Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Virus - ads by browse to save

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 27.02.2013, 11:29   #1
KaSept
 
Virus - ads by browse to save - Standard

Virus - ads by browse to save



Hallo liebes Forum,

hilfe, ich werde den Virus "ads by browse to save" nicht los. Ich habe mir hier schon Beiträge angeschaut und den OTL-Scanner durchlaufen lassen. Nun habe ich einen Text als Ergebnis mit den ich nichts anfangen kann da ich was Computer betrifft völlig ahnungslos bin.

Bitte helft mir. ich hatte noch paralel GadgetBox auch ganz penetrant auf dem Lappi und habe das fast vollständig löschen können. Vielleicht besteht da ein Zusammenhang?

Ich bin für jede Hilfe sehr dankbar!

Alt 27.02.2013, 11:32   #2
markusg
/// Malware-holic
 
Virus - ads by browse to save - Standard

Virus - ads by browse to save



Hi,
und wie sollen wir ihn auswerten, wenn du den otl text nicht postest?
__________________

__________________

Alt 27.02.2013, 11:34   #3
KaSept
 
Virus - ads by browse to save - Standard

Virus - ads by browse to save



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 27.02.2013 11:52:41 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\user\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,90 Gb Total Physical Memory | 1,17 Gb Available Physical Memory | 40,44% Memory free
5,80 Gb Paging File | 3,49 Gb Available in Paging File | 60,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 148,95 Gb Total Space | 109,44 Gb Free Space | 73,47% Space Free | Partition Type: NTFS
 
Computer Name: USER-PC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.02.27 11:52:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\user\Downloads\OTL.exe
PRC - [2013.02.21 06:23:46 | 001,274,320 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013.02.13 08:42:06 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.02.13 08:41:51 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
PRC - [2013.02.13 08:41:49 | 000,385,248 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.02.13 08:41:49 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.01.09 17:36:06 | 000,795,208 | ---- | M] (pdfforge GbR) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe
PRC - [2013.01.09 17:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) -- C:\Program Files (x86)\PDF Architect\HelperService.exe
PRC - [2012.12.20 21:56:46 | 001,574,176 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.05.11 16:02:38 | 000,034,104 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe
PRC - [2012.03.15 05:07:00 | 000,128,576 | ---- | M] (Lenovo Group Limited) -- C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
PRC - [2011.11.04 14:37:16 | 000,330,304 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2011.10.20 11:11:24 | 000,412,736 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
PRC - [2011.10.20 11:09:32 | 000,363,584 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
PRC - [2011.10.20 11:09:18 | 000,269,376 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
PRC - [2011.10.20 11:09:16 | 000,134,208 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
PRC - [2011.07.12 18:03:32 | 000,069,568 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe
PRC - [2011.07.12 17:17:04 | 000,138,680 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\ZOOM\TpScrex.exe
PRC - [2011.07.12 16:53:18 | 000,142,696 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2010.07.27 13:51:56 | 000,074,088 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe
PRC - [2010.07.27 13:51:42 | 000,050,536 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Communications Utility\CamMute.exe
PRC - [2010.02.04 12:14:20 | 002,058,776 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
PRC - [2010.02.04 12:14:06 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\AMT\LMS.exe
PRC - [2009.10.09 13:36:30 | 000,438,272 | R--- | M] () -- C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
PRC - [2009.08.07 05:29:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009.08.07 05:29:36 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2000.07.21 23:55:54 | 000,028,739 | ---- | M] (Microsoft® Corporation) -- C:\Program Files (x86)\Microsoft Works\WkDetect.exe
PRC - [2000.07.21 22:55:52 | 000,073,784 | ---- | M] (Microsoft® Corporation) -- C:\Program Files (x86)\Microsoft Works\MSWorks.exe
PRC - [2000.07.12 21:30:18 | 000,311,350 | ---- | M] (Microsoft® Corporation) -- C:\Program Files (x86)\Microsoft Works\wkssb.exe
PRC - [1998.10.14 03:24:16 | 000,274,497 | ---- | M] (Microsoft Corporation) -- C:\Windows\Msagent\AGENTSVR.EXE
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.02.21 06:23:44 | 000,459,728 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll
MOD - [2013.02.21 06:23:43 | 012,637,136 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll
MOD - [2013.02.21 06:23:42 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\pdf.dll
MOD - [2013.02.21 06:22:51 | 000,596,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\libglesv2.dll
MOD - [2013.02.21 06:22:50 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\libegl.dll
MOD - [2013.02.21 06:22:48 | 001,552,848 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\ffmpegsumo.dll
MOD - [2013.01.24 12:16:54 | 001,050,112 | ---- | M] () -- c:\progra~2\gadget~1\sprote~1.dll
MOD - [2013.01.09 21:18:06 | 001,159,168 | ---- | M] () -- c:\progra~2\saveby~1\sprote~1.dll
MOD - [1999.10.21 06:06:32 | 000,057,403 | ---- | M] () -- C:\PROGRA~2\MICROS~3\Office\BLNMGRPS.DLL
MOD - [1999.02.02 00:39:14 | 000,073,785 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office\BLNMGR.DLL
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.02.29 14:15:08 | 000,048,704 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\SysNative\ibmpmsvc.exe -- (IBMPMSVC)
SRV:64bit: - [2011.11.28 11:54:44 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.03.29 18:15:36 | 000,047,728 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Windows\SysNative\TPHDEXLG64.exe -- (TPHDEXLGSVC)
SRV:64bit: - [2010.02.05 06:45:20 | 000,117,760 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\DTS.exe -- (dtsvc)
SRV:64bit: - [2010.02.05 06:45:16 | 000,130,048 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\ADMonitor.exe -- (ADMonitor)
SRV:64bit: - [2010.02.05 06:39:40 | 002,713,920 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Windows\SysNative\ATService.exe -- (ATService)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.02.13 08:42:06 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.02.13 08:41:51 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2013.02.13 08:41:49 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.01.09 17:36:06 | 000,795,208 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2013.01.09 17:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.05.11 16:02:38 | 000,034,104 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2012.03.15 05:07:00 | 001,662,528 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE -- (Power Manager DBC Service)
SRV - [2012.03.15 05:07:00 | 000,320,576 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE -- (DozeSvc)
SRV - [2012.03.15 05:07:00 | 000,165,440 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE -- (PwmEWSvc)
SRV - [2011.11.01 12:37:56 | 001,518,352 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2011.11.01 12:22:28 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2011.10.20 17:33:22 | 000,135,440 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV - [2011.10.20 11:09:18 | 000,269,376 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe -- (AcSvc)
SRV - [2011.10.20 11:09:16 | 000,134,208 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2011.10.19 13:25:00 | 000,661,504 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV - [2011.07.12 16:53:58 | 000,133,992 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\VIRTSCRL\lvvsst.exe -- (Lenovo.VIRTSCRLSVC)
SRV - [2011.07.12 16:53:40 | 000,145,256 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD)
SRV - [2011.07.12 16:53:18 | 000,142,696 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV - [2011.07.12 15:53:24 | 000,101,736 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Programme\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV - [2010.07.27 13:51:56 | 000,074,088 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe -- (LENOVO.TPKNRSVC)
SRV - [2010.07.27 13:51:42 | 000,050,536 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\Communications Utility\CamMute.exe -- (LENOVO.CAMMUTE)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.04 12:14:20 | 002,058,776 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe -- (UNS)
SRV - [2010.02.04 12:14:06 | 000,174,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\AMT\LMS.exe -- (LMS)
SRV - [2009.10.09 13:36:30 | 000,438,272 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe -- (WMCoreService)
SRV - [2009.08.07 05:29:36 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.04.29 11:21:18 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.12.03 15:36:36 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.12.03 15:36:35 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.11.16 20:17:15 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.03.15 05:07:00 | 000,029,512 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\DZHDD64.SYS -- (DzHDD64)
DRV:64bit: - [2012.03.15 05:07:00 | 000,019,784 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TPPWR64V.SYS -- (TPPWRIF)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.29 14:14:48 | 000,042,312 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV:64bit: - [2011.12.27 02:10:44 | 000,040,248 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\psadd.sys -- (psadd)
DRV:64bit: - [2011.12.23 12:30:56 | 000,412,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.11.28 12:20:18 | 008,013,312 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011.11.28 12:20:18 | 008,013,312 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.11.28 11:19:10 | 000,287,232 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.10.31 14:57:50 | 008,615,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011.10.20 16:24:18 | 000,302,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y62x64.sys -- (e1yexpress)
DRV:64bit: - [2011.10.19 13:19:08 | 000,195,072 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2011.10.19 13:19:08 | 000,195,072 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011.10.13 23:05:48 | 010,629,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011.10.13 10:05:48 | 010,629,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.03.29 18:13:40 | 000,139,888 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsX64.sys -- (Shockprf)
DRV:64bit: - [2011.03.29 18:11:48 | 000,023,664 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsHM64.sys -- (TPDIGIMN)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.09.07 14:09:34 | 000,015,472 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\smiifx64.sys -- (lenovo.smi)
DRV:64bit: - [2010.02.05 10:14:14 | 000,736,840 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV:64bit: - [2009.10.13 14:12:14 | 000,259,624 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WwanUsbMp64.sys -- (WwanUsbServ)
DRV:64bit: - [2009.10.05 17:58:18 | 000,649,216 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2009.09.22 09:10:56 | 000,017,408 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wwussf64.sys -- (ecnssndisfltr)
DRV:64bit: - [2009.09.22 09:10:56 | 000,012,800 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wwuss64.sys -- (ecnssndis)
DRV:64bit: - [2009.09.03 20:14:30 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2009.09.03 19:59:28 | 000,054,784 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009.09.03 19:37:02 | 000,067,072 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009.08.21 13:59:20 | 000,344,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaNvStor.sys -- (iaNvStor)
DRV:64bit: - [2009.08.07 05:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.07.10 14:53:24 | 000,096,296 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e36wgps64.sys -- (e36wgps)
DRV:64bit: - [2009.06.30 14:38:52 | 000,376,320 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e36gmgmt.sys -- (e36gmgmt)
DRV:64bit: - [2009.06.30 14:38:50 | 000,432,128 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e36gmdm.sys -- (e36gmdm)
DRV:64bit: - [2009.06.30 14:38:50 | 000,328,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e36gbus.sys -- (e36gbus)
DRV:64bit: - [2009.06.30 14:38:50 | 000,019,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e36gmdfl.sys -- (e36gmdfl)
DRV:64bit: - [2009.06.30 13:05:16 | 001,486,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2009.06.30 13:01:16 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2009.06.30 12:59:54 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2009.06.23 12:50:36 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009.06.11 16:04:54 | 003,531,136 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2009.06.10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.11 10:33:56 | 000,118,016 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LenovoRd.sys -- (LenovoRd)
DRV:64bit: - [2009.04.29 11:21:08 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)
DRV:64bit: - [2006.06.18 22:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2010.09.08 22:15:34 | 000,024,560 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Programme\PC-Doctor\pcdsrvc_x64.pkms -- (PCDSRVC{127174DC-C366ED8B-06020000}_0)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Gadgetbox Search
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{01bd49d7-c76b-4310-8beb-14d7e5f322c6}: "URL" = hxxp://search.gboxapp.com/?q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search Free: Avira Search Free powered by Ask.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 46 88 43 51 9B D6 CC 01  [binary data]
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {01bd49d7-c76b-4310-8beb-14d7e5f322c6}
IE - HKCU\..\SearchScopes\{01bd49d7-c76b-4310-8beb-14d7e5f322c6}: "URL" = hxxp://search.gboxapp.com/?q={searchTerms}
IE - HKCU\..\SearchScopes\{236DBA38-7E3C-45BB-9721-1EE4C4892BF0}: "URL" = hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=de&q={searchTerms}&gu=2839f3e4e6ee456888bdb402f73ae72e&tu=10G90006H1B000c&sku=&tstsId=&ver=&&r=894
IE - HKCU\..\SearchScopes\{66A01331-CE2A-4EFA-9992-E6F421359035}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=8e22726b-c9bb-4fff-86fd-b4ec83fa197f&apn_sauid=7D631E7D-4ADC-4F68-B147-9FB5F3CB571A
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.10.24 08:08:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013.01.16 12:53:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.10.24 08:08:02 | 000,000,000 | ---D | M]
 
[2013.01.24 12:34:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
 
========== Chrome  ==========
 
CHR - homepage: Gadgetbox Search
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl\7.15.19.38091_0\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajkcghkdbhohfpkdcicccjognhblgpik\1\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmimgmjdabgiilljdjfbonifbhiglao\1.1.9.18_0\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe (Lenovo)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IaNvSrv] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4:64bit: - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Microsoft Works Portfolio] C:\Program Files (x86)\Microsoft Works\WksSb.exe (Microsoft® Corporation)
O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Program Files (x86)\Microsoft Works\WkDetect.exe (Microsoft® Corporation)
O4 - HKLM..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor File not found
O4 - HKLM..\Run: [WorksFUD] C:\Program Files (x86)\Microsoft Works\wkfud.exe (Microsoft® Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowCpl = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 1 = @biocpl.dll,-1
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: microsoft.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([*.update] * in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([*.windowsupdate] * in Trusted sites)
O15 - HKCU\..Trusted Domains: windowsupdate.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0011F76C-9359-4377-9A4D-A26236A2646F}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{205D2348-29A6-46F6-8159-A76D1164952A}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51717282-32BD-462C-83A3-EC0658971197}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~2\saveby~1\sprote~1.dll) - c:\progra~2\saveby~1\sprote~1.dll ()
O20 - AppInit_DLLs: (c:\progra~2\gadget~1\sprote~1.dll) - c:\progra~2\gadget~1\sprote~1.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\ATFUS: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.16 12:03:55 | 000,000,000 | ---D | C] -- C:\global
[2013.02.14 08:44:47 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.02.14 08:44:47 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.02.14 08:44:45 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.02.14 08:44:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.02.14 08:44:45 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.02.14 08:44:44 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.02.14 08:44:44 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.02.14 08:44:44 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.02.14 08:44:43 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.02.14 08:44:43 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.02.14 08:44:43 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.02.14 08:44:43 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.02.14 08:44:42 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.02.14 08:44:42 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.02.14 08:44:42 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.02.14 07:49:46 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.02.14 07:49:45 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.02.14 07:49:45 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.02.14 07:49:39 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.02.14 07:49:39 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.02.14 07:49:38 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.02.14 07:49:38 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.02.14 07:49:38 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.02.14 07:49:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.02.14 07:49:36 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013.02.12 09:42:13 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Avira
[2013.02.12 09:36:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.02.12 09:36:40 | 000,000,000 | ---D | C] -- C:\Firefox
[2013.02.12 09:36:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2013.02.12 09:36:33 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\APN
[2013.02.12 09:36:24 | 000,129,216 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.02.12 09:36:24 | 000,099,912 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.02.12 09:36:24 | 000,027,800 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.02.12 09:36:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013.02.12 09:36:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2013.02.11 13:38:27 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\PackageAware
[2013.02.11 13:38:18 | 000,000,000 | ---D | C] -- C:\Users\user\EasternGraphics
[2013.02.11 13:37:51 | 000,000,000 | -H-D | C] -- C:\ProgramData\{59E3981A-853B-4024-80E5-72FC64DF4CB7}
[2013.02.11 13:37:49 | 000,000,000 | -H-D | C] -- C:\ProgramData\{7BE3E677-6B29-44AE-9DAC-F8C0C4964BA7}
[2013.02.11 13:37:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasternGraphics
[2013.02.11 13:37:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EasternGraphics
[2013.02.11 13:36:01 | 000,000,000 | ---D | C] -- C:\ProgramData\EasternGraphics
[2013.02.11 13:31:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GadgetBox
[2013.01.30 19:23:37 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Macromedia
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.27 11:53:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.27 11:37:22 | 000,033,488 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.27 11:37:22 | 000,033,488 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.27 11:34:18 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.27 11:34:18 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.27 11:34:18 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.27 11:34:18 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.27 11:34:18 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.27 11:31:13 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.27 11:29:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.27 11:29:35 | 2334,150,656 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.27 10:01:36 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2013.02.21 20:12:41 | 000,000,528 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2013.02.21 12:48:51 | 000,577,519 | ---- | M] () -- C:\Users\user\Desktop\Scannen0001.pdf
[2013.02.20 22:04:13 | 000,220,204 | ---- | M] () -- C:\Users\user\Desktop\plz01-09.pdf
[2013.02.20 22:03:26 | 000,246,406 | ---- | M] () -- C:\Users\user\Desktop\plz 95-99.pdf
[2013.02.14 13:10:14 | 000,032,261 | ---- | M] () -- C:\Users\user\Desktop\AuthInfo.pdf
[2013.02.14 12:34:56 | 000,077,803 | ---- | M] () -- C:\Users\user\Desktop\banner4.jpg
[2013.02.14 11:35:40 | 000,394,448 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.13 14:03:23 | 000,029,673 | ---- | M] () -- C:\Users\user\Desktop\rechnung brautkleid.pdf
[2013.02.13 13:54:48 | 000,119,480 | ---- | M] () -- C:\Users\user\Desktop\Stellenangebot klaf.pdf
[2013.02.12 09:36:54 | 000,002,066 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.02.11 13:37:25 | 000,001,279 | ---- | M] () -- C:\Users\Public\Desktop\pCon.planner 6.lnk
[2013.01.30 20:34:18 | 000,019,160 | ---- | M] () -- C:\Users\user\Desktop\u3.jpg
[2013.01.30 13:21:03 | 000,001,129 | -H-- | M] () -- C:\Windows\SysWow64\BTImages.dat
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.02.21 12:48:51 | 000,577,519 | ---- | C] () -- C:\Users\user\Desktop\Scannen0001.pdf
[2013.02.20 22:04:13 | 000,220,204 | ---- | C] () -- C:\Users\user\Desktop\plz01-09.pdf
[2013.02.20 22:03:26 | 000,246,406 | ---- | C] () -- C:\Users\user\Desktop\plz 95-99.pdf
[2013.02.14 13:10:14 | 000,032,261 | ---- | C] () -- C:\Users\user\Desktop\AuthInfo.pdf
[2013.02.14 12:34:50 | 000,077,803 | ---- | C] () -- C:\Users\user\Desktop\banner4.jpg
[2013.02.13 14:03:21 | 000,029,673 | ---- | C] () -- C:\Users\user\Desktop\rechnung brautkleid.pdf
[2013.02.13 13:54:47 | 000,119,480 | ---- | C] () -- C:\Users\user\Desktop\Stellenangebot klaf.pdf
[2013.02.12 09:36:54 | 000,002,066 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.02.11 13:37:25 | 000,001,279 | ---- | C] () -- C:\Users\Public\Desktop\pCon.planner 6.lnk
[2013.01.30 20:34:15 | 000,019,160 | ---- | C] () -- C:\Users\user\Desktop\u3.jpg
[2013.01.30 13:20:41 | 000,001,129 | -H-- | C] () -- C:\Windows\SysWow64\BTImages.dat
[2012.10.24 08:06:21 | 000,146,755 | ---- | C] () -- C:\Windows\hpoins44.dat.temp
[2012.10.24 08:06:21 | 000,000,512 | ---- | C] () -- C:\Windows\hpomdl44.dat.temp
[2012.10.23 11:06:21 | 000,179,573 | ---- | C] () -- C:\Windows\hpoins44.dat
[2012.10.23 11:06:21 | 000,000,512 | ---- | C] () -- C:\Windows\hpomdl44.dat
[2012.10.16 20:48:13 | 000,001,471 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2012.10.16 20:48:13 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.05.30 10:44:19 | 000,002,888 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012.04.24 15:49:42 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2012.04.24 15:49:42 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2012.04.24 15:49:40 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2012.04.24 15:48:51 | 000,232,448 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2uvc.dll
[2012.04.24 15:48:51 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
         
--- --- ---
__________________

Alt 27.02.2013, 12:09   #4
markusg
/// Malware-holic
 
Virus - ads by browse to save - Standard

Virus - ads by browse to save



Hi,
Hi,


otl fix

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:
ATTFilter
:OTL
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor File not found
O20:64bit: - Winlogon\Notify\ATFUS: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
:files
:Commands
[emptytemp]
         
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 27.02.2013, 18:56   #5
KaSept
 
Virus - ads by browse to save - Standard

Virus - ads by browse to save



Okay, alles genauso ausgeführt. Hier der Text:

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PWMTRV deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ATFUS\ deleted successfully.
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: user
->Temp folder emptied: 874276299 bytes
->Temporary Internet Files folder emptied: 35536148 bytes
->Google Chrome cache emptied: 497662256 bytes
->Flash cache emptied: 1030 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 525792 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 127283307 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 913069924 bytes

Total Files Cleaned = 2.335,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02272013_193415

Files\Folders moved on Reboot...
C:\Users\user\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


Alt 27.02.2013, 18:58   #6
markusg
/// Malware-holic
 
Virus - ads by browse to save - Standard

Virus - ads by browse to save



Hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
--> Virus - ads by browse to save

Alt 27.02.2013, 19:28   #7
KaSept
 
Virus - ads by browse to save - Standard

Virus - ads by browse to save



hallo,
das hier wird jetzt angezeigt:

20:19:57.0943 7124 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
20:20:24.0041 7124 ============================================================
20:20:24.0041 7124 Current date / time: 2013/02/27 20:20:24.0041
20:20:24.0041 7124 SystemInfo:
20:20:24.0041 7124
20:20:24.0042 7124 OS Version: 6.1.7601 ServicePack: 1.0
20:20:24.0042 7124 Product type: Workstation
20:20:24.0042 7124 ComputerName: USER-PC
20:20:24.0045 7124 UserName: user
20:20:24.0046 7124 Windows directory: C:\Windows
20:20:24.0046 7124 System windows directory: C:\Windows
20:20:24.0046 7124 Running under WOW64
20:20:24.0046 7124 Processor architecture: Intel x64
20:20:24.0046 7124 Number of processors: 2
20:20:24.0046 7124 Page size: 0x1000
20:20:24.0046 7124 Boot type: Normal boot
20:20:24.0046 7124 ============================================================
20:20:24.0965 7124 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x50C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
20:20:24.0978 7124 ============================================================
20:20:24.0978 7124 \Device\Harddisk0\DR0:
20:20:24.0982 7124 MBR partitions:
20:20:24.0982 7124 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:20:24.0982 7124 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x129E7000
20:20:24.0982 7124 ============================================================
20:20:25.0000 7124 C: <-> \Device\Harddisk0\DR0\Partition1
20:20:25.0001 7124 ============================================================
20:20:25.0001 7124 Initialize success
20:20:25.0001 7124 ============================================================
20:21:33.0598 4140 ============================================================
20:21:33.0598 4140 Scan started
20:21:33.0598 4140 Mode: Manual; SigCheck; TDLFS;
20:21:33.0598 4140 ============================================================
20:21:34.0496 4140 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
20:21:34.0675 4140 1394ohci - ok
20:21:34.0728 4140 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:21:34.0784 4140 ACPI - ok
20:21:34.0829 4140 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:21:34.0891 4140 AcpiPmi - ok
20:21:35.0009 4140 AcPrfMgrSvc (1933db4808793f3bd7ab34a39a809425) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
20:21:35.0091 4140 AcPrfMgrSvc - ok
20:21:35.0145 4140 AcSvc (e7af543334b21d84124709061a9ae4d7) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
20:21:35.0230 4140 AcSvc - ok
20:21:35.0278 4140 ADMonitor (ae30df1dcd92afaa9d80405fcffa05e4) C:\Windows\system32\ADMonitor.exe
20:21:35.0343 4140 ADMonitor ( UnsignedFile.Multi.Generic ) - warning
20:21:35.0343 4140 ADMonitor - detected UnsignedFile.Multi.Generic (1)
20:21:35.0402 4140 AdobeARMservice (d19c4ee2ac7c47b8f5f84fff1a789d8a) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:21:35.0471 4140 AdobeARMservice - ok
20:21:35.0551 4140 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
20:21:35.0624 4140 adp94xx - ok
20:21:35.0669 4140 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
20:21:35.0715 4140 adpahci - ok
20:21:35.0736 4140 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
20:21:35.0774 4140 adpu320 - ok
20:21:35.0803 4140 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
20:21:35.0879 4140 AeLookupSvc - ok
20:21:35.0952 4140 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
20:21:36.0026 4140 AFD - ok
20:21:36.0059 4140 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:21:36.0088 4140 agp440 - ok
20:21:36.0103 4140 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
20:21:36.0188 4140 ALG - ok
20:21:36.0215 4140 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:21:36.0240 4140 aliide - ok
20:21:36.0304 4140 AMD External Events Utility (0f9c6a1cb7213f32c7ea142f5b58d45e) C:\Windows\system32\atiesrxx.exe
20:21:36.0431 4140 AMD External Events Utility - ok
20:21:36.0448 4140 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:21:36.0500 4140 amdide - ok
20:21:36.0539 4140 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
20:21:36.0620 4140 AmdK8 - ok
20:21:37.0287 4140 amdkmdag (be2fd7291550d3c6ef3a0e73dec7071a) C:\Windows\system32\DRIVERS\atikmdag.sys
20:21:37.0663 4140 amdkmdag - ok
20:21:37.0808 4140 amdkmdap (69b3d653847933ac9ae59f071694dc58) C:\Windows\system32\DRIVERS\atikmpag.sys
20:21:37.0904 4140 amdkmdap - ok
20:21:37.0924 4140 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
20:21:37.0964 4140 AmdPPM - ok
20:21:38.0026 4140 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:21:38.0088 4140 amdsata - ok
20:21:38.0122 4140 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
20:21:38.0192 4140 amdsbs - ok
20:21:38.0211 4140 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:21:38.0251 4140 amdxata - ok
20:21:38.0299 4140 AMPPAL (12e7a43a3c6840a063a82b04f7ef47c0) C:\Windows\system32\DRIVERS\AMPPAL.sys
20:21:38.0393 4140 AMPPAL - ok
20:21:38.0411 4140 AMPPALP (12e7a43a3c6840a063a82b04f7ef47c0) C:\Windows\system32\DRIVERS\amppal.sys
20:21:38.0451 4140 AMPPALP - ok
20:21:38.0582 4140 AMPPALR3 (2cc0cbf2707be4d5b6ce6b87d9da2f97) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
20:21:38.0682 4140 AMPPALR3 - ok
20:21:38.0783 4140 AntiVirSchedulerService (459465da28e49b358ecfe0d788f328f4) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:21:38.0838 4140 AntiVirSchedulerService - ok
20:21:38.0899 4140 AntiVirService (bcdd17e8469d647a71b347c4b6f86685) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:21:38.0971 4140 AntiVirService - ok
20:21:39.0055 4140 AntiVirWebService (d05b3eb1f1c8c7199d84c9d68d35fd78) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
20:21:39.0180 4140 AntiVirWebService - ok
20:21:39.0307 4140 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:21:39.0412 4140 AppID - ok
20:21:39.0435 4140 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
20:21:39.0513 4140 AppIDSvc - ok
20:21:39.0545 4140 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
20:21:39.0610 4140 Appinfo - ok
20:21:39.0650 4140 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
20:21:39.0725 4140 AppMgmt - ok
20:21:39.0761 4140 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
20:21:39.0781 4140 arc - ok
20:21:39.0797 4140 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
20:21:39.0817 4140 arcsas - ok
20:21:39.0845 4140 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:21:39.0925 4140 AsyncMac - ok
20:21:39.0962 4140 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:21:40.0001 4140 atapi - ok
20:21:40.0610 4140 atikmdag (be2fd7291550d3c6ef3a0e73dec7071a) C:\Windows\system32\DRIVERS\atikmdag.sys
20:21:40.0722 4140 atikmdag - ok
20:21:41.0029 4140 ATService (b0057f384cfc33a851f4fd9c0a7af0fe) C:\Windows\system32\ATService.exe
20:21:41.0264 4140 ATService - ok
20:21:41.0408 4140 ATSwpWDF (17b8d955be11b001456c47c5cfab1054) C:\Windows\system32\Drivers\ATSwpWDF.sys
20:21:41.0482 4140 ATSwpWDF - ok
20:21:41.0573 4140 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:21:41.0718 4140 AudioEndpointBuilder - ok
20:21:41.0726 4140 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:21:41.0786 4140 AudioSrv - ok
20:21:41.0862 4140 avgntflt (bfe9598ebc3934cf8d876a303849c896) C:\Windows\system32\DRIVERS\avgntflt.sys
20:21:41.0901 4140 avgntflt - ok
20:21:41.0944 4140 avipbb (f74d86a9fb35fa5f24627b8dbbf3a9a4) C:\Windows\system32\DRIVERS\avipbb.sys
20:21:41.0989 4140 avipbb - ok
20:21:42.0021 4140 avkmgr (cd0e732347bf09717e0bddc0c66699ab) C:\Windows\system32\DRIVERS\avkmgr.sys
20:21:42.0037 4140 avkmgr - ok
20:21:42.0097 4140 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
20:21:42.0214 4140 AxInstSV - ok
20:21:42.0273 4140 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
20:21:42.0367 4140 b06bdrv - ok
20:21:42.0411 4140 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:21:42.0474 4140 b57nd60a - ok
20:21:42.0537 4140 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
20:21:42.0626 4140 BDESVC - ok
20:21:42.0640 4140 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:21:42.0725 4140 Beep - ok
20:21:42.0811 4140 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
20:21:42.0913 4140 BFE - ok
20:21:43.0003 4140 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
20:21:43.0110 4140 BITS - ok
20:21:43.0160 4140 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:21:43.0228 4140 blbdrive - ok
20:21:43.0280 4140 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:21:43.0345 4140 bowser - ok
20:21:43.0374 4140 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:21:43.0443 4140 BrFiltLo - ok
20:21:43.0460 4140 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:21:43.0509 4140 BrFiltUp - ok
20:21:43.0543 4140 Browser (05f5a0d14a2ee1d8255c2aa0e9e8e694) C:\Windows\System32\browser.dll
20:21:43.0585 4140 Browser - ok
20:21:43.0842 4140 BrowserProtect (fa127ac8bdf668903543d29c96b31632) C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
20:21:43.0991 4140 BrowserProtect - ok
20:21:44.0210 4140 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:21:44.0314 4140 Brserid - ok
20:21:44.0331 4140 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:21:44.0379 4140 BrSerWdm - ok
20:21:44.0401 4140 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:21:44.0439 4140 BrUsbMdm - ok
20:21:44.0453 4140 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:21:44.0495 4140 BrUsbSer - ok
20:21:44.0547 4140 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
20:21:44.0640 4140 BthEnum - ok
20:21:44.0656 4140 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
20:21:44.0728 4140 BTHMODEM - ok
20:21:44.0767 4140 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
20:21:44.0830 4140 BthPan - ok
20:21:44.0888 4140 BTHPORT (738d0e9272f59eb7a1449c3ec118e6c4) C:\Windows\System32\Drivers\BTHport.sys
20:21:44.0982 4140 BTHPORT - ok
20:21:45.0028 4140 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
20:21:45.0157 4140 bthserv - ok
20:21:45.0229 4140 BTHSSecurityMgr (d6ceec2f878149e4db9fe93fa5d8fe60) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
20:21:45.0257 4140 BTHSSecurityMgr - ok
20:21:45.0300 4140 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
20:21:45.0373 4140 BTHUSB - ok
20:21:45.0428 4140 CAXHWAZL (48360b88c4bf45850653bb7c86888ed4) C:\Windows\system32\DRIVERS\CAXHWAZL.sys
20:21:45.0482 4140 CAXHWAZL - ok
20:21:45.0514 4140 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:21:45.0601 4140 cdfs - ok
20:21:45.0649 4140 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
20:21:45.0686 4140 cdrom - ok
20:21:45.0729 4140 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:21:45.0826 4140 CertPropSvc - ok
20:21:45.0846 4140 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
20:21:45.0922 4140 circlass - ok
20:21:45.0974 4140 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:21:46.0026 4140 CLFS - ok
20:21:46.0085 4140 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:21:46.0170 4140 clr_optimization_v2.0.50727_32 - ok
20:21:46.0215 4140 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:21:46.0266 4140 clr_optimization_v2.0.50727_64 - ok
20:21:46.0354 4140 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:21:46.0415 4140 clr_optimization_v4.0.30319_32 - ok
20:21:46.0452 4140 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:21:46.0477 4140 clr_optimization_v4.0.30319_64 - ok
20:21:46.0508 4140 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
20:21:46.0543 4140 CmBatt - ok
20:21:46.0575 4140 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:21:46.0600 4140 cmdide - ok
20:21:46.0654 4140 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
20:21:46.0770 4140 CNG - ok
20:21:46.0847 4140 CnxtHdAudService (d3c4f72e8f8dc523b02a0c313ceeea99) C:\Windows\system32\drivers\CHDRT64.sys
20:21:46.0968 4140 CnxtHdAudService - ok
20:21:46.0999 4140 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
20:21:47.0051 4140 Compbatt - ok
20:21:47.0089 4140 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
20:21:47.0141 4140 CompositeBus - ok
20:21:47.0154 4140 COMSysApp - ok
20:21:47.0178 4140 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
20:21:47.0205 4140 crcdisk - ok
20:21:47.0252 4140 CryptSvc (9c01375be382e834cc26d1b7eaf2c4fe) C:\Windows\system32\cryptsvc.dll
20:21:47.0302 4140 CryptSvc - ok
20:21:47.0367 4140 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
20:21:47.0456 4140 CSC - ok
20:21:47.0510 4140 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
20:21:47.0611 4140 CscService - ok
20:21:47.0672 4140 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:21:47.0784 4140 DcomLaunch - ok
20:21:47.0824 4140 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
20:21:47.0977 4140 defragsvc - ok
20:21:48.0048 4140 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:21:48.0172 4140 DfsC - ok
20:21:48.0231 4140 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
20:21:48.0361 4140 Dhcp - ok
20:21:48.0392 4140 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:21:48.0459 4140 discache - ok
20:21:48.0492 4140 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
20:21:48.0523 4140 Disk - ok
20:21:48.0553 4140 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
20:21:48.0622 4140 Dnscache - ok
20:21:48.0677 4140 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
20:21:48.0824 4140 dot3svc - ok
20:21:48.0881 4140 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
20:21:48.0951 4140 Dot4 - ok
20:21:48.0968 4140 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:21:49.0029 4140 Dot4Print - ok
20:21:49.0069 4140 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
20:21:49.0110 4140 dot4usb - ok
20:21:49.0203 4140 DozeSvc (9597bcb69286ff017db1a0fb8144408d) C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
20:21:49.0273 4140 DozeSvc - ok
20:21:49.0311 4140 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
20:21:49.0376 4140 DPS - ok
20:21:49.0407 4140 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:21:49.0472 4140 drmkaud - ok
20:21:49.0501 4140 dtsvc (e12ea64f18947ad7b6160dbc45995f84) C:\Windows\system32\DTS.exe
20:21:49.0526 4140 dtsvc ( UnsignedFile.Multi.Generic ) - warning
20:21:49.0526 4140 dtsvc - detected UnsignedFile.Multi.Generic (1)
20:21:49.0630 4140 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:21:49.0722 4140 DXGKrnl - ok
20:21:49.0761 4140 DzHDD64 (3ce83d7ee95d9c9f03323810a2e747df) C:\Windows\system32\DRIVERS\DzHDD64.sys
20:21:49.0785 4140 DzHDD64 - ok
20:21:49.0835 4140 e1yexpress (11d0eca73ab25135f65656b93adbcb3d) C:\Windows\system32\DRIVERS\e1y62x64.sys
20:21:49.0882 4140 e1yexpress - ok
20:21:49.0946 4140 e36gbus (24bc0ec911009700caa38a8867a0f22a) C:\Windows\system32\DRIVERS\e36gbus.sys
20:21:50.0018 4140 e36gbus - ok
20:21:50.0048 4140 e36gmdfl (9b926801eacc6f04708ffaaededb9bb9) C:\Windows\system32\DRIVERS\e36gmdfl.sys
20:21:50.0089 4140 e36gmdfl - ok
20:21:50.0152 4140 e36gmdm (11a92b46e40ffb09ba010d95f5577d8b) C:\Windows\system32\DRIVERS\e36gmdm.sys
20:21:50.0230 4140 e36gmdm - ok
20:21:50.0268 4140 e36gmgmt (eb82c999e14c74d07133521ca37aa5c3) C:\Windows\system32\DRIVERS\e36gmgmt.sys
20:21:50.0341 4140 e36gmgmt - ok
20:21:50.0362 4140 e36wgps (7b2260b796d5de34ede7ae483005fcbb) C:\Windows\system32\DRIVERS\e36wgps64.sys
20:21:50.0388 4140 e36wgps - ok
20:21:50.0430 4140 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
20:21:50.0541 4140 EapHost - ok
20:21:50.0787 4140 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
20:21:50.0972 4140 ebdrv - ok
20:21:51.0089 4140 ecnssndis (7e63b3e6b7ae2e458c8a77bb6736a18a) C:\Windows\system32\Drivers\wwuss64.sys
20:21:51.0159 4140 ecnssndis - ok
20:21:51.0196 4140 ecnssndisfltr (5acc585e735191f83abbfdc7c54a2f0e) C:\Windows\system32\Drivers\wwussf64.sys
20:21:51.0251 4140 ecnssndisfltr - ok
20:21:51.0289 4140 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
20:21:51.0363 4140 EFS - ok
20:21:51.0457 4140 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
20:21:51.0611 4140 ehRecvr - ok
20:21:51.0639 4140 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
20:21:51.0734 4140 ehSched - ok
20:21:51.0813 4140 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
20:21:51.0902 4140 elxstor - ok
20:21:51.0934 4140 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:21:52.0013 4140 ErrDev - ok
20:21:52.0069 4140 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
20:21:52.0151 4140 EventSystem - ok
20:21:52.0322 4140 EvtEng (532b8ff8e07f3772b086620377654f95) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:21:52.0469 4140 EvtEng - ok
20:21:52.0611 4140 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:21:52.0734 4140 exfat - ok
20:21:52.0758 4140 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:21:52.0839 4140 fastfat - ok
20:21:52.0914 4140 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
20:21:53.0017 4140 Fax - ok
20:21:53.0048 4140 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
20:21:53.0106 4140 fdc - ok
20:21:53.0140 4140 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
20:21:53.0194 4140 fdPHost - ok
20:21:53.0204 4140 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
20:21:53.0252 4140 FDResPub - ok
20:21:53.0268 4140 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:21:53.0288 4140 FileInfo - ok
20:21:53.0299 4140 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:21:53.0348 4140 Filetrace - ok
20:21:53.0365 4140 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
20:21:53.0393 4140 flpydisk - ok
20:21:53.0464 4140 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:21:53.0515 4140 FltMgr - ok
20:21:53.0613 4140 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
20:21:53.0728 4140 FontCache - ok
20:21:53.0812 4140 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:21:53.0870 4140 FontCache3.0.0.0 - ok
20:21:53.0904 4140 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:21:53.0949 4140 FsDepends - ok
20:21:53.0969 4140 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
20:21:53.0995 4140 Fs_Rec - ok
20:21:54.0050 4140 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:21:54.0115 4140 fvevol - ok
20:21:54.0152 4140 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:21:54.0193 4140 gagp30kx - ok
20:21:54.0276 4140 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
20:21:54.0415 4140 gpsvc - ok
20:21:54.0508 4140 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:21:54.0527 4140 gupdate - ok
20:21:54.0531 4140 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:21:54.0545 4140 gupdatem - ok
20:21:54.0557 4140 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:21:54.0598 4140 hcw85cir - ok
20:21:54.0665 4140 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
20:21:54.0768 4140 HdAudAddService - ok
20:21:54.0804 4140 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
20:21:54.0867 4140 HDAudBus - ok
20:21:54.0890 4140 HECIx64 (15c9789470b8855ac2f54fdf96802d13) C:\Windows\system32\DRIVERS\HECIx64.sys
20:21:54.0914 4140 HECIx64 - ok
20:21:54.0931 4140 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
20:21:54.0958 4140 HidBatt - ok
20:21:54.0977 4140 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
20:21:55.0023 4140 HidBth - ok
20:21:55.0042 4140 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
20:21:55.0074 4140 HidIr - ok
20:21:55.0101 4140 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
20:21:55.0154 4140 hidserv - ok
20:21:55.0183 4140 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
20:21:55.0235 4140 HidUsb - ok
20:21:55.0266 4140 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
20:21:55.0344 4140 hkmsvc - ok
20:21:55.0388 4140 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
20:21:55.0478 4140 HomeGroupListener - ok
20:21:55.0516 4140 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
20:21:55.0551 4140 HomeGroupProvider - ok
20:21:55.0732 4140 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
20:21:56.0858 4140 hpqcxs08 - ok
20:21:56.0894 4140 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
20:21:56.0913 4140 hpqddsvc - ok
20:21:56.0964 4140 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:21:57.0006 4140 HpSAMD - ok
20:21:57.0117 4140 HsfXAudioService (447256d1c026654c5cd3cc17e7b20631) C:\Windows\SysWOW64\XAudio64.dll
20:21:57.0220 4140 HsfXAudioService - ok
20:21:57.0345 4140 HSF_DPV (f6ac1087a131fbb385400667bea64fbe) C:\Windows\system32\DRIVERS\CAX_DPV.sys
20:21:57.0484 4140 HSF_DPV - ok
20:21:57.0666 4140 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:21:57.0850 4140 HTTP - ok
20:21:57.0878 4140 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:21:57.0904 4140 hwpolicy - ok
20:21:57.0944 4140 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
20:21:57.0979 4140 i8042prt - ok
20:21:58.0105 4140 IAANTMON (0e899d0db39617aa0b2f992e7e95b5eb) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
20:21:58.0196 4140 IAANTMON - ok
20:21:58.0259 4140 iaNvStor (051e73f94f932b5975b6765e3b2f7dc6) C:\Windows\system32\DRIVERS\iaNvStor.sys
20:21:58.0326 4140 iaNvStor - ok
20:21:58.0370 4140 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\Windows\system32\DRIVERS\iaStor.sys
20:21:58.0395 4140 iaStor - ok
20:21:58.0446 4140 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:21:58.0539 4140 iaStorV - ok
20:21:58.0563 4140 IBMPMDRV (72b253cdbcaa10e88aad0ba39cc83bcd) C:\Windows\system32\DRIVERS\ibmpmdrv.sys
20:21:58.0614 4140 IBMPMDRV - ok
20:21:58.0630 4140 IBMPMSVC (4925ffb084c9ad02e8eef01fb18bf5ac) C:\Windows\system32\ibmpmsvc.exe
20:21:58.0656 4140 IBMPMSVC - ok
20:21:58.0789 4140 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:21:58.0929 4140 idsvc - ok
20:21:59.0711 4140 igfx (4eaa4261e1ad4b860657cada790b9b38) C:\Windows\system32\DRIVERS\igdkmd64.sys
20:22:00.0085 4140 igfx - ok
20:22:00.0208 4140 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
20:22:00.0237 4140 iirsp - ok
20:22:00.0308 4140 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
20:22:00.0393 4140 IKEEXT - ok
20:22:00.0416 4140 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:22:00.0433 4140 intelide - ok
20:22:01.0178 4140 intelkmd (4eaa4261e1ad4b860657cada790b9b38) C:\Windows\system32\DRIVERS\igdpmd64.sys
20:22:01.0519 4140 intelkmd - ok
20:22:01.0657 4140 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:22:01.0706 4140 intelppm - ok
20:22:01.0736 4140 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
20:22:01.0804 4140 IPBusEnum - ok
20:22:01.0836 4140 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:22:01.0919 4140 IpFilterDriver - ok
20:22:01.0990 4140 iphlpsvc (08c2957bb30058e663720c5606885653) C:\Windows\System32\iphlpsvc.dll
20:22:02.0061 4140 iphlpsvc - ok
20:22:02.0095 4140 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:22:02.0164 4140 IPMIDRV - ok
20:22:02.0190 4140 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:22:02.0320 4140 IPNAT - ok
20:22:02.0343 4140 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:22:02.0388 4140 IRENUM - ok
20:22:02.0407 4140 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:22:02.0434 4140 isapnp - ok
20:22:02.0461 4140 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:22:02.0510 4140 iScsiPrt - ok
20:22:02.0532 4140 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
20:22:02.0560 4140 kbdclass - ok
20:22:02.0604 4140 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
20:22:02.0667 4140 kbdhid - ok
20:22:02.0706 4140 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:22:02.0730 4140 KeyIso - ok
20:22:02.0768 4140 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
20:22:02.0800 4140 KSecDD - ok
20:22:02.0824 4140 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
20:22:02.0865 4140 KSecPkg - ok
20:22:02.0876 4140 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:22:02.0933 4140 ksthunk - ok
20:22:02.0983 4140 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
20:22:03.0116 4140 KtmRm - ok
20:22:03.0160 4140 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
20:22:03.0270 4140 LanmanServer - ok
20:22:03.0309 4140 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
20:22:03.0389 4140 LanmanWorkstation - ok
20:22:03.0457 4140 LENOVO.CAMMUTE (cab9c6c37fd0f9612b269349116504b6) C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
20:22:03.0515 4140 LENOVO.CAMMUTE - ok
20:22:03.0569 4140 LENOVO.MICMUTE (340288b3b2edc8afd5ff127df85142a7) C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
20:22:03.0624 4140 LENOVO.MICMUTE - ok
20:22:03.0651 4140 lenovo.smi (2b9d8555dc004e240082d18e7725ce20) C:\Windows\system32\DRIVERS\smiifx64.sys
20:22:03.0672 4140 lenovo.smi - ok
20:22:03.0707 4140 LENOVO.TPKNRSVC (04b5f7f44ccb2fab615c67ed0e6c8323) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
20:22:03.0746 4140 LENOVO.TPKNRSVC - ok
20:22:03.0775 4140 Lenovo.VIRTSCRLSVC (f7de50781dc4d162c1005eb30d98f931) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
20:22:03.0822 4140 Lenovo.VIRTSCRLSVC - ok
20:22:03.0862 4140 LenovoRd (606da892a53fa863b67f8d3f8ff016a0) C:\Windows\system32\Drivers\LenovoRd.sys
20:22:03.0944 4140 LenovoRd - ok
20:22:03.0986 4140 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:22:04.0118 4140 lltdio - ok
20:22:04.0160 4140 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
20:22:04.0263 4140 lltdsvc - ok
20:22:04.0277 4140 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
20:22:04.0345 4140 lmhosts - ok
20:22:04.0437 4140 LMS (7f697d6eb3e47fbc7757229daee406b4) C:\Program Files (x86)\Intel\AMT\LMS.exe
20:22:04.0457 4140 LMS - ok
20:22:04.0488 4140 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
20:22:04.0541 4140 LSI_FC - ok
20:22:04.0556 4140 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
20:22:04.0594 4140 LSI_SAS - ok
20:22:04.0612 4140 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:22:04.0640 4140 LSI_SAS2 - ok
20:22:04.0663 4140 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:22:04.0718 4140 LSI_SCSI - ok
20:22:04.0746 4140 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:22:04.0827 4140 luafv - ok
20:22:04.0858 4140 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
20:22:04.0903 4140 Mcx2Svc - ok
20:22:04.0935 4140 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:22:04.0958 4140 mdmxsdk - ok
20:22:04.0984 4140 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
20:22:05.0011 4140 megasas - ok
20:22:05.0040 4140 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
20:22:05.0085 4140 MegaSR - ok
20:22:05.0123 4140 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:22:05.0191 4140 MMCSS - ok
20:22:05.0205 4140 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:22:05.0247 4140 Modem - ok
20:22:05.0282 4140 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:22:05.0305 4140 monitor - ok
20:22:05.0339 4140 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
20:22:05.0381 4140 mouclass - ok
20:22:05.0406 4140 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:22:05.0461 4140 mouhid - ok
20:22:05.0491 4140 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:22:05.0558 4140 mountmgr - ok
20:22:05.0600 4140 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:22:05.0667 4140 mpio - ok
20:22:05.0708 4140 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:22:05.0796 4140 mpsdrv - ok
20:22:05.0891 4140 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
20:22:06.0064 4140 MpsSvc - ok
20:22:06.0111 4140 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:22:06.0205 4140 MRxDAV - ok
20:22:06.0257 4140 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:22:06.0329 4140 mrxsmb - ok
20:22:06.0360 4140 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:22:06.0416 4140 mrxsmb10 - ok
20:22:06.0438 4140 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:22:06.0487 4140 mrxsmb20 - ok
20:22:06.0524 4140 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:22:06.0551 4140 msahci - ok
20:22:06.0584 4140 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:22:06.0639 4140 msdsm - ok
20:22:06.0676 4140 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
20:22:06.0753 4140 MSDTC - ok
20:22:06.0787 4140 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:22:06.0870 4140 Msfs - ok
20:22:06.0888 4140 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:22:06.0979 4140 mshidkmdf - ok
20:22:06.0995 4140 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:22:07.0021 4140 msisadrv - ok
20:22:07.0054 4140 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
20:22:07.0135 4140 MSiSCSI - ok
20:22:07.0140 4140 msiserver - ok
20:22:07.0165 4140 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:22:07.0203 4140 MSKSSRV - ok
20:22:07.0211 4140 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:22:07.0259 4140 MSPCLOCK - ok
20:22:07.0263 4140 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:22:07.0305 4140 MSPQM - ok
20:22:07.0354 4140 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:22:07.0424 4140 MsRPC - ok
20:22:07.0464 4140 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
20:22:07.0486 4140 mssmbios - ok
20:22:07.0508 4140 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:22:07.0565 4140 MSTEE - ok
20:22:07.0581 4140 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
20:22:07.0615 4140 MTConfig - ok
20:22:07.0643 4140 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:22:07.0672 4140 Mup - ok
20:22:07.0742 4140 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
20:22:07.0873 4140 napagent - ok
20:22:07.0918 4140 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:22:08.0014 4140 NativeWifiP - ok
20:22:08.0117 4140 NDIS (760e38053bf56e501d562b70ad796b88) C:\Windows\system32\drivers\ndis.sys
20:22:08.0214 4140 NDIS - ok
20:22:08.0248 4140 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:22:08.0343 4140 NdisCap - ok
20:22:08.0374 4140 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:22:08.0431 4140 NdisTapi - ok
20:22:08.0464 4140 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:22:08.0510 4140 Ndisuio - ok
20:22:08.0549 4140 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:22:08.0663 4140 NdisWan - ok
20:22:08.0693 4140 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:22:08.0761 4140 NDProxy - ok
20:22:08.0824 4140 Net Driver HPZ12 (dc6530a291d4bdf6df399f1f128e7f8f) C:\Windows\system32\HPZinw12.dll
20:22:08.0875 4140 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:22:08.0875 4140 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:22:08.0911 4140 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:22:09.0014 4140 NetBIOS - ok
20:22:09.0083 4140 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:22:09.0181 4140 NetBT - ok
20:22:09.0216 4140 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:22:09.0260 4140 Netlogon - ok
20:22:09.0312 4140 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
20:22:09.0399 4140 Netman - ok
20:22:09.0427 4140 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
20:22:09.0488 4140 netprofm - ok
20:22:09.0558 4140 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:22:09.0631 4140 NetTcpPortSharing - ok
20:22:10.0058 4140 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
20:22:10.0302 4140 netw5v64 - ok
20:22:11.0032 4140 NETwNs64 (774c9eccef83ab8a3d1466f19809c95f) C:\Windows\system32\DRIVERS\NETwNs64.sys
20:22:11.0329 4140 NETwNs64 - ok
20:22:11.0432 4140 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
20:22:11.0489 4140 nfrd960 - ok
20:22:11.0553 4140 NlaSvc (8ad77806d336673f270db31645267293) C:\Windows\System32\nlasvc.dll
20:22:11.0636 4140 NlaSvc - ok
20:22:11.0650 4140 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:22:11.0705 4140 Npfs - ok
20:22:11.0731 4140 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
20:22:11.0770 4140 nsi - ok
20:22:11.0781 4140 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:22:11.0825 4140 nsiproxy - ok
20:22:11.0956 4140 Ntfs (e453acf4e7d44e5530b5d5f2b9ca8563) C:\Windows\system32\drivers\Ntfs.sys
20:22:12.0067 4140 Ntfs - ok
20:22:12.0168 4140 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:22:12.0239 4140 Null - ok
20:22:12.0282 4140 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:22:12.0351 4140 nvraid - ok
20:22:12.0400 4140 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:22:12.0456 4140 nvstor - ok
20:22:12.0493 4140 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:22:12.0548 4140 nv_agp - ok
20:22:12.0582 4140 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:22:12.0628 4140 ohci1394 - ok
20:22:12.0674 4140 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:22:12.0752 4140 p2pimsvc - ok
20:22:12.0789 4140 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
20:22:12.0836 4140 p2psvc - ok
20:22:12.0870 4140 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
20:22:12.0910 4140 Parport - ok
20:22:12.0945 4140 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
20:22:12.0975 4140 partmgr - ok
20:22:12.0998 4140 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
20:22:13.0051 4140 PcaSvc - ok
20:22:13.0138 4140 PCDSRVC{127174DC-C366ED8B-06020000}_0 (acd84d961942e2204a4475f9af356f2e) c:\program files\pc-doctor\pcdsrvc_x64.pkms
20:22:13.0195 4140 PCDSRVC{127174DC-C366ED8B-06020000}_0 - ok
20:22:13.0240 4140 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:22:13.0294 4140 pci - ok
20:22:13.0309 4140 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
20:22:13.0335 4140 pciide - ok
20:22:13.0356 4140 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
20:22:13.0403 4140 pcmcia - ok
20:22:13.0421 4140 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:22:13.0440 4140 pcw - ok
20:22:13.0600 4140 PDF Architect Helper Service (a1688a4fb2ec49d040c027ef6dc7a87b) C:\Program Files (x86)\PDF Architect\HelperService.exe
20:22:13.0737 4140 PDF Architect Helper Service - ok
20:22:13.0828 4140 PDF Architect Service (e23ff9b2f8eeab2bdda681c21c48e843) C:\Program Files (x86)\PDF Architect\ConversionService.exe
20:22:13.0967 4140 PDF Architect Service - ok
20:22:14.0134 4140 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:22:14.0286 4140 PEAUTH - ok
20:22:14.0394 4140 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
20:22:14.0546 4140 PeerDistSvc - ok
20:22:14.0624 4140 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
20:22:14.0693 4140 PerfHost - ok
20:22:14.0880 4140 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
20:22:15.0027 4140 pla - ok
20:22:15.0091 4140 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
20:22:15.0190 4140 PlugPlay - ok
20:22:15.0251 4140 Pml Driver HPZ12 (71f62c51dfdfbc04c83c5c64b2b8058e) C:\Windows\system32\HPZipm12.dll
20:22:15.0284 4140 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:22:15.0284 4140 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:22:15.0313 4140 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
20:22:15.0360 4140 PNRPAutoReg - ok
20:22:15.0395 4140 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:22:15.0422 4140 PNRPsvc - ok
20:22:15.0468 4140 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
20:22:15.0561 4140 PolicyAgent - ok
20:22:15.0585 4140 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
20:22:15.0628 4140 Power - ok
20:22:15.0808 4140 Power Manager DBC Service (75fc38862db8b5897cd96753aca133ed) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
20:22:15.0931 4140 Power Manager DBC Service - ok
20:22:16.0074 4140 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:22:16.0153 4140 PptpMiniport - ok
20:22:16.0180 4140 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
20:22:16.0217 4140 Processor - ok
20:22:16.0276 4140 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
20:22:16.0351 4140 ProfSvc - ok
20:22:16.0391 4140 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:22:16.0436 4140 ProtectedStorage - ok
20:22:16.0469 4140 psadd (05a4779e4994b21473edbe85aabe8030) C:\Windows\system32\DRIVERS\psadd.sys
20:22:16.0512 4140 psadd - ok
20:22:16.0567 4140 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:22:16.0706 4140 Psched - ok
20:22:16.0798 4140 PwmEWSvc (dd080f6bf9de8e8dfbe3a7a4d90d3755) C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
20:22:16.0864 4140 PwmEWSvc - ok
20:22:16.0999 4140 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
20:22:17.0125 4140 ql2300 - ok
20:22:17.0242 4140 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
20:22:17.0309 4140 ql40xx - ok
20:22:17.0346 4140 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
20:22:17.0431 4140 QWAVE - ok
20:22:17.0450 4140 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:22:17.0495 4140 QWAVEdrv - ok
20:22:17.0510 4140 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:22:17.0577 4140 RasAcd - ok
20:22:17.0613 4140 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:22:17.0697 4140 RasAgileVpn - ok
20:22:17.0707 4140 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
20:22:17.0779 4140 RasAuto - ok
20:22:17.0823 4140 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:22:17.0891 4140 Rasl2tp - ok
20:22:17.0946 4140 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
20:22:18.0060 4140 RasMan - ok
20:22:18.0079 4140 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:22:18.0130 4140 RasPppoe - ok
20:22:18.0151 4140 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:22:18.0204 4140 RasSstp - ok
20:22:18.0236 4140 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:22:18.0334 4140 rdbss - ok
20:22:18.0345 4140 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
20:22:18.0388 4140 rdpbus - ok
20:22:18.0401 4140 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:22:18.0464 4140 RDPCDD - ok
20:22:18.0506 4140 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
20:22:18.0554 4140 RDPDR - ok
20:22:18.0589 4140 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:22:18.0639 4140 RDPENCDD - ok
20:22:18.0645 4140 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:22:18.0682 4140 RDPREFMP - ok
20:22:18.0728 4140 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
20:22:18.0793 4140 RDPWD - ok
20:22:18.0847 4140 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:22:18.0896 4140 rdyboost - ok
20:22:19.0026 4140 RegSrvc (7196be857e29007470ff9b689c7f29a7) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:22:19.0134 4140 RegSrvc - ok
20:22:19.0174 4140 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
20:22:19.0258 4140 RemoteAccess - ok
20:22:19.0284 4140 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
20:22:19.0358 4140 RemoteRegistry - ok
20:22:19.0417 4140 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
20:22:19.0498 4140 RFCOMM - ok
20:22:19.0530 4140 rimmptsk (f45d6e12eb99a668f52201637c67c8f5) C:\Windows\system32\DRIVERS\rimmpx64.sys
20:22:19.0580 4140 rimmptsk - ok
20:22:19.0597 4140 rimsptsk (eac02ed935a9c1f2ddd8d985c465b854) C:\Windows\system32\DRIVERS\rimspx64.sys
20:22:19.0630 4140 rimsptsk - ok
20:22:19.0657 4140 rismxdp (931a8f843b4120df527c3684daf77fd9) C:\Windows\system32\DRIVERS\rixdpx64.sys
20:22:19.0682 4140 rismxdp - ok
20:22:19.0712 4140 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
20:22:19.0779 4140 RpcEptMapper - ok
20:22:19.0795 4140 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
20:22:19.0813 4140 RpcLocator - ok
20:22:19.0881 4140 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:22:19.0936 4140 RpcSs - ok
20:22:19.0991 4140 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:22:20.0116 4140 rspndr - ok
20:22:20.0142 4140 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
20:22:20.0190 4140 s3cap - ok
20:22:20.0225 4140 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:22:20.0271 4140 SamSs - ok
20:22:20.0292 4140 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:22:20.0322 4140 sbp2port - ok
20:22:20.0362 4140 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
20:22:20.0440 4140 SCardSvr - ok
20:22:20.0473 4140 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:22:20.0538 4140 scfilter - ok
20:22:20.0642 4140 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
20:22:20.0766 4140 Schedule - ok
20:22:20.0805 4140 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:22:20.0840 4140 SCPolicySvc - ok
20:22:20.0892 4140 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
20:22:20.0938 4140 sdbus - ok
20:22:20.0964 4140 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
20:22:21.0037 4140 SDRSVC - ok
20:22:21.0074 4140 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:22:21.0139 4140 secdrv - ok
20:22:21.0170 4140 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
20:22:21.0240 4140 seclogon - ok
20:22:21.0260 4140 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
20:22:21.0297 4140 SENS - ok
20:22:21.0314 4140 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
20:22:21.0378 4140 SensrSvc - ok
20:22:21.0402 4140 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
20:22:21.0440 4140 Serenum - ok
20:22:21.0468 4140 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
20:22:21.0500 4140 Serial - ok
20:22:21.0536 4140 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
20:22:21.0578 4140 sermouse - ok
20:22:21.0623 4140 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
20:22:21.0715 4140 SessionEnv - ok
20:22:21.0751 4140 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:22:21.0810 4140 sffdisk - ok
20:22:21.0820 4140 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:22:21.0858 4140 sffp_mmc - ok
20:22:21.0876 4140 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
20:22:21.0905 4140 sffp_sd - ok
20:22:21.0931 4140 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
20:22:21.0971 4140 sfloppy - ok
20:22:22.0011 4140 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
20:22:22.0113 4140 SharedAccess - ok
20:22:22.0149 4140 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
20:22:22.0202 4140 ShellHWDetection - ok
20:22:22.0231 4140 Shockprf (c3f190562fe82efda7ccef305ebad3e3) C:\Windows\system32\DRIVERS\Apsx64.sys
20:22:22.0259 4140 Shockprf - ok
20:22:22.0291 4140 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:22:22.0345 4140 SiSRaid2 - ok
20:22:22.0369 4140 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
20:22:22.0397 4140 SiSRaid4 - ok
20:22:22.0429 4140 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:22:22.0483 4140 Smb - ok
20:22:22.0518 4140 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
20:22:22.0565 4140 SNMPTRAP - ok
20:22:22.0855 4140 SNP2UVC (3bcd7556f3222221c31b1577b5527ed7) C:\Windows\system32\DRIVERS\snp2uvc.sys
20:22:23.0017 4140 SNP2UVC - ok
20:22:23.0132 4140 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:22:23.0171 4140 spldr - ok
20:22:23.0236 4140 Spooler (85daa09a98c9286d4ea2ba8d0e644377) C:\Windows\System32\spoolsv.exe
20:22:23.0365 4140 Spooler - ok
20:22:23.0657 4140 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
20:22:23.0898 4140 sppsvc - ok
20:22:24.0013 4140 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
20:22:24.0119 4140 sppuinotify - ok
20:22:24.0196 4140 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:22:24.0264 4140 srv - ok
20:22:24.0331 4140 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:22:24.0394 4140 srv2 - ok
20:22:24.0435 4140 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
20:22:24.0518 4140 SrvHsfHDA - ok
20:22:24.0633 4140 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
20:22:24.0738 4140 SrvHsfV92 - ok
20:22:24.0884 4140 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
20:22:24.0981 4140 SrvHsfWinac - ok
20:22:25.0020 4140 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:22:25.0072 4140 srvnet - ok
20:22:25.0126 4140 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
20:22:25.0212 4140 SSDPSRV - ok
20:22:25.0237 4140 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
20:22:25.0308 4140 SstpSvc - ok
20:22:25.0331 4140 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
20:22:25.0358 4140 stexstor - ok
20:22:25.0437 4140 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
20:22:25.0539 4140 stisvc - ok
20:22:25.0572 4140 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
20:22:25.0601 4140 storflt - ok
20:22:25.0635 4140 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
20:22:25.0677 4140 StorSvc - ok
20:22:25.0696 4140 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
20:22:25.0723 4140 storvsc - ok
20:22:25.0808 4140 SUService (59b5a060a31bd4bab030c4fcd1048292) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
20:22:25.0835 4140 SUService - ok
20:22:25.0853 4140 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
20:22:25.0878 4140 swenum - ok
20:22:25.0942 4140 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
20:22:26.0058 4140 swprv - ok
20:22:26.0122 4140 SynTP (c0b7405c899c485aa0b6f9866a4061cd) C:\Windows\system32\DRIVERS\SynTP.sys
20:22:26.0199 4140 SynTP - ok
20:22:26.0352 4140 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
20:22:26.0491 4140 SysMain - ok
20:22:26.0601 4140 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
20:22:26.0676 4140 TabletInputService - ok
20:22:26.0741 4140 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
20:22:26.0816 4140 TapiSrv - ok
20:22:26.0853 4140 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
20:22:26.0921 4140 TBS - ok
20:22:27.0082 4140 Tcpip (b62a953f2bf3922c8764a29c34a22899) C:\Windows\system32\drivers\tcpip.sys
20:22:27.0238 4140 Tcpip - ok
20:22:27.0486 4140 TCPIP6 (b62a953f2bf3922c8764a29c34a22899) C:\Windows\system32\DRIVERS\tcpip.sys
20:22:27.0549 4140 TCPIP6 - ok
20:22:27.0643 4140 tcpipreg (1b16d0bd9841794a6e0cde0cef744abc) C:\Windows\system32\drivers\tcpipreg.sys
20:22:27.0693 4140 tcpipreg - ok
20:22:27.0721 4140 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:22:27.0760 4140 TDPIPE - ok
20:22:27.0786 4140 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
20:22:27.0831 4140 TDTCP - ok
20:22:27.0886 4140 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:22:27.0985 4140 tdx - ok
20:22:28.0020 4140 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
20:22:28.0077 4140 TermDD - ok
20:22:28.0142 4140 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
20:22:28.0314 4140 TermService - ok
20:22:28.0351 4140 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
20:22:28.0387 4140 Themes - ok
20:22:28.0409 4140 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:22:28.0464 4140 THREADORDER - ok
20:22:28.0491 4140 TPDIGIMN (1bb77eccbfa3675b1ee8d6d6d37a1e1e) C:\Windows\system32\DRIVERS\ApsHM64.sys
20:22:28.0524 4140 TPDIGIMN - ok
20:22:28.0549 4140 TPHDEXLGSVC (88f81d810ff16ac65b02643daf308d4f) C:\Windows\system32\TPHDEXLG64.exe
20:22:28.0567 4140 TPHDEXLGSVC - ok
20:22:28.0674 4140 TPHKLOAD (83415782d47f8064fcafea308abb2246) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
20:22:28.0732 4140 TPHKLOAD - ok
20:22:28.0755 4140 TPHKSVC (c04bb65441913ab621c58a8bd3169b23) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
20:22:28.0825 4140 TPHKSVC - ok
20:22:28.0864 4140 TPM (dbcc20c02e8a3e43b03c304a4e40a84f) C:\Windows\system32\drivers\tpm.sys
20:22:28.0918 4140 TPM - ok
20:22:28.0951 4140 TPPWRIF (1df6e6c026ad1d428687fe3b427a87bc) C:\Windows\system32\drivers\Tppwr64v.sys
20:22:29.0001 4140 TPPWRIF - ok
20:22:29.0043 4140 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
20:22:29.0141 4140 TrkWks - ok
20:22:29.0209 4140 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
20:22:29.0263 4140 TrustedInstaller - ok
20:22:29.0321 4140 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:22:29.0400 4140 tssecsrv - ok
20:22:29.0435 4140 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:22:29.0494 4140 TsUsbFlt - ok
20:22:29.0543 4140 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:22:29.0590 4140 tunnel - ok
20:22:29.0605 4140 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
20:22:29.0625 4140 uagp35 - ok
20:22:29.0658 4140 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:22:29.0808 4140 udfs - ok
20:22:29.0852 4140 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
20:22:29.0884 4140 UI0Detect - ok
20:22:29.0930 4140 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:22:29.0958 4140 uliagpkx - ok
20:22:29.0991 4140 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
20:22:30.0020 4140 umbus - ok
20:22:30.0039 4140 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
20:22:30.0093 4140 UmPass - ok
20:22:30.0133 4140 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
20:22:30.0168 4140 UmRdpService - ok
20:22:30.0424 4140 UNS (86deac5ced845d55c63b125e0908685e) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
20:22:30.0555 4140 UNS - ok
20:22:30.0675 4140 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
20:22:30.0780 4140 upnphost - ok
20:22:30.0819 4140 usbccgp (ebf228a52517042de4f38a40285bc8d9) C:\Windows\system32\DRIVERS\usbccgp.sys
20:22:30.0865 4140 usbccgp - ok
20:22:30.0914 4140 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:22:30.0995 4140 usbcir - ok
20:22:31.0020 4140 usbehci (6b3d5e6a9da786ec755b00bc180c700b) C:\Windows\system32\DRIVERS\usbehci.sys
20:22:31.0056 4140 usbehci - ok
20:22:31.0086 4140 usbhub (94abe9da48e466bbe84c73e0c6652ed1) C:\Windows\system32\DRIVERS\usbhub.sys
20:22:31.0133 4140 usbhub - ok
20:22:31.0152 4140 usbohci (660b2c08ce7103e71eaa26f85b0b0a56) C:\Windows\system32\drivers\usbohci.sys
20:22:31.0200 4140 usbohci - ok
20:22:31.0231 4140 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
20:22:31.0281 4140 usbprint - ok
20:22:31.0321 4140 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
20:22:31.0381 4140 usbscan - ok
20:22:31.0404 4140 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:22:31.0471 4140 USBSTOR - ok
20:22:31.0513 4140 usbuhci (1529632fc96032d337b298f8a285d640) C:\Windows\system32\DRIVERS\usbuhci.sys
20:22:31.0564 4140 usbuhci - ok
20:22:31.0607 4140 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
20:22:31.0685 4140 usbvideo - ok
20:22:31.0722 4140 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
20:22:31.0806 4140 UxSms - ok
20:22:31.0842 4140 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:22:31.0865 4140 VaultSvc - ok
20:22:31.0896 4140 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:22:31.0924 4140 vdrvroot - ok
20:22:31.0992 4140 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
20:22:32.0106 4140 vds - ok
20:22:32.0138 4140 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:22:32.0173 4140 vga - ok
20:22:32.0189 4140 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:22:32.0240 4140 VgaSave - ok
20:22:32.0278 4140 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:22:32.0308 4140 vhdmp - ok
20:22:32.0325 4140 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:22:32.0342 4140 viaide - ok
20:22:32.0370 4140 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
20:22:32.0400 4140 vmbus - ok
20:22:32.0417 4140 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
20:22:32.0435 4140 VMBusHID - ok
20:22:32.0449 4140 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:22:32.0469 4140 volmgr - ok
20:22:32.0526 4140 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:22:32.0591 4140 volmgrx - ok
20:22:32.0614 4140 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
20:22:32.0652 4140 volsnap - ok
20:22:32.0688 4140 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
20:22:32.0752 4140 vsmraid - ok
20:22:32.0911 4140 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
20:22:33.0127 4140 VSS - ok
20:22:33.0231 4140 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
20:22:33.0299 4140 vwifibus - ok
20:22:33.0319 4140 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
20:22:33.0367 4140 vwififlt - ok
20:22:33.0416 4140 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
20:22:33.0489 4140 W32Time - ok
20:22:33.0503 4140 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
20:22:33.0535 4140 WacomPen - ok
20:22:33.0583 4140 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:22:33.0669 4140 WANARP - ok
20:22:33.0672 4140 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:22:33.0706 4140 Wanarpv6 - ok
20:22:33.0844 4140 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
20:22:33.0962 4140 wbengine - ok
20:22:34.0084 4140 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
20:22:34.0184 4140 WbioSrvc - ok
20:22:34.0252 4140 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
20:22:34.0316 4140 wcncsvc - ok
20:22:34.0332 4140 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
20:22:34.0374 4140 WcsPlugInService - ok
20:22:34.0407 4140 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
20:22:34.0458 4140 Wd - ok
20:22:34.0555 4140 Wdf01000 (442783e2cb0da19873b7a63833ff4cb4) C:\Windows\system32\drivers\Wdf01000.sys
20:22:34.0669 4140 Wdf01000 - ok
20:22:34.0700 4140 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:22:34.0835 4140 WdiServiceHost - ok
20:22:34.0844 4140 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:22:34.0898 4140 WdiSystemHost - ok
20:22:34.0939 4140 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
20:22:35.0020 4140 WebClient - ok
20:22:35.0057 4140 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
20:22:35.0183 4140 Wecsvc - ok
20:22:35.0193 4140 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
20:22:35.0252 4140 wercplsupport - ok
20:22:35.0301 4140 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
20:22:35.0356 4140 WerSvc - ok
20:22:35.0409 4140 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:22:35.0509 4140 WfpLwf - ok
20:22:35.0528 4140 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:22:35.0546 4140 WIMMount - ok
20:22:35.0620 4140 winachsf (1edbbf412a382550af6eb35f5e46928e) C:\Windows\system32\DRIVERS\CAX_CNXT.sys
20:22:35.0722 4140 winachsf - ok
20:22:35.0753 4140 WinDefend - ok
20:22:35.0770 4140 WinHttpAutoProxySvc - ok
20:22:35.0846 4140 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
20:22:35.0963 4140 Winmgmt - ok
20:22:36.0175 4140 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
20:22:36.0385 4140 WinRM - ok
20:22:36.0509 4140 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
20:22:36.0585 4140 WinUsb - ok
20:22:36.0678 4140 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
20:22:36.0764 4140 Wlansvc - ok
20:22:36.0859 4140 WMCoreService (f65b50fabf856987044196d797b8be63) C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
20:22:36.0948 4140 WMCoreService ( UnsignedFile.Multi.Generic ) - warning
20:22:36.0949 4140 WMCoreService - detected UnsignedFile.Multi.Generic (1)
20:22:37.0020 4140 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
20:22:37.0063 4140 WmiAcpi - ok
20:22:37.0132 4140 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
20:22:37.0204 4140 wmiApSrv - ok
20:22:37.0209 4140 WMPNetworkSvc - ok
20:22:37.0242 4140 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
20:22:37.0290 4140 WPCSvc - ok
20:22:37.0324 4140 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
20:22:37.0368 4140 WPDBusEnum - ok
20:22:37.0389 4140 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:22:37.0449 4140 ws2ifsl - ok
20:22:37.0466 4140 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
20:22:37.0498 4140 wscsvc - ok
20:22:37.0502 4140 WSearch - ok
20:22:37.0686 4140 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
20:22:37.0820 4140 wuauserv - ok
20:22:37.0947 4140 WudfPf (ab886378eeb55c6c75b4f2d14b6c869f) C:\Windows\system32\drivers\WudfPf.sys
20:22:38.0015 4140 WudfPf - ok
20:22:38.0058 4140 WUDFRd (dda4caf29d8c0a297f886bfe561e6659) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:22:38.0146 4140 WUDFRd - ok
20:22:38.0193 4140 wudfsvc (b20f051b03a966392364c83f009f7d17) C:\Windows\System32\WUDFSvc.dll
20:22:38.0245 4140 wudfsvc - ok
20:22:38.0287 4140 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
20:22:38.0329 4140 WwanSvc - ok
20:22:38.0387 4140 WwanUsbServ (52693787521baec565a657a614b51919) C:\Windows\system32\DRIVERS\WwanUsbMp64.sys
20:22:38.0456 4140 WwanUsbServ - ok
20:22:38.0488 4140 XAudio (e8f3fa126a06f8e7088f63757112a186) C:\Windows\system32\DRIVERS\XAudio64.sys
20:22:38.0509 4140 XAudio - ok
20:22:38.0577 4140 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:22:38.0720 4140 \Device\Harddisk0\DR0 - ok
20:22:38.0726 4140 Boot (0x1200) (aa89d33f4c4b9cea204a98c4864b9685) \Device\Harddisk0\DR0\Partition0
20:22:38.0733 4140 \Device\Harddisk0\DR0\Partition0 - ok
20:22:38.0766 4140 Boot (0x1200) (3776398170206d7069ce934d91478d2b) \Device\Harddisk0\DR0\Partition1
20:22:38.0769 4140 \Device\Harddisk0\DR0\Partition1 - ok
20:22:38.0770 4140 ============================================================
20:22:38.0770 4140 Scan finished
20:22:38.0770 4140 ============================================================
20:22:38.0797 5824 Detected object count: 5
20:22:38.0797 5824 Actual detected object count: 5

Alt 27.02.2013, 19:30   #8
markusg
/// Malware-holic
 
Virus - ads by browse to save - Standard

Virus - ads by browse to save



Ist recht.
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 27.02.2013, 20:14   #9
KaSept
 
Virus - ads by browse to save - Standard

Virus - ads by browse to save



hi,

puh das ging jetzt ganz schön lange ... hier der text:
Combofix Logfile:
Code:
ATTFilter
ComboFix 13-02-26.01 - user 27.02.2013  20:48:37.1.2 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.2968.1304 [GMT 1:00]
ausgeführt von:: c:\users\user\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\windows\IsUn0407.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-01-27 bis 2013-02-27  ))))))))))))))))))))))))))))))
.
.
2013-02-27 18:34 . 2013-02-27 18:34	--------	d-----w-	C:\_OTL
2013-02-27 18:31 . 2013-02-27 18:31	--------	d-----w-	c:\users\user\AppData\Local\Smartbar
2013-02-27 18:30 . 2013-02-27 18:30	--------	d-----w-	c:\windows\SysWow64\searchplugins
2013-02-27 18:30 . 2013-02-27 18:30	--------	d-----w-	c:\windows\SysWow64\Extensions
2013-02-27 18:30 . 2013-02-27 18:30	--------	d-----w-	c:\programdata\BrowserProtect
2013-02-27 18:30 . 2013-02-27 18:30	--------	d-----w-	c:\users\user\AppData\Roaming\BabSolution
2013-02-27 18:29 . 2013-02-27 18:29	--------	d-----w-	c:\program files (x86)\Delta
2013-02-27 18:29 . 2013-02-27 18:29	--------	d-----w-	c:\users\user\AppData\Roaming\Delta
2013-02-27 18:29 . 2013-02-27 18:29	--------	d-----w-	c:\users\user\AppData\Roaming\Babylon
2013-02-27 18:29 . 2013-02-27 18:29	--------	d-----w-	c:\programdata\Babylon
2013-02-16 11:03 . 2013-02-20 12:03	--------	d-----w-	C:\global
2013-02-14 07:45 . 2013-01-09 01:10	996352	----a-w-	c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 07:45 . 2013-01-08 22:01	768000	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 06:49 . 2013-01-05 05:53	5553512	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-02-14 06:49 . 2013-01-05 05:00	3967848	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-02-14 06:49 . 2013-01-05 05:00	3913064	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-02-14 06:49 . 2013-01-04 03:26	3153408	----a-w-	c:\windows\system32\win32k.sys
2013-02-14 06:49 . 2013-01-04 05:46	215040	----a-w-	c:\windows\system32\winsrv.dll
2013-02-14 06:49 . 2013-01-04 02:47	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2013-02-14 06:49 . 2013-01-04 04:51	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2013-02-14 06:49 . 2013-01-04 02:47	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2013-02-14 06:49 . 2013-01-04 02:47	2048	----a-w-	c:\windows\SysWow64\user.exe
2013-02-14 06:49 . 2013-01-04 02:47	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2013-02-14 06:49 . 2013-01-03 06:00	1913192	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-02-14 06:49 . 2013-01-03 06:00	288088	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-12 08:42 . 2013-02-12 08:42	--------	d-----w-	c:\users\user\AppData\Roaming\Avira
2013-02-12 08:36 . 2013-02-12 08:36	--------	d-----w-	c:\program files (x86)\Ask.com
2013-02-12 08:36 . 2013-02-12 08:36	--------	d-----w-	C:\Firefox
2013-02-12 08:36 . 2013-02-12 08:36	--------	d-----w-	c:\users\user\AppData\Local\APN
2013-02-12 08:36 . 2012-12-03 14:36	129216	----a-w-	c:\windows\system32\drivers\avipbb.sys
2013-02-12 08:36 . 2012-12-03 14:36	99912	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2013-02-12 08:36 . 2012-11-16 19:17	27800	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2013-02-12 08:36 . 2013-02-12 08:36	--------	d-----w-	c:\programdata\Avira
2013-02-12 08:36 . 2013-02-12 08:36	--------	d-----w-	c:\program files (x86)\Avira
2013-02-11 12:38 . 2013-02-11 12:38	--------	d-----w-	c:\users\user\AppData\Local\PackageAware
2013-02-11 12:38 . 2013-02-11 12:38	--------	d-----w-	c:\users\user\EasternGraphics
2013-02-11 12:37 . 2013-02-11 12:37	--------	d--h--w-	c:\programdata\{59E3981A-853B-4024-80E5-72FC64DF4CB7}
2013-02-11 12:37 . 2013-02-11 12:37	--------	d--h--w-	c:\programdata\{7BE3E677-6B29-44AE-9DAC-F8C0C4964BA7}
2013-02-11 12:37 . 2013-02-11 12:37	--------	d-----w-	c:\program files (x86)\EasternGraphics
2013-02-11 12:36 . 2013-02-11 12:36	--------	d-----w-	c:\programdata\EasternGraphics
2013-02-11 12:31 . 2013-02-11 12:31	--------	d-----w-	c:\program files (x86)\GadgetBox
2013-02-08 08:56 . 2013-01-08 05:32	9161176	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{5BDAC770-0875-4860-9291-8795E9C2F76E}\mpengine.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-14 07:49 . 2010-11-15 11:00	70004024	----a-w-	c:\windows\system32\MRT.exe
2013-01-17 00:28 . 2010-11-15 10:37	273840	------w-	c:\windows\system32\MpSigStub.exe
2013-01-11 10:39 . 2013-01-16 11:52	103936	----a-w-	c:\windows\system32\pdfcmon.dll
2013-01-09 13:52 . 1998-07-28 17:01	1070152	----a-w-	c:\windows\SysWow64\MSCOMCTL.OCX
2013-01-04 04:43 . 2013-02-14 06:49	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-12-16 17:11 . 2012-12-21 09:06	46080	----a-w-	c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 09:06	367616	----a-w-	c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 09:06	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 09:06	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2012-12-07 13:20 . 2013-01-09 12:44	441856	----a-w-	c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-09 12:44	2746368	----a-w-	c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-09 12:44	308736	----a-w-	c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-09 12:44	2576384	----a-w-	c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-09 12:44	30720	----a-w-	c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-09 12:44	43520	----a-w-	c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-09 12:44	23552	----a-w-	c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-09 12:44	45568	----a-w-	c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-09 12:44	44544	----a-w-	c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-09 12:44	20480	----a-w-	c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-09 12:44	20480	----a-w-	c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-09 12:44	20480	----a-w-	c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-09 12:44	46592	----a-w-	c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-09 12:44	40960	----a-w-	c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-09 12:44	21504	----a-w-	c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-09 12:44	15360	----a-w-	c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-09 12:44	55296	----a-w-	c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-09 12:44	51712	----a-w-	c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-09 12:44	43520	----a-w-	c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-09 12:44	30720	----a-w-	c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-09 12:44	45568	----a-w-	c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 12:44	44544	----a-w-	c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 12:44	20480	----a-w-	c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 12:44	23552	----a-w-	c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-09 12:44	20480	----a-w-	c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 12:44	46592	----a-w-	c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-09 12:44	20480	----a-w-	c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-09 12:44	21504	----a-w-	c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-09 12:44	40960	----a-w-	c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-09 12:44	15360	----a-w-	c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-09 12:44	55296	----a-w-	c:\windows\SysWow64\cero.rs
2012-12-07 10:46 . 2013-01-09 12:44	51712	----a-w-	c:\windows\SysWow64\esrb.rs
2012-11-30 05:45 . 2013-01-09 12:43	362496	----a-w-	c:\windows\system32\wow64win.dll
2012-11-30 05:45 . 2013-01-09 12:43	243200	----a-w-	c:\windows\system32\wow64.dll
2012-11-30 05:45 . 2013-01-09 12:43	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2012-11-30 05:43 . 2013-01-09 12:43	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2012-11-30 05:41 . 2013-01-09 12:43	424448	----a-w-	c:\windows\system32\KernelBase.dll
2012-11-30 05:41 . 2013-01-09 12:43	1161216	----a-w-	c:\windows\system32\kernel32.dll
2012-11-30 05:38 . 2013-01-09 12:43	3072	---ha-w-	c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	6144	---ha-w-	c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	4608	---ha-w-	c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	4608	---ha-w-	c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	4096	---ha-w-	c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	4096	---ha-w-	c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	3584	---ha-w-	c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	3584	---ha-w-	c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	3584	---ha-w-	c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	3584	---ha-w-	c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	3072	---ha-w-	c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	3072	---ha-w-	c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	3072	---ha-w-	c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	5120	---ha-w-	c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	3584	---ha-w-	c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	3584	---ha-w-	c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	3584	---ha-w-	c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	3072	---ha-w-	c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	3072	---ha-w-	c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	3072	---ha-w-	c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	3072	---ha-w-	c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	3072	---ha-w-	c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	3072	---ha-w-	c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	3072	---ha-w-	c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	3072	---ha-w-	c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43	3072	---ha-w-	c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 04:53 . 2013-01-09 12:43	274944	----a-w-	c:\windows\SysWow64\KernelBase.dll
2012-11-30 04:45 . 2013-01-09 12:43	4608	---ha-w-	c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43	5120	---ha-w-	c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-12-20 1521952]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
2013-01-23 12:24	247704	----a-w-	c:\program files (x86)\Delta\delta\1.8.10.0\bh\delta.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-12-20 20:56	1521952	----a-w-	c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-12-20 1521952]
"{82E1477C-B154-48D3-9891-33D83C26BCD3}"= "c:\program files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll" [2013-01-23 321944]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{82e1477c-b154-48d3-9891-33d83c26bcd3}]
[HKEY_CLASSES_ROOT\delta.deltadskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\delta.deltadskBnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Browser Infrastructure Helper"="c:\users\user\AppData\Local\Smartbar\Application\QuickShare.exe" [2013-02-10 13824]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"WorksFUD"="c:\program files (x86)\Microsoft Works\wkfud.exe" [2000-07-12 24576]
"Microsoft Works Portfolio"="c:\program files (x86)\Microsoft Works\WksSb.exe" [2000-07-12 311350]
"Microsoft Works Update Detection"="c:\program files (x86)\Microsoft Works\WkDetect.exe" [2000-07-21 28739]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-12-20 1574176]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-02-13 385248]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files (x86)\Digital Line Detect\DLG.exe [2010-11-15 50688]
Erinnerungen in Microsoft Works-Kalender.lnk - c:\program files (x86)\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe [2000-7-12 24633]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office\OSA9.EXE [2000-1-21 65588]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"DisallowCpl"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll c:\progra~3\browse~1\261095~1.52\{c16c1~1\browserprotect.dll
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2011-07-12 101736]
R3 ADMonitor;AD Monitor;c:\windows\system32\ADMonitor.exe [2010-02-05 130048]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protokoll;c:\windows\system32\DRIVERS\amppal.sys [2011-10-19 195072]
R3 DozeSvc;Lenovo Doze Mode Service;c:\program files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2012-03-15 320576]
R3 e36gbus;F3607gw Mobile Broadband Device driver (Win7);c:\windows\system32\DRIVERS\e36gbus.sys [2009-06-30 328704]
R3 e36gmdfl;F3607gw Mobile Broadband Data Modem Filter (Win7);c:\windows\system32\DRIVERS\e36gmdfl.sys [2009-06-30 19456]
R3 e36gmdm;F3607gw Mobile Broadband Data Modem Driver (Win7);c:\windows\system32\DRIVERS\e36gmdm.sys [2009-06-30 432128]
R3 e36gmgmt;F3607gw Mobile Broadband Device Management Drivers (Win7);c:\windows\system32\DRIVERS\e36gmgmt.sys [2009-06-30 376320]
R3 e36wgps;Mobile Broadband GPS Port;c:\windows\system32\DRIVERS\e36wgps64.sys [2009-07-10 96296]
R3 ecnssndis;Service for enabling selective suspend to NDIS device;c:\windows\system32\Drivers\wwuss64.sys [2009-09-22 12800]
R3 ecnssndisfltr;SSNDIS filter service;c:\windows\system32\Drivers\wwussf64.sys [2009-09-22 17408]
R3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2011-10-13 10629184]
R3 LenovoRd;LenovoRd;c:\windows\system32\Drivers\LenovoRd.sys [2009-05-11 118016]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series - Adaptertreiber für Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 PCDSRVC{127174DC-C366ED8B-06020000}_0;PCDSRVC{127174DC-C366ED8B-06020000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc_x64.pkms [2010-09-08 24560]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2012-03-15 1662528]
R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [2012-03-15 165440]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WwanUsbServ;Ericsson WWAN Wireless Module Device Driver;c:\windows\system32\DRIVERS\WwanUsbMp64.sys [2009-10-13 259624]
S0 DzHDD64;DzHDD64;c:\windows\System32\DRIVERS\DzHDD64.sys [2012-03-15 29512]
S0 iaNvStor;Intel(R) Turbo Memory Controller;c:\windows\system32\DRIVERS\iaNvStor.sys [2009-08-21 344600]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys [2011-03-29 23664]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-11-16 27800]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiifx64.sys [2010-09-07 15472]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-11-28 203776]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-10-19 661504]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2013-02-13 86752]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2013-02-13 565472]
S2 ATService;AuthenTec Fingerprint Service;c:\windows\system32\ATService.exe [2010-02-05 2713920]
S2 BrowserProtect;BrowserProtect;c:\programdata\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-02-21 2561488]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-10-20 135440]
S2 dtsvc;Data Transfer Service;c:\windows\system32\DTS.exe [2010-02-05 117760]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [2010-07-27 50536]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [2010-07-27 74088]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [2011-07-12 133992]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe [2013-01-09 1324104]
S2 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe [2013-01-09 795208]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [2011-07-12 145256]
S2 TPHKSVC;Anzeige am Bildschirm;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2011-07-12 142696]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2010-02-04 2058776]
S2 WMCoreService;Mobile Broadband Core Service;c:\program files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe servicemode [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed - Virtueller Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-10-19 195072]
S3 ATSwpWDF;AuthenTec TruePrint USB Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2010-02-05 736840]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [2009-06-30 292864]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y62x64.sys [2011-10-20 302296]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-06-23 56344]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-24 11:53	1629648	----a-w-	c:\program files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-26 15:38]
.
2013-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-26 15:38]
.
2013-02-21 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\uaclauncher.exe [2010-09-08 21:16]
.
2013-02-27 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\pcdrcui.exe [2010-09-08 21:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-08-07 186904]
"IaNvSrv"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe" [2009-10-06 33304]
"TpShocks"="TpShocks.exe" [2011-03-29 380776]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"AcWin7Hlpr"="c:\program files (x86)\Lenovo\Access Connections\AcTBenabler.exe" [2011-10-20 33344]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-13 162584]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-13 386840]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-13 417560]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=c4b6169a00000000000000216a5eb378
mStart Page = hxxp://search.gboxapp.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
Trusted Zone: microsoft.com
Trusted Zone: microsoft.com\*.update
Trusted Zone: microsoft.com\*.windowsupdate
Trusted Zone: windowsupdate.com
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{5CBF2BDC-9B90-25A5-E02B-54803CFA7E6F} - c:\progra~3\INSTAL~1\{B66E4~1\Setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{127174DC-C366ED8B-06020000}_0]
"ImagePath"="\??\c:\program files\pc-doctor\pcdsrvc_x64.pkms"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
c:\program files (x86)\Lenovo\Access Connections\AcSvc.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\LENOVO\HOTKEY\tposdsvc.exe
c:\program files\Lenovo\HOTKEY\TPONSCR.exe
c:\program files\Lenovo\Zoom\TpScrex.exe
c:\program files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
c:\program files (x86)\Intel\AMT\LMS.exe
c:\program files (x86)\Lenovo\System Update\SUService.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-02-27  21:02:02 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-02-27 20:02
.
Vor Suchlauf: 15 Verzeichnis(se), 119.707.459.584 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 119.109.345.280 Bytes frei
.
- - End Of File - - 19F5314D718182D5813E15E3812256A0
         
--- --- ---

Alt 27.02.2013, 20:23   #10
markusg
/// Malware-holic
 
Virus - ads by browse to save - Standard

Virus - ads by browse to save



Hi,

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 27.02.2013, 20:53   #11
KaSept
 
Virus - ads by browse to save - Standard

Virus - ads by browse to save



Adobe Flash Player 10 ActiveX Adobe Systems, Inc. 24.10.2012 1,85MB 10.0.32.18NOTWENDIG
Adobe Reader X (10.1.4) - Deutsch Adobe Systems Incorporated 04.10.2012 121MB 10.1.4NOTWENDIG
Anzeige am Bildschirm 24.04.2012 6.60.03NOTWENDIG
ATI Catalyst Install Manager ATI Technologies, Inc. 30.05.2012 22,4MB 3.0.800.0NOTWENDIG
ATI Uninstaller ATI Technologies, Inc. 30.05.2012 8.792.5.1-111127b-129962C-LenovoNOTWENDIG
Avira Free Antivirus Avira 13.02.2013 129MB 13.0.0.3185NOTWENDIG
Avira SearchFree Toolbar plus Web Protection Ask.com 12.02.2013 9,27MB 1.15.13.0NOTWENDIG
Avira SearchFree Toolbar plus Web Protection Updater Ask.com 12.02.2013 1.2.3.33021NOTWENDIG
BrowserProtect Bit89 Inc 27.02.2013 NOTWENDIG
CANON iMAGE GATEWAY Task for ZoomBrowser EX Canon Inc. 13.10.2012 1.5.0.3NOTWENDIG
Canon Internet Library for ZoomBrowser EX Canon Inc. 13.10.2012 1.6.1.6NOTWENDIG
Canon RAW Image Task for ZoomBrowser EX Canon Inc. 13.10.2012 3.3.0.5NOTWENDIG
Canon Utilities CameraWindow Canon Inc. 13.10.2012 7.1.0.2NOTWENDIG
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX Canon Inc. 13.10.2012 6.4.2.16NOTWENDIG
Canon Utilities Digital Photo Professional 3.4 Canon Inc. 13.10.2012 3.4.0.0NOTWENDIG
Canon Utilities EOS Utility Canon Inc. 13.10.2012 2.4.0.1NOTWENDIG
Canon Utilities MyCamera Canon Inc. 13.10.2012 6.4.0.5NOTWENDIG
Canon Utilities PhotoStitch Canon Inc. 13.10.2012 3.1.21.45NOTWENDIG
Canon Utilities RemoteCapture Task for ZoomBrowser EX Canon Inc. 13.10.2012 1.7.1.9NOTWENDIG
Canon Utilities ZoomBrowser EX Canon Inc. 13.10.2012 6.1.1.21NOTWENDIG
Canon ZoomBrowser EX Memory Card Utility Canon Inc. 13.10.2012 1.1.0.8NOTWENDIG
CCleaner Piriform 19.02.2013 3.28 UNNÖTIG
Conexant 20561 SmartAudio HD Conexant 15.11.2010 4.92.12.0 UNNÖTIG
CorelDRAW(R) Graphics Suite X4 Corel Corporation 08.12.2012 NOTWENDIG
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension Corel Corporation 08.12.2012 2,93MB NOTWENDIG
Delta Chrome Toolbar Visual Tools 27.02.2013 NOTWENDIG
Delta toolbar Delta 27.02.2013 1.8.10.0NOTWENDIG
Dienstprogramm "ThinkPad UltraNav" Lenovo 15.11.2010 2.13.0Notwendig
dm-Fotowelt 11.10.2012 UNNÖTIG
EGR-ShellExtension EasternGraphics 11.02.2013 1.0.0.100UNNÖTIG
Energie-Manager 30.05.2012 6.07UNNÖTIG
GadgetBox GadgetBox 11.02.2013 2,00MB 1.0UNNÖTIG
Google Chrome Google Inc. 26.09.2012 25.0.1364.97NOTWENDIG
HP Customer Participation Program 14.0 HP 24.10.2012 14.0NOTWENDIG
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 HP 24.10.2012 14.0NOTWENDIG
HP Imaging Device Functions 14.0 HP 24.10.2012 14.0NOTWENDIG
HP Smart Web Printing 4.60 HP 24.10.2012 4.60NOTWENDIG
HP Solution Center 14.0 HP 24.10.2012 14.0NOTWENDIG
HP Update Hewlett-Packard 24.10.2012 2,97MB 5.002.002.002NOTWENDIG
Integrated Camera Sonix 24.04.2012 5.8.53003.0NOTWENDIG
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 Intel CorporationNOTWENDIG 01.11.2012 46,7MB 11.1.048
Intel(R) Control Center Intel Corporation 24.04.2012 1.2.1.1007NOTWENDIG
Intel(R) Graphics Media Accelerator Driver Intel Corporation 24.04.2012 NOTWENDIG 8.15.10.2555
Intel(R) Management Engine Interface Intel Corporation 15.11.2010 NOTWENDIG
Intel(R) Network Connections Drivers Intel 24.04.2012 16.1NOTWENDIG
Intel(R) PROSet/Wireless WiFi-Software Intel Corporation 24.04.2012 89,8MB 14.03.0000NOTWENDIG
Intel® Active-Management-Technologie Intel Corporation 18.01.2012 NOTWENDIG
Intel® Matrix Storage Manager und Intel® Turbo Memory Intel Corporation 15.11.2010 NOTWENDIG
Intel® Turbo Memory Intel Corporation 15.11.2010 NOTWENDIG
Lenovo Auto Scroll Utility 24.04.2012 1.11NOTWENDIG
Lenovo Fingerprint Software AuthenTec, Inc. 15.11.2010 33,6MB 3.3.2.27NOTWENDIG
Lenovo Patch Utility Lenovo Group Limited 30.05.2012 1,33MB 1.0.1.1NOTWENDIG
Lenovo Patch Utility 64 bit Lenovo Group Limited 30.05.2012 1,35MB 1.2.0.1NOTWENDIG
Lenovo System Interface Driver 18.01.2012 1.05NOTWENDIG
Lenovo ThinkVantage Toolbox PC-Doctor, Inc. 15.11.2010 6.0.5692.08NOTWENDIG
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 18.01.2012 38,8MB 4.0.30319NOTWENDIG
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 18.01.2012 2,93MB 4.0.30319NOTWENDIG
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 15.11.2010 564KB 8.0.50727.42NOTWENDIG
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 15.11.2010 708KB 8.0.61000NOTWENDIG
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 11.10.2012 598KB 9.0.30729NOTWENDIG
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 30.05.2012 596KB 9.0.30729NOTWENDIG
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 30.05.2012 13,6MB 10.0.30319NOTWENDIG
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 12.02.2013 11,1MB 10.0.40219NOTWENDIG
Microsoft Visual Studio Tools for Applications 2.0 - ENU Microsoft Corporation 01.11.2012 211MB 9.0.30729NOTWENDIG
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU Microsoft Corporation 01.11.2012 96,0MB 9.0.30729NOTWENDIG
Microsoft Visual Studio Tools for Applications 2.0 Runtime Microsoft Corporation 01.11.2012 160KB 9.0.30729NOTWENDIG
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU Microsoft Corporation 01.11.2012 226KB 9.0.30729NOTWENDIG
Microsoft Word 2000 SR-1 Microsoft Corporation 16.10.2012 93,7MB 9.00.3821NOTWENDIG
Microsoft Word in Works Suite-Add-In Microsoft Corporation 16.10.2012 8,15MB 1.0.0.0000NOTWENDIG
Microsoft Works 2001-Setup-Start 16.10.2012 NOTWENDIG
Microsoft Works 6.0 Microsoft Corporation 16.10.2012 106MB 06.00.0000NOTWENDIG
Mobile Broadband drivers Ericsson AB 24.04.2012 9,18MB 6.1.10.5UNNÖTIG
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 25.10.2012 1,27MB 4.20.9870.0UNNÖTIG
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 26.10.2012 1,33MB 4.20.9876.0UNNÖTIG
pCon.planner 6.5 EasternGraphics 11.02.2013 6.5.0.101UNNÖTIG
PDF Architect pdfforge 16.01.2013 91,1MB 1.0.52.8917UNNÖTIG
PDFCreator pdfforge 16.01.2013 1.6.2NOTWENDIG
QuickShare Linkury Inc. 27.02.2013 19,6MB 1.6.1.796UNNÖTIG
RICOH R5U8xx Media Driver ver.3.64.02 RICOH 26.09.2012 3.64.02UNNÖTIG
SaveByClick SaveByClick 16.01.2012 1.0UNNÖTIG
Shop for HP Supplies HP 24.10.2012 14.0NOTWENDIG
SProtector 1.74 11.02.2012 NOTWENDIG
System Update Lenovo 30.05.2012 13,7MB 4.03.0012NOTWENDIG
ThinkPad FullScreen Magnifier 18.01.2012 2.40NOTWENDIG
ThinkPad Modem Adapter Conexant Systems 15.11.2010 7.80.5.0NOTWENDIG
ThinkPad Power Management Driver 30.05.2012 1.65.05.20NOTWENDIG
ThinkPad UltraNav Driver 24.04.2012 46,4MB 15.3.39.1NOTWENDIG
ThinkVantage Access Connections Lenovo 30.05.2012 78,9MB 5.85NOTWENDIG
ThinkVantage Communications Utility Lenovo 15.11.2010 2,43MB 1.42NOTWENDIG
ThinkVantage GPS Lenovo 24.04.2012 35,2MB 2.73NOTWENDIG
ThinkVantage System für aktiven Festplattenschutz Lenovo 30.05.2012 16,2MB 1.75NOTWENDIG
ThinkVantage System Update 30.05.2012 NOTWENDIG
Windows-Treiberpaket - AuthenTec Inc. (ATSwpWDF) Biometric (01/14/2010 8.6.0.13) AuthenTec Inc. 15.11.2010NOTWENDIG 01/14/2010 8.6.0.13

Alt 27.02.2013, 20:57   #12
markusg
/// Malware-holic
 
Virus - ads by browse to save - Standard

Virus - ads by browse to save



bitte überarbeiten und nicht die beschreibung an die Version drann packen so kann mans nicht lesen
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 28.02.2013, 10:59   #13
KaSept
 
Virus - ads by browse to save - Standard

Virus - ads by browse to save



hi,

hat es mit der liste nicht geklappt oder war etwas nicht in ordnung?

Alt 28.02.2013, 12:14   #14
markusg
/// Malware-holic
 
Virus - ads by browse to save - Standard

Virus - ads by browse to save



steht über deinem post
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 28.02.2013, 18:36   #15
KaSept
 
Virus - ads by browse to save - Standard

Virus - ads by browse to save



hiallo,


passt es so?

Adobe Flash Player 10 ActiveX Adobe Systems, Inc. 24.10.2012 1,85MB 10.0.32.18 NOTWENDIG
Adobe Reader X (10.1.4) - Deutsch Adobe Systems Incorporated 04.10.2012 121MB 10.1.4 NOTWENDIG
Anzeige am Bildschirm 24.04.2012 6.60.03 NOTWENDIG
ATI Catalyst Install Manager ATI Technologies, Inc. 30.05.2012 22,4MB 3.0.800.0 NOTWENDIG
ATI Uninstaller ATI Technologies, Inc. 30.05.2012 8.792.5.1-111127b-129962C-Lenovo NOTWENDIG
Avira Free Antivirus Avira 13.02.2013 129MB 13.0.0.3185 NOTWENDIG
Avira SearchFree Toolbar plus Web Protection Ask.com 12.02.2013 9,27MB 1.15.13.0 NOTWENDIG
Avira SearchFree Toolbar plus Web Protection Updater Ask.com 12.02.2013 1.2.3.33021 NOTWENDIG
BrowserProtect Bit89 Inc 27.02.2013 NOTWENDIG
CANON iMAGE GATEWAY Task for ZoomBrowser EX Canon Inc. 13.10.2012 1.5.0.3 NOTWENDIG
Canon Internet Library for ZoomBrowser EX Canon Inc. 13.10.2012 1.6.1.6 NOTWENDIG
Canon RAW Image Task for ZoomBrowser EX Canon Inc. 13.10.2012 3.3.0.5 NOTWENDIG
Canon Utilities CameraWindow Canon Inc. 13.10.2012 7.1.0.2 NOTWENDIG
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX Canon Inc. 13.10.2012 6.4.2.16 NOTWENDIG
Canon Utilities Digital Photo Professional 3.4 Canon Inc. 13.10.2012 3.4.0.0 NOTWENDIG
Canon Utilities EOS Utility Canon Inc. 13.10.2012 2.4.0.1 NOTWENDIG
Canon Utilities MyCamera Canon Inc. 13.10.2012 6.4.0.5 NOTWENDIG
Canon Utilities PhotoStitch Canon Inc. 13.10.2012 3.1.21.45 NOTWENDIG
Canon Utilities RemoteCapture Task for ZoomBrowser EX Canon Inc. 13.10.2012 1.7.1.9 NOTWENDIG
Canon Utilities ZoomBrowser EX Canon Inc. 13.10.2012 6.1.1.21 NOTWENDIG
Canon ZoomBrowser EX Memory Card Utility Canon Inc. 13.10.2012 1.1.0.8 NOTWENDIG
CCleaner Piriform 19.02.2013 3.28 UNNÖTIG
Conexant 20561 SmartAudio HD Conexant 15.11.2010 4.92.12.0 NOTWENDIG
CorelDRAW(R) Graphics Suite X4 Corel Corporation 08.12.2012 NOTWENDIG
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension Corel Corporation 08.12.2012 2,93MB NOTWENDIG
Delta Chrome Toolbar Visual Tools 27.02.2013 NOTWENDIG
Delta toolbar Delta 27.02.2013 1.8.10.0 NOTWENDIG
Dienstprogramm "ThinkPad UltraNav" Lenovo 15.11.2010 2.13.0 NOTWENDIG
dm-Fotowelt 11.10.2012 UNNÖTIG
EGR-ShellExtension EasternGraphics 11.02.2013 1.0.0.100 UNNÖTIG
Energie-Manager 30.05.2012 6.07 NOTWENDIG
GadgetBox GadgetBox 11.02.2013 2,00MB 1.0 UNBEKANNT UNNÖTIG
Google Chrome Google Inc. 26.09.2012 25.0.1364.97 NOTWENDIG
HP Customer Participation Program 14.0 HP 24.10.2012 14.0 NOTWENDIG
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 HP 24.10.2012 14.0 NOTWENDIG
HP Imaging Device Functions 14.0 HP 24.10.2012 14.0 NOTWENDIG
HP Smart Web Printing 4.60 HP 24.10.2012 4.60 NOTWENDIG
HP Solution Center 14.0 HP 24.10.2012 14.0 NOTWENDIG
HP Update Hewlett-Packard 24.10.2012 2,97MB 5.002.002.002 NOTWENDIG
Integrated Camera Sonix 24.04.2012 5.8.53003.0 NOTWENDIG
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 Intel Corporation 01.11.2012 46,7MB 11.1.048 NOTWENDIG
Intel(R) Control Center Intel Corporation 24.04.2012 1.2.1.1007 NOTWENDIG
Intel(R) Graphics Media Accelerator Driver Intel Corporation 24.04.2012 8.15.10.2555 NOTWENDIG
Intel(R) Management Engine Interface Intel Corporation 15.11.2010 NOTWENDIG
Intel(R) Network Connections Drivers Intel 24.04.2012 16.1 NOTWENDIG
Intel(R) PROSet/Wireless WiFi-Software Intel Corporation 24.04.2012 89,8MB 14.03.0000 NOTWENDIG
Intel® Active-Management-Technologie Intel Corporation 18.01.2012 NOTWENDIG
Intel® Matrix Storage Manager und Intel® Turbo Memory Intel Corporation 15.11.2010 NOTWENDIG
Intel® Turbo Memory Intel Corporation 15.11.2010 NOTWENDIG
Lenovo Auto Scroll Utility 24.04.2012 1.11 NOTWENDIG
Lenovo Fingerprint Software AuthenTec, Inc. 15.11.2010 33,6MB 3.3.2.27 NOTWENDIG
Lenovo Patch Utility Lenovo Group Limited 30.05.2012 1,33MB 1.0.1.1 NOTWENDIG
Lenovo Patch Utility 64 bit Lenovo Group Limited 30.05.2012 1,35MB 1.2.0.1 NOTWENDIG
Lenovo System Interface Driver 18.01.2012 1.05 NOTWENDIG
Lenovo ThinkVantage Toolbox PC-Doctor, Inc. 15.11.2010 6.0.5692.08 NOTWENDIG
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 18.01.2012 38,8MB 4.0.30319 NOTWENDIG
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 18.01.2012 2,93MB 4.0.30319 NOTWENDIG
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 15.11.2010 564KB 8.0.50727.42 NOTWENDIG
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 15.11.2010 708KB 8.0.61000 NOTWENDIG
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 11.10.2012 598KB 9.0.30729 NOTWENDIG
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 30.05.2012 596KB 9.0.30729 NOTWENDIG
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 30.05.2012 13,6MB 10.0.30319 NOTWENDIG
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 12.02.2013 11,1MB 10.0.40219 NOTWENDIG
Microsoft Visual Studio Tools for Applications 2.0 - ENU Microsoft Corporation 01.11.2012 211MB 9.0.30729 NOTWENDIG
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU Microsoft Corporation 01.11.2012 96,0MB 9.0.30729 NOTWENDIG
Microsoft Visual Studio Tools for Applications 2.0 Runtime Microsoft Corporation 01.11.2012 160KB 9.0.30729 NOTWENDIG
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU Microsoft Corporation 01.11.2012 226KB 9.0.30729 NOTWENDIG
Microsoft Word 2000 SR-1 Microsoft Corporation 16.10.2012 93,7MB 9.00.3821 NOTWENDIG
Microsoft Word in Works Suite-Add-In Microsoft Corporation 16.10.2012 8,15MB 1.0.0.0000 NOTWENDIG
Microsoft Works 2001-Setup-Start 16.10.2012 NOTWENDIG
Microsoft Works 6.0 Microsoft Corporation 16.10.2012 106MB 06.00.0000 NOTWENDIG
Mobile Broadband drivers Ericsson AB 24.04.2012 9,18MB 6.1.10.5 NOTWENDIG
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 25.10.2012 1,27MB 4.20.9870.0 NOTWENDIG
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 26.10.2012 1,33MB 4.20.9876.0 NOTWENDIG
pCon.planner 6.5 EasternGraphics 11.02.2013 6.5.0.101 UNNÖTIG
PDF Architect pdfforge 16.01.2013 91,1MB 1.0.52.8917 UNNÖTIG
PDFCreator pdfforge 16.01.2013 1.6.2 NOTWENDIG
QuickShare Linkury Inc. 27.02.2013 19,6MB 1.6.1.796 NOTWENDIG
RICOH R5U8xx Media Driver ver.3.64.02 RICOH 26.09.2012 3.64.02 NOTWENDIG
SaveByClick SaveByClick 16.01.2012 1.0 UNBEKANNT
Shop for HP Supplies HP 24.10.2012 14.0 UNNÖTIG
SProtector 1.74 11.02.2012 NOTWENDIG
System Update Lenovo 30.05.2012 13,7MB 4.03.0012 NOTWENDIG
ThinkPad FullScreen Magnifier 18.01.2012 2.40 NOTWENDIG
ThinkPad Modem Adapter Conexant Systems 15.11.2010 7.80.5.0 NOTWENDIG
ThinkPad Power Management Driver 30.05.2012 1.65.05.20 NOTWENDIG
ThinkPad UltraNav Driver 24.04.2012 46,4MB 15.3.39.1 NOTWENDIG
ThinkVantage Access Connections Lenovo 30.05.2012 78,9MB 5.85 NOTWENDIG
ThinkVantage Communications Utility Lenovo 15.11.2010 2,43MB 1.42 NOTWENDIG
ThinkVantage GPS Lenovo 24.04.2012 35,2MB 2.73 NOTWENDIG
ThinkVantage System für aktiven Festplattenschutz Lenovo 30.05.2012 16,2MB 1.75 NOTWENDIG
ThinkVantage System Update 30.05.2012 NOTWENDIG
Windows-Treiberpaket - AuthenTec Inc. (ATSwpWDF) Biometric (01/14/2010 8.6.0.13) AuthenTec Inc. 15.11.2010 01/14/2010 8.6.0.13 NOTWENDIG

Ich kann es auch ordentlicher als dateianhang schicken, die tabs sind hier leider nicht sichtbar.

Antwort

Themen zu Virus - ads by browse to save
ads, ads by browse to save, ahnungslos, beiträge, betrifft, browse, browse to save, compu, computer, dankbar, ergebnis, forum, gadgetbox, gen, helft, löschen, nichts, otl-scan, penetrant, virus, vollständig, zusammenhang



Ähnliche Themen: Virus - ads by browse to save


  1. "Browse to save" Virus
    Log-Analyse und Auswertung - 05.08.2014 (2)
  2. "Browse to save" Virus
    Log-Analyse und Auswertung - 25.01.2014 (7)
  3. ads by browse to save was nun?
    Plagegeister aller Art und deren Bekämpfung - 31.05.2013 (11)
  4. Browse to Save - Virus
    Log-Analyse und Auswertung - 24.04.2013 (7)
  5. Browse to save
    Log-Analyse und Auswertung - 17.04.2013 (15)
  6. Browse to save...
    Plagegeister aller Art und deren Bekämpfung - 01.04.2013 (20)
  7. Ads by Browse to Save Virus
    Plagegeister aller Art und deren Bekämpfung - 27.03.2013 (27)
  8. Ads by browse to save
    Plagegeister aller Art und deren Bekämpfung - 20.02.2013 (11)
  9. Ads by browse to save
    Plagegeister aller Art und deren Bekämpfung - 17.02.2013 (13)
  10. "Adds to Browse to save" Virus
    Plagegeister aller Art und deren Bekämpfung - 13.02.2013 (19)
  11. Unbekannter Virus-> "Ads by Browse to Save"
    Log-Analyse und Auswertung - 06.02.2013 (11)
  12. Add by Browse to save Malware
    Plagegeister aller Art und deren Bekämpfung - 05.02.2013 (40)
  13. Ads by Browse to Save
    Plagegeister aller Art und deren Bekämpfung - 02.02.2013 (21)
  14. browse to save virus
    Plagegeister aller Art und deren Bekämpfung - 31.01.2013 (31)
  15. Ads by Browse to Save - Virus? Wie Entfernen?
    Plagegeister aller Art und deren Bekämpfung - 23.01.2013 (13)
  16. Werbebanner by Browse to Save - Virus
    Plagegeister aller Art und deren Bekämpfung - 18.01.2013 (13)
  17. Ads by Browse to Save - Virus
    Plagegeister aller Art und deren Bekämpfung - 13.01.2013 (15)

Zum Thema Virus - ads by browse to save - Hallo liebes Forum, hilfe, ich werde den Virus "ads by browse to save" nicht los. Ich habe mir hier schon Beiträge angeschaut und den OTL-Scanner durchlaufen lassen. Nun habe ich - Virus - ads by browse to save...
Archiv
Du betrachtest: Virus - ads by browse to save auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.