| |
| |||||||
Log-Analyse und Auswertung: Phorpiex.B.56 dank Facebook LinkWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
31.10.2011, 20:14
| #1 |
 |  Phorpiex.B.56 dank Facebook Link Hi, heute Abend war es nun soweit ich hab ohne genau hinzuschauen einen Link bei Facebook angeklickt.Das hinterhältige dran mein Freund ist Hobbyfotograf und ich dachte natürlich es sei eines seiner neuen Bilder. Ich habe bereits in anderen Threads nach Lösungswegen gesucht da die aber wohl individuel ausfallen können, bin ich mir nicht sicher ob ich ihn schon ganz entfernt habe. Um dem Problem Herr zu werden hab ich Malwarebytes und Eset laufen gelassen. Malwarebytes hat auch einen Fund und diesen entfernt. Seit dem tauchen im Taskmanager auch keine unbekannten Prozesse mehr auf. So und hier noch OTL Log OTL logfile created on: 31.10.2011 19:57:25 - Run 5 OTL by OldTimer - Version 3.2.31.0 Folder = H:\ 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 58,46% Memory free 8,00 Gb Paging File | 6,11 Gb Available in Paging File | 76,40% Paging File free Paging file location(s): h:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 59,53 Gb Total Space | 34,44 Gb Free Space | 57,86% Space Free | Partition Type: NTFS Drive D: | 405,70 Gb Total Space | 198,06 Gb Free Space | 48,82% Space Free | Partition Type: NTFS Drive H: | 60,06 Gb Total Space | 54,86 Gb Free Space | 91,35% Space Free | Partition Type: NTFS Computer Name: MARC-PC | User Name: Marc | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - H:\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe () PRC - C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe (Creative Technology Ltd) PRC - C:\Program Files (x86)\RocketDock\RocketDock.exe () ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\MExplorer.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PhoneUpdate.dll () MOD - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe () MOD - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\TMonitorAPI.dll () MOD - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\Report.dll () MOD - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\VObject.dll () MOD - C:\Windows\SysWOW64\APOMngr.DLL () MOD - C:\Windows\SysWOW64\CmdRtr.DLL () MOD - C:\Windows\SysWOW64\OemSpiE.dll () MOD - C:\Program Files (x86)\RocketDock\RocketDock.exe () MOD - C:\Program Files (x86)\RocketDock\RocketDock.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (NisSrv) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation) SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation) SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (Futuremark SystemInfo Service) -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation) SRV - (OpenVPNService) -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe () SRV - (Sony Ericsson PCCompanion) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software) SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (ggsemc) -- C:\Windows\SysNative\drivers\ggsemc.sys (Sony Ericsson Mobile Communications) DRV:64bit: - (ggflt) -- C:\Windows\SysNative\drivers\ggflt.sys (Sony Ericsson Mobile Communications) DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.) DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.) DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (tapoas) -- C:\Windows\SysNative\drivers\tapoas.sys (The OpenVPN Project) DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices) DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.) DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.) DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (P17) -- C:\Windows\SysNative\drivers\P17.sys (Creative Technology Ltd.) DRV:64bit: - (AtcL001) -- C:\Windows\SysNative\drivers\l160x64.sys (Atheros Communications, Inc.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys () DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 07 1D 90 4E BE 73 CC 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.google.de" FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.09.17 22:46:13 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.09.30 16:52:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.10.26 16:02:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.09.15 19:52:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2011.09.15 19:07:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marc\AppData\Roaming\mozilla\Extensions [2011.10.25 16:00:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marc\AppData\Roaming\mozilla\Firefox\Profiles\kmpcm7l3.default\extensions [2011.10.26 16:02:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.09.15 22:19:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} [2011.10.26 16:02:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} () (No name found) -- C:\USERS\MARC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMPCM7L3.DEFAULT\EXTENSIONS\{097D3191-E6FA-4728-9826-B533D755359D}.XPI () (No name found) -- C:\USERS\MARC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMPCM7L3.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI () (No name found) -- C:\USERS\MARC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMPCM7L3.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011.09.30 16:52:09 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.10.03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011.09.30 16:52:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.09.30 16:52:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.09.30 16:52:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.09.30 16:52:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.09.30 16:52:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.09.30 16:52:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.10.07 17:24:37 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [P17RunE] C:\Windows\SysWow64\P17RunE.dll (Creative Technology Ltd.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe (Creative Technology Ltd) O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe () O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 10.2.0) O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{19597666-D70E-4F7B-A1FA-00C4AE18A231}: DhcpNameServer = 95.141.192.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94E48E46-75F2-46F8-B123-15B80B84EC43}: DhcpNameServer = 192.168.178.1 O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.10.31 19:07:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2011.10.31 19:01:45 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Roaming\Malwarebytes [2011.10.31 19:01:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.10.31 19:01:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.10.31 19:01:17 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.10.31 19:01:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.10.31 18:37:39 | 000,055,384 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys [2011.10.31 18:34:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2011.10.31 18:34:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2011.10.31 18:34:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft [2011.10.31 18:01:33 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011.10.31 17:48:41 | 000,000,000 | RHSD | C] -- C:\Users\Marc\M-1-52-5782-8752-5245 [2011.10.28 16:09:02 | 001,490,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01007.dll [2011.10.28 16:09:02 | 000,027,176 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggsemc.sys [2011.10.28 16:09:02 | 000,013,352 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggflt.sys [2011.10.20 21:07:20 | 000,000,000 | ---D | C] -- C:\Users\Marc\Documents\Might & Magic Heroes VI [2011.10.20 21:07:20 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Roaming\Might & Magic Heroes VI [2011.10.20 20:58:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft [2011.10.20 20:42:29 | 000,270,912 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2011.10.20 20:42:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite [2011.10.20 20:41:23 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Roaming\DAEMON Tools Lite [2011.10.20 20:41:20 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2011.10.16 21:35:51 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Local\TQVault [2011.10.16 21:35:12 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TQVault [2011.10.16 21:00:16 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soul's Software [2011.10.15 14:41:08 | 000,000,000 | ---D | C] -- C:\Users\Marc\Documents\4A Games [2011.10.15 14:40:25 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Local\4A Games [2011.10.15 14:36:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2011.10.15 14:36:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2011.10.14 02:00:36 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011.10.14 02:00:36 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011.10.14 02:00:35 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2011.10.14 02:00:35 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2011.10.14 02:00:34 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011.10.14 02:00:33 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2011.10.14 02:00:33 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011.10.14 02:00:33 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011.10.14 02:00:33 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011.10.13 12:08:47 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll [2011.10.13 12:08:47 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll [2011.10.13 12:08:47 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax [2011.10.13 12:08:46 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax [2011.10.13 12:08:35 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll [2011.10.13 12:08:35 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll [2011.10.11 20:05:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson [2011.10.11 20:05:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony Ericsson [2011.10.11 20:05:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Ericsson [2011.10.10 20:53:18 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2011.10.10 20:52:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2011.10.10 20:51:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies [2011.10.10 20:51:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2011.10.10 20:51:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies [2011.10.10 20:50:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2011.10.10 20:50:00 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2011.10.10 20:49:57 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2011.10.10 20:45:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phyxion.net [2011.10.10 20:45:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Phyxion.net [2011.10.09 17:32:23 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Local\ID Software [2011.10.09 17:27:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Futuremark [2011.10.07 17:25:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN [2011.10.07 17:20:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenVPN Technologies [2011.10.07 06:21:40 | 010,207,232 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys [2011.10.07 04:47:08 | 024,996,864 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll [2011.10.07 04:33:56 | 000,159,744 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe [2011.10.07 04:33:44 | 000,736,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll [2011.10.07 04:32:12 | 000,867,328 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll [2011.10.07 04:29:24 | 000,466,944 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll [2011.10.07 04:29:10 | 000,487,936 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe [2011.10.07 04:28:34 | 000,204,288 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe [2011.10.07 04:27:18 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll [2011.10.07 04:27:00 | 000,423,424 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll [2011.10.07 04:26:54 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll [2011.10.07 04:26:42 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll [2011.10.07 04:26:36 | 000,021,504 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll [2011.10.07 04:26:32 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll [2011.10.07 04:26:26 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll [2011.10.07 04:25:04 | 018,836,992 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll [2011.10.07 04:23:22 | 004,231,680 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll [2011.10.07 04:12:56 | 004,960,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll [2011.10.07 04:01:18 | 004,289,024 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll [2011.10.07 03:54:32 | 005,431,808 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll [2011.10.07 03:53:10 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll [2011.10.07 03:53:08 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll [2011.10.07 03:52:58 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll [2011.10.07 03:52:56 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll [2011.10.07 03:52:46 | 009,809,920 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll [2011.10.07 03:49:02 | 008,390,656 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll [2011.10.07 03:46:48 | 000,479,744 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll [2011.10.07 03:46:40 | 000,335,872 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll [2011.10.07 03:46:26 | 000,017,408 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll [2011.10.07 03:46:22 | 000,014,336 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll [2011.10.07 03:46:22 | 000,014,336 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll [2011.10.07 03:46:18 | 000,039,936 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll [2011.10.07 03:46:10 | 000,032,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll [2011.10.07 03:46:02 | 000,317,952 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys [2011.10.07 03:45:12 | 000,040,960 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll [2011.10.07 03:45:06 | 000,031,744 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll [2011.10.07 03:45:00 | 000,038,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll [2011.10.07 03:44:52 | 000,029,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll [2011.10.07 03:44:18 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll [2011.10.07 03:43:32 | 001,113,088 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6v.dll [2011.10.07 03:42:56 | 001,828,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdmv.dll [2011.10.07 03:42:44 | 004,023,296 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll [2011.10.07 03:31:52 | 004,174,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll [2011.10.07 03:14:06 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll [2011.10.07 03:14:06 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll [2011.10.07 03:14:00 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll [2011.10.07 03:14:00 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll [2011.10.06 21:30:36 | 016,787,456 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll [2011.10.06 21:29:54 | 013,753,856 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll [2011.10.06 21:29:04 | 000,051,200 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2011.10.06 21:29:00 | 000,043,520 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2011.10.02 21:49:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Firefly Studios [2011.10.02 21:49:42 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2011.10.02 21:36:24 | 000,000,000 | ---D | C] -- C:\Users\Marc\Documents\Stronghold 2 [2011.10.02 21:24:01 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Local\dxhr [2011.10.02 21:23:34 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Local\28050 [2011.10.02 13:41:30 | 000,000,000 | ---D | C] -- C:\Users\Marc\Documents\The Lord of the Rings Online [2011.10.02 13:41:30 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Local\The Lord of the Rings Online [2011.10.02 11:35:04 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Serious Sam HD - The Second Encounter [2011.10.01 22:57:41 | 000,000,000 | ---D | C] -- C:\Windows\pss ========== Files - Modified Within 30 Days ========== [2011.10.31 19:46:17 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.10.31 19:46:17 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.10.31 19:42:09 | 000,000,168 | ---- | M] () -- C:\Users\Marc\defogger_reenable [2011.10.31 19:10:15 | 001,648,476 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.10.31 19:10:15 | 000,709,334 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.10.31 19:10:15 | 000,662,952 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.10.31 19:10:15 | 000,153,826 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.10.31 19:10:15 | 000,126,042 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.10.31 19:05:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.10.31 19:01:21 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.10.31 18:42:01 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2011.10.31 18:37:39 | 000,055,384 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys [2011.10.31 18:01:34 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.10.28 16:54:58 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggsemc_01007.Wdf [2011.10.28 16:54:58 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggflt_01007.Wdf [2011.10.28 16:09:02 | 001,490,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01007.dll [2011.10.28 16:09:02 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggsemc.sys [2011.10.28 16:09:02 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggflt.sys [2011.10.28 16:05:30 | 000,002,268 | ---- | M] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 2.0.lnk [2011.10.20 20:58:47 | 000,001,019 | ---- | M] () -- C:\Users\Public\Desktop\Might & Magic Heroes VI.lnk [2011.10.20 20:42:30 | 000,270,912 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2011.10.18 22:11:15 | 000,013,352 | ---- | M] () -- C:\Users\Marc\Desktop\Lebenskraftentzug.vault [2011.10.18 22:08:53 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2011.10.17 16:04:28 | 000,275,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.10.16 21:35:13 | 000,003,035 | ---- | M] () -- C:\Users\Marc\Desktop\TQVault.lnk [2011.10.16 21:00:16 | 000,003,065 | ---- | M] () -- C:\Users\Marc\Desktop\TQ Defiler.NET.lnk [2011.10.14 09:08:08 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2011.10.12 17:06:27 | 000,010,443 | ---- | M] () -- C:\Users\Marc\Desktop\sILeNt heLLsCrEAm.nfo [2011.10.10 20:53:10 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2011.10.07 17:25:23 | 000,001,129 | ---- | M] () -- C:\Users\Public\Desktop\OpenVPN GUI.lnk [2011.10.07 06:21:40 | 010,207,232 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys [2011.10.07 04:47:08 | 024,996,864 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll [2011.10.07 04:34:32 | 000,198,616 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb [2011.10.07 04:33:56 | 000,159,744 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe [2011.10.07 04:33:44 | 000,736,768 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll [2011.10.07 04:32:12 | 000,867,328 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll [2011.10.07 04:29:24 | 000,466,944 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll [2011.10.07 04:29:10 | 000,487,936 | ---- | M] (AMD) -- C:\Windows\SysNative\atieclxx.exe [2011.10.07 04:28:34 | 000,204,288 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe [2011.10.07 04:27:18 | 000,120,320 | ---- | M] (AMD) -- C:\Windows\SysNative\atitmm64.dll [2011.10.07 04:27:00 | 000,423,424 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll [2011.10.07 04:26:54 | 000,356,352 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll [2011.10.07 04:26:42 | 000,278,528 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll [2011.10.07 04:26:36 | 000,021,504 | ---- | M] (AMD) -- C:\Windows\SysNative\atimuixx.dll [2011.10.07 04:26:32 | 000,059,392 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll [2011.10.07 04:26:26 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll [2011.10.07 04:25:04 | 018,836,992 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll [2011.10.07 04:23:22 | 004,231,680 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll [2011.10.07 04:12:56 | 004,960,768 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll [2011.10.07 04:01:18 | 004,289,024 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll [2011.10.07 03:54:32 | 005,431,808 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll [2011.10.07 03:53:10 | 000,051,200 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll [2011.10.07 03:53:08 | 000,046,080 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll [2011.10.07 03:52:58 | 000,044,544 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll [2011.10.07 03:52:56 | 000,044,032 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll [2011.10.07 03:52:46 | 009,809,920 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll [2011.10.07 03:49:02 | 008,390,656 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll [2011.10.07 03:46:48 | 000,479,744 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll [2011.10.07 03:46:40 | 000,335,872 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll [2011.10.07 03:46:26 | 000,017,408 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll [2011.10.07 03:46:22 | 000,014,336 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll [2011.10.07 03:46:22 | 000,014,336 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll [2011.10.07 03:46:18 | 000,039,936 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll [2011.10.07 03:46:10 | 000,032,768 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll [2011.10.07 03:46:02 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys [2011.10.07 03:45:12 | 000,040,960 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll [2011.10.07 03:45:06 | 000,031,744 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll [2011.10.07 03:45:00 | 000,038,912 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll [2011.10.07 03:44:52 | 000,029,184 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll [2011.10.07 03:44:18 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll [2011.10.07 03:43:32 | 001,113,088 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6v.dll [2011.10.07 03:42:56 | 001,828,864 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdmv.dll [2011.10.07 03:42:44 | 004,023,296 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll [2011.10.07 03:38:42 | 001,847,904 | ---- | M] () -- C:\Windows\SysNative\atiumd6a.cap [2011.10.07 03:31:52 | 004,174,848 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll [2011.10.07 03:30:34 | 001,849,344 | ---- | M] () -- C:\Windows\SysWow64\atiumdva.cap [2011.10.07 03:22:22 | 000,058,880 | ---- | M] (AMD) -- C:\Windows\SysNative\coinst.dll [2011.10.07 03:14:06 | 000,054,784 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll [2011.10.07 03:14:06 | 000,054,784 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll [2011.10.07 03:14:00 | 000,053,760 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll [2011.10.07 03:14:00 | 000,053,760 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll [2011.10.06 21:30:54 | 000,066,048 | ---- | M] () -- C:\Windows\SysNative\OpenVideo64.dll [2011.10.06 21:30:48 | 000,056,832 | ---- | M] () -- C:\Windows\SysWow64\OpenVideo.dll [2011.10.06 21:30:36 | 016,787,456 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll [2011.10.06 21:29:54 | 013,753,856 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll [2011.10.06 21:29:04 | 000,051,200 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2011.10.06 21:29:00 | 000,043,520 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2011.10.03 04:06:16 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011.10.03 04:06:15 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011.10.03 04:06:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011.10.03 04:06:03 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2011.10.02 21:49:42 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2011.10.02 11:35:04 | 000,000,868 | ---- | M] () -- C:\Users\Marc\Desktop\Serious Sam HD - The Second Encounter.lnk ========== Files Created - No Company Name ========== [2011.10.31 19:42:09 | 000,000,168 | ---- | C] () -- C:\Users\Marc\defogger_reenable [2011.10.31 19:01:21 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.10.31 18:41:31 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2011.10.31 18:01:34 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.10.28 16:54:58 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggsemc_01007.Wdf [2011.10.28 16:54:58 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggflt_01007.Wdf [2011.10.20 20:58:47 | 000,001,019 | ---- | C] () -- C:\Users\Public\Desktop\Might & Magic Heroes VI.lnk [2011.10.18 22:11:15 | 000,013,352 | ---- | C] () -- C:\Users\Marc\Desktop\Lebenskraftentzug.vault [2011.10.18 22:08:53 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2011.10.16 21:35:13 | 000,003,035 | ---- | C] () -- C:\Users\Marc\Desktop\TQVault.lnk [2011.10.16 21:00:16 | 000,003,065 | ---- | C] () -- C:\Users\Marc\Desktop\TQ Defiler.NET.lnk [2011.10.13 09:31:37 | 000,010,443 | ---- | C] () -- C:\Users\Marc\Desktop\sILeNt heLLsCrEAm.nfo [2011.10.13 09:31:36 | 000,036,548 | ---- | C] () -- C:\Users\Marc\Desktop\Play.dll [2011.10.11 20:05:48 | 000,002,268 | ---- | C] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 2.0.lnk [2011.10.10 20:53:10 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.10.07 17:25:23 | 000,001,129 | ---- | C] () -- C:\Users\Public\Desktop\OpenVPN GUI.lnk [2011.10.07 04:34:32 | 000,198,616 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb [2011.10.07 03:38:42 | 001,847,904 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap [2011.10.07 03:30:34 | 001,849,344 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap [2011.10.06 21:30:54 | 000,066,048 | ---- | C] () -- C:\Windows\SysNative\OpenVideo64.dll [2011.10.06 21:30:48 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll [2011.10.02 11:35:04 | 000,000,868 | ---- | C] () -- C:\Users\Marc\Desktop\Serious Sam HD - The Second Encounter.lnk [2011.10.01 18:10:05 | 000,000,092 | ---- | C] () -- C:\Users\Marc\AppData\Local\fusioncache.dat [2011.09.17 22:51:57 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011.09.17 22:51:56 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2011.09.17 22:51:53 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011.09.17 22:51:53 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011.09.17 22:51:53 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2011.09.15 19:14:12 | 001,674,774 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.09.15 16:59:39 | 000,177,664 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2011.09.15 16:59:39 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2011.09.15 16:47:57 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2011.09.14 17:23:55 | 000,150,016 | ---- | C] () -- C:\Windows\SysWow64\OemSpiE.dll [2011.09.14 17:23:53 | 000,002,177 | ---- | C] () -- C:\Windows\P17EP.ini [2011.09.14 17:23:53 | 000,001,578 | ---- | C] () -- C:\Windows\P17EPLS.ini [2011.09.14 17:23:53 | 000,001,489 | ---- | C] () -- C:\Windows\P17EP51.ini [2011.09.14 10:47:40 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2011.03.17 18:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat ========== LOP Check ========== [2011.10.29 22:30:26 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\.minecraft [2011.10.31 18:02:57 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\DAEMON Tools Lite [2011.09.15 19:11:36 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Leadertech [2011.09.15 21:22:11 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\LolClient [2011.10.20 21:23:25 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Might & Magic Heroes VI [2011.09.15 19:52:45 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Thunderbird [2011.10.02 15:18:08 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\TS3Client [2011.10.31 18:02:57 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\uTorrent [2011.10.31 18:42:01 | 000,000,408 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job [2009.07.14 06:08:49 | 000,020,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2011.09.15 16:43:22 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2011.09.15 16:43:08 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2011.09.17 17:42:25 | 000,000,000 | ---D | M] -- C:\Guild Wars [2011.09.15 16:46:54 | 000,000,000 | ---D | M] -- C:\Intel [2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs [2011.10.31 18:01:33 | 000,000,000 | R--D | M] -- C:\Program Files [2011.10.31 19:07:26 | 000,000,000 | R--D | M] -- C:\Program Files (x86) [2011.10.31 19:01:20 | 000,000,000 | -H-D | M] -- C:\ProgramData [2011.09.15 16:43:08 | 000,000,000 | -HSD | M] -- C:\Programme [2011.09.15 16:43:08 | 000,000,000 | -HSD | M] -- C:\Recovery [2011.10.31 19:50:17 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2011.09.15 16:43:15 | 000,000,000 | R--D | M] -- C:\Users [2011.10.31 18:03:59 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.manifest /3 > < MD5 for: EXPLORER.EXE > [2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe [2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe [2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe [2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe [2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe [2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe < MD5 for: REGEDIT.EXE > [2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe [2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe [2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe [2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe < MD5 for: USERINIT.EXE > [2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > < > < End of report > Gruss, Marc |
|
31.10.2011, 22:31
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Phorpiex.B.56 dank Facebook LinkZitat:
__________________ |
|
31.10.2011, 22:55
| #3 | ||
| | Phorpiex.B.56 dank Facebook Link So hier nochmal fix Logs einmal mit Befund und kurz darauf noch einmal dazwischen war ein Neustart
__________________Zitat:
Zitat:
|
|
01.11.2011, 10:44
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Phorpiex.B.56 dank Facebook Link Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
01.11.2011, 20:36
| #5 | ||
| | Phorpiex.B.56 dank Facebook Link Hier die Logs Zitat:
Zitat:
|
|
01.11.2011, 21:28
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Phorpiex.B.56 dank Facebook Link Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
MOD - C:\Windows\SysWOW64\APOMngr.DLL ()
MOD - C:\Windows\SysWOW64\CmdRtr.DLL ()
MOD - C:\Windows\SysWOW64\OemSpiE.dll ()
O32 - HKLM CDRom: AutoRun - 1
[2011.10.31 17:48:41 | 000,000,000 | RHSD | C] -- C:\Users\Marc\M-1-52-5782-8752-5245
[2011.10.02 21:24:01 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Local\dxhr
[2011.10.02 21:23:34 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Local\28050
:Commands
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ --> Phorpiex.B.56 dank Facebook Link |
|
01.11.2011, 21:41
| #7 | |
| | Phorpiex.B.56 dank Facebook Link Hat alles soweit geklappt denk ich mal hier der Log Zitat:
|
|
01.11.2011, 21:58
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Phorpiex.B.56 dank Facebook Link Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.11.2011, 22:09
| #9 |
| | Phorpiex.B.56 dank Facebook Link So und weiter gehts im Programm hier die nächste Log Code:
ATTFilter 22:07:38.0528 3080 TDSS rootkit removing tool 2.6.14.0 Oct 28 2011 11:11:01
22:07:38.0793 3080 ============================================================
22:07:38.0793 3080 Current date / time: 2011/11/01 22:07:38.0793
22:07:38.0793 3080 SystemInfo:
22:07:38.0793 3080
22:07:38.0793 3080 OS Version: 6.1.7601 ServicePack: 1.0
22:07:38.0793 3080 Product type: Workstation
22:07:38.0793 3080 ComputerName: MARC-PC
22:07:38.0793 3080 UserName: Marc
22:07:38.0793 3080 Windows directory: C:\Windows
22:07:38.0793 3080 System windows directory: C:\Windows
22:07:38.0793 3080 Running under WOW64
22:07:38.0793 3080 Processor architecture: Intel x64
22:07:38.0793 3080 Number of processors: 2
22:07:38.0793 3080 Page size: 0x1000
22:07:38.0793 3080 Boot type: Normal boot
22:07:38.0793 3080 ============================================================
22:07:38.0934 3080 Initialize success
22:07:42.0958 1816 ============================================================
22:07:42.0958 1816 Scan started
22:07:42.0958 1816 Mode: Manual; SigCheck; TDLFS;
22:07:42.0958 1816 ============================================================
22:07:43.0161 1816 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
22:07:43.0192 1816 1394ohci - ok
22:07:43.0208 1816 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
22:07:43.0208 1816 ACPI - ok
22:07:43.0224 1816 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
22:07:43.0239 1816 AcpiPmi - ok
22:07:43.0255 1816 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
22:07:43.0270 1816 adp94xx - ok
22:07:43.0286 1816 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
22:07:43.0286 1816 adpahci - ok
22:07:43.0302 1816 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
22:07:43.0317 1816 adpu320 - ok
22:07:43.0333 1816 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
22:07:43.0348 1816 AFD - ok
22:07:43.0348 1816 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
22:07:43.0364 1816 agp440 - ok
22:07:43.0380 1816 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
22:07:43.0380 1816 aliide - ok
22:07:43.0395 1816 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
22:07:43.0395 1816 amdide - ok
22:07:43.0411 1816 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
22:07:43.0426 1816 AmdK8 - ok
22:07:43.0520 1816 amdkmdag (43bd304bb9f43973a75b37c6d7c88a83) C:\Windows\system32\DRIVERS\atikmdag.sys
22:07:43.0629 1816 amdkmdag - ok
22:07:43.0645 1816 amdkmdap (783f10e1cb8503b556e5a9df0a264031) C:\Windows\system32\DRIVERS\atikmpag.sys
22:07:43.0645 1816 amdkmdap - ok
22:07:43.0660 1816 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
22:07:43.0660 1816 AmdPPM - ok
22:07:43.0676 1816 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
22:07:43.0692 1816 amdsata - ok
22:07:43.0692 1816 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
22:07:43.0707 1816 amdsbs - ok
22:07:43.0723 1816 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
22:07:43.0723 1816 amdxata - ok
22:07:43.0738 1816 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
22:07:43.0754 1816 AppID - ok
22:07:43.0770 1816 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
22:07:43.0785 1816 arc - ok
22:07:43.0801 1816 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
22:07:43.0801 1816 arcsas - ok
22:07:43.0816 1816 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:07:43.0848 1816 AsyncMac - ok
22:07:43.0848 1816 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
22:07:43.0863 1816 atapi - ok
22:07:43.0879 1816 AtcL001 (940e5b876251e04fffe058ad71fe0f1c) C:\Windows\system32\DRIVERS\l160x64.sys
22:07:43.0879 1816 AtcL001 - ok
22:07:43.0894 1816 AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
22:07:43.0910 1816 AtiHDAudioService - ok
22:07:43.0926 1816 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
22:07:43.0941 1816 b06bdrv - ok
22:07:43.0941 1816 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:07:43.0957 1816 b57nd60a - ok
22:07:43.0972 1816 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:07:44.0004 1816 Beep - ok
22:07:44.0019 1816 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
22:07:44.0019 1816 blbdrive - ok
22:07:44.0035 1816 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
22:07:44.0035 1816 bowser - ok
22:07:44.0050 1816 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:07:44.0066 1816 BrFiltLo - ok
22:07:44.0066 1816 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:07:44.0082 1816 BrFiltUp - ok
22:07:44.0097 1816 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:07:44.0113 1816 Brserid - ok
22:07:44.0113 1816 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:07:44.0128 1816 BrSerWdm - ok
22:07:44.0144 1816 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:07:44.0144 1816 BrUsbMdm - ok
22:07:44.0160 1816 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
22:07:44.0175 1816 BrUsbSer - ok
22:07:44.0175 1816 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
22:07:44.0191 1816 BTHMODEM - ok
22:07:44.0206 1816 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:07:44.0238 1816 cdfs - ok
22:07:44.0238 1816 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
22:07:44.0253 1816 cdrom - ok
22:07:44.0269 1816 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
22:07:44.0284 1816 circlass - ok
22:07:44.0284 1816 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:07:44.0300 1816 CLFS - ok
22:07:44.0316 1816 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
22:07:44.0331 1816 CmBatt - ok
22:07:44.0331 1816 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
22:07:44.0347 1816 cmdide - ok
22:07:44.0362 1816 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
22:07:44.0378 1816 CNG - ok
22:07:44.0378 1816 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
22:07:44.0394 1816 Compbatt - ok
22:07:44.0409 1816 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
22:07:44.0425 1816 CompositeBus - ok
22:07:44.0425 1816 cpuz135 - ok
22:07:44.0440 1816 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
22:07:44.0440 1816 crcdisk - ok
22:07:44.0456 1816 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
22:07:44.0487 1816 DfsC - ok
22:07:44.0503 1816 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:07:44.0534 1816 discache - ok
22:07:44.0534 1816 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
22:07:44.0550 1816 Disk - ok
22:07:44.0565 1816 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:07:44.0565 1816 drmkaud - ok
22:07:44.0581 1816 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
22:07:44.0596 1816 dtsoftbus01 - ok
22:07:44.0612 1816 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
22:07:44.0628 1816 DXGKrnl - ok
22:07:44.0674 1816 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
22:07:44.0706 1816 ebdrv - ok
22:07:44.0721 1816 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
22:07:44.0737 1816 elxstor - ok
22:07:44.0752 1816 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
22:07:44.0768 1816 ErrDev - ok
22:07:44.0784 1816 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:07:44.0799 1816 exfat - ok
22:07:44.0815 1816 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:07:44.0846 1816 fastfat - ok
22:07:44.0862 1816 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
22:07:44.0862 1816 fdc - ok
22:07:44.0877 1816 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:07:44.0893 1816 FileInfo - ok
22:07:44.0893 1816 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:07:44.0924 1816 Filetrace - ok
22:07:44.0940 1816 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
22:07:44.0940 1816 flpydisk - ok
22:07:44.0955 1816 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
22:07:44.0971 1816 FltMgr - ok
22:07:44.0986 1816 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:07:44.0986 1816 FsDepends - ok
22:07:45.0002 1816 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
22:07:45.0002 1816 Fs_Rec - ok
22:07:45.0018 1816 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:07:45.0033 1816 fvevol - ok
22:07:45.0049 1816 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:07:45.0049 1816 gagp30kx - ok
22:07:45.0064 1816 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys
22:07:45.0064 1816 ggflt - ok
22:07:45.0080 1816 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys
22:07:45.0080 1816 ggsemc - ok
22:07:45.0096 1816 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:07:45.0096 1816 hcw85cir - ok
22:07:45.0111 1816 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
22:07:45.0127 1816 HdAudAddService - ok
22:07:45.0142 1816 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
22:07:45.0158 1816 HDAudBus - ok
22:07:45.0158 1816 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
22:07:45.0174 1816 HidBatt - ok
22:07:45.0174 1816 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
22:07:45.0189 1816 HidBth - ok
22:07:45.0205 1816 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
22:07:45.0220 1816 HidIr - ok
22:07:45.0220 1816 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
22:07:45.0236 1816 HidUsb - ok
22:07:45.0252 1816 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
22:07:45.0267 1816 HpSAMD - ok
22:07:45.0283 1816 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
22:07:45.0314 1816 HTTP - ok
22:07:45.0314 1816 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
22:07:45.0330 1816 hwpolicy - ok
22:07:45.0330 1816 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
22:07:45.0345 1816 i8042prt - ok
22:07:45.0361 1816 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
22:07:45.0376 1816 iaStorV - ok
22:07:45.0392 1816 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
22:07:45.0392 1816 iirsp - ok
22:07:45.0408 1816 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
22:07:45.0408 1816 intelide - ok
22:07:45.0439 1816 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:07:45.0454 1816 intelppm - ok
22:07:45.0454 1816 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:07:45.0486 1816 IpFilterDriver - ok
22:07:45.0501 1816 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
22:07:45.0501 1816 IPMIDRV - ok
22:07:45.0517 1816 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:07:45.0548 1816 IPNAT - ok
22:07:45.0564 1816 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:07:45.0564 1816 IRENUM - ok
22:07:45.0579 1816 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
22:07:45.0579 1816 isapnp - ok
22:07:45.0595 1816 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
22:07:45.0610 1816 iScsiPrt - ok
22:07:45.0626 1816 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
22:07:45.0626 1816 kbdclass - ok
22:07:45.0642 1816 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
22:07:45.0642 1816 kbdhid - ok
22:07:45.0657 1816 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
22:07:45.0673 1816 KSecDD - ok
22:07:45.0673 1816 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
22:07:45.0688 1816 KSecPkg - ok
22:07:45.0704 1816 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:07:45.0720 1816 ksthunk - ok
22:07:45.0735 1816 LGBusEnum (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys
22:07:45.0751 1816 LGBusEnum - ok
22:07:45.0751 1816 LGVirHid (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys
22:07:45.0766 1816 LGVirHid - ok
22:07:45.0766 1816 LHidFilt (1074c77a47835e03c15bf92452f9a750) C:\Windows\system32\DRIVERS\LHidFilt.Sys
22:07:45.0782 1816 LHidFilt - ok
22:07:45.0798 1816 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:07:45.0813 1816 lltdio - ok
22:07:45.0829 1816 LMouFilt (96999c364c649e2866a268f7420a304a) C:\Windows\system32\DRIVERS\LMouFilt.Sys
22:07:45.0844 1816 LMouFilt - ok
22:07:45.0844 1816 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:07:45.0860 1816 LSI_FC - ok
22:07:45.0876 1816 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:07:45.0876 1816 LSI_SAS - ok
22:07:45.0891 1816 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:07:45.0891 1816 LSI_SAS2 - ok
22:07:45.0907 1816 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:07:45.0922 1816 LSI_SCSI - ok
22:07:45.0922 1816 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:07:45.0954 1816 luafv - ok
22:07:45.0969 1816 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
22:07:45.0969 1816 MBAMProtector - ok
22:07:45.0985 1816 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
22:07:46.0000 1816 megasas - ok
22:07:46.0016 1816 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
22:07:46.0016 1816 MegaSR - ok
22:07:46.0032 1816 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:07:46.0063 1816 Modem - ok
22:07:46.0063 1816 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:07:46.0078 1816 monitor - ok
22:07:46.0094 1816 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
22:07:46.0094 1816 mouclass - ok
22:07:46.0110 1816 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:07:46.0125 1816 mouhid - ok
22:07:46.0125 1816 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
22:07:46.0141 1816 mountmgr - ok
22:07:46.0156 1816 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
22:07:46.0156 1816 MpFilter - ok
22:07:46.0172 1816 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
22:07:46.0188 1816 mpio - ok
22:07:46.0188 1816 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
22:07:46.0203 1816 MpNWMon - ok
22:07:46.0203 1816 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:07:46.0234 1816 mpsdrv - ok
22:07:46.0250 1816 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
22:07:46.0266 1816 MRxDAV - ok
22:07:46.0266 1816 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:07:46.0281 1816 mrxsmb - ok
22:07:46.0297 1816 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:07:46.0312 1816 mrxsmb10 - ok
22:07:46.0312 1816 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:07:46.0328 1816 mrxsmb20 - ok
22:07:46.0328 1816 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
22:07:46.0344 1816 msahci - ok
22:07:46.0359 1816 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
22:07:46.0359 1816 msdsm - ok
22:07:46.0375 1816 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:07:46.0406 1816 Msfs - ok
22:07:46.0422 1816 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:07:46.0453 1816 mshidkmdf - ok
22:07:46.0453 1816 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
22:07:46.0468 1816 msisadrv - ok
22:07:46.0484 1816 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:07:46.0500 1816 MSKSSRV - ok
22:07:46.0515 1816 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:07:46.0546 1816 MSPCLOCK - ok
22:07:46.0562 1816 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:07:46.0578 1816 MSPQM - ok
22:07:46.0593 1816 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
22:07:46.0609 1816 MsRPC - ok
22:07:46.0624 1816 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
22:07:46.0624 1816 mssmbios - ok
22:07:46.0640 1816 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:07:46.0671 1816 MSTEE - ok
22:07:46.0671 1816 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
22:07:46.0687 1816 MTConfig - ok
22:07:46.0687 1816 MTsensor (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys
22:07:46.0702 1816 MTsensor - ok
22:07:46.0718 1816 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:07:46.0718 1816 Mup - ok
22:07:46.0734 1816 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:07:46.0749 1816 NativeWifiP - ok
22:07:46.0765 1816 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
22:07:46.0780 1816 NDIS - ok
22:07:46.0796 1816 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:07:46.0827 1816 NdisCap - ok
22:07:46.0843 1816 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:07:46.0858 1816 NdisTapi - ok
22:07:46.0874 1816 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
22:07:46.0905 1816 Ndisuio - ok
22:07:46.0905 1816 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
22:07:46.0936 1816 NdisWan - ok
22:07:46.0952 1816 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
22:07:46.0983 1816 NDProxy - ok
22:07:46.0999 1816 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:07:47.0014 1816 NetBIOS - ok
22:07:47.0030 1816 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
22:07:47.0061 1816 NetBT - ok
22:07:47.0077 1816 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
22:07:47.0092 1816 nfrd960 - ok
22:07:47.0108 1816 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:07:47.0108 1816 NisDrv - ok
22:07:47.0124 1816 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:07:47.0155 1816 Npfs - ok
22:07:47.0155 1816 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:07:47.0186 1816 nsiproxy - ok
22:07:47.0217 1816 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
22:07:47.0248 1816 Ntfs - ok
22:07:47.0248 1816 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:07:47.0280 1816 Null - ok
22:07:47.0295 1816 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
22:07:47.0295 1816 nvraid - ok
22:07:47.0311 1816 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
22:07:47.0326 1816 nvstor - ok
22:07:47.0326 1816 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
22:07:47.0342 1816 nv_agp - ok
22:07:47.0342 1816 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
22:07:47.0358 1816 ohci1394 - ok
22:07:47.0389 1816 P17 (edd1dcd36f6115acc6935c3f88ff54d7) C:\Windows\system32\drivers\P17.sys
22:07:47.0404 1816 P17 - ok
22:07:47.0420 1816 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
22:07:47.0420 1816 Parport - ok
22:07:47.0436 1816 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
22:07:47.0451 1816 partmgr - ok
22:07:47.0467 1816 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
22:07:47.0467 1816 pci - ok
22:07:47.0482 1816 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
22:07:47.0482 1816 pciide - ok
22:07:47.0498 1816 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
22:07:47.0514 1816 pcmcia - ok
22:07:47.0514 1816 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:07:47.0529 1816 pcw - ok
22:07:47.0545 1816 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:07:47.0576 1816 PEAUTH - ok
22:07:47.0607 1816 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
22:07:47.0638 1816 PptpMiniport - ok
22:07:47.0638 1816 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
22:07:47.0654 1816 Processor - ok
22:07:47.0670 1816 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
22:07:47.0685 1816 Psched - ok
22:07:47.0716 1816 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
22:07:47.0748 1816 ql2300 - ok
22:07:47.0748 1816 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
22:07:47.0763 1816 ql40xx - ok
22:07:47.0779 1816 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:07:47.0794 1816 QWAVEdrv - ok
22:07:47.0794 1816 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:07:47.0826 1816 RasAcd - ok
22:07:47.0841 1816 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:07:47.0857 1816 RasAgileVpn - ok
22:07:47.0872 1816 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:07:47.0904 1816 Rasl2tp - ok
22:07:47.0919 1816 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:07:47.0950 1816 RasPppoe - ok
22:07:47.0950 1816 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:07:47.0982 1816 RasSstp - ok
22:07:47.0997 1816 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
22:07:48.0028 1816 rdbss - ok
22:07:48.0028 1816 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
22:07:48.0044 1816 rdpbus - ok
22:07:48.0060 1816 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:07:48.0075 1816 RDPCDD - ok
22:07:48.0091 1816 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:07:48.0122 1816 RDPENCDD - ok
22:07:48.0138 1816 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:07:48.0169 1816 RDPREFMP - ok
22:07:48.0169 1816 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
22:07:48.0200 1816 RDPWD - ok
22:07:48.0216 1816 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
22:07:48.0231 1816 rdyboost - ok
22:07:48.0247 1816 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:07:48.0278 1816 rspndr - ok
22:07:48.0278 1816 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
22:07:48.0294 1816 sbp2port - ok
22:07:48.0309 1816 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
22:07:48.0325 1816 scfilter - ok
22:07:48.0340 1816 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:07:48.0372 1816 secdrv - ok
22:07:48.0387 1816 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
22:07:48.0403 1816 Serenum - ok
22:07:48.0403 1816 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
22:07:48.0418 1816 Serial - ok
22:07:48.0434 1816 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
22:07:48.0434 1816 sermouse - ok
22:07:48.0450 1816 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
22:07:48.0465 1816 sffdisk - ok
22:07:48.0481 1816 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
22:07:48.0481 1816 sffp_mmc - ok
22:07:48.0496 1816 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
22:07:48.0512 1816 sffp_sd - ok
22:07:48.0512 1816 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
22:07:48.0528 1816 sfloppy - ok
22:07:48.0543 1816 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:07:48.0543 1816 SiSRaid2 - ok
22:07:48.0559 1816 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
22:07:48.0559 1816 SiSRaid4 - ok
22:07:48.0574 1816 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:07:48.0606 1816 Smb - ok
22:07:48.0621 1816 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:07:48.0621 1816 spldr - ok
22:07:48.0652 1816 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
22:07:48.0652 1816 srv - ok
22:07:48.0668 1816 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
22:07:48.0684 1816 srv2 - ok
22:07:48.0699 1816 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
22:07:48.0715 1816 srvnet - ok
22:07:48.0715 1816 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
22:07:48.0730 1816 stexstor - ok
22:07:48.0746 1816 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
22:07:48.0746 1816 swenum - ok
22:07:48.0762 1816 tap0901 (f0b9d3ed88e56d3cd713dff21e42aaf0) C:\Windows\system32\DRIVERS\tap0901.sys
22:07:48.0762 1816 tap0901 - ok
22:07:48.0777 1816 tapoas (927d0cdb3f96efc1e98fb1a2c9fb67ad) C:\Windows\system32\DRIVERS\tapoas.sys
22:07:48.0793 1816 tapoas - ok
22:07:48.0824 1816 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
22:07:48.0840 1816 Tcpip - ok
22:07:48.0871 1816 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
22:07:48.0902 1816 TCPIP6 - ok
22:07:48.0918 1816 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
22:07:48.0949 1816 tcpipreg - ok
22:07:48.0949 1816 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:07:48.0980 1816 TDPIPE - ok
22:07:48.0996 1816 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
22:07:49.0027 1816 TDTCP - ok
22:07:49.0027 1816 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
22:07:49.0058 1816 tdx - ok
22:07:49.0074 1816 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
22:07:49.0074 1816 TermDD - ok
22:07:49.0089 1816 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:07:49.0120 1816 tssecsrv - ok
22:07:49.0136 1816 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
22:07:49.0136 1816 TsUsbFlt - ok
22:07:49.0152 1816 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
22:07:49.0183 1816 tunnel - ok
22:07:49.0198 1816 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
22:07:49.0198 1816 uagp35 - ok
22:07:49.0214 1816 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
22:07:49.0245 1816 udfs - ok
22:07:49.0261 1816 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
22:07:49.0261 1816 uliagpkx - ok
22:07:49.0276 1816 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
22:07:49.0292 1816 umbus - ok
22:07:49.0292 1816 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
22:07:49.0308 1816 UmPass - ok
22:07:49.0323 1816 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
22:07:49.0323 1816 usbccgp - ok
22:07:49.0339 1816 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
22:07:49.0354 1816 usbcir - ok
22:07:49.0354 1816 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
22:07:49.0370 1816 usbehci - ok
22:07:49.0386 1816 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
22:07:49.0401 1816 usbhub - ok
22:07:49.0401 1816 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
22:07:49.0417 1816 usbohci - ok
22:07:49.0417 1816 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
22:07:49.0432 1816 usbprint - ok
22:07:49.0448 1816 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:07:49.0464 1816 USBSTOR - ok
22:07:49.0464 1816 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
22:07:49.0479 1816 usbuhci - ok
22:07:49.0495 1816 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
22:07:49.0495 1816 vdrvroot - ok
22:07:49.0510 1816 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:07:49.0526 1816 vga - ok
22:07:49.0526 1816 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:07:49.0557 1816 VgaSave - ok
22:07:49.0573 1816 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
22:07:49.0588 1816 vhdmp - ok
22:07:49.0588 1816 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
22:07:49.0604 1816 viaide - ok
22:07:49.0604 1816 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
22:07:49.0620 1816 volmgr - ok
22:07:49.0635 1816 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
22:07:49.0651 1816 volmgrx - ok
22:07:49.0651 1816 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
22:07:49.0666 1816 volsnap - ok
22:07:49.0682 1816 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
22:07:49.0682 1816 vsmraid - ok
22:07:49.0698 1816 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
22:07:49.0713 1816 vwifibus - ok
22:07:49.0729 1816 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
22:07:49.0729 1816 WacomPen - ok
22:07:49.0744 1816 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:07:49.0776 1816 WANARP - ok
22:07:49.0776 1816 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:07:49.0807 1816 Wanarpv6 - ok
22:07:49.0822 1816 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
22:07:49.0822 1816 Wd - ok
22:07:49.0838 1816 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:07:49.0854 1816 Wdf01000 - ok
22:07:49.0885 1816 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:07:49.0900 1816 WfpLwf - ok
22:07:49.0916 1816 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:07:49.0932 1816 WIMMount - ok
22:07:49.0947 1816 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
22:07:49.0963 1816 WinUsb - ok
22:07:49.0978 1816 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
22:07:49.0978 1816 WmiAcpi - ok
22:07:49.0994 1816 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:07:50.0025 1816 ws2ifsl - ok
22:07:50.0041 1816 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
22:07:50.0072 1816 WudfPf - ok
22:07:50.0088 1816 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:07:50.0119 1816 WUDFRd - ok
22:07:50.0119 1816 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:07:50.0134 1816 \Device\Harddisk0\DR0 - ok
22:07:50.0134 1816 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
22:07:50.0166 1816 \Device\Harddisk1\DR1 - ok
22:07:50.0166 1816 Boot (0x1200) (90ba7ed2569fc5e7b205a26c4eff7b64) \Device\Harddisk0\DR0\Partition0
22:07:50.0166 1816 \Device\Harddisk0\DR0\Partition0 - ok
22:07:50.0166 1816 Boot (0x1200) (2002494668ec5c702f63a30738745001) \Device\Harddisk0\DR0\Partition1
22:07:50.0166 1816 \Device\Harddisk0\DR0\Partition1 - ok
22:07:50.0166 1816 Boot (0x1200) (e449672f0f492ce34563898948d7b8df) \Device\Harddisk1\DR1\Partition0
22:07:50.0166 1816 \Device\Harddisk1\DR1\Partition0 - ok
22:07:50.0166 1816 Boot (0x1200) (c133725402b3f799c4e48c69563905cd) \Device\Harddisk1\DR1\Partition1
22:07:50.0166 1816 \Device\Harddisk1\DR1\Partition1 - ok
22:07:50.0181 1816 ============================================================
22:07:50.0181 1816 Scan finished
22:07:50.0181 1816 ============================================================
22:07:50.0181 3188 Detected object count: 0
22:07:50.0181 3188 Actual detected object count: 0
|
|
02.11.2011, 09:28
| #10 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Phorpiex.B.56 dank Facebook Link Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.11.2011, 17:05
| #11 |
| | Phorpiex.B.56 dank Facebook Link So hier das nächste Code:
ATTFilter ComboFix 11-11-02.01 - Marc 02.11.2011 16:56:35.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4095.2720 [GMT 1:00]
ausgeführt von:: c:\users\Marc\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-10-02 bis 2011-11-02 ))))))))))))))))))))))))))))))
.
.
2011-11-01 19:34 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{33906462-9DFA-4688-AAC6-66E5E4170A68}\mpengine.dll
2011-11-01 17:03 . 2011-11-01 17:03 -------- d-----w- c:\program files (x86)\ESET
2011-10-31 18:01 . 2011-10-31 18:01 -------- d-----w- c:\users\Marc\AppData\Roaming\Malwarebytes
2011-10-31 18:01 . 2011-10-31 18:01 -------- d-----w- c:\programdata\Malwarebytes
2011-10-31 18:01 . 2011-10-31 18:01 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-10-31 18:01 . 2011-08-31 16:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-31 17:37 . 2011-10-31 17:37 55384 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-10-31 17:34 . 2011-10-31 17:58 -------- dc----w- c:\windows\system32\DRVSTORE
2011-10-31 17:34 . 2011-10-31 17:34 -------- d-----w- c:\programdata\Lavasoft
2011-10-31 17:34 . 2011-10-31 17:34 -------- d-----w- c:\program files (x86)\Lavasoft
2011-10-31 17:01 . 2011-10-31 17:01 -------- d-----w- c:\program files\CCleaner
2011-10-28 15:09 . 2011-10-28 15:09 27176 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2011-10-28 15:09 . 2011-10-28 15:09 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2011-10-28 15:09 . 2011-10-28 15:09 13352 ----a-w- c:\windows\system32\drivers\ggflt.sys
2011-10-26 15:02 . 2011-10-03 03:06 476904 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
2011-10-20 20:07 . 2011-10-20 20:23 -------- d-----w- c:\users\Marc\AppData\Roaming\Might & Magic Heroes VI
2011-10-20 19:42 . 2011-10-20 19:42 270912 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-10-20 19:42 . 2011-10-20 19:42 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2011-10-20 19:41 . 2011-10-31 17:02 -------- d-----w- c:\users\Marc\AppData\Roaming\DAEMON Tools Lite
2011-10-20 19:41 . 2011-10-20 19:41 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-10-16 20:35 . 2011-10-16 20:35 -------- d-----w- c:\users\Marc\AppData\Local\TQVault
2011-10-15 13:40 . 2011-10-15 13:40 -------- d-----w- c:\users\Marc\AppData\Local\4A Games
2011-10-15 13:36 . 2011-10-15 13:36 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-10-15 13:36 . 2011-10-15 13:36 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2011-10-13 11:08 . 2011-09-06 03:03 3138048 ----a-w- c:\windows\system32\win32k.sys
2011-10-13 11:08 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-13 11:08 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2011-10-13 11:08 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2011-10-13 11:08 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-13 11:08 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-13 11:08 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-10-13 11:08 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-10-13 11:08 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-10-12 15:17 . 2011-09-15 18:18 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2011-10-12 15:17 . 2011-10-12 15:16 917840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2DE82CE9-B121-4C5F-8AFD-A3DE73DE7AE9}\gapaengine.dll
2011-10-11 19:05 . 2011-10-28 15:08 -------- d-----w- c:\programdata\Sony Ericsson
2011-10-11 19:05 . 2011-10-28 15:08 -------- d-----w- c:\program files (x86)\Sony Ericsson
2011-10-10 19:53 . 2011-10-10 19:53 -------- d-----w- c:\programdata\ATI
2011-10-10 19:53 . 2011-10-10 19:53 0 ----a-w- c:\windows\ativpsrm.bin
2011-10-10 19:52 . 2011-10-10 19:52 -------- d-----w- c:\program files (x86)\AMD APP
2011-10-10 19:51 . 2011-10-10 19:51 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-10-10 19:51 . 2011-10-10 19:51 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-10-10 19:50 . 2011-10-10 19:51 -------- d-----w- c:\program files (x86)\ATI Technologies
2011-10-10 19:50 . 2011-10-10 19:51 -------- d-----w- c:\program files\ATI Technologies
2011-10-10 19:49 . 2011-10-10 19:49 -------- d-----w- c:\program files\ATI
2011-10-10 19:45 . 2011-10-10 19:45 -------- d-----w- c:\program files (x86)\Phyxion.net
2011-10-09 16:32 . 2011-10-09 16:32 -------- d-----w- c:\users\Marc\AppData\Local\ID Software
2011-10-09 16:27 . 2011-10-09 16:27 -------- d-----w- c:\program files (x86)\Futuremark
2011-10-07 16:20 . 2011-10-07 16:20 -------- d-----w- c:\program files (x86)\OpenVPN Technologies
2011-10-07 05:21 . 2011-10-07 05:21 10207232 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-10-07 03:47 . 2011-10-07 03:47 24996864 ----a-w- c:\windows\system32\atio6axx.dll
2011-10-07 03:33 . 2011-10-07 03:33 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2011-10-07 03:33 . 2011-10-07 03:33 736768 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-10-07 03:32 . 2011-10-07 03:32 867328 ----a-w- c:\windows\system32\aticfx64.dll
2011-10-07 03:29 . 2011-10-07 03:29 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-10-07 03:29 . 2011-10-07 03:29 487936 ----a-w- c:\windows\system32\atieclxx.exe
2011-10-07 03:28 . 2011-10-07 03:28 204288 ----a-w- c:\windows\system32\atiesrxx.exe
2011-10-07 03:27 . 2011-10-07 03:27 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-10-07 03:27 . 2011-10-07 03:27 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-10-07 03:26 . 2011-10-07 03:26 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-10-07 03:26 . 2011-10-07 03:26 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-10-07 03:26 . 2011-10-07 03:26 21504 ----a-w- c:\windows\system32\atimuixx.dll
2011-10-07 03:26 . 2011-10-07 03:26 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-10-07 03:26 . 2011-10-07 03:26 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-10-07 03:25 . 2011-10-07 03:25 18836992 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-10-07 03:23 . 2011-10-07 03:23 4231680 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-10-07 03:12 . 2011-10-07 03:12 4960768 ----a-w- c:\windows\system32\atidxx64.dll
2011-10-07 03:01 . 2011-10-07 03:01 4289024 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-10-07 02:54 . 2011-10-07 02:54 5431808 ----a-w- c:\windows\system32\atiumd64.dll
2011-10-07 02:53 . 2011-10-07 02:53 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-10-07 02:53 . 2011-10-07 02:53 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-10-07 02:52 . 2011-10-07 02:52 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-10-07 02:52 . 2011-10-07 02:52 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-10-07 02:52 . 2011-10-07 02:52 9809920 ----a-w- c:\windows\system32\aticaldd64.dll
2011-10-07 02:49 . 2011-10-07 02:49 8390656 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-10-07 02:46 . 2011-10-07 02:46 479744 ----a-w- c:\windows\system32\atiadlxx.dll
2011-10-07 02:46 . 2011-10-07 02:46 335872 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-10-07 02:46 . 2011-10-07 02:46 17408 ----a-w- c:\windows\system32\atig6pxx.dll
2011-10-07 02:46 . 2011-10-07 02:46 14336 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-10-07 02:46 . 2011-10-07 02:46 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2011-10-07 02:46 . 2011-10-07 02:46 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-10-07 02:46 . 2011-10-07 02:46 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-10-07 02:46 . 2011-10-07 02:46 317952 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-10-07 02:45 . 2011-10-07 02:45 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-10-07 02:45 . 2011-10-07 02:45 31744 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-10-07 02:45 . 2011-10-07 02:45 38912 ----a-w- c:\windows\system32\atiu9p64.dll
2011-10-07 02:44 . 2011-10-07 02:44 29184 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-10-07 02:44 . 2011-10-07 02:44 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-10-07 02:43 . 2011-10-07 02:43 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2011-10-07 02:42 . 2011-10-07 02:42 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-10-07 02:42 . 2011-10-07 02:42 4023296 ----a-w- c:\windows\system32\atiumd6a.dll
2011-10-07 02:31 . 2011-10-07 02:31 4174848 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-10-07 02:14 . 2011-10-07 02:14 54784 ----a-w- c:\windows\system32\atimpc64.dll
2011-10-07 02:14 . 2011-10-07 02:14 54784 ----a-w- c:\windows\system32\amdpcom64.dll
2011-10-07 02:14 . 2011-10-07 02:14 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-10-07 02:14 . 2011-10-07 02:14 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-10-06 20:30 . 2011-10-06 20:30 66048 ----a-w- c:\windows\system32\OpenVideo64.dll
2011-10-06 20:30 . 2011-10-06 20:30 56832 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2011-10-06 20:30 . 2011-10-06 20:30 16787456 ----a-w- c:\windows\system32\amdocl64.dll
2011-10-06 20:29 . 2011-10-06 20:29 13753856 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-10-06 20:29 . 2011-10-06 20:29 51200 ----a-w- c:\windows\system32\OpenCL.dll
2011-10-06 20:29 . 2011-10-06 20:29 43520 ----a-w- c:\windows\SysWow64\OpenCL.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-14 08:08 . 2011-09-15 18:22 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-07 04:16 . 2011-09-15 21:34 8570192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-10-07 02:22 . 2011-07-28 21:01 58880 ----a-w- c:\windows\system32\coinst.dll
2011-10-03 03:06 . 2011-09-15 21:19 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-10-02 20:49 . 2011-10-02 20:49 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2011-09-17 14:38 . 2011-09-17 14:38 660368 ----a-w- c:\windows\system32\deployJava1.dll
2011-09-15 22:07 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-09-15 22:07 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-09-15 21:40 . 2011-09-15 21:40 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-09-15 21:40 . 2011-09-15 21:40 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-09-15 21:40 . 2011-09-15 21:40 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-09-15 21:40 . 2011-09-15 21:40 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-09-15 21:40 . 2011-09-15 21:40 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-09-15 21:40 . 2011-09-15 21:40 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-09-15 21:40 . 2011-09-15 21:40 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-09-15 21:40 . 2011-09-15 21:40 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-09-15 21:40 . 2011-09-15 21:40 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-09-15 21:40 . 2011-09-15 21:40 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-09-15 21:40 . 2011-09-15 21:40 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-09-15 21:40 . 2011-09-15 21:40 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-09-15 21:40 . 2011-09-15 21:40 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-09-15 21:40 . 2011-09-15 21:40 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-09-15 21:40 . 2011-09-15 21:40 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-09-15 21:40 . 2011-09-15 21:40 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-09-15 21:40 . 2011-09-15 21:40 222208 ----a-w- c:\windows\system32\msls31.dll
2011-09-15 21:40 . 2011-09-15 21:40 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-09-15 21:40 . 2011-09-15 21:40 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-09-15 21:40 . 2011-09-15 21:40 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-09-15 21:40 . 2011-09-15 21:40 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-09-15 21:40 . 2011-09-15 21:40 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-09-15 21:40 . 2011-09-15 21:40 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-09-15 21:40 . 2011-09-15 21:40 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-09-15 21:40 . 2011-09-15 21:40 448512 ----a-w- c:\windows\system32\html.iec
2011-09-15 21:40 . 2011-09-15 21:40 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-09-15 21:40 . 2011-09-15 21:40 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-09-15 21:40 . 2011-09-15 21:40 12288 ----a-w- c:\windows\system32\mshta.exe
2011-09-15 21:40 . 2011-09-15 21:40 114176 ----a-w- c:\windows\system32\admparse.dll
2011-09-15 21:40 . 2011-09-15 21:40 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-09-15 21:40 . 2011-09-15 21:40 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-09-15 21:40 . 2011-09-15 21:40 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-09-15 21:40 . 2011-09-15 21:40 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-09-15 21:40 . 2011-09-15 21:40 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-09-15 21:40 . 2011-09-15 21:40 160256 ----a-w- c:\windows\system32\wextract.exe
2011-09-15 21:40 . 2011-09-15 21:40 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-09-15 18:11 . 2011-09-15 18:11 53248 ----a-r- c:\users\Marc\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-09-15 18:11 . 2011-09-15 18:11 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2011-09-15 16:03 . 2011-09-15 16:03 374792 ----a-w- c:\windows\system32\drivers\UMDF\lgSSQVGA.dll
2011-09-15 16:03 . 2011-09-15 16:03 22408 ----a-w- c:\windows\system32\drivers\LGBusEnum.sys
2011-09-15 16:03 . 2011-09-15 16:03 16008 ----a-w- c:\windows\system32\drivers\LGVirHid.sys
2011-09-15 16:03 . 2011-09-15 16:03 157704 ----a-w- c:\windows\system32\drivers\UMDF\lgSSBW.dll
2011-09-15 16:00 . 2011-09-15 16:00 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2011-09-15 16:00 . 2011-09-15 16:00 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2011-09-15 16:00 . 2011-09-15 16:00 123480 ----a-w- c:\windows\system32\OpenAL32.dll
2011-09-15 16:00 . 2011-09-15 16:00 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-09-14 09:47 . 2011-09-14 09:47 60416 ----a-w- c:\windows\system32\OVDecode64.dll
2011-09-14 09:47 . 2011-09-14 09:47 53760 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-09-14 09:38 . 2011-09-14 09:38 44032 ----a-w- c:\windows\system32\amdoclcl64.dll
2011-09-14 09:38 . 2011-09-14 09:38 37376 ----a-w- c:\windows\SysWow64\amdoclcl.dll
2011-08-29 08:00 . 2011-09-17 21:51 74752 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2011-08-18 23:46 . 2011-08-18 23:46 30720 ----a-w- c:\windows\system32\drivers\tapoas.sys
2011-08-16 06:48 . 2011-09-15 16:20 8862544 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3CA64B41-85AA-4B12-9CAA-C251CE8BAAEA}\mpengine.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Sony Ericsson PC Companion"="c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" [2011-07-25 433360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"P17RunE"="P17RunE.dll" [2007-05-09 18432]
"VolPanel"="c:\program files (x86)\Creative\Volume Panel\VolPanlu.exe" [2009-07-07 241789]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-06 343168]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-09-15 79360]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-08-15 130976]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
R3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x64.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-06-23 1744152]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\kmpcm7l3.default\
FF - prefs.js: browser.startup.homepage - www.google.de
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Mozilla Firefox\firefox.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-11-02 17:02:18 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2011-11-02 16:02
.
Vor Suchlauf: 8 Verzeichnis(se), 38.014.406.656 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 37.743.337.472 Bytes frei
.
- - End Of File - - 00DE9AE2AA92CF056BDD1D7F04C6A984
|
|
02.11.2011, 20:11
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Phorpiex.B.56 dank Facebook Link Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.11.2011, 21:08
| #13 |
| | Phorpiex.B.56 dank Facebook Link So das wäre dan der nächste Log Code:
ATTFilter aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-02 20:59:53
-----------------------------
20:59:53.437 OS Version: Windows x64 6.1.7601 Service Pack 1
20:59:53.437 Number of processors: 2 586 0xF0B
20:59:53.437 ComputerName: MARC-PC UserName: Marc
20:59:53.640 Initialize success
21:01:30.989 AVAST engine defs: 11110201
21:01:48.758 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:01:48.758 Disk 0 Vendor: M4-CT064M4SSD2 0002 Size: 61057MB BusType: 3
21:01:48.758 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-4
21:01:48.758 Disk 1 Vendor: SAMSUNG_HD501LJ CR100-12 Size: 476940MB BusType: 3
21:01:50.770 Disk 0 MBR read successfully
21:01:50.770 Disk 0 MBR scan
21:01:50.770 Disk 0 Windows 7 default MBR code
21:01:50.770 Service scanning
21:01:51.067 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
21:01:51.706 Modules scanning
21:01:51.706 Disk 0 trace - called modules:
21:01:51.706 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
21:01:51.706 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80048a0060]
21:01:52.221 3 CLASSPNP.SYS[fffff880019d043f] -> nt!IofCallDriver -> [0xfffffa80047c2520]
21:01:52.221 5 ACPI.sys[fffff88000fac7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004441060]
21:01:52.315 AVAST engine scan C:\Windows
21:01:54.187 AVAST engine scan C:\Windows\system32
21:03:08.256 AVAST engine scan C:\Windows\system32\drivers
21:03:12.936 AVAST engine scan C:\Users\Marc
21:03:40.392 AVAST engine scan C:\ProgramData
21:04:10.406 Scan finished successfully
21:07:36.919 Disk 0 MBR has been saved successfully to "C:\Users\Marc\Desktop\MBR.dat"
21:07:36.919 The log file has been saved successfully to "C:\Users\Marc\Desktop\aswMBR.txt"
|
|
02.11.2011, 21:29
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Phorpiex.B.56 dank Facebook Link Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.11.2011, 22:58
| #15 |
| | Phorpiex.B.56 dank Facebook Link So hier erst mal von Malwarebytes der Rest kommt dann morgen, das Bett ruft. Code:
ATTFilter Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Datenbank Version: 8071
Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421
02.11.2011 21:57:08
mbam-log-2011-11-02 (21-57-08).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|H:\|)
Durchsuchte Objekte: 311665
Laufzeit: 19 Minute(n), 39 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
|
|
| Themen zu Phorpiex.B.56 dank Facebook Link |
| ad-aware, adobe, ausfallen, bho, explorer, facebook link, firefox, format, helper, home, installation, langs, logfile, malwarebytes, mbamservice.exe, microsoft, microsoft security, mozilla, mozilla thunderbird, nicht sicher, nvidia, plug-in, problem, programme, prozesse, registry, scan, security, software, taskmanager, webcheck, windows, winlogon, winlogon.exe |
Linear-Darstellung
