|
Plagegeister aller Art und deren Bekämpfung: TR/Crypt.ZPACK.Gen2 verursacht ÄrgerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
31.03.2011, 11:17 | #1 |
| TR/Crypt.ZPACK.Gen2 verursacht Ärger Hallo zusammen, der Trojaner TR/Crypt.ZPACK.Gen2 verursacht auf meinem neuen Notebook Ärger. Antivir hat ihn in Quarantäne verschoben, durch Wiederherstellung hab ich das System einigermassen wieder zum laufen gebracht. Trotzdem sind Ordner verschwunden und Programme zerschossen. Nun hat Antivir aber noch weiteres gefunden: JAVA/Agent.JP und WORM/Lohack.C Gerade auch im abgesicherten Modus mit Antivir gescannt, kein Fund. Vermutlich sitzen die Viecher aber noch irgendwo, deshalb würde ich mich über Hilfe freuen, Danke schonmal. Mein System: Lenovo ThinkPad T510i mit Windows 7 Prof 64 Bit. Geändert von DownUnder (31.03.2011 um 11:19 Uhr) Grund: System ergänzt |
31.03.2011, 16:39 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | TR/Crypt.ZPACK.Gen2 verursacht Ärger Hallo und
__________________Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
31.03.2011, 22:57 | #3 |
| TR/Crypt.ZPACK.Gen2 verursacht Ärger hallo,
__________________hier mal der Malwarebytes scan: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6229 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 31.03.2011 23:19:26 mbam-log-2011-03-31 (23-19-26).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|Q:\|) Durchsuchte Objekte: 327307 Laufzeit: 47 Minute(n), 55 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) und hier die beiden von OTL: [COLOR="Blue"]OTL Logfile: Code:
ATTFilter OTL logfile created on: 31.03.2011 23:23:03 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\***\Desktop 64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 0,00 Gb Available Physical Memory | 21,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 41,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 221,95 Gb Total Space | 148,92 Gb Free Space | 67,10% Space Free | Partition Type: NTFS Drive Q: | 9,77 Gb Total Space | 1,83 Gb Free Space | 18,70% Space Free | Partition Type: NTFS Computer Name: THINKPAD | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Scheerer Martin_2\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe (Lenovo) PRC - C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe (Lenovo) PRC - C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe (Lenovo) PRC - C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe (Lenovo) PRC - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE (Lenovo) PRC - C:\Programme\Lenovo\HOTKEY\tpnumlkd.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\Communications Utility\TPKNRRES.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Programme\Lenovo\ZOOM\TpScrex.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\VIRTSCRL\lvvsst.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\VIRTSCRL\virtscrl.exe (Lenovo Group Limited) PRC - c:\Program Files (x86)\Lenovo\System Update\SUService.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited) PRC - C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited) PRC - C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe () PRC - C:\Programme\Lenovo\HOTKEY\tpnumlk.exe (Lenovo Group Limited) PRC - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) PRC - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) ========== Modules (SafeList) ========== MOD - C:\Users\Scheerer Martin_2\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (TPHDEXLGSVC) -- C:\Windows\SysNative\TPHDEXLG64.exe (Lenovo.) SRV:64bit: - (IBMPMSVC) -- C:\Windows\SysNative\ibmpmsvc.exe (Lenovo.) SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (AcSvc) -- C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe (Lenovo) SRV - (AcPrfMgrSvc) -- C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe (Lenovo) SRV - (DozeSvc) -- C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE (Lenovo.) SRV - (Power Manager DBC Service) -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE (Lenovo) SRV - (LENOVO.TPKNRSVC) -- C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe (Lenovo Group Limited) SRV - (LENOVO.CAMMUTE) -- C:\Programme\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited) SRV - (EvtEng) Intel(R) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (RegSrvc) Intel(R) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (Lenovo.VIRTSCRLSVC) -- C:\Programme\Lenovo\VIRTSCRL\lvvsst.exe (Lenovo Group Limited) SRV - (TPHKSVC) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited) SRV - (LENOVO.MICMUTE) -- C:\Programme\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (SUService) -- c:\Program Files (x86)\Lenovo\System Update\SUService.exe (Lenovo Group Limited) SRV - (ThinkVantage Registry Monitor Service) -- C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited) SRV - (btwdins) -- C:\Programme\ThinkPad\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (HsfXAudioService) -- C:\Windows\SysWOW64\XAudio64.dll (Conexant Systems, Inc.) SRV - (UleadBurningHelper) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) SRV - (IviRegMgr) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) ========== Driver Services (SafeList) ========== DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (pmxdrv) -- C:\Windows\SysNative\drivers\pmxdrv.sys () DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.) DRV:64bit: - (DzHDD64) -- C:\Windows\SysNative\drivers\DZHDD64.SYS (Lenovo.) DRV:64bit: - (TPPWRIF) -- C:\Windows\SysNative\drivers\TPPWR64V.SYS () DRV:64bit: - (NETwNs64) ___ Intel(R) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation) DRV:64bit: - (e1kexpress) Intel(R) -- C:\Windows\SysNative\drivers\e1k62x64.sys (Intel Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (Shockprf) -- C:\Windows\SysNative\drivers\ApsX64.sys (Lenovo.) DRV:64bit: - (TPDIGIMN) -- C:\Windows\SysNative\drivers\ApsHM64.sys (Lenovo.) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (5U877) -- C:\Windows\SysNative\drivers\5U877.sys (Ricoh co.,Ltd.) DRV:64bit: - (IBMPMDRV) -- C:\Windows\SysNative\drivers\ibmpmdrv.sys (Lenovo.) DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimspe64.sys (REDC) DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys () DRV:64bit: - (TVTI2C) -- C:\Windows\SysNative\drivers\tvti2c.sys (Lenovo (United States) Inc.) DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (psadd) -- C:\Windows\SysNative\drivers\psadd.sys (Lenovo (United States) Inc.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (HSF_DPV) -- C:\Windows\SysNative\drivers\CAX_DPV.sys (Conexant Systems, Inc.) DRV:64bit: - (CAXHWAZL) -- C:\Windows\SysNative\drivers\CAXHWAZL.sys (Conexant Systems, Inc.) DRV:64bit: - (winachsf) -- C:\Windows\SysNative\drivers\CAX_CNXT.sys (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (XAudio) -- C:\Windows\SysNative\drivers\XAudio64.sys (Conexant Systems, Inc.) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (lenovo.smi) -- C:\Windows\SysNative\drivers\smiifx64.sys (Lenovo Group Limited) DRV:64bit: - (mdmxsdk) -- C:\Windows\SysNative\drivers\mdmxsdk.sys (Conexant) DRV - (PCDSRVC{127174DC-C366ED8B-06020101}_0) -- c:\Programme\PC-Doctor\pcdsrvc_x64.pkms (PC-Doctor, Inc.) DRV - (smihlp) SMI Helper Driver (smihlp) -- C:\Programme\ThinkVantage Fingerprint Software\smihlp.sys (UPEK Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "google.de" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2010.12.03 07:30:19 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010.12.03 07:30:21 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010.12.03 07:30:49 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.03.27 14:48:56 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.03.27 14:48:50 | 000,000,000 | ---D | M] [2011.03.21 13:40:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2011.03.30 23:37:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\b7j4du3v.default\extensions [2011.03.30 23:35:34 | 000,000,000 | ---D | M] (GMX Toolbar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\b7j4du3v.default\extensions\toolbar@gmx.net [2011.03.27 14:48:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.03.21 20:17:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.03.27 14:48:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions [2011.03.27 14:48:51 | 000,000,000 | ---D | M] (GMX Toolbar) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions\toolbar@gmx.net File not found (No name found) -- () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B7J4DU3V.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011.03.18 19:56:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.03.21 20:17:44 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (IePasswordManagerHelper Class) - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe (Lenovo) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [LENOVO.TPKNRRES] C:\Programme\Lenovo\Communications Utility\TPKNRRES.exe (Lenovo Group Limited) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe () O4:64bit: - HKLM..\Run: [TPHOTKEY] C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited) O4:64bit: - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Launch Backup Service Once] C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrstrigger.exe () O4 - HKLM..\Run: [PWMTRV] File not found O4 - HKLM..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe (Ricoh co.,Ltd.) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O9:64bit: - Extra Button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20:64bit: - Winlogon\Notify\psfus: DllName - Reg Error: Key error. - C:\Programme\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008.06.10 18:32:46 | 000,000,049 | -HS- | M] () - Q:\AUTORUN.INF -- [ NTFS ] O33 - MountPoints2\{c8ea6ede-fe97-11df-b6cb-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{c8ea6ede-fe97-11df-b6cb-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2009.08.10 23:01:24 | 000,267,576 | -HS- | M] (Lenovo Group Limited) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.03.31 22:29:38 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes [2011.03.31 22:29:15 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.03.31 22:29:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.03.31 22:29:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.03.31 22:29:11 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.03.31 22:29:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.03.31 14:59:35 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\ElevatedDiagnostics [2011.03.30 23:41:11 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\gsak [2011.03.30 22:24:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.03.30 22:22:52 | 000,000,000 | ---D | C] -- C:\Programme\iTunes [2011.03.30 22:22:52 | 000,000,000 | ---D | C] -- C:\Programme\iPod [2011.03.30 20:58:21 | 000,000,000 | ---D | C] -- C:\Users\***n\AppData\Roaming\Avira [2011.03.30 17:41:15 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Update [2011.03.30 15:50:31 | 000,000,000 | ---D | C] -- C:\ProgramData\{0DD0EEEE-2A7C-411C-9243-1AE62F445FC3} [2011.03.30 15:48:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt [2011.03.30 14:09:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\WindSolutions [2011.03.27 17:22:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\Canneverbe Limited [2011.03.27 17:21:23 | 000,000,000 | ---D | C] -- C:\Programme\CDBurnerXP [2011.03.25 13:17:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garmin [2011.03.24 10:14:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2011.03.23 12:09:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2011.03.23 00:51:23 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe [2011.03.23 00:51:23 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll [2011.03.23 00:51:22 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll [2011.03.23 00:51:22 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll [2011.03.23 00:51:22 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe [2011.03.23 00:51:22 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll [2011.03.23 00:51:22 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll [2011.03.23 00:51:22 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll [2011.03.23 00:51:16 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe [2011.03.22 22:13:22 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\GARMIN [2011.03.22 20:57:57 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Garmin [2011.03.22 20:51:03 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Mein Garmin [2011.03.22 20:49:22 | 000,017,536 | ---- | C] (GARMIN Corp.) -- C:\Windows\SysNative\drivers\grmn0200.sys [2011.03.22 20:49:22 | 000,017,024 | ---- | C] (Walter Oney Software) -- C:\Windows\SysNative\drivers\grmngen.sys [2011.03.22 20:49:22 | 000,016,512 | ---- | C] (GARMIN Corp.) -- C:\Windows\SysNative\drivers\grmn0400.sys [2011.03.22 20:49:22 | 000,011,776 | ---- | C] (GARMIN Corp.) -- C:\Windows\SysNative\drivers\grmn1200.sys [2011.03.22 20:49:22 | 000,007,296 | ---- | C] (GARMIN Corp.) -- C:\Windows\SysNative\drivers\grmnusb.sys [2011.03.22 20:49:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin [2011.03.22 20:46:46 | 000,000,000 | ---D | C] -- C:\Garmin [2011.03.22 20:18:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Karsten Bilderschau [2011.03.22 20:18:53 | 001,680,896 | ---- | C] (Borland Software Corporation) -- C:\Windows\SysWow64\vcl100.bpl [2011.03.22 20:18:53 | 000,857,088 | ---- | C] (Borland Software Corporation) -- C:\Windows\SysWow64\xmlrtl100.bpl [2011.03.22 20:18:53 | 000,843,264 | ---- | C] (Borland Software Corporation) -- C:\Windows\SysWow64\rtl100.bpl [2011.03.22 20:18:53 | 000,287,744 | ---- | C] (Borland Software Corporation) -- C:\Windows\SysWow64\dbrtl100.bpl [2011.03.22 20:18:53 | 000,198,656 | ---- | C] (Borland Software Corporation) -- C:\Windows\SysWow64\vclx100.bpl [2011.03.22 20:18:53 | 000,098,304 | ---- | C] (Borland Software Corporation) -- C:\Windows\SysWow64\vcljpg100.bpl [2011.03.22 20:18:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Karsten Bilderschau [2011.03.22 18:23:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IZArc [2011.03.22 18:23:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IZArc [2011.03.22 11:15:43 | 000,000,000 | ---D | C] -- C:\Users\***\.gimp-2.2 [2011.03.22 11:15:37 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GIMPshop [2011.03.22 11:15:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMPshop [2011.03.22 11:15:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIMPshop [2011.03.22 10:41:14 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011.03.22 10:41:14 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2011.03.22 10:41:13 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2011.03.22 10:41:13 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2011.03.22 10:41:13 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011.03.22 10:41:13 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2011.03.22 10:41:13 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2011.03.22 10:41:12 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2011.03.22 10:41:12 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2011.03.22 10:41:12 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011.03.22 10:41:12 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2011.03.22 10:41:12 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2011.03.22 10:41:03 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2011.03.22 10:41:03 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2011.03.22 10:41:03 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2011.03.22 10:41:02 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll [2011.03.22 10:41:02 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll [2011.03.22 10:41:02 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2011.03.22 10:41:02 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax [2011.03.22 10:41:02 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax [2011.03.22 10:40:44 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll [2011.03.22 10:40:44 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll [2011.03.22 10:40:42 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll [2011.03.22 10:40:38 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll [2011.03.22 10:40:38 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll [2011.03.22 10:40:38 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll [2011.03.22 10:40:38 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe [2011.03.22 10:40:37 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll [2011.03.22 10:40:37 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll [2011.03.22 10:40:37 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe [2011.03.22 10:40:37 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe [2011.03.22 10:40:35 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll [2011.03.22 10:40:14 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll [2011.03.22 10:40:14 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax [2011.03.22 10:40:14 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax [2011.03.22 10:40:09 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll [2011.03.22 10:39:59 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll [2011.03.22 10:39:59 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll [2011.03.22 10:39:58 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll [2011.03.22 10:39:58 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll [2011.03.22 10:39:58 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll [2011.03.22 10:39:57 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011.03.22 10:39:57 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011.03.22 10:39:57 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll [2011.03.22 10:39:57 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll [2011.03.22 10:39:57 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll [2011.03.22 10:39:45 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2011.03.22 10:39:45 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2011.03.22 10:39:45 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2011.03.22 10:39:45 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2011.03.22 10:39:41 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2011.03.22 10:39:31 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2011.03.22 10:39:31 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2011.03.22 10:39:31 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll [2011.03.22 10:39:31 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2011.03.22 10:39:31 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll [2011.03.22 10:39:30 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll [2011.03.22 10:39:27 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll [2011.03.22 10:39:26 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2011.03.22 10:39:26 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll [2011.03.22 10:39:25 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll [2011.03.22 10:39:25 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2011.03.22 10:39:25 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll [2011.03.22 10:39:25 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll [2011.03.22 10:39:24 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2011.03.22 10:39:24 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll [2011.03.22 10:39:24 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2011.03.22 10:39:08 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2011.03.22 10:39:08 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2011.03.22 10:38:55 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011.03.22 10:38:55 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011.03.22 10:38:55 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2011.03.22 10:38:40 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll [2011.03.22 10:38:39 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll [2011.03.22 10:38:23 | 005,510,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2011.03.22 10:38:22 | 001,739,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2011.03.22 10:38:21 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2011.03.22 10:38:21 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2011.03.22 10:38:15 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2011.03.22 10:38:15 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2011.03.22 10:38:14 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2011.03.22 10:38:14 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2011.03.22 10:38:08 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys [2011.03.22 10:38:06 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll [2011.03.22 10:38:06 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll [2011.03.22 10:38:02 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2011.03.22 10:38:02 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2011.03.22 10:38:01 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2011.03.22 10:38:01 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2011.03.22 10:37:54 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll [2011.03.22 10:37:51 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll [2011.03.22 10:37:50 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL [2011.03.22 10:37:49 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL [2011.03.22 10:37:47 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2011.03.22 10:37:45 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll [2011.03.22 10:37:44 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll [2011.03.22 10:37:31 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll [2011.03.21 20:19:05 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3 [2011.03.21 20:18:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3 [2011.03.21 20:18:00 | 000,000,000 | -H-D | C] -- C:\ProgramData\Sun [2011.03.21 20:17:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011.03.21 20:17:52 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2011.03.21 20:17:52 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011.03.21 20:17:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011.03.21 20:17:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011.03.21 20:17:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2011.03.21 20:15:50 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\OpenOffice.org 3.3 (de) Installation Files [2011.03.21 18:48:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2011.03.21 18:48:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2011.03.21 16:44:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\gsak [2011.03.21 13:48:07 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Macromedia [2011.03.21 13:48:07 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Adobe [2011.03.21 13:40:39 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Apple Computer [2011.03.21 13:39:22 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Mozilla [2011.03.21 13:39:22 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Mozilla [2011.03.21 13:38:15 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Apple Computer [2011.03.21 13:28:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2011.03.21 13:26:11 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll [2011.03.21 13:26:11 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll [2011.03.21 13:26:11 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys [2011.03.21 13:26:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2011.03.21 13:25:32 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} [2011.03.21 13:25:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2011.03.21 13:24:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011.03.21 13:24:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2011.03.21 13:24:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2011.03.21 13:24:13 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Apple [2011.03.21 13:24:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2011.03.21 13:23:58 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Apple [2011.03.21 13:23:44 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour [2011.03.21 13:23:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2011.03.21 13:23:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2011.03.21 13:23:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2011.03.21 13:21:57 | 000,000,000 | ---D | C] -- C:\Windows\de [2011.03.21 13:21:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\Google [2011.03.21 13:19:49 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Google [2011.03.21 13:19:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2011.03.21 13:17:27 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll [2011.03.21 13:17:27 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll [2011.03.21 13:17:26 | 003,860,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbon.dll [2011.03.21 13:17:26 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll [2011.03.21 13:16:36 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll [2011.03.21 13:16:35 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL [2011.03.21 13:16:35 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll [2011.03.21 13:16:35 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll [2011.03.21 13:16:34 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll [2011.03.21 13:16:34 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL [2011.03.21 13:16:33 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll [2011.03.21 13:14:56 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Windows Live [2011.03.21 12:19:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2011.03.21 12:05:34 | 000,000,000 | ---D | C] -- C:\Users\Scheerer Martin\AppData\Roaming\Intel [2011.03.21 12:01:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2011.03.21 12:01:10 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2011.03.21 12:01:10 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2011.03.21 12:01:09 | 000,000,000 | -H-D | C] -- C:\ProgramData\Avira [2011.03.21 12:01:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2011.03.21 11:54:55 | 000,000,000 | R--D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2011.03.21 11:54:55 | 000,000,000 | R--D | C] -- C:\Users\***\Searches [2011.03.21 11:54:55 | 000,000,000 | R--D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2011.03.21 11:54:47 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Identities [2011.03.21 11:54:43 | 000,000,000 | R--D | C] -- C:\Users\***\Contacts [2011.03.21 11:49:58 | 000,000,000 | ---D | C] -- C:\Users\***n\AppData\Roaming\Lenovo [2011.03.21 11:47:30 | 000,000,000 | RHSD | C] -- C:\RRbackups [2011.03.21 11:47:29 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\VirtualStore [2011.03.21 11:45:10 | 000,000,000 | --SD | C] -- C:\Users\***\AppData\Roaming\Microsoft [2011.03.21 11:45:10 | 000,000,000 | R--D | C] -- C:\Users\***\Videos [2011.03.21 11:45:10 | 000,000,000 | R--D | C] -- C:\Users\***\Saved Games [2011.03.21 11:45:10 | 000,000,000 | R--D | C] -- C:\Users\***\Pictures [2011.03.21 11:45:10 | 000,000,000 | R--D | C] -- C:\Users\***\Music [2011.03.21 11:45:10 | 000,000,000 | R--D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2011.03.21 11:45:10 | 000,000,000 | R--D | C] -- C:\Users\***\Links [2011.03.21 11:45:10 | 000,000,000 | R--D | C] -- C:\Users\***\Favorites [2011.03.21 11:45:10 | 000,000,000 | R--D | C] -- C:\Users\***\Downloads [2011.03.21 11:45:10 | 000,000,000 | R--D | C] -- C:\Users\***\Documents [2011.03.21 11:45:10 | 000,000,000 | R--D | C] -- C:\Users\***\Desktop [2011.03.21 11:45:10 | 000,000,000 | R--D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2011.03.21 11:45:10 | 000,000,000 | -HSD | C] -- C:\Users\***\Vorlagen [2011.03.21 11:45:10 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Verlauf [2011.03.21 11:45:10 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Temporary Internet Files [2011.03.21 11:45:10 | 000,000,000 | -HSD | C] -- C:\Users\***\Startmenü [2011.03.21 11:45:10 | 000,000,000 | -HSD | C] -- C:\Users\***\SendTo [2011.03.21 11:45:10 | 000,000,000 | -HSD | C] -- C:\Users\***\Recent [2011.03.21 11:45:10 | 000,000,000 | -HSD | C] -- C:\Users\***\Netzwerkumgebung [2011.03.21 11:45:10 | 000,000,000 | -HSD | C] -- C:\Users\***\Lokale Einstellungen [2011.03.21 11:45:10 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Videos [2011.03.21 11:45:10 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Musik [2011.03.21 11:45:10 | 000,000,000 | -HSD | C] -- C:\Users\***\Eigene Dateien [2011.03.21 11:45:10 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Bilder [2011.03.21 11:45:10 | 000,000,000 | -HSD | C] -- C:\Users\***\Druckumgebung [2011.03.21 11:45:10 | 000,000,000 | -HSD | C] -- C:\Users\***\Cookies [2011.03.21 11:45:10 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Anwendungsdaten [2011.03.21 11:45:10 | 000,000,000 | -HSD | C] -- C:\Users\***\Anwendungsdaten [2011.03.21 11:45:10 | 000,000,000 | -H-D | C] -- C:\Users\***\AppData [2011.03.21 11:45:10 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Temp [2011.03.21 11:45:10 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Microsoft [2011.03.21 11:45:10 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Media Center Programs [2011.03.21 11:44:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2011.03.21 11:44:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2011.03.21 11:44:40 | 000,000,000 | -HSD | C] -- C:\Programme [2011.03.21 11:44:40 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien [2011.03.21 11:44:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2011.03.21 11:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2011.03.21 11:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2011.03.21 11:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2011.03.21 11:44:40 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2011.03.21 11:44:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2011.03.21 11:44:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten ========== Files - Modified Within 30 Days ========== [2011.03.31 23:27:00 | 000,000,528 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job [2011.03.31 23:19:00 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job [2011.03.31 22:32:00 | 000,001,126 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.03.31 22:29:15 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.03.31 19:35:50 | 000,001,732 | ---- | M] () -- C:\tvtpktfilter.dat [2011.03.31 18:04:23 | 000,001,794 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.03.31 18:00:24 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.03.31 12:11:03 | 000,020,480 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.03.31 12:11:03 | 000,020,480 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.03.31 12:10:41 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.03.31 12:10:41 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.03.31 12:10:41 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.03.31 12:10:41 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.03.31 12:10:41 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.03.31 12:03:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.03.31 12:03:03 | 1500,254,208 | -HS- | M] () -- C:\hiberfil.sys [2011.03.30 16:59:52 | 000,000,392 | -H-- | M] () -- C:\ProgramData\45276936 [2011.03.30 16:58:30 | 000,000,152 | -H-- | M] () -- C:\ProgramData\~45276936r [2011.03.30 16:58:30 | 000,000,136 | -H-- | M] () -- C:\ProgramData\~45276936 [2011.03.27 17:21:25 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk [2011.03.27 14:48:58 | 000,001,145 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.03.23 12:02:17 | 000,319,264 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.03.22 21:40:52 | 000,000,885 | ---- | M] () -- C:\Users\***\Desktop\MapSource - Verknüpfung.lnk [2011.03.22 20:18:54 | 000,001,002 | ---- | M] () -- C:\Users\***\Desktop\Karsten Bilderschau.lnk [2011.03.22 18:23:06 | 000,001,840 | ---- | M] () -- C:\Users\***\Desktop\IZArc.lnk [2011.03.22 11:15:37 | 000,001,108 | ---- | M] () -- C:\Users\***\Desktop\GIMPshop.lnk [2011.03.21 20:19:05 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk [2011.03.21 20:17:42 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011.03.21 20:17:41 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011.03.21 20:17:41 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011.03.21 20:17:40 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2011.03.21 19:40:32 | 000,054,699 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2011.03.21 19:40:32 | 000,054,699 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2011.03.21 18:48:52 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011.03.21 13:51:04 | 000,240,640 | ---- | M] () -- C:\Users\***\Desktop\verkleinerer17.exe [2011.03.21 13:28:27 | 000,002,295 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk [2011.03.21 13:24:30 | 000,001,856 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011.03.21 12:56:34 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2011.03.21 12:01:27 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2011.03.21 11:47:00 | 000,000,042 | ---- | M] () -- C:\Windows\SysWow64\drivers\17AA_Lenovo_ThinkPad_T510_4314_A23.MRK ========== Files Created - No Company Name ========== [2011.03.31 22:29:15 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.03.31 19:35:50 | 000,001,732 | ---- | C] () -- C:\tvtpktfilter.dat [2011.03.30 22:25:00 | 000,001,794 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.03.30 16:58:30 | 000,000,152 | -H-- | C] () -- C:\ProgramData\~45276936r [2011.03.30 16:58:28 | 000,000,136 | -H-- | C] () -- C:\ProgramData\~45276936 [2011.03.30 16:58:08 | 000,000,392 | -H-- | C] () -- C:\ProgramData\45276936 [2011.03.27 17:21:25 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk [2011.03.27 17:21:25 | 000,001,703 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk [2011.03.27 14:48:58 | 000,001,157 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011.03.22 21:40:52 | 000,000,885 | ---- | C] () -- C:\Users\***\Desktop\MapSource - Verknüpfung.lnk [2011.03.22 20:18:54 | 000,001,002 | ---- | C] () -- C:\Users\***\Desktop\Karsten Bilderschau.lnk [2011.03.22 18:23:06 | 000,001,840 | ---- | C] () -- C:\Users\***\Desktop\IZArc.lnk [2011.03.22 11:15:37 | 000,001,108 | ---- | C] () -- C:\Users\***\Desktop\GIMPshop.lnk [2011.03.21 20:19:05 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk [2011.03.21 18:48:52 | 000,001,077 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011.03.21 13:51:00 | 000,240,640 | ---- | C] () -- C:\Users\***\Desktop\verkleinerer17.exe [2011.03.21 13:28:27 | 000,002,295 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk [2011.03.21 13:27:16 | 000,001,126 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.03.21 13:27:16 | 000,001,122 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.03.21 13:24:30 | 000,001,856 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011.03.21 13:24:10 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2011.03.21 12:56:34 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2011.03.21 12:19:09 | 000,001,145 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.03.21 12:01:27 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2011.03.21 11:55:03 | 000,001,416 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2011.03.21 11:54:57 | 000,001,450 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2010.12.03 06:56:00 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin [2010.12.03 06:56:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2010.12.03 06:56:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll [2010.12.03 06:56:00 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin [2010.12.03 06:55:59 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin [2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin [2009.07.13 23:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin [2009.07.13 23:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin [2009.07.13 23:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat < End of report > und OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 31.03.2011 23:23:03 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\***\Desktop 64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy Code:
ATTFilter 2,00 Gb Total Physical Memory | 0,00 Gb Available Physical Memory | 21,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 41,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 221,95 Gb Total Space | 148,92 Gb Free Space | 67,10% Space Free | Partition Type: NTFS Drive Q: | 9,77 Gb Total Space | 1,83 Gb Free Space | 18,70% Space Free | Partition Type: NTFS Computer Name: THINKPAD | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Überwachungstool für die Intel® Turbo-Boost-Technik "{3FD730D4-755F-439B-8082-B55E00924A44}" = Client Security - Password Manager "{4327107B-E95E-415C-9194-458FCED6BF12}" = Intel(R) PROSet/Wireless WiFi-Software "{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage System für aktiven Festplattenschutz "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{55CEDC7F-3965-47C0-AC71-40AAA418B6A5}" = ThinkVantage Fingerprint Software "{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64) "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{88C6A6D9-324C-46E8-BA87-563D14021442}_is1" = ThinkVantage Communications Utility "{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = ThinkPad Bluetooth with Enhanced Data Rate Software "{B24A47E5-F196-461E-A7A4-AADB72CB19DD}" = iTunes "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "114EB224AD576F278686036AA9E1EFB7847E3935" = Windows-Treiberpaket - Lenovo 1.60.0.4 (11/18/2009 1.60.0.4) "30A4777E896192B8D398199AE1AB235B69BAB26D" = Windows-Treiberpaket - Intel (HECIx64) System (09/17/2009 6.0.0.1179) "3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) "3C4C8BB88656F616D170176E1905526541B60FDF" = Windows-Treiberpaket - Intel (e1kexpress) Net (06/22/2010 11.5.10.1012) "49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) "50BEEEA1F00D30E432867EA15672212B3FB5740E" = Windows-Treiberpaket - Synaptics (SynTP) Mouse (04/22/2010 15.0.18.0) "573C3C32A1DB5625CA00E633E584E8A0E6383672" = Windows-Treiberpaket - Intel System (10/28/2009 9.1.1.1022) "6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) "6B8550A319DDC8B17F35F4A89988705E4592349B" = Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) "A7B0B8D913E4DC2FA0B31E392E1512A901CA66B9" = Windows-Treiberpaket - Intel USB (08/20/2009 9.1.1.1020) "CNXT_AUDIO_HDA" = Conexant 20585 SmartAudio HD "CNXT_MODEM_HDA_HSF" = ThinkPad Modem Adapter "D94DFF1289C7A7BEBA126E4CDADE0E85B99E60F1" = Windows-Treiberpaket - Intel System (10/28/2009 9.1.1.1022) "E7B58217635B8F723D4744A328A4B3237DB35FA9" = Windows-Treiberpaket - Intel System (06/04/2009 1.0.0.0002) "EnablePS" = Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 "FD5ED5E16405CDAA5385DE461B9E5379F91ACCCF" = Windows-Treiberpaket - Ricoh Company MS Host Controller (10/26/2009 6.10.02.07) "LENOVO.SMIIF" = Lenovo System Interface Driver "LenovoAutoScrollUtility" = Lenovo Auto Scroll Utility "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "OnScreenDisplay" = Anzeige am Bildschirm "PC-Doctor for Windows" = Lenovo ThinkVantage Toolbox "Power Management Driver" = ThinkPad Power Management Driver "ProInst" = Intel PROSet Wireless "SynTPDeinstKey" = ThinkPad UltraNav Driver "ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{022CBB38-CEF0-42BA-906A-A49BEFAE0BEE}" = RICOH R5U230 Media Driver ver.2.06.02.02 "{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{17CBC505-D1AE-459D-B445-3D2000A85842}" = Dienstprogramm "ThinkPad UltraNav" "{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1E105942-593C-4C48-AB3D-BEC2124F5FCE}" = Garmin City Navigator Europe NT 2008 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8 "{25C64847-B900-48AD-A164-1B4F9B774650}" = System Update "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22 "{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3 "{4330AAE7-1893-42F9-BC38-539A1A60530B}" = Mobile Broadband "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}" = Create Recovery Media "{50F68032-B5B7-4513-9116-C978DBD8F27A}" = Corel DVD MovieFactory 7 "{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{641FE800-650B-4E99-A304-9D50E7235BAF}" = Topo Deutschland v2 "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{67B9AF41-C0B9-4960-84D9-A61D23DE85D8}" = Garmin Trip and Waypoint Manager v4 "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77C4850C-3592-4A2F-B652-ACB77A1EF77C}" = Bing Bar Platform "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E537894-A559-4D60-B3CB-F4485E3D24E3}" = ThinkVantage Access Connections "{928B06E4-DDAA-476A-926A-641620326327}" = Microsoft Search Enhancement Pack "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.1.6 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Burn.Now 4.5 "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B383F243-0ABC-4E56-AA30-923B8D85076E}" = Rescue and Recovery "{B7B3E9B3-FB14-4927-894B-E9124509AF5A}" = Adobe Flash Player 10 ActiveX "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C3CD17B4-08B0-492D-8A4C-81716D33E520}" = Integrated Camera Driver Installer Package Ver.1.1.0.19 "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access Help "{C768790F-04FB-11E0-9B2C-001AA037B01E}" = Google Earth "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CF07A1C9-098F-47DD-99E0-B6558C33871B}" = Garmin MapSource "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = ThinkPad Energie-Manager "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver "{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}" = Message Center Plus "{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}" = Lenovo Warranty Information "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "GIMPshop" = GIMPshop .1 beta "InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8 "InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}" = Corel DVD MovieFactory Lenovo Edition "InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Corel Burn.Now Lenovo Edition "InstallShield_{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder "Karsten Bilderschau_is1" = Karsten Bilderschau 3.5.4 "Lenovo Welcome_is1" = Lenovo Welcome "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Mozilla Firefox 4.0 (x86 de)" = Mozilla Firefox 4.0 (x86 de) "VLC media player" = VLC media player 1.1.7 "WinLiveSuite" = Windows Live Essentials ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 27.03.2011 13:25:40 | Computer Name = Thinkpad | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 27.03.2011 13:25:40 | Computer Name = Thinkpad | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 13042 Error - 27.03.2011 13:25:40 | Computer Name = Thinkpad | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 13042 Error - 27.03.2011 13:25:41 | Computer Name = Thinkpad | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 27.03.2011 13:25:41 | Computer Name = Thinkpad | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 14040 Error - 27.03.2011 13:25:41 | Computer Name = Thinkpad | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 14040 Error - 27.03.2011 13:25:42 | Computer Name = Thinkpad | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 27.03.2011 13:25:42 | Computer Name = Thinkpad | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 15039 Error - 27.03.2011 13:25:42 | Computer Name = Thinkpad | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 15039 Error - 27.03.2011 13:33:27 | Computer Name = Thinkpad | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second [ System Events ] Error - 30.03.2011 03:11:56 | Computer Name = Thinkpad | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst TVT Backup Service erreicht. Error - 30.03.2011 11:15:37 | Computer Name = Thinkpad | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Dienst für Schriftartencache erreicht. Error - 30.03.2011 11:15:37 | Computer Name = Thinkpad | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Windows-Dienst für Schriftartencache" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 30.03.2011 11:16:07 | Computer Name = Thinkpad | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht. Error - 30.03.2011 11:16:07 | Computer Name = Thinkpad | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 30.03.2011 11:16:07 | Computer Name = Thinkpad | Source = DCOM | ID = 10005 Description = Error - 30.03.2011 11:17:40 | Computer Name = Thinkpad | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Bluetooth Service erreicht. Error - 30.03.2011 11:17:40 | Computer Name = Thinkpad | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Bluetooth Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 30.03.2011 11:24:59 | Computer Name = Thinkpad | Source = Service Control Manager | ID = 7011 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst iphlpsvc erreicht. Error - 30.03.2011 11:26:07 | Computer Name = Thinkpad | Source = Service Control Manager | ID = 7022 Description = Der Dienst "Windows Update" wurde nicht richtig gestartet. < End of report > Ich hoffe das ist aussagekräftig für dich, danke schonmal. rechner zeigt derzeit keine symptome, ausser dass einige programme zerschossen sind. |
01.04.2011, 13:20 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | TR/Crypt.ZPACK.Gen2 verursacht Ärger Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind.
__________________ Logfiles bitte immer in CODE-Tags posten |
01.04.2011, 14:28 | #5 |
| TR/Crypt.ZPACK.Gen2 verursacht Ärger nein, war nur das eine drin unter "logs": Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 6229 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 01.04.2011 15:12:42 mbam-log-2011-04-01 (15-12-42).txt Scan type: Full scan (C:\|Q:\|) Objects scanned: 269878 Time elapsed: 42 minute(s), 36 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) |
01.04.2011, 14:52 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | TR/Crypt.ZPACK.Gen2 verursacht Ärger Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern ) Danach müssen wir noch mit OTL ran.
__________________ --> TR/Crypt.ZPACK.Gen2 verursacht Ärger |
01.04.2011, 15:51 | #7 |
| TR/Crypt.ZPACK.Gen2 verursacht Ärger wahnsinn, ja, sind wieder da nun nochmal ein OTL-scan wie vorher ? |
01.04.2011, 18:44 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | TR/Crypt.ZPACK.Gen2 verursacht Ärger Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!! Code:
ATTFilter :OTL [2011.03.30 16:58:30 | 000,000,152 | -H-- | C] () -- C:\ProgramData\~45276936r [2011.03.30 16:58:28 | 000,000,136 | -H-- | C] () -- C:\ProgramData\~45276936 [2011.03.30 16:58:08 | 000,000,392 | -H-- | C] () -- C:\ProgramData\45276936 [2011.03.30 16:59:52 | 000,000,392 | -H-- | M] () -- C:\ProgramData\45276936 [2011.03.30 16:58:30 | 000,000,152 | -H-- | M] () -- C:\ProgramData\~45276936r [2011.03.30 16:58:30 | 000,000,136 | -H-- | M] () -- C:\ProgramData\~45276936 [2011.03.30 15:50:31 | 000,000,000 | ---D | C] -- C:\ProgramData\{0DD0EEEE-2A7C-411C-9243-1AE62F445FC3} [2011.03.30 23:41:11 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\gsak O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008.06.10 18:32:46 | 000,000,049 | -HS- | M] () - Q:\AUTORUN.INF -- [ NTFS ] O33 - MountPoints2\{c8ea6ede-fe97-11df-b6cb-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{c8ea6ede-fe97-11df-b6cb-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2009.08.10 23:01:24 | 000,267,576 | -HS- | M] (Lenovo Group Limited) :Commands [purity] [resethosts] [emptytemp] Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________ Logfiles bitte immer in CODE-Tags posten |
01.04.2011, 19:49 | #9 |
| TR/Crypt.ZPACK.Gen2 verursacht Ärger hi arne, hab das fix eingespielt, hat funktioniert, danke ! wie gehts weiter ? |
02.04.2011, 13:22 | #10 |
/// Winkelfunktion /// TB-Süch-Tiger™ | TR/Crypt.ZPACK.Gen2 verursacht Ärger Hast du das Log dazu? Müsste in C:\_OTL liegen
__________________ Logfiles bitte immer in CODE-Tags posten |
03.04.2011, 18:18 | #11 |
| TR/Crypt.ZPACK.Gen2 verursacht Ärger hi arne, das müsste das log gewesen sein: All processes killed ========== OTL ========== C:\ProgramData\~45276936r moved successfully. C:\ProgramData\~45276936 moved successfully. C:\ProgramData\45276936 moved successfully. File C:\ProgramData\45276936 not found. File C:\ProgramData\~45276936r not found. File C:\ProgramData\~45276936 not found. C:\ProgramData\{0DD0EEEE-2A7C-411C-9243-1AE62F445FC3}\x64 folder moved successfully. C:\ProgramData\{0DD0EEEE-2A7C-411C-9243-1AE62F445FC3} folder moved successfully. C:\Users\***\AppData\Roaming\gsak\UserImages folder moved successfully. C:\Users\***\AppData\Roaming\gsak\Temp\waypoints folder moved successfully. C:\Users\***\AppData\Roaming\gsak\Temp folder moved successfully. C:\Users\***\AppData\Roaming\gsak\Macros folder moved successfully. C:\Users\***\AppData\Roaming\gsak\locations folder moved successfully. C:\Users\***\AppData\Roaming\gsak\data\GrabbedImages folder moved successfully. C:\Users\***\AppData\Roaming\gsak\data\Default folder moved successfully. C:\Users\***\AppData\Roaming\gsak\data folder moved successfully. C:\Users\***\AppData\Roaming\gsak\Backup folder moved successfully. C:\Users\***\AppData\Roaming\gsak folder moved successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! Q:\AUTORUN.INF moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c8ea6ede-fe97-11df-b6cb-806e6f6e6963}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c8ea6ede-fe97-11df-b6cb-806e6f6e6963}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c8ea6ede-fe97-11df-b6cb-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c8ea6ede-fe97-11df-b6cb-806e6f6e6963}\ not found. Q:\LenovoQDrive.exe moved successfully. ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYTEMP] User: Administrator User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: *** ->Temp folder emptied: 117336693 bytes ->Temporary Internet Files folder emptied: 39948553 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 60983332 bytes ->Flash cache emptied: 1586 bytes User: ***_2 ->Temp folder emptied: 11367814 bytes ->Temporary Internet Files folder emptied: 64578951 bytes ->Java cache emptied: 1065 bytes ->FireFox cache emptied: 254184744 bytes ->Flash cache emptied: 10837 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 97154286 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes RecycleBin emptied: 13729307 bytes Total Files Cleaned = 629,00 mb OTL by OldTimer - Version 3.2.22.3 log created on 04012011_203802 |
03.04.2011, 18:21 | #12 |
/// Winkelfunktion /// TB-Süch-Tiger™ | TR/Crypt.ZPACK.Gen2 verursacht Ärger Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
03.04.2011, 19:30 | #13 |
| TR/Crypt.ZPACK.Gen2 verursacht Ärger so hier das log: Combofix Logfile: Code:
ATTFilter ComboFix 11-04-03.01 - *** 03.04.2011 20:14:06.2.4 - x64 Microsoft Windows 7 Professional 6.1.7600.0.1252.49.1031.18.1908.817 [GMT 2:00] ausgeführt von:: c:\users\***_2\Desktop\cofi.exe.exe AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . C:\cofi.exe c:\cofi.exe\CF15220.cfxxe . . ((((((((((((((((((((((( Dateien erstellt von 2011-03-03 bis 2011-04-03 )))))))))))))))))))))))))))))) . . 2011-04-03 18:21 . 2011-04-03 18:21 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-04-03 18:21 . 2011-04-03 18:21 -------- d-----w- c:\users\Administrator\AppData\Local\temp 2011-04-03 17:37 . 2011-04-03 17:37 -------- d-----w- c:\program files\CCleaner 2011-04-01 18:38 . 2011-04-01 18:38 -------- d-----w- C:\_OTL 2011-04-01 08:49 . 2011-03-23 08:11 8424784 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F315AB52-E1E9-41C4-A697-D8D817C94281}\mpengine.dll 2011-03-31 20:29 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-03-31 20:29 . 2011-03-31 20:29 -------- d-----w- c:\programdata\Malwarebytes 2011-03-31 20:29 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-03-31 20:29 . 2011-03-31 20:29 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-03-30 20:22 . 2011-03-30 20:24 -------- d-----w- c:\program files\iTunes 2011-03-30 20:22 . 2011-03-30 20:22 -------- d-----w- c:\program files\iPod 2011-03-30 13:48 . 2011-03-30 13:48 -------- d-----w- c:\windows\system32\appmgmt 2011-03-30 12:09 . 2011-03-30 12:09 -------- d-----w- c:\programdata\WindSolutions 2011-03-27 15:22 . 2011-03-27 15:22 -------- d-----w- c:\programdata\Canneverbe Limited 2011-03-27 15:21 . 2011-03-27 15:21 -------- d-----w- c:\program files\CDBurnerXP 2011-03-25 11:17 . 2011-03-25 11:17 -------- d-----w- c:\program files (x86)\Garmin 2011-03-24 08:14 . 2011-03-24 08:14 -------- d-----w- c:\program files (x86)\Microsoft.NET 2011-03-23 10:09 . 2011-03-23 10:09 -------- d-----w- c:\program files (x86)\MSXML 4.0 2011-03-22 22:55 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll 2011-03-22 22:55 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll 2011-03-22 22:51 . 2009-11-25 11:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll 2011-03-22 22:51 . 2009-11-25 11:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll 2011-03-22 22:51 . 2009-11-25 11:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe 2011-03-22 22:51 . 2009-11-25 11:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll 2011-03-22 22:51 . 2009-11-25 11:47 48960 ----a-w- c:\windows\system32\netfxperf.dll 2011-03-22 22:51 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll 2011-03-22 22:51 . 2009-11-25 11:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2011-03-22 22:51 . 2009-11-25 11:47 444752 ----a-w- c:\windows\system32\mscoree.dll 2011-03-22 22:51 . 2009-11-25 11:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe 2011-03-22 22:51 . 2009-11-25 11:47 1942856 ----a-w- c:\windows\system32\dfshim.dll 2011-03-22 22:51 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe 2011-03-22 22:47 . 2010-03-04 04:40 184832 ----a-w- c:\windows\system32\drivers\usbvideo.sys 2011-03-22 22:47 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys 2011-03-22 18:49 . 2006-07-11 19:50 11776 ----a-w- c:\windows\system32\drivers\grmn1200.sys 2011-03-22 18:49 . 2006-04-11 19:51 16512 ----a-w- c:\windows\system32\drivers\grmn0400.sys 2011-03-22 18:49 . 2006-02-20 18:25 17536 ----a-w- c:\windows\system32\drivers\grmn0200.sys 2011-03-22 18:49 . 2003-09-23 14:42 7296 ----a-w- c:\windows\system32\drivers\grmnusb.sys 2011-03-22 18:49 . 2003-09-23 14:42 17024 ----a-w- c:\windows\system32\drivers\grmngen.sys 2011-03-22 18:46 . 2011-03-30 19:44 -------- d-----w- C:\Garmin 2011-03-22 18:18 . 2006-03-03 16:02 843264 ----a-w- c:\windows\SysWow64\rtl100.bpl 2011-03-22 18:18 . 2006-03-03 16:02 287744 ----a-w- c:\windows\SysWow64\dbrtl100.bpl 2011-03-22 18:18 . 2006-03-03 16:02 1680896 ----a-w- c:\windows\SysWow64\vcl100.bpl 2011-03-22 18:18 . 2005-11-14 18:00 98304 ----a-w- c:\windows\SysWow64\vcljpg100.bpl 2011-03-22 18:18 . 2005-11-14 18:00 857088 ----a-w- c:\windows\SysWow64\xmlrtl100.bpl 2011-03-22 18:18 . 2005-11-14 18:00 198656 ----a-w- c:\windows\SysWow64\vclx100.bpl 2011-03-22 18:18 . 2011-03-22 18:18 -------- d-----w- c:\program files (x86)\Karsten Bilderschau 2011-03-22 16:23 . 2011-03-22 16:24 -------- d-----w- c:\program files (x86)\IZArc 2011-03-22 09:15 . 2011-03-22 09:15 -------- d-----w- c:\program files (x86)\GIMPshop 2011-03-22 08:40 . 2010-10-27 05:06 2048 ----a-w- c:\windows\system32\tzres.dll 2011-03-22 08:39 . 2010-12-21 06:16 1197056 ----a-w- c:\windows\system32\wininet.dll 2011-03-22 08:38 . 2011-01-05 06:20 612352 ----a-w- c:\windows\system32\vbscript.dll 2011-03-21 18:18 . 2011-03-21 18:18 -------- d-----w- c:\program files (x86)\OpenOffice.org 3 2011-03-21 18:17 . 2011-03-21 18:17 -------- d-----w- c:\program files (x86)\Common Files\Java 2011-03-21 18:17 . 2011-03-21 18:17 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2011-03-21 18:17 . 2011-03-21 18:17 -------- d-----w- c:\program files (x86)\Java 2011-03-21 16:48 . 2011-03-30 19:40 -------- d-----w- c:\program files (x86)\VideoLAN 2011-03-21 14:44 . 2011-03-31 14:28 -------- d-----w- c:\program files (x86)\gsak 2011-03-21 11:26 . 2009-05-18 12:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2011-03-21 11:26 . 2008-04-17 11:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll 2011-03-21 11:26 . 2008-04-17 11:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll 2011-03-21 11:26 . 2011-03-21 11:26 -------- dc----w- c:\windows\system32\DRVSTORE 2011-03-21 11:25 . 2011-03-30 19:41 -------- d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2011-03-21 11:25 . 2011-03-30 20:24 -------- d-----w- c:\program files (x86)\iTunes 2011-03-21 11:24 . 2011-03-21 11:24 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll 2011-03-21 11:24 . 2011-03-21 11:24 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll 2011-03-21 11:24 . 2011-03-21 11:24 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll 2011-03-21 11:24 . 2011-03-21 11:24 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll 2011-03-21 11:24 . 2011-03-21 11:24 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll 2011-03-21 11:24 . 2011-03-21 11:24 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll 2011-03-21 11:24 . 2011-03-21 11:24 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll 2011-03-21 11:24 . 2011-03-30 19:40 -------- d-----w- c:\programdata\Apple Computer 2011-03-21 11:24 . 2011-03-21 11:24 -------- d-----w- c:\program files (x86)\QuickTime 2011-03-21 11:24 . 2011-03-21 11:24 -------- d-----w- c:\program files (x86)\Apple Software Update 2011-03-21 11:23 . 2011-03-21 11:23 -------- d-----w- c:\program files\Common Files\Apple 2011-03-21 11:23 . 2011-03-21 11:23 -------- d-----w- c:\program files\Bonjour 2011-03-21 11:23 . 2011-03-21 11:23 -------- d-----w- c:\program files (x86)\Bonjour 2011-03-21 11:23 . 2011-03-30 20:22 -------- d-----w- c:\program files (x86)\Common Files\Apple 2011-03-21 11:23 . 2011-03-30 19:41 -------- d-----w- c:\programdata\Apple 2011-03-21 11:21 . 2011-03-21 11:21 -------- d-----w- c:\windows\de 2011-03-21 11:19 . 2011-03-21 11:28 -------- d-----w- c:\program files (x86)\Google 2011-03-21 11:17 . 2010-08-11 05:13 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll 2011-03-21 11:17 . 2010-08-11 04:35 1164800 ----a-w- c:\windows\SysWow64\UIRibbonRes.dll 2011-03-21 11:17 . 2010-08-11 05:19 3860992 ----a-w- c:\windows\system32\UIRibbon.dll 2011-03-21 11:17 . 2010-08-11 04:44 2983424 ----a-w- c:\windows\SysWow64\UIRibbon.dll 2011-03-21 11:16 . 2010-05-23 08:35 206848 ----a-w- c:\windows\system32\mfps.dll 2011-03-21 11:16 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL 2011-03-21 11:16 . 2010-05-23 10:11 196608 ----a-w- c:\windows\SysWow64\mfreadwrite.dll 2011-03-21 11:16 . 2010-05-23 08:35 257024 ----a-w- c:\windows\system32\mfreadwrite.dll 2011-03-21 11:16 . 2010-05-23 08:37 1888256 ----a-w- c:\windows\system32\WMVDECOD.DLL 2011-03-21 11:16 . 2010-05-23 08:35 4068864 ----a-w- c:\windows\system32\mf.dll 2011-03-21 11:16 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\SysWow64\mf.dll 2011-03-21 11:15 . 2011-03-21 11:15 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\575738fd1cbe7b905\MeshBetaRemover.exe 2011-03-21 10:01 . 2011-01-10 13:23 83120 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2011-03-21 10:01 . 2011-01-10 13:23 116568 ----a-w- c:\windows\system32\drivers\avipbb.sys 2011-03-21 10:01 . 2011-03-21 10:01 -------- d-----w- c:\programdata\Avira 2011-03-21 10:01 . 2011-03-21 10:01 -------- d-----w- c:\program files (x86)\Avira 2011-03-21 09:47 . 2011-03-30 19:41 -------- d-sh--r- C:\RRbackups 2011-03-21 09:45 . 2011-03-30 19:44 -------- d-----w- c:\users\*** . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-03-21 11:37 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-02-18 15:36 . 2011-02-18 15:36 51712 ----a-w- c:\windows\system32\drivers\usbaapl64.sys 2011-02-18 15:36 . 2011-02-18 15:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll . . ((((((((((((((((((((((((((((( SnapShot@2011-04-03_17.59.32 ))))))))))))))))))))))))))))))))))))))))) . - 2011-03-21 17:38 . 2011-04-03 17:37 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-03-21 17:38 . 2011-04-03 18:02 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-04-03 17:37 . 2011-04-03 17:37 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2011-04-03 17:37 . 2011-04-03 18:02 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2011-04-03 18:02 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2011-04-03 17:37 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2011-03-21 10:20 . 2011-04-03 17:11 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-03-21 10:20 . 2011-04-03 18:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-03-21 10:20 . 2011-04-03 18:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2011-03-21 10:20 . 2011-04-03 17:11 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 02:36 . 2011-04-03 16:58 616008 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2011-04-03 18:05 616008 c:\windows\system32\perfh009.dat + 2010-12-03 13:28 . 2011-04-03 18:05 654166 c:\windows\system32\perfh007.dat - 2010-12-03 13:28 . 2011-04-03 16:58 654166 c:\windows\system32\perfh007.dat + 2009-07-14 02:36 . 2011-04-03 18:05 106388 c:\windows\system32\perfc009.dat - 2009-07-14 02:36 . 2011-04-03 16:58 106388 c:\windows\system32\perfc009.dat + 2010-12-03 13:28 . 2011-04-03 18:05 130006 c:\windows\system32\perfc007.dat - 2010-12-03 13:28 . 2011-04-03 16:58 130006 c:\windows\system32\perfc007.dat + 2009-07-14 02:34 . 2011-04-03 18:08 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat - 2009-07-14 02:34 . 2011-04-03 17:07 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "RotateImage"="c:\program files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe" [2008-10-30 55808] "PWMTRV"="c:\progra~2\ThinkPad\UTILIT~1\PWMTR64V.DLL" [2010-08-24 1129832] "Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568] "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-01-10 281768] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "Launch Backup Service Once"="c:\program files (x86)\Lenovo\Rescue and Recovery\rrstrigger.exe" [2009-08-28 21304] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-01 421160] . c:\users\Scheerer Martin_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2009-8-11 1080608] Digital Line Detect.lnk - c:\program files (x86)\Digital Line Detect\DLG.exe [2010-12-3 50688] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "DisableCAD"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ scecli c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-21 136176] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x] R3 DozeSvc;Lenovo Doze Mode Service;c:\program files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2010-08-24 164200] R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [x] R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x] R3 PCDSRVC{127174DC-C366ED8B-06020101}_0;PCDSRVC{127174DC-C366ED8B-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc_x64.pkms [2010-11-12 25072] R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys [x] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x] R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-09-29 126392] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 DzHDD64;DzHDD64;c:\windows\System32\DRIVERS\DzHDD64.sys [x] S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys [x] S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiifx64.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-01-10 135336] S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136] S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [2010-07-27 50536] S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2010-04-07 45496] S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [2010-07-27 74088] S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [2010-04-07 93032] S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys [x] S2 smihlp;SMI Helper Driver (smihlp);c:\program files\ThinkVantage Fingerprint Software\smihlp.sys [2009-03-13 13840] S2 TPHKSVC;Anzeige am Bildschirm;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2010-04-07 63928] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x] S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-03 2533400] S3 5U877;USB Video Device;c:\windows\system32\DRIVERS\5U877.sys [x] S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [x] S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [x] S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x] S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x] S3 NETwNs64;___ Intel(R) Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x] S3 Power Manager DBC Service;Power Manager DBC Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2010-08-24 75112] S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . Inhalt des "geplante Tasks" Ordners . 2011-04-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-21 11:26] . 2011-04-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-21 11:26] . 2011-04-03 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\PC-Doctor\uaclauncher.exe [2010-11-12 01:34] . 2011-04-03 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\PC-Doctor\pcdrcui.exe [2010-11-12 01:34] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe" [BU] "TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2010-07-27 69560] "TpShocks"="TpShocks.exe" [2010-07-01 380776] "SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-15 307768] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-05 386584] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-05 415256] "LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2010-07-27 62312] "AcWin7Hlpr"="c:\program files (x86)\Lenovo\Access Connections\AcTBenabler.exe" [2010-09-17 31592] . ------- Zusätzlicher Suchlauf ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://lenovo.msn.com mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b7j4du3v.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - google.de . - - - - Entfernte verwaiste Registrierungseinträge - - - - . Toolbar-Locked - (no file) . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{127174DC-C366ED8B-06020101}_0] "ImagePath"="\??\c:\program files\pc-doctor\pcdsrvc_x64.pkms" . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Zeit der Fertigstellung: 2011-04-03 20:23:41 ComboFix-quarantined-files.txt 2011-04-03 18:23 ComboFix2.txt 2011-04-03 18:05 . Vor Suchlauf: 15 Verzeichnis(se), 153.624.309.760 Bytes frei Nach Suchlauf: 15 Verzeichnis(se), 153.574.584.320 Bytes frei . - - End Of File - - B5B32D0AF30F8336B3DB940E88183681 |
03.04.2011, 19:45 | #14 |
/// Winkelfunktion /// TB-Süch-Tiger™ | TR/Crypt.ZPACK.Gen2 verursacht Ärger Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html
__________________ Logfiles bitte immer in CODE-Tags posten |
03.04.2011, 19:51 | #15 |
| TR/Crypt.ZPACK.Gen2 verursacht Ärger so, hier dieses log: 2011/04/03 20:48:03.0426 2020 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28 2011/04/03 20:48:04.0003 2020 ================================================================================ 2011/04/03 20:48:04.0003 2020 SystemInfo: 2011/04/03 20:48:04.0003 2020 2011/04/03 20:48:04.0003 2020 OS Version: 6.1.7600 ServicePack: 0.0 2011/04/03 20:48:04.0003 2020 Product type: Workstation 2011/04/03 20:48:04.0003 2020 ComputerName: THINKPAD 2011/04/03 20:48:04.0003 2020 UserName: *** 2011/04/03 20:48:04.0003 2020 Windows directory: C:\Windows 2011/04/03 20:48:04.0003 2020 System windows directory: C:\Windows 2011/04/03 20:48:04.0003 2020 Running under WOW64 2011/04/03 20:48:04.0003 2020 Processor architecture: Intel x64 2011/04/03 20:48:04.0003 2020 Number of processors: 4 2011/04/03 20:48:04.0003 2020 Page size: 0x1000 2011/04/03 20:48:04.0003 2020 Boot type: Normal boot 2011/04/03 20:48:04.0003 2020 ================================================================================ 2011/04/03 20:48:04.0347 2020 Initialize success 2011/04/03 20:48:09.0635 5572 ================================================================================ 2011/04/03 20:48:09.0635 5572 Scan started 2011/04/03 20:48:09.0635 5572 Mode: Manual; 2011/04/03 20:48:09.0635 5572 ================================================================================ 2011/04/03 20:48:10.0431 5572 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 2011/04/03 20:48:10.0571 5572 5U877 (708ccd77b9363f245d9f9ace480824ca) C:\Windows\system32\DRIVERS\5U877.sys 2011/04/03 20:48:10.0743 5572 ACPI (794ff35015209b9d44f1360c42c9776d) C:\Windows\system32\DRIVERS\ACPI.sys 2011/04/03 20:48:10.0914 5572 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 2011/04/03 20:48:11.0070 5572 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 2011/04/03 20:48:11.0257 5572 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 2011/04/03 20:48:11.0413 5572 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 2011/04/03 20:48:11.0585 5572 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys 2011/04/03 20:48:11.0788 5572 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 2011/04/03 20:48:11.0959 5572 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 2011/04/03 20:48:12.0115 5572 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 2011/04/03 20:48:12.0271 5572 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 2011/04/03 20:48:12.0427 5572 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 2011/04/03 20:48:12.0568 5572 amdsata (ab3166c09438a161fbde13099a72e0af) C:\Windows\system32\DRIVERS\amdsata.sys 2011/04/03 20:48:12.0724 5572 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 2011/04/03 20:48:12.0880 5572 amdxata (5118dcd2065d8c8d752ad5ec0b2d6aa6) C:\Windows\system32\DRIVERS\amdxata.sys 2011/04/03 20:48:13.0083 5572 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 2011/04/03 20:48:13.0285 5572 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 2011/04/03 20:48:13.0457 5572 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 2011/04/03 20:48:13.0629 5572 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/04/03 20:48:13.0785 5572 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 2011/04/03 20:48:13.0909 5572 avgntflt (39c2e2870fc0c2ae0595b883cbe716b4) C:\Windows\system32\DRIVERS\avgntflt.sys 2011/04/03 20:48:14.0034 5572 avipbb (c98fa6e5ad0e857d22716bd2b8b1f399) C:\Windows\system32\DRIVERS\avipbb.sys 2011/04/03 20:48:14.0206 5572 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 2011/04/03 20:48:14.0409 5572 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 2011/04/03 20:48:14.0580 5572 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 2011/04/03 20:48:14.0767 5572 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 2011/04/03 20:48:14.0939 5572 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys 2011/04/03 20:48:15.0111 5572 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 2011/04/03 20:48:15.0204 5572 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 2011/04/03 20:48:15.0438 5572 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 2011/04/03 20:48:15.0454 5572 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 2011/04/03 20:48:15.0501 5572 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 2011/04/03 20:48:15.0516 5572 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/04/03 20:48:15.0579 5572 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys 2011/04/03 20:48:15.0610 5572 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 2011/04/03 20:48:15.0625 5572 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 2011/04/03 20:48:15.0719 5572 BTHPORT (a51fa9d0e85d5adabef72e67f386309c) C:\Windows\system32\Drivers\BTHport.sys 2011/04/03 20:48:15.0797 5572 BTHUSB (f740b9a16b2c06700f2130e19986bf3b) C:\Windows\system32\Drivers\BTHUSB.sys 2011/04/03 20:48:15.0906 5572 btwaudio (6bcfdc2b5b7f66d484486d4bd4b39a6b) C:\Windows\system32\drivers\btwaudio.sys 2011/04/03 20:48:16.0000 5572 btwavdt (82dc8b7c626e526681c1bebed2bc3ff9) C:\Windows\system32\DRIVERS\btwavdt.sys 2011/04/03 20:48:16.0078 5572 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys 2011/04/03 20:48:16.0125 5572 btwrchid (28e105ad3b79f440bf94780f507bf66a) C:\Windows\system32\DRIVERS\btwrchid.sys 2011/04/03 20:48:16.0249 5572 CAXHWAZL (48360b88c4bf45850653bb7c86888ed4) C:\Windows\system32\DRIVERS\CAXHWAZL.sys 2011/04/03 20:48:16.0343 5572 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/04/03 20:48:16.0437 5572 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 2011/04/03 20:48:16.0483 5572 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 2011/04/03 20:48:16.0546 5572 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 2011/04/03 20:48:16.0671 5572 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/04/03 20:48:16.0702 5572 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 2011/04/03 20:48:16.0764 5572 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys 2011/04/03 20:48:16.0858 5572 CnxtHdAudService (22bc1c27274d1cb1c3a8c14cdba0cdf2) C:\Windows\system32\drivers\CHDRT64.sys 2011/04/03 20:48:16.0967 5572 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 2011/04/03 20:48:17.0029 5572 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 2011/04/03 20:48:17.0092 5572 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 2011/04/03 20:48:17.0154 5572 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys 2011/04/03 20:48:17.0232 5572 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys 2011/04/03 20:48:17.0263 5572 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 2011/04/03 20:48:17.0326 5572 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 2011/04/03 20:48:17.0419 5572 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 2011/04/03 20:48:17.0513 5572 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys 2011/04/03 20:48:17.0638 5572 DzHDD64 (5bdef3faa1bfd9c9c5d3dc972049f0fa) C:\Windows\system32\DRIVERS\DzHDD64.sys 2011/04/03 20:48:17.0716 5572 e1kexpress (d2325d1ae61335e2ebadeb1b7c39cb13) C:\Windows\system32\DRIVERS\e1k62x64.sys 2011/04/03 20:48:17.0887 5572 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 2011/04/03 20:48:18.0090 5572 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 2011/04/03 20:48:18.0168 5572 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 2011/04/03 20:48:18.0277 5572 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 2011/04/03 20:48:18.0309 5572 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 2011/04/03 20:48:18.0355 5572 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 2011/04/03 20:48:18.0418 5572 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 2011/04/03 20:48:18.0433 5572 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 2011/04/03 20:48:18.0449 5572 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/04/03 20:48:18.0465 5572 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 2011/04/03 20:48:18.0496 5572 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 2011/04/03 20:48:18.0511 5572 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 2011/04/03 20:48:18.0605 5572 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 2011/04/03 20:48:18.0652 5572 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 2011/04/03 20:48:18.0699 5572 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 2011/04/03 20:48:18.0745 5572 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 2011/04/03 20:48:18.0792 5572 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 2011/04/03 20:48:18.0870 5572 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/04/03 20:48:18.0948 5572 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 2011/04/03 20:48:18.0964 5572 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 2011/04/03 20:48:18.0995 5572 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 2011/04/03 20:48:19.0026 5572 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 2011/04/03 20:48:19.0057 5572 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 2011/04/03 20:48:19.0120 5572 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 2011/04/03 20:48:19.0229 5572 HSF_DPV (f6ac1087a131fbb385400667bea64fbe) C:\Windows\system32\DRIVERS\CAX_DPV.sys 2011/04/03 20:48:19.0354 5572 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 2011/04/03 20:48:19.0385 5572 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 2011/04/03 20:48:19.0432 5572 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/04/03 20:48:19.0494 5572 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys 2011/04/03 20:48:19.0557 5572 iaStorV (513dc087cfed7d2bb82f005385d3531f) C:\Windows\system32\DRIVERS\iaStorV.sys 2011/04/03 20:48:19.0635 5572 IBMPMDRV (3761fab385f1c2f51b2fad48cfabbe9d) C:\Windows\system32\DRIVERS\ibmpmdrv.sys 2011/04/03 20:48:19.0915 5572 igfx (cca0460f3871d3753a881abc81141cd5) C:\Windows\system32\DRIVERS\igdkmd64.sys 2011/04/03 20:48:20.0212 5572 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 2011/04/03 20:48:20.0274 5572 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys 2011/04/03 20:48:20.0352 5572 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys 2011/04/03 20:48:20.0368 5572 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 2011/04/03 20:48:20.0399 5572 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 2011/04/03 20:48:20.0430 5572 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/04/03 20:48:20.0461 5572 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 2011/04/03 20:48:20.0477 5572 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 2011/04/03 20:48:20.0539 5572 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 2011/04/03 20:48:20.0555 5572 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 2011/04/03 20:48:20.0602 5572 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/04/03 20:48:20.0649 5572 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/04/03 20:48:20.0680 5572 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/04/03 20:48:20.0742 5572 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys 2011/04/03 20:48:20.0773 5572 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys 2011/04/03 20:48:20.0789 5572 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 2011/04/03 20:48:20.0898 5572 lenovo.smi (5acff5823634bc2c4ebf559c3b33e18e) C:\Windows\system32\DRIVERS\smiifx64.sys 2011/04/03 20:48:20.0961 5572 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 2011/04/03 20:48:21.0039 5572 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 2011/04/03 20:48:21.0054 5572 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 2011/04/03 20:48:21.0070 5572 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 2011/04/03 20:48:21.0085 5572 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 2011/04/03 20:48:21.0101 5572 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 2011/04/03 20:48:21.0179 5572 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys 2011/04/03 20:48:21.0195 5572 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 2011/04/03 20:48:21.0241 5572 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 2011/04/03 20:48:21.0257 5572 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 2011/04/03 20:48:21.0335 5572 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 2011/04/03 20:48:21.0366 5572 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 2011/04/03 20:48:21.0397 5572 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 2011/04/03 20:48:21.0460 5572 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 2011/04/03 20:48:21.0507 5572 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 2011/04/03 20:48:21.0522 5572 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 2011/04/03 20:48:21.0553 5572 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 2011/04/03 20:48:21.0616 5572 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/04/03 20:48:21.0631 5572 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/04/03 20:48:21.0663 5572 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/04/03 20:48:21.0694 5572 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys 2011/04/03 20:48:21.0709 5572 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 2011/04/03 20:48:21.0772 5572 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 2011/04/03 20:48:21.0787 5572 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 2011/04/03 20:48:21.0803 5572 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 2011/04/03 20:48:21.0850 5572 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 2011/04/03 20:48:21.0897 5572 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/04/03 20:48:21.0912 5572 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 2011/04/03 20:48:21.0928 5572 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 2011/04/03 20:48:21.0943 5572 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/04/03 20:48:21.0990 5572 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 2011/04/03 20:48:22.0006 5572 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 2011/04/03 20:48:22.0021 5572 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 2011/04/03 20:48:22.0084 5572 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 2011/04/03 20:48:22.0177 5572 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 2011/04/03 20:48:22.0255 5572 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/04/03 20:48:22.0287 5572 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/04/03 20:48:22.0302 5572 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/04/03 20:48:22.0333 5572 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/04/03 20:48:22.0349 5572 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 2011/04/03 20:48:22.0427 5572 Netaapl (307bc83250fc8e3b2878d81e7d760299) C:\Windows\system32\DRIVERS\netaapl64.sys 2011/04/03 20:48:22.0458 5572 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 2011/04/03 20:48:22.0474 5572 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 2011/04/03 20:48:22.0645 5572 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys 2011/04/03 20:48:22.0973 5572 NETwNs64 (eb43840babf5589e33186d094de7381d) C:\Windows\system32\DRIVERS\NETwNs64.sys 2011/04/03 20:48:23.0223 5572 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 2011/04/03 20:48:23.0301 5572 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 2011/04/03 20:48:23.0316 5572 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 2011/04/03 20:48:23.0394 5572 Ntfs (1ad8fef2d6ac7116b68b887a9782fd33) C:\Windows\system32\drivers\Ntfs.sys 2011/04/03 20:48:23.0441 5572 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 2011/04/03 20:48:23.0503 5572 nvraid (deab10231cbdb0881fc25428ebe11506) C:\Windows\system32\DRIVERS\nvraid.sys 2011/04/03 20:48:23.0535 5572 nvstor (0af7b8136794e23e87be138992880e64) C:\Windows\system32\DRIVERS\nvstor.sys 2011/04/03 20:48:23.0581 5572 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 2011/04/03 20:48:23.0597 5572 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/04/03 20:48:23.0628 5572 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 2011/04/03 20:48:23.0659 5572 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys 2011/04/03 20:48:23.0784 5572 PCDSRVC{127174DC-C366ED8B-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\pc-doctor\pcdsrvc_x64.pkms 2011/04/03 20:48:23.0956 5572 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 2011/04/03 20:48:24.0112 5572 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 2011/04/03 20:48:24.0221 5572 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 2011/04/03 20:48:24.0252 5572 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 2011/04/03 20:48:24.0299 5572 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 2011/04/03 20:48:24.0564 5572 pmxdrv (0bee791c7c7ace453c134e73633c497d) C:\Windows\system32\drivers\pmxdrv.sys 2011/04/03 20:48:24.0861 5572 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 2011/04/03 20:48:25.0063 5572 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 2011/04/03 20:48:25.0282 5572 psadd (515a7c5a0886fcc60901916785efd549) C:\Windows\system32\DRIVERS\psadd.sys 2011/04/03 20:48:25.0516 5572 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 2011/04/03 20:48:25.0734 5572 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 2011/04/03 20:48:25.0968 5572 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 2011/04/03 20:48:26.0140 5572 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 2011/04/03 20:48:26.0311 5572 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 2011/04/03 20:48:26.0483 5572 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/04/03 20:48:26.0561 5572 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/04/03 20:48:26.0592 5572 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/04/03 20:48:26.0639 5572 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 2011/04/03 20:48:26.0655 5572 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 2011/04/03 20:48:26.0670 5572 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 2011/04/03 20:48:26.0717 5572 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/04/03 20:48:26.0764 5572 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys 2011/04/03 20:48:26.0795 5572 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 2011/04/03 20:48:26.0826 5572 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 2011/04/03 20:48:26.0842 5572 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys 2011/04/03 20:48:26.0951 5572 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\drivers\rdyboost.sys 2011/04/03 20:48:27.0045 5572 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 2011/04/03 20:48:27.0138 5572 rimspci (3dca561aaf776aa2e356fb5b142aa5f8) C:\Windows\system32\DRIVERS\rimspe64.sys 2011/04/03 20:48:27.0247 5572 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 2011/04/03 20:48:27.0279 5572 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys 2011/04/03 20:48:27.0310 5572 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 2011/04/03 20:48:27.0325 5572 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 2011/04/03 20:48:27.0403 5572 sdbus (2c8d162efaf73abd36d8bcbb6340cae7) C:\Windows\system32\DRIVERS\sdbus.sys 2011/04/03 20:48:27.0481 5572 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 2011/04/03 20:48:27.0559 5572 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 2011/04/03 20:48:27.0606 5572 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 2011/04/03 20:48:27.0637 5572 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 2011/04/03 20:48:27.0731 5572 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 2011/04/03 20:48:27.0747 5572 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 2011/04/03 20:48:27.0778 5572 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys 2011/04/03 20:48:27.0809 5572 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 2011/04/03 20:48:27.0934 5572 Shockprf (29e316de2c0261c30c08f872032c53a2) C:\Windows\system32\DRIVERS\Apsx64.sys 2011/04/03 20:48:27.0996 5572 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 2011/04/03 20:48:28.0027 5572 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 2011/04/03 20:48:28.0059 5572 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 2011/04/03 20:48:28.0152 5572 smihlp (c5b1a19b14f19b08ae72fcb20a3075b6) C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys 2011/04/03 20:48:28.0355 5572 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 2011/04/03 20:48:28.0464 5572 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys 2011/04/03 20:48:28.0667 5572 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys 2011/04/03 20:48:28.0854 5572 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS 2011/04/03 20:48:28.0963 5572 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS 2011/04/03 20:48:29.0026 5572 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 2011/04/03 20:48:29.0104 5572 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys 2011/04/03 20:48:29.0197 5572 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 2011/04/03 20:48:29.0260 5572 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys 2011/04/03 20:48:29.0307 5572 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys 2011/04/03 20:48:29.0353 5572 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 2011/04/03 20:48:29.0447 5572 SynTP (868dfb220a18312a12cef01ba9ac069b) C:\Windows\system32\DRIVERS\SynTP.sys 2011/04/03 20:48:29.0572 5572 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys 2011/04/03 20:48:29.0712 5572 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys 2011/04/03 20:48:29.0775 5572 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 2011/04/03 20:48:29.0821 5572 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 2011/04/03 20:48:29.0837 5572 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 2011/04/03 20:48:29.0853 5572 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 2011/04/03 20:48:29.0899 5572 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 2011/04/03 20:48:30.0118 5572 TPDIGIMN (8b359a7f4c715b84c76de3c5167797c5) C:\Windows\system32\DRIVERS\ApsHM64.sys 2011/04/03 20:48:30.0227 5572 TPM (dbcc20c02e8a3e43b03c304a4e40a84f) C:\Windows\system32\drivers\tpm.sys 2011/04/03 20:48:30.0399 5572 TPPWRIF (2c067e01d6bbccc88b233b868e210907) C:\Windows\system32\drivers\Tppwr64v.sys 2011/04/03 20:48:30.0492 5572 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/04/03 20:48:30.0679 5572 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 2011/04/03 20:48:30.0867 5572 TurboB (53ff5f00eab07e329abe48ae3de4f5d7) C:\Windows\system32\DRIVERS\TurboB.sys 2011/04/03 20:48:31.0054 5572 TVTI2C (4daae0413cd4e816258838e2fafb3147) C:\Windows\system32\DRIVERS\Tvti2c.sys 2011/04/03 20:48:31.0132 5572 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 2011/04/03 20:48:31.0179 5572 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys 2011/04/03 20:48:31.0257 5572 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 2011/04/03 20:48:31.0303 5572 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 2011/04/03 20:48:31.0335 5572 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 2011/04/03 20:48:31.0428 5572 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys 2011/04/03 20:48:31.0491 5572 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/04/03 20:48:31.0537 5572 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 2011/04/03 20:48:31.0584 5572 usbehci (cb490987a7f6928a04bb838e3bd8a936) C:\Windows\system32\DRIVERS\usbehci.sys 2011/04/03 20:48:31.0740 5572 usbhub (18124ef0a881a00ee222d02a3ee30270) C:\Windows\system32\DRIVERS\usbhub.sys 2011/04/03 20:48:31.0818 5572 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys 2011/04/03 20:48:31.0943 5572 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 2011/04/03 20:48:32.0099 5572 USBSTOR (a60e7e0fa88ff067d049d525547cd5e9) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/04/03 20:48:32.0193 5572 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/04/03 20:48:32.0380 5572 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys 2011/04/03 20:48:32.0505 5572 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 2011/04/03 20:48:32.0723 5572 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/04/03 20:48:32.0801 5572 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 2011/04/03 20:48:32.0863 5572 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 2011/04/03 20:48:32.0895 5572 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 2011/04/03 20:48:32.0941 5572 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys 2011/04/03 20:48:32.0957 5572 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys 2011/04/03 20:48:33.0019 5572 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 2011/04/03 20:48:33.0035 5572 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 2011/04/03 20:48:33.0082 5572 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 2011/04/03 20:48:33.0129 5572 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 2011/04/03 20:48:33.0160 5572 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 2011/04/03 20:48:33.0269 5572 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 2011/04/03 20:48:33.0441 5572 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 2011/04/03 20:48:33.0503 5572 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 2011/04/03 20:48:33.0565 5572 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2011/04/03 20:48:33.0597 5572 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2011/04/03 20:48:33.0737 5572 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 2011/04/03 20:48:33.0831 5572 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 2011/04/03 20:48:34.0049 5572 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/04/03 20:48:34.0111 5572 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 2011/04/03 20:48:34.0189 5572 winachsf (1edbbf412a382550af6eb35f5e46928e) C:\Windows\system32\DRIVERS\CAX_CNXT.sys 2011/04/03 20:48:34.0423 5572 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUSB.sys 2011/04/03 20:48:34.0548 5572 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 2011/04/03 20:48:34.0689 5572 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 2011/04/03 20:48:34.0735 5572 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 2011/04/03 20:48:34.0782 5572 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/04/03 20:48:34.0845 5572 XAudio (e8f3fa126a06f8e7088f63757112a186) C:\Windows\system32\DRIVERS\XAudio64.sys 2011/04/03 20:48:34.0938 5572 ================================================================================ 2011/04/03 20:48:34.0938 5572 Scan finished 2011/04/03 20:48:34.0938 5572 ================================================================================ 2011/04/03 20:48:54.0906 4196 Deinitialize success |
Themen zu TR/Crypt.ZPACK.Gen2 verursacht Ärger |
abgesicherte, abgesicherten, gescannt, hallo zusammen, laufen, modus, neue, neuen, notebook, ordner, programme, quarantäne, schonmal, system, tr/crypt.zpack.gen, troja, trojaner, verschoben, verschwunden, verursacht, weiteres, wiederherstellung, würde, zusammen |