2012-12-23 10:03 . 2012-12-23 10:04	--------	d-----w-	c:\program files\Adobe
2012-12-23 10:01 . 2012-12-23 10:04	--------	d-----w-	c:\program files\Common Files\Adobe
2012-12-22 16:56 . 2012-10-19 08:38	82160	----a-w-	c:\windows\system32\drivers\PDFsFilter.sys
2012-12-22 16:56 . 2012-12-22 16:56	74703	----a-w-	c:\windows\SysWow64\mfc45.dat
2012-12-22 16:09 . 2008-12-09 09:59	23464	----a-w-	c:\windows\system32\drivers\ElRawDsk.sys
2012-12-22 16:09 . 2012-10-19 09:12	2135552	----a-w-	c:\windows\system32\Incinerator64.dll
2012-12-22 16:09 . 2012-10-19 09:12	2077696	----a-w-	c:\windows\SysWow64\Incinerator32.dll
2012-12-22 16:09 . 2012-10-19 09:02	57680	----a-w-	c:\windows\system32\iolobtdfg.exe
2012-12-22 16:09 . 2012-10-19 09:01	25744	----a-w-	c:\windows\system32\smrgdf.exe
2012-12-22 16:09 . 2010-09-23 12:29	511328	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\CAPICOM\CAPICOM.DLL
2012-12-22 16:09 . 2012-12-22 16:09	--------	d-----w-	c:\program files (x86)\iolo
2012-12-22 16:09 . 2010-02-08 22:36	69000	----a-w-	c:\windows\system32\offreg.dll
2012-12-22 16:09 . 2010-02-08 21:59	56200	----a-w-	c:\windows\SysWow64\offreg.dll
2012-12-22 16:06 . 2012-12-23 09:55	--------	d-----w-	c:\programdata\iolo
2012-12-22 12:32 . 2012-12-22 12:32	--------	d--h--w-	c:\windows\system32\CanonIJ Uninstaller Information
2012-12-22 12:32 . 2012-12-22 12:32	--------	d--h--w-	c:\programdata\CanonBJ
2012-12-22 12:32 . 2012-03-14 04:00	99840	----a-w-	c:\windows\system32\Spool\prtprocs\x64\CNMPPAM.DLL
2012-12-22 12:32 . 2012-03-14 04:00	30208	----a-w-	c:\windows\system32\Spool\prtprocs\x64\CNMPDAM.DLL
2012-12-22 12:32 . 2012-12-22 12:32	--------	d--h--w-	c:\programdata\CanonIJFAX
2012-12-22 12:32 . 2012-03-14 04:00	385024	----a-w-	c:\windows\system32\CNMLMAM.DLL
2012-12-22 12:32 . 2010-10-21 04:00	302080	----a-w-	c:\windows\system32\CNCALAM.DLL
2012-12-22 11:40 . 2012-08-24 18:13	154480	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2012-12-22 11:40 . 2012-08-24 18:09	458712	----a-w-	c:\windows\system32\drivers\cng.sys
2012-12-22 11:40 . 2012-08-24 18:05	340992	----a-w-	c:\windows\system32\schannel.dll
2012-12-22 11:40 . 2012-08-24 18:04	307200	----a-w-	c:\windows\system32\ncrypt.dll
2012-12-22 11:40 . 2012-08-24 18:03	1448448	----a-w-	c:\windows\system32\lsasrv.dll
2012-12-22 11:40 . 2012-08-24 16:57	247808	----a-w-	c:\windows\SysWow64\schannel.dll
2012-12-22 11:40 . 2012-08-24 16:57	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2012-12-22 11:40 . 2012-08-24 16:57	220160	----a-w-	c:\windows\SysWow64\ncrypt.dll
2012-12-22 11:40 . 2012-08-24 16:53	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2012-12-22 11:40 . 2012-05-04 11:00	366592	----a-w-	c:\windows\system32\qdvd.dll
2012-12-22 11:40 . 2012-05-04 09:59	514560	----a-w-	c:\windows\SysWow64\qdvd.dll
2012-12-21 16:29 . 2011-02-19 12:05	1139200	----a-w-	c:\windows\system32\FntCache.dll
2012-12-21 16:29 . 2011-02-19 12:04	902656	----a-w-	c:\windows\system32\d2d1.dll
2012-12-21 16:29 . 2011-02-19 06:30	739840	----a-w-	c:\windows\SysWow64\d2d1.dll
2012-12-21 15:19 . 2012-12-21 08:26	--------	d-----w-	c:\windows\Panther
2012-12-21 10:17 . 2012-12-21 10:17	--------	d-----w-	c:\windows\SysWow64\wbem\en-US
2012-12-21 10:17 . 2012-12-21 10:17	--------	d-----w-	c:\windows\system32\wbem\en-US
2012-12-21 09:59 . 2012-07-26 07:46	2560	----a-w-	c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2012-12-21 09:59 . 2012-07-26 04:55	785512	----a-w-	c:\windows\system32\drivers\Wdf01000.sys
2012-12-21 09:59 . 2012-07-26 04:55	54376	----a-w-	c:\windows\system32\drivers\WdfLdr.sys
2012-12-21 09:59 . 2012-07-26 02:36	9728	----a-w-	c:\windows\system32\Wdfres.dll
2012-12-21 09:56 . 2012-11-28 14:58	67413224	----a-w-	c:\windows\system32\MRT.exe
2012-12-21 09:54 . 2010-02-23 08:16	294912	----a-w-	c:\windows\system32\browserchoice.exe
2012-12-21 09:52 . 2012-12-21 09:52	757296	----a-w-	c:\program files (x86)\Internet Explorer\iexplore.exe
2012-12-21 09:52 . 2012-12-21 09:52	74752	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-12-21 09:52 . 2012-12-21 09:52	307200	----a-w-	c:\program files (x86)\Internet Explorer\iediagcmd.exe
2012-12-21 09:52 . 2012-12-21 09:52	161792	----a-w-	c:\windows\SysWow64\msls31.dll
2012-12-21 09:52 . 2012-12-21 09:52	1129472	----a-w-	c:\windows\SysWow64\wininet.dll
2012-12-21 09:52 . 2012-12-21 09:52	107008	----a-w-	c:\program files (x86)\Internet Explorer\iecleanup.exe
2012-12-21 09:44 . 2012-12-16 17:11	46080	----a-w-	c:\windows\system32\atmlib.dll
2012-12-21 09:44 . 2012-12-16 14:45	367616	----a-w-	c:\windows\system32\atmfd.dll
2012-12-21 09:44 . 2012-12-16 14:13	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2012-12-21 09:44 . 2012-12-16 14:13	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2012-12-21 09:44 . 2010-09-30 10:41	100864	----a-w-	c:\windows\system32\fontsub.dll
2012-12-21 09:44 . 2010-09-30 06:47	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2012-12-21 09:44 . 2012-07-26 03:08	229888	----a-w-	c:\windows\system32\WUDFHost.exe
2012-12-21 09:44 . 2012-07-26 03:08	84992	----a-w-	c:\windows\system32\WUDFSvc.dll
2012-12-21 09:44 . 2012-07-26 03:08	744448	----a-w-	c:\windows\system32\WUDFx.dll
2012-12-21 09:44 . 2012-07-26 03:08	45056	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2012-12-21 09:44 . 2012-07-26 03:08	194048	----a-w-	c:\windows\system32\WUDFPlatform.dll
2012-12-21 09:44 . 2012-07-26 02:26	87040	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2012-12-21 09:44 . 2012-07-26 02:26	198656	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2012-12-21 09:41 . 2012-03-01 06:46	23408	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2012-12-21 09:41 . 2012-03-01 06:33	81408	----a-w-	c:\windows\system32\imagehlp.dll
2012-12-21 09:41 . 2012-03-01 06:28	5120	----a-w-	c:\windows\system32\wmi.dll
2012-12-21 09:41 . 2012-03-01 05:33	159232	----a-w-	c:\windows\SysWow64\imagehlp.dll
2012-12-21 09:41 . 2012-03-01 05:29	5120	----a-w-	c:\windows\SysWow64\wmi.dll
2012-12-21 09:37 . 2012-06-06 06:06	2004480	----a-w-	c:\windows\system32\msxml6.dll
2012-12-21 09:36 . 2012-05-14 05:26	956928	----a-w-	c:\windows\system32\localspl.dll
2012-12-21 09:36 . 2012-03-31 05:42	1732096	----a-w-	c:\program files\Windows Journal\NBDoc.DLL
2012-12-21 09:36 . 2012-03-31 05:40	1402880	----a-w-	c:\program files\Windows Journal\JNWDRV.dll
2012-12-21 09:36 . 2012-03-31 05:40	1367552	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-12-21 09:36 . 2012-03-31 05:40	1393664	----a-w-	c:\program files\Windows Journal\JNTFiltr.dll
2012-12-21 09:36 . 2012-03-31 04:29	936960	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-12-21 09:34 . 2012-06-02 05:41	184320	----a-w-	c:\windows\system32\cryptsvc.dll
2012-12-21 09:34 . 2012-06-02 05:41	140288	----a-w-	c:\windows\system32\cryptnet.dll
2012-12-21 09:34 . 2012-06-02 05:41	1464320	----a-w-	c:\windows\system32\crypt32.dll
2012-12-21 09:34 . 2012-06-02 04:36	140288	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2012-12-21 09:34 . 2012-06-02 04:36	1159680	----a-w-	c:\windows\SysWow64\crypt32.dll
2012-12-21 09:34 . 2012-06-02 04:36	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2012-12-21 09:31 . 2012-06-02 22:19	44056	----a-w-	c:\windows\system32\wups2.dll
2012-12-21 09:31 . 2012-06-02 22:19	2428952	----a-w-	c:\windows\system32\wuaueng.dll
2012-12-21 09:31 . 2012-06-02 22:19	57880	----a-w-	c:\windows\system32\wuauclt.exe
2012-12-21 09:31 . 2012-06-02 22:15	2622464	----a-w-	c:\windows\system32\wucltux.dll
2012-12-21 09:24 . 2012-06-02 22:19	38424	----a-w-	c:\windows\system32\wups.dll
2012-12-21 09:24 . 2012-06-02 22:19	701976	----a-w-	c:\windows\system32\wuapi.dll
2012-12-21 09:24 . 2012-06-02 22:15	99840	----a-w-	c:\windows\system32\wudriver.dll
2012-12-21 09:24 . 2012-06-02 14:19	186752	----a-w-	c:\windows\system32\wuwebv.dll
2012-12-21 09:24 . 2012-06-02 14:15	36864	----a-w-	c:\windows\system32\wuapp.exe
2012-12-21 09:21 . 2012-12-21 09:21	--------	d-----w-	c:\users\Public\CyberLink
2012-12-21 09:21 . 2012-12-21 09:21	--------	d-----w-	c:\programdata\ATI
2012-12-21 09:20 . 2012-12-21 09:20	0	----a-w-	c:\windows\ativpsrm.bin
2012-12-21 09:17 . 2012-12-21 09:17	--------	d-----w-	c:\programdata\AMD
2012-12-21 09:17 . 2012-12-21 09:17	--------	d-----w-	c:\program files (x86)\AMD AVT
2012-12-21 09:17 . 2012-12-21 09:17	--------	d-----w-	c:\program files (x86)\AMD APP
2012-12-21 09:17 . 2012-12-21 09:17	--------	d-----w-	c:\program files\Common Files\ATI Technologies
2012-12-21 09:17 . 2012-12-21 09:17	--------	d-----w-	c:\program files (x86)\Common Files\ATI Technologies
2012-12-21 09:17 . 2012-12-21 09:17	--------	d-----w-	c:\program files (x86)\ATI Technologies
2012-12-21 09:08 . 2012-12-21 09:08	--------	d-----w-	c:\programdata\AVG2013
2012-12-21 09:08 . 2012-12-21 09:08	--------	d-----w-	C:\$AVG
2012-12-21 09:08 . 2012-12-21 09:08	--------	d-----w-	c:\program files (x86)\AVG
2012-12-21 09:07 . 2012-12-28 09:44	--------	d-----w-	c:\programdata\MFAData
2012-12-21 09:07 . 2012-12-21 09:07	--------	d--h--w-	c:\programdata\Common Files
2012-12-21 09:07 . 2012-12-21 09:07	--------	d-----w-	c:\program files (x86)\OpenOffice.org 3
2012-12-21 09:05 . 2012-12-21 09:11	--------	dc----w-	c:\windows\system32\DRVSTORE
2012-12-21 09:05 . 2012-08-21 12:01	33240	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2012-12-21 09:05 . 2012-12-21 09:05	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-12-21 09:05 . 2012-12-21 09:05	--------	d-----w-	c:\program files\iTunes
2012-12-21 09:05 . 2012-12-21 09:05	--------	d-----w-	c:\program files (x86)\iTunes
2012-12-21 09:05 . 2012-12-21 09:05	--------	d-----w-	c:\programdata\Apple Computer
2012-12-21 09:05 . 2012-12-21 09:05	--------	d-----w-	c:\program files\iPod
2012-12-21 09:04 . 2012-12-21 09:04	--------	d-----w-	c:\program files\Common Files\Apple
2012-12-21 09:04 . 2012-12-21 09:04	--------	d-----w-	c:\program files (x86)\Apple Software Update
2012-12-21 09:04 . 2012-12-21 09:04	--------	d-----w-	c:\program files\Bonjour
2012-12-21 09:04 . 2012-12-21 09:04	--------	d-----w-	c:\program files (x86)\Bonjour
2012-12-21 09:04 . 2012-12-21 09:05	--------	d-----w-	c:\program files (x86)\Common Files\Apple
2012-12-21 09:04 . 2012-12-21 09:04	--------	d-----w-	c:\programdata\Apple
2012-12-21 09:03 . 2012-12-23 10:03	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2012-12-21 09:03 . 2012-12-21 09:03	--------	d-----w-	c:\program files (x86)\VideoLAN
2012-12-21 09:03 . 2012-12-21 09:03	959976	----a-w-	c:\windows\system32\deployJava1.dll
2012-12-21 09:03 . 2012-12-21 09:03	308200	----a-w-	c:\windows\system32\javaws.exe
2012-12-21 09:03 . 2012-12-21 09:03	1081320	----a-w-	c:\windows\system32\npDeployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-22 12:02 . 2012-10-22 12:02	154464	----a-w-	c:\windows\system32\drivers\avgidsdrivera.sys
2012-10-16 08:38 . 2012-12-21 09:38	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-12-21 09:38	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-12-21 09:38	561664	----a-w-	c:\windows\apppatch\AcLayers.dll
2012-10-15 02:48 . 2012-10-15 02:48	63328	----a-w-	c:\windows\system32\drivers\avgidsha.sys
2012-10-05 02:32 . 2012-10-05 02:32	111456	----a-w-	c:\windows\system32\drivers\avgmfx64.sys
2012-10-04 16:40 . 2012-12-21 09:38	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-10-02 02:30 . 2012-10-02 02:30	185696	----a-w-	c:\windows\system32\drivers\avgldx64.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\Hinzmann\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\Hinzmann\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\Hinzmann\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-10-17 284440]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-11-06 3143800]
"InstantBurn"="c:\progra~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe" [2010-11-12 697640]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2010-08-20 107816]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2011-03-30 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2011-09-28 75048]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 642728]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
.
c:\users\Hinzmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Hinzmann\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-12-22 28538560]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0c:\progra~2\AVG\AVG2013\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService]
@="Service"
.
R2 CLKMSVC10_38F51D56;CyberLink Product - 2012/12/21 10:14;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-04-20 241648]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-10-05 111456]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
S1 CLBStor;InstantBurn Storage Helper Driver;c:\windows\system32\DRIVERS\CLBStor.sys [2010-07-15 24560]
S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys [2008-12-09 23464]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-09-28 239616]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-06 5814392]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
S2 CLBUDF;CyberLink InstantBurn UDF Filesystem; [x]
S2 CyberLink PowerDVD 10 MS Monitor Service;CyberLink PowerDVD 10 MS Monitor Service;c:\program files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [2011-04-13 70952]
S2 CyberLink PowerDVD 10 MS Service;CyberLink PowerDVD 10 MS Service;c:\program files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [2011-04-13 312616]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-01-10 627936]
S2 ioloSystemService;iolo System Service;c:\program files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2012-10-19 1028464]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-01-20 161560]
S2 PDFsFilter;PDFsFilter;c:\windows\system32\DRIVERS\PDFsFilter.sys [2012-10-19 82160]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-01-20 363800]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-03-04 126952]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-03-04 390632]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-05 331264]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-03-21 452200]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - CLKMDRV10_38F51D56
*Deregistered* - ioloSGuardDriver
.
Inhalt des "geplante Tasks" Ordners
.
2012-12-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-21 09:02]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\Hinzmann\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\Hinzmann\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\Hinzmann\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\Hinzmann\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-24 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-24 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-02-24 440600]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
------- Zusätzlicher Suchlauf -------
.
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Hinzmann\AppData\Roaming\Mozilla\Firefox\Profiles\auprx28n.default\
FF - prefs.js: browser.startup.homepage - Google
.
.
------- Dateityp-Verknüpfung -------
.
JSEFile=NOTEPAD.EXE %1
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-12-28  10:49:58
ComboFix-quarantined-files.txt  2012-12-28 09:49
ComboFix2.txt  2012-12-26 14:25
.
Vor Suchlauf: 12 Verzeichnis(se), 463.440.175.104 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 463.384.727.552 Bytes frei
.
- - End Of File - - 0672EF304875E8E872C0C22C79E2D582
         
--- --- ---


Den alten Log von AdwCleaner habe ich übrigens auch noch( fals der noch wichtig ist):

# AdwCleaner v2.103 - Datei am 26/12/2012 um 15:04:44 erstellt
# Aktualisiert am 25/12/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Hinzmann - WOHNZIMMER-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Hinzmann\Downloads\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v17.0.1 (de)

Datei : C:\Users\Hinzmann\AppData\Roaming\Mozilla\Firefox\Profiles\auprx28n.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [739 octets] - [26/12/2012 15:04:44]

########## EOF - C:\AdwCleaner[R1].txt - [798 octets] ##########

Aber der Log ist eigentlich falsch, weil der unter Downloads und nicht unter Desktop ausgeführt wurde. Ich hoffe, Sie können mir dennöch weiter helfen.


Alt 28.12.2012, 14:45   #6
markusg
/// Malware-holic
 
Wgsdgsdgdsgsd.dll Löschen - Standard

Wgsdgsdgdsgsd.dll Löschen



Hi,
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
--> Wgsdgsdgdsgsd.dll Löschen

Alt 28.12.2012, 19:36   #7
Hinz
 
Wgsdgsdgdsgsd.dll Löschen - Standard

Wgsdgsdgdsgsd.dll Löschen



Malwarebytes Anti-Malware (Test) 1.70.0.1100
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2012.12.28.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Hinzmann :: WOHNZIMMER-PC [Administrator]

Schutz: Aktiviert

28.12.2012 16:26:27
MBAM-log-2012-12-28 (19-30-10).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 320484
Laufzeit: 16 Minute(n), 11 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\amtlib.dll (PUP.RiskwareTool.CK) -> Keine Aktion durchgeführt.
C:\Qoobox\Quarantine\C\Users\Hinzmann\wgsdgsdgdsgsd.dll.vir (Trojan.FakeMS) -> Keine Aktion durchgeführt.

(Ende)

Alt 28.12.2012, 19:38   #8
markusg
/// Malware-holic
 
Wgsdgsdgdsgsd.dll Löschen - Standard

Wgsdgsdgdsgsd.dll Löschen



C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\amtlib.dll (PUP.RiskwareTool.CK) -> Keine Aktion durchgeführt.
das ist eine Raubkopie von Adobe software, da wir das nicht unterstützen, da illegal, kann ich nur beim neu aufsetzen helfen.

der pc muss neu aufgesetzt und dann abgesichert werden
1. Datenrettung:2. Formatieren, Windows neu instalieren:3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.
6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 28.12.2012, 22:17   #9
Hinz
 
Wgsdgsdgdsgsd.dll Löschen - Standard

Wgsdgsdgdsgsd.dll Löschen



das Programm Photoshop hab ich schon entfernt, da ich es von einem Freund habe. Ich wusste, dass es nich legal war das Programm zu haben, aber ich habe es selten benutzt und so konnte ich es wieder entfernen.

Ich werde erst morgen zu den Punkten kommen, da ich erst morgen wieder am PC bin.
Aber eine Frage zu Punkt 4., wie meinen Sie das, das mit den alle Passwörter ändern? und der 5. Punkt mit dem zurückspielen der Daten ist mir noch nicht richtig bekannt?

Alt 01.01.2013, 21:16   #10
Hinz
 
Wgsdgsdgdsgsd.dll Löschen - Standard

Wgsdgsdgdsgsd.dll Löschen



so, alles erledigt. Sind wir soweit fertig?

Alt 02.01.2013, 20:34   #11
markusg
/// Malware-holic
 
Wgsdgsdgdsgsd.dll Löschen - Standard

Wgsdgsdgdsgsd.dll Löschen



Du hast neu aufgesetzt?
dann bitte absichern:
als antimalware programm würde ich emsisoft empfehlen.
diese haben für mich den besten schutz kostet aber etwas.
http://www.trojaner-board.de/103809-...i-malware.html
testversion:
Meine Antivirus-Empfehlung: Emsisoft Anti-Malware
insbesondere wenn du onlinebanking, einkäufe, sonstige zahlungsabwicklungen oder ähnlich wichtiges, wie zb berufliches machst, also sensible daten zu schützen sind, solltest du in sicherheitssoftware investieren.
vor dem aktivieren der lizenz die 30 tage testzeitraum ausnutzen.

kostenlos, aber eben nicht ganz so gut währe avast zu empfehlen.
http://www.trojaner-board.de/110895-...antivirus.html

sag mir welches du nutzt, dann gebe ich konfigurationshinweise.
bitte dein bisheriges av deinstalieren
die folgende anleitung ist umfangreich, dass ist mir klar, sie sollte aber umgesetzt werden, da nur dann dein pc sicher ist. stelle so viele fragen wie nötig, ich arbeite gern alles mit dir durch!

http://www.trojaner-board.de/96344-a...-rechners.html
Starte bitte mit der Passage, Windows Vista und Windows 7
Bitte beginne damit, Windows Updates zu instalieren.
Am besten geht dies, wenn du über Start, Suchen gehst, und dort Windows Updates eingibst.
Prüfe unter "Einstellungen ändern" dass folgendes ausgewählt ist:
- Updates automatisch Instalieren,
- Täglich
- Uhrzeit wählen
- Bitte den gesammten rest anhaken, außer:
- detailierte benachichtungen anzeigen, wenn neue Microsoft software verfügbar ist.
Klicke jetzt die Schaltfläche "OK"
Klicke jetzt "nach Updates suchen".
Bitte instaliere zunächst wichtige Updates.
Es wird nötig sein, den PC zwischendurch neu zu starten. falls dies der Fall ist, musst du erneut über Start, Suchen, Windows Update aufrufen, auf Updates suchen klicken und die nächsten instalieren.
Mache das selbe bitte mit den optionalen Updates.
Bitte übernimm den rest so, wie es im Abschnitt windows 7 / Vista zu lesen ist.
aus dem Abschnitt xp, bitte den punkt "datenausführungsverhinderung, dep" übernehmen.
als browser rate ich dir zu chrome:
Installation von Google Chrome für mehrere Nutzerkonten - Google Chrome-Hilfe
anleitung lesen bitte
falls du nen andern nutzen willst, sags mir dann muss ich teile der nun folgenden anleitung anpassen.


Sandboxie
Die devinition einer Sandbox ist hier nachzulesen:
Sandbox
Kurz gesagt, man kann Programme fast 100 %ig isuliert vom System ausführen.

Der Vorteil liegt klar auf der Hand, wenn über den Browser Schadcode eingeschläust wird, kann dieser nicht nach außen dringen.
Download Link:
Sandboxie Download - Sandboxie 3.76

anleitung:
http://www.trojaner-board.de/71542-a...sandboxie.html
ausführliche anleitung als pdf, auch abarbeiten:
Sandbox Einstellungen |

bitte folgende zusatz konfiguration machen:
sandboxie control öffnen, menü sandbox anklicken, defauldbox wählen.
dort klicke auf sandbox einstellungen.
beschrenkungen, bei programm start und internet zugriff schreibe:
chrome.exe
dann gehe auf anwendungen, webbrowser, chrome.
dort aktiviere alles außer gesammten profil ordner freigeben.
Wie du evtl. schon gesehen hast, kannst du einige Funktionen nicht nutzen.
Dies ist nur in der Vollversion nötig, zu deren Kauf ich dir rate.
Du kannst zb unter "Erzwungene Programmstarts" festlegen, dass alle Browser in der Sandbox starten.
Ansonsten musst du immer auf "Sandboxed webbrowser" klicken bzw Rechtsklick, in Sandboxie starten.
Eine lebenslange Lizenz kostet 30 €, und ist auf allen deinen PC's nutzbar.

Weiter mit:
Maßnahmen für ALLE Windows-Versionen
alles komplett durcharbeiten
anmerkung zu file hippo.
in den settings zusätzlich auswählen:
hide beta updates.
Run updateChecker when Windows starts

Backup Programm:
in meiner Anleitung ist bereits ein Backup Programm verlinkt, als Alternative bietet sich auch das Windows eigene Backup Programm an:
http://www.trojaner-board.de/82962-w...en-backup.html
Dies ist aber leider nur für Windows 7 Nutzer vernünftig nutzbar.
Alle Anderen sollten sich aber auf jeden fall auch ein Backup Programm instalieren, denn dies kann unter Umständen sehr wichtig sein, zum Beispiel, wenn die Festplatte einmal kaputt ist.

Zum Schluss, die allgemeinen sicherheitstipps beachten, wenn es dich betrifft, den Tipp zum Onlinebanking beachten und alle Passwörter ändern
bitte auch lesen, wie mache ich programme für alle sichtbar:
Programme für alle Konten nutzbar machen - PCtipp.ch - Praxis & Hilfe
surfe jetzt also nur noch im standard nutzer konto und dort in der sandbox.
wenn du die kostenlose version nutzt, dann mit klick auf sandboxed web browser, wenn du die bezahlversion hast, kannst du erzwungene programm starts festlegen, dann wird Sandboxie immer gestartet wenn du nen browser aufrufst.
wenn du mit der maus über den browser fährst sollte der eingerahmt sein, dann bist du im sandboxed web browser

passwort sicherheit:
jeder dienst benötigt ein eigenes, mindestens 12-stelliges passwort
bei der passwort verwaltung und erstellung hilft roboform
Passwort Manager, Formular Ausfueller, Passwort Management | RoboForm Passwort Manager
anleitung:
RoboForm-Bedienungsanleitung: Passwort-Manager, Verwalten von Passwörtern und persönlichen Daten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Wgsdgsdgdsgsd.dll Löschen
adobe flash player, avg, combofix, dateien, defender, desktop, download, explorer, firefox, flash player, generic, internet, internet explorer, logfile, monitor, mozilla, object, pup.riskwaretool.ck, realtek, security, software, system, trojan.fakems, wgsdgsdgdsgsd.dll, windows




Ähnliche Themen: Wgsdgsdgdsgsd.dll Löschen


  1. GVU-Trojaner, wgsdgsdgdsgsd.exe
    Log-Analyse und Auswertung - 04.03.2013 (12)
  2. wgsdgsdgdsgsd.exe und A0067266.exe
    Plagegeister aller Art und deren Bekämpfung - 28.02.2013 (43)
  3. wgsdgsdgdsgsd.exe
    Plagegeister aller Art und deren Bekämpfung - 27.02.2013 (24)
  4. wgsdgsdgdsgsd.dll im benutzerordner
    Log-Analyse und Auswertung - 24.02.2013 (14)
  5. wgsdgsdgdsgsd.exe mit Bildschirmsperre
    Log-Analyse und Auswertung - 30.01.2013 (13)
  6. wgsdgsdgdsgsd.exe & losfondup.B
    Plagegeister aller Art und deren Bekämpfung - 18.01.2013 (11)
  7. GVU - wgsdgsdgdsgsd.exe / win7homepro
    Log-Analyse und Auswertung - 13.01.2013 (4)
  8. GVU Trojaner mit Webcam wgsdgsdgdsgsd.exe
    Log-Analyse und Auswertung - 04.01.2013 (18)
  9. wgsdgsdgdsgsd.exe
    Log-Analyse und Auswertung - 28.12.2012 (1)
  10. wgsdgsdgdsgsd.dll
    Log-Analyse und Auswertung - 27.12.2012 (7)
  11. Polizei Trojaner - wgsdgsdgdsgsd
    Plagegeister aller Art und deren Bekämpfung - 27.12.2012 (11)
  12. wgsdgsdgdsgsd.exe, lsass.exe, ctfmon.lnk
    Plagegeister aller Art und deren Bekämpfung - 06.12.2012 (13)
  13. Verschlüsselungstrojaner eingehandelt (wgsdgsdgdsgsd)
    Plagegeister aller Art und deren Bekämpfung - 25.11.2012 (10)
  14. GVU Trojaner wgsdgsdgdsgsd.exe
    Plagegeister aller Art und deren Bekämpfung - 02.11.2012 (1)
  15. wgsdgsdgdsgsd.exe eingefangen, GVU-Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 09.10.2012 (21)
  16. wgsdgsdgdsgsd.exe - m2w7sTaW.exe - und mehr
    Log-Analyse und Auswertung - 02.10.2012 (5)
  17. wgsdgsdgdsgsd.exe eingefangen, GVU-Tojaner?
    Plagegeister aller Art und deren Bekämpfung - 01.10.2012 (1)

Zum Thema Wgsdgsdgdsgsd.dll Löschen - Hallo, nachdem ich Ihre Anweisungen gefolgt bin, das heißt 1. AdwCleaner angewendet 2. Temporäre Dateien gelöscht und 3. Combofix angewendet, kam bei mir die Logfile: Können Sie mir helfen? ComboFix - Wgsdgsdgdsgsd.dll Löschen...
Archiv
Du betrachtest: Wgsdgsdgdsgsd.dll Löschen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.