Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
25 Funde mit Malwarebyts - PUP.LoadTubes

25 Funde mit Malwarebyts - PUP.LoadTubes


Plagegeister aller Art und deren Bekämpfung: 25 Funde mit Malwarebyts - PUP.LoadTubes

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 3 1 23
Alt 15.02.2013, 16:26   #1
passi
 
25 Funde mit Malwarebyts - PUP.LoadTubes - Standard

25 Funde mit Malwarebyts - PUP.LoadTubes


Hallo ,

ich habe seit einigen Tagen ( ca 3 - 4 ) sehr seltsame Lags , egal ob ich Spiele öffne oder nur am surfen bin! Habe mir eigentlich nichts schlimmes dabei gedacht da ich 2 - 3 mal die woche avast! Antivirus drüber laufen lasse und dieser mir nichts gemeldet hat ......

Nun habe ich Malewarebyts installiert und einen Quickscan gemacht und siehe da..... 25 Funde

HTML-Code:
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.02.15.07

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Passi :: LO [Administrator]

15.02.2013 15:34:16
mbam-log-2013-02-15 (15-34-16).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 194338
Laufzeit: 3 Minute(n), 1 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 4
HKCR\CLSID\{DFEFCDEE-CF1A-4FC8-88AD-129872198372} (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{DFEFCDEE-CF1A-4FC8-88AD-129872198372} (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DFEFCDEE-CF1A-4FC8-88AD-129872198372} (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\loadtbs-3.0 (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{DFEFCDEE-CF1A-4FC8-88AD-129872198372} (PUP.LoadTubes) -> Daten: îÍïßÏÈOˆ*˜rƒr -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{DFEFCDEE-CF1A-4FC8-88AD-129872198372} (PUP.LoadTubes) -> Daten:  -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 3
C:\Users\Passi\AppData\Roaming\loadtbs (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Passi\AppData\Roaming\loadtbs\chrome@loadtubes.com (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Passi\AppData\Roaming\loadtbs\html (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 19
C:\Users\Passi\AppData\Roaming\loadtbs\toolbar.dll (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Passi\AppData\Roaming\loadtbs\ytdl.exe (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Passi\Downloads\L2Age.exe (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Passi\AppData\Roaming\loadtbs\keyHash.txt (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Passi\AppData\Roaming\loadtbs\config.txt (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Passi\AppData\Roaming\loadtbs\domHash.txt (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Passi\AppData\Roaming\loadtbs\evHash.txt (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Passi\AppData\Roaming\loadtbs\license.txt (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Passi\AppData\Roaming\loadtbs\uninstall.exe (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Passi\AppData\Roaming\loadtbs\updateHash.txt (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Passi\AppData\Roaming\loadtbs\chrome@loadtubes.com\background.html (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Passi\AppData\Roaming\loadtbs\chrome@loadtubes.com\background.js (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Passi\AppData\Roaming\loadtbs\chrome@loadtubes.com\download.js (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Passi\AppData\Roaming\loadtbs\chrome@loadtubes.com\fire.js (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Passi\AppData\Roaming\loadtbs\chrome@loadtubes.com\manifest.json (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Passi\AppData\Roaming\loadtbs\html\dimensions.ini (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Passi\AppData\Roaming\loadtbs\html\install.html (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Passi\AppData\Roaming\loadtbs\html\uninstall.html (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Passi\AppData\Roaming\loadtbs\html\uninstallComplete.html (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
Alt 15.02.2013, 16:29   #2
markusg
/// Malware-holic
 
25 Funde mit Malwarebyts - PUP.LoadTubes - Standard

25 Funde mit Malwarebyts - PUP.LoadTubes


hi
warum scanst du 2 3 mal in der woche, das is eig vollkommen übertrieben.
Aber schaun wir mal :-)

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________
Alt 15.02.2013, 20:53   #3
passi
 
25 Funde mit Malwarebyts - PUP.LoadTubes - Standard

25 Funde mit Malwarebyts - PUP.LoadTubes


OTL.txt :

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 15.02.2013 20:37:16 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Passi\Desktop
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,12 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 74,97% Memory free
6,25 Gb Paging File | 5,40 Gb Available in Paging File | 86,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,42 Gb Total Space | 183,53 Gb Free Space | 78,97% Space Free | Partition Type: NTFS
Drive D: | 233,24 Gb Total Space | 183,37 Gb Free Space | 78,62% Space Free | Partition Type: NTFS
 
Computer Name: LO | User Name: Passi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.02.15 20:35:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Passi\Desktop\OTL.exe
PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 13:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 13:16:54 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2010.04.01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Programme\DAEMON Tools Lite\DTLite.exe
PRC - [2010.02.03 05:17:28 | 000,372,736 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010.02.03 05:16:58 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.07.15 11:55:46 | 001,474,560 | R--- | M] (VIA) -- C:\Programme\VIA\VIAudioi\VDeck\VDeck.exe
PRC - [2005.10.08 15:27:48 | 000,155,648 | ---- | M] () -- C:\Programme\Razer\Copperhead\razerhid.exe
PRC - [2005.07.22 14:02:46 | 000,159,744 | ---- | M] (Razer Inc.) -- C:\Programme\Razer\Copperhead\razerofa.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.02.14 21:34:16 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
MOD - [2013.02.14 21:34:08 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013.01.11 22:58:57 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013.01.11 22:58:29 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.11 22:58:11 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.11 22:58:06 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.01.11 22:58:04 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.11 22:57:58 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012.10.06 21:58:04 | 001,708,032 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3685.42422__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll
MOD - [2012.10.06 21:58:04 | 000,380,928 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3685.42249__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2012.10.06 21:58:04 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HydraVision.Wizard\2.0.3685.42407__90ba9c70f846762e\CLI.Aspect.HydraVision.Wizard.dll
MOD - [2012.10.06 21:58:04 | 000,241,664 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Dashboard\2.0.3685.42406__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Dashboard.dll
MOD - [2012.10.06 21:58:04 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Dashboard\2.0.3685.42404__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Dashboard.dll
MOD - [2012.10.06 21:58:04 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3685.42279__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2012.10.06 21:58:04 | 000,163,840 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Dashboard\2.0.3685.42403__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Dashboard.dll
MOD - [2012.10.06 21:58:04 | 000,147,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Dashboard\2.0.3685.42397__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Dashboard.dll
MOD - [2012.10.06 21:58:04 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3685.42353__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2012.10.06 21:58:04 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3685.42271__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2012.10.06 21:58:04 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Runtime\2.0.3685.42397__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Runtime.dll
MOD - [2012.10.06 21:58:04 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Runtime\2.0.3685.42403__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Runtime.dll
MOD - [2012.10.06 21:58:04 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Runtime\2.0.3685.42405__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Runtime.dll
MOD - [2012.10.06 21:58:04 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Runtime\2.0.3685.42404__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Runtime.dll
MOD - [2012.10.06 21:58:04 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3685.42263__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2012.10.06 21:58:04 | 000,012,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Shared\2.0.3685.42402__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Shared.dll
MOD - [2012.10.06 21:58:04 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3685.42396__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2012.10.06 21:58:04 | 000,010,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Shared\2.0.3685.42403__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Shared.dll
MOD - [2012.10.06 21:58:04 | 000,010,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Shared\2.0.3685.42396__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Shared.dll
MOD - [2012.10.06 21:58:04 | 000,009,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Shared\2.0.3685.42405__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Shared.dll
MOD - [2012.10.06 21:58:04 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3685.42395__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2012.10.06 21:58:04 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3685.42400__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2012.10.06 21:58:04 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3685.42396__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2012.10.06 21:58:03 | 001,302,528 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3685.42418__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll
MOD - [2012.10.06 21:58:03 | 000,827,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3685.42313__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2012.10.06 21:58:03 | 000,651,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3685.42394__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
MOD - [2012.10.06 21:58:03 | 000,573,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3685.42280__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2012.10.06 21:58:03 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3685.42379__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2012.10.06 21:58:03 | 000,409,600 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3685.42344__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2012.10.06 21:58:03 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3685.42311__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2012.10.06 21:58:03 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3685.42305__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2012.10.06 21:58:03 | 000,356,352 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3685.42331__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2012.10.06 21:58:03 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2012.10.06 21:58:03 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3685.42279__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2012.10.06 21:58:03 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3685.42312__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2012.10.06 21:58:03 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3685.42332__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2012.10.06 21:58:03 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3685.42320__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2012.10.06 21:58:03 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3685.42394__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll
MOD - [2012.10.06 21:58:03 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3685.42261__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2012.10.06 21:58:03 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3685.42380__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2012.10.06 21:58:03 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3685.42330__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2012.10.06 21:58:03 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3685.42310__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2012.10.06 21:58:03 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3685.42324__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2012.10.06 21:58:03 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3685.42310__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2012.10.06 21:58:03 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3685.42312__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2012.10.06 21:58:03 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3685.42319__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2012.10.06 21:58:03 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3685.42284__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2012.10.06 21:58:03 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3685.42321__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2012.10.06 21:58:03 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3685.42422__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll
MOD - [2012.10.06 21:58:02 | 000,741,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3685.42415__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2012.10.06 21:58:02 | 000,151,552 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3685.42239__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3685.42372__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2012.10.06 21:58:02 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3685.42237__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2012.10.06 21:58:02 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3685.42369__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2012.10.06 21:58:02 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3685.42352__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3685.42393__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3685.42300__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3685.42330__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3685.42276__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3685.42310__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3685.42261__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2012.10.06 21:58:02 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3685.42387__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2012.10.06 21:58:02 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3685.42241__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2012.10.06 21:58:02 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3685.42378__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3685.42323__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3685.42239__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2012.10.06 21:58:02 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3685.42235__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2012.10.06 21:58:02 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3685.42371__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2012.10.06 21:58:02 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3685.42262__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3685.42262__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3685.42275__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3685.42238__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3685.42319__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3685.42240__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2012.10.06 21:58:02 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll
MOD - [2012.10.06 21:58:02 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3685.42238__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3685.42248__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3685.42237__90ba9c70f846762e\APM.Foundation.dll
MOD - [2012.10.06 21:58:02 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2012.10.06 21:58:02 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2012.10.06 21:58:02 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3685.42270__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3685.42261__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,015,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3685.42236__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2012.10.06 21:58:02 | 000,009,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3685.42379__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,008,192 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3685.42241__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3685.42238__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3685.42246__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2012.10.06 21:58:02 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3685.42245__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2012.10.06 21:58:02 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2012.10.06 21:58:02 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3685.42236__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3685.42247__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2012.10.06 21:58:02 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3685.42377__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3685.42243__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3685.42244__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3685.42240__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2012.10.06 21:58:02 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3685.42243__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3685.42387__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3685.42248__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2012.10.06 21:58:02 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3685.42244__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2012.10.06 21:58:01 | 001,220,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3685.42256__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2012.10.06 21:58:01 | 000,577,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3685.42364__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2012.10.06 21:58:01 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3685.42270__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2012.10.06 21:58:01 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3685.42246__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2012.10.06 21:58:01 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3685.42242__90ba9c70f846762e\APM.Server.dll
MOD - [2012.10.06 21:58:01 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3685.42247__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2012.10.06 21:58:01 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3685.42245__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2012.10.06 21:58:01 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3685.42244__90ba9c70f846762e\AEM.Server.dll
MOD - [2012.10.06 21:58:01 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3685.42254__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2012.10.06 21:58:01 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2012.10.06 21:58:01 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3685.42371__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2012.10.06 21:58:01 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3685.42269__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2012.10.06 21:58:01 | 000,010,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3685.42255__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2012.10.06 21:58:01 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3685.42277__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2010.11.13 01:02:22 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010.11.13 01:02:21 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.05 02:59:41 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2009.11.24 12:36:36 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2009.07.10 03:48:16 | 047,628,288 | R--- | M] () -- C:\Programme\VIA\VIAudioi\VDeck\skin.dll
MOD - [2009.05.07 09:53:18 | 000,106,496 | R--- | M] () -- C:\Programme\VIA\VIAudioi\VDeck\Dts2ApoApi.dll
MOD - [2009.05.07 09:50:46 | 000,073,728 | R--- | M] () -- C:\Programme\VIA\VIAudioi\VDeck\QsApoApi.dll
MOD - [2008.02.14 06:57:00 | 000,094,208 | R--- | M] () -- C:\Programme\VIA\VIAudioi\VDeck\VMicApi.dll
MOD - [2005.10.08 15:27:48 | 000,155,648 | ---- | M] () -- C:\Programme\Razer\Copperhead\razerhid.exe
MOD - [2005.08.17 12:23:16 | 000,151,552 | ---- | M] () -- C:\Programme\Razer\Copperhead\download.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Disabled | Unknown] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2013.02.06 15:25:53 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.10.07 08:02:56 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010.11.20 13:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.02.03 05:16:58 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.07.14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.05.05 04:45:50 | 000,124,256 | ---- | M] () [Auto | Stopped] -- C:\Programme\AMD\OverDrive\AODAssist.exe -- (AODService)
SRV - [2003.07.28 11:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (aeo7l7dh)
DRV - [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.10.30 23:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.10.30 23:51:56 | 000,020,624 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2012.10.15 17:59:28 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.10.07 08:33:49 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.02.03 05:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
DRV - [2010.02.03 04:23:42 | 000,150,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.01.28 15:33:30 | 000,100,352 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.07.10 04:04:42 | 001,067,008 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2009.05.04 17:30:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2006.11.02 07:57:08 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F1 B3 D9 16 0A FB CD 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "hxxp://de-de.facebook.com/"
FF - prefs.js..extensions.enabledAddons: plugin%40yontoo.com:1.20.00
FF - prefs.js..extensions.enabledAddons: software%40loadtubes.com:1.01
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.11.17 10:39:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.06 15:25:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.06 15:25:53 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2012.10.06 22:07:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Passi\AppData\Roaming\mozilla\Extensions
[2013.02.14 16:24:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Passi\AppData\Roaming\mozilla\Firefox\Profiles\4lt8fsih.default\extensions
[2012.10.06 22:08:30 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Passi\AppData\Roaming\mozilla\Firefox\Profiles\4lt8fsih.default\extensions\plugin@yontoo.com
[2012.10.07 07:20:18 | 000,000,000 | ---D | M] (loadtbs) -- C:\Users\Passi\AppData\Roaming\mozilla\Firefox\Profiles\4lt8fsih.default\extensions\software@loadtubes.com
[2013.02.13 14:53:18 | 000,384,155 | ---- | M] () (No name found) -- C:\Users\Passi\AppData\Roaming\mozilla\firefox\profiles\4lt8fsih.default\extensions\{7CA9CF31-1C73-46CD-8377-85AB71EA771F}.xpi
[2013.02.14 14:53:18 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Passi\AppData\Roaming\mozilla\firefox\profiles\4lt8fsih.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.02.06 15:25:50 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.02.06 15:25:53 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.09.06 03:07:37 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.06 03:07:37 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.09.06 03:07:37 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.09.06 03:07:37 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.09.06 03:07:37 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.09.06 03:07:37 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Programme\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [razer] C:\Programme\Razer\Copperhead\razerhid.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Programme\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Programme\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A1D6C46-9F60-4186-8537-A4877D3A5420}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.15 20:35:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Passi\Desktop\OTL.exe
[2013.02.15 15:33:34 | 000,000,000 | ---D | C] -- C:\Users\Passi\AppData\Roaming\Malwarebytes
[2013.02.15 15:33:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.15 15:33:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.15 15:33:16 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.02.15 15:33:16 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.02.14 16:23:19 | 000,000,000 | ---D | C] -- C:\Users\Passi\AppData\Roaming\QuickScan
[2013.02.10 16:00:07 | 000,000,000 | ---D | C] -- C:\Users\Passi\.thumbnails
[2013.02.10 15:58:44 | 000,000,000 | ---D | C] -- C:\Users\Passi\AppData\Local\fontconfig
[2013.02.10 15:58:43 | 000,000,000 | ---D | C] -- C:\Users\Passi\AppData\Local\gegl-0.2
[2013.02.10 15:58:43 | 000,000,000 | ---D | C] -- C:\Users\Passi\.gimp-2.8
[2013.02.10 15:57:06 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2013.02.10 15:56:04 | 000,000,000 | ---D | C] -- C:\Users\Passi\AppData\Local\Programs
[2013.02.06 15:25:49 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.01.27 13:42:31 | 000,000,000 | ---D | C] -- C:\Users\Passi\Documents\Referat
[2013.01.27 13:42:19 | 000,000,000 | ---D | C] -- C:\Users\Passi\Desktop\Referat
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.15 20:35:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Passi\Desktop\OTL.exe
[2013.02.15 20:01:35 | 000,013,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.15 20:01:35 | 000,013,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.15 19:54:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.15 19:54:17 | 2516,033,536 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.15 15:33:18 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.14 21:33:20 | 000,358,784 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.02.14 20:23:02 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.02.14 20:23:02 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.02.14 20:23:02 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.02.14 20:23:02 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.02.14 15:49:11 | 000,004,683 | ---- | M] () -- C:\Users\Passi\AppData\Local\recently-used.xbel
[2013.02.10 15:58:35 | 000,001,037 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2013.02.04 12:36:28 | 000,046,622 | ---- | M] () -- C:\Users\Passi\Desktop\Gleichstrommotor.odt
[2013.02.02 14:50:53 | 001,854,083 | ---- | M] () -- C:\Users\Passi\Desktop\IMG_20130202_145053.jpg
 
========== Files Created - No Company Name ==========
 
[2013.02.15 15:33:18 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.14 15:49:11 | 000,004,683 | ---- | C] () -- C:\Users\Passi\AppData\Local\recently-used.xbel
[2013.02.10 15:58:35 | 000,001,049 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2013.02.10 15:58:35 | 000,001,037 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2013.02.10 15:45:00 | 001,854,083 | ---- | C] () -- C:\Users\Passi\Desktop\IMG_20130202_145053.jpg
[2013.02.04 12:36:28 | 000,046,622 | ---- | C] () -- C:\Users\Passi\Desktop\Gleichstrommotor.odt
[2012.10.08 16:01:51 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012.10.07 10:40:37 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.10.06 22:04:30 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2012.10.06 21:58:55 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.10.06 21:56:55 | 000,001,035 | ---- | C] () -- C:\Windows\System32\atipblag.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.10.07 07:08:56 | 000,000,000 | ---D | M] -- C:\Users\Passi\AppData\Roaming\convert
[2013.02.15 15:52:18 | 000,000,000 | ---D | M] -- C:\Users\Passi\AppData\Roaming\DAEMON Tools Lite
[2012.11.26 16:50:20 | 000,000,000 | ---D | M] -- C:\Users\Passi\AppData\Roaming\ICQ
[2013.02.14 16:23:27 | 000,000,000 | ---D | M] -- C:\Users\Passi\AppData\Roaming\QuickScan
[2012.12.27 20:21:00 | 000,000,000 | ---D | M] -- C:\Users\Passi\AppData\Roaming\TS3Client
[2012.10.07 09:19:15 | 000,000,000 | ---D | M] -- C:\Users\Passi\AppData\Roaming\TuneUp Software
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.10.06 21:52:08 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2009.07.14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012.10.06 21:51:45 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2009.07.14 03:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013.02.15 15:33:16 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.02.15 15:33:17 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012.10.06 21:51:45 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.10.06 21:51:45 | 000,000,000 | -HSD | M] -- C:\Recovery
[2013.02.15 20:38:30 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.10.06 21:51:55 | 000,000,000 | R--D | M] -- C:\Users
[2012.11.17 10:39:31 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009.07.14 02:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 02:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 02:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 02:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.20 13:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009.07.14 05:53:46 | 000,032,630 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
 
< MD5 for: AGP440.SYS  >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.12.14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2012.10.07 08:33:49 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2010.02.03 05:17:56 | 000,446,464 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll
 
< %USERPROFILE%\*.* >
[2013.02.15 20:38:29 | 001,310,720 | -HS- | M] () -- C:\Users\Passi\NTUSER.DAT
[2013.02.15 20:38:29 | 000,262,144 | -HS- | M] () -- C:\Users\Passi\ntuser.dat.LOG1
[2012.10.06 21:51:58 | 000,000,000 | -HS- | M] () -- C:\Users\Passi\ntuser.dat.LOG2
[2012.10.06 21:58:17 | 000,065,536 | -HS- | M] () -- C:\Users\Passi\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2012.10.06 21:58:17 | 000,524,288 | -HS- | M] () -- C:\Users\Passi\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2012.10.06 21:58:17 | 000,524,288 | -HS- | M] () -- C:\Users\Passi\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2012.10.06 21:51:58 | 000,000,020 | -HS- | M] () -- C:\Users\Passi\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
<           >

< End of report >
--- --- ---



Extras.txt :

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 15.02.2013 20:37:16 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Passi\Desktop
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,12 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 74,97% Memory free
6,25 Gb Paging File | 5,40 Gb Available in Paging File | 86,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,42 Gb Total Space | 183,53 Gb Free Space | 78,97% Space Free | Partition Type: NTFS
Drive D: | 233,24 Gb Total Space | 183,37 Gb Free Space | 78,62% Space Free | Partition Type: NTFS
 
Computer Name: LO | User Name: Passi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0232CE7C-498D-4312-9C7F-378F5DE02BAC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{04DF5DA3-1379-40E0-91F4-3A176CF854A8}" = lport=139 | protocol=6 | dir=in | app=system | 
"{2905028F-E633-476D-8BA7-BFD7DB6B4149}" = lport=445 | protocol=6 | dir=in | app=system | 
"{2D2291C9-54EC-4E1C-B7C9-758D29B83037}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{2F1DC5C0-1531-4459-99BB-652D53857730}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{2F26E467-3C99-43CB-B8E2-218DEB69B7C2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3E50BF65-BC67-4267-9358-2EF6DF5A5164}" = lport=138 | protocol=17 | dir=in | app=system | 
"{48F849CC-C3DE-4DF0-AB15-19C202F149CE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{4EBC88DA-4814-44A6-BCEE-CFD698A2DF4F}" = lport=137 | protocol=17 | dir=in | app=system | 
"{5DA5D1EB-AEFE-4669-AABD-8013085224F4}" = rport=138 | protocol=17 | dir=out | app=system | 
"{64C9FD21-7DD2-4F1A-8C52-2B3B7DFED5A6}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{819520CA-370E-4DBF-8A86-5209B23FF36A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{8ED7CC7A-0B59-4CB7-9FB8-641F5B8102FF}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{952E1C58-DFBB-453E-86BB-2604972308EE}" = rport=445 | protocol=6 | dir=out | app=system | 
"{970A85C3-8E81-44B0-A8AC-99C85FEF7D75}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{9A31C336-4A6F-4612-81D5-DCC2BB8E6058}" = rport=137 | protocol=17 | dir=out | app=system | 
"{D715E689-6B5F-40E2-AD58-8768D7B98EFB}" = rport=139 | protocol=6 | dir=out | app=system | 
"{E96CCF92-58BA-4FAA-81E7-97EC3878A881}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{F0557443-FDFA-48B6-AE50-7F458623C11E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{F199CB8D-BE50-4F77-A68A-508A179528AC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{F5150D40-4FC9-47F9-B9B8-C744101F1796}" = lport=10243 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03EA9119-B5F8-4E57-B8AB-E2A8AE8DA018}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{0A461475-3F77-4382-BA30-1906BA5C9D41}" = protocol=6 | dir=in | app=d:\spiele\diablo iii\diablo iii.exe | 
"{0F5E7316-EABB-46AD-B237-E15ED15BD9BC}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"{1E5935F3-9A48-4F3B-BAB6-7F9799113812}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{2006729B-1916-4628-93C5-2F924C69DA86}" = protocol=17 | dir=in | app=d:\spiele\diablo iii\diablo iii.exe | 
"{25C682D9-3E52-424D-86B0-857A1A7D9623}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{25D66BD9-151F-40EB-A518-7CFB67A1E333}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{26C08B7E-05E4-4776-9C9A-AAF4380E7E39}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{2C97C3FF-CE02-4977-8FFA-A53F089CC06B}" = protocol=6 | dir=in | app=c:\program files\icq7m\icq.exe | 
"{35E6F414-8F8D-43BA-9057-69A5FDDBF574}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{46DE6CD6-3C84-4AEB-BB88-61A8F1567FBF}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe | 
"{477932E4-501A-4C9A-9973-520CC6568B29}" = protocol=17 | dir=in | app=d:\spiele\starcraft ii\starcraft ii.exe | 
"{564333B1-EBEE-4E9E-8411-3F58A853B2FC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{59EC9330-DC9E-4DBB-A953-00566EA06085}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{5BDF83DE-393B-45F6-AD00-7853AD59DD1C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{6B1B2367-B67B-4583-8124-6A14CB3EA842}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6CF4A06A-F125-4A44-9572-1EFC46A29E4F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{75794D36-1A97-4795-9098-609955E0DFE1}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | 
"{775E5192-49EC-449E-8D62-35A54960F31B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{7A4A18B9-8421-4DF5-943F-F0D26518FA2D}" = protocol=6 | dir=in | app=c:\program files\icq7m\icq.exe | 
"{7E6DD34D-B8E7-45D4-A420-4D235B120D5B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | 
"{84D8029D-F518-4238-907F-3F949D9551E7}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{8AC8D7ED-1836-4C04-BBB4-6AE428637D14}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{8D3332A7-30F6-45CD-B6E2-42113C362587}" = protocol=17 | dir=in | app=d:\spiele\starcraft ii\starcraft ii public test.exe | 
"{8D746907-87AE-4852-BAD1-4D95E9B0B18D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe | 
"{8DD1EBFB-F728-4911-A1E9-9D1C6606269A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe | 
"{939FE513-0807-4DC4-A287-3C00B52CE78F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{946642A9-B35B-4071-9812-D23E56A15AB9}" = protocol=17 | dir=in | app=c:\program files\icq7m\icq.exe | 
"{A021EE50-D390-4D88-802B-7659ACE99FF3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{AB93D13B-2514-4672-88EA-3F3BF1C30202}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{CFA6DA00-0A5A-4586-9AB9-84FA623F11BC}" = protocol=6 | dir=in | app=d:\spiele\starcraft ii\starcraft ii public test.exe | 
"{E19A783F-30F7-42B2-BCFE-B07BCAACBF0C}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"{E5630488-7A6D-4AB9-BA93-E32382DA4C85}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe | 
"{E7C8DBD1-8D91-4F07-A906-DEC1BF117539}" = protocol=6 | dir=out | app=system | 
"{E8C62E49-3C2D-487D-8E97-2DC1A01346ED}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E9728DE8-DE1A-4E99-87D5-88B27F96C2B3}" = protocol=6 | dir=in | app=d:\spiele\starcraft ii\starcraft ii.exe | 
"{F1CBEF73-8C64-43DD-863B-CDFD46C3369E}" = protocol=17 | dir=in | app=c:\program files\icq7m\icq.exe | 
"TCP Query User{307D645B-477F-4128-9397-8CBFDA91C444}D:\spiele\starcraft ii\versions\base23260\sc2.exe" = protocol=6 | dir=in | app=d:\spiele\starcraft ii\versions\base23260\sc2.exe | 
"UDP Query User{7009B137-5413-4E4B-84C6-A7AD5F243766}D:\spiele\starcraft ii\versions\base23260\sc2.exe" = protocol=17 | dir=in | app=d:\spiele\starcraft ii\versions\base23260\sc2.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{02EE0368-37D0-B8D6-CD94-6224C33011BC}" = CCC Help Chinese Standard
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05C077EA-6B28-35E8-FCE9-86A08FDA0414}" = ccc-utility
"{074B8D21-D95E-44FE-A38E-40445E30C6D3}_is1" = Patch L2 nuLL - High Five version 3
"{1F1C068F-4965-4E84-4868-BADCA7E480CE}" = CCC Help Danish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20AEA7B1-6155-44A2-B58E-430F2C9F4ABD}" = AMD OverDrive
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{217254AD-7DC2-8E55-B0AA-DF40293E2568}" = Catalyst Control Center Graphics Full Existing
"{2319A25C-57C8-148A-B89E-963B691F80AB}" = CCC Help Hungarian
"{2AF93414-6137-78ED-FE12-F7B9AF2E8093}" = CCC Help Dutch
"{32C50807-7764-F554-3FFB-E1EFA38A17A4}" = CCC Help Norwegian
"{3B19CE3D-C4D3-A873-C5DB-11349E0B62DF}" = HydraVision
"{3B8CED8E-3210-499C-CF55-839C77DDA5A8}" = CCC Help Japanese
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{462E2065-E54B-4CFD-87A2-BAE82EEFACD1}" = Catalyst Control Center Core Implementation
"{46D1B803-63C8-B1F7-F803-2CABFF3BADD3}" = CCC Help French
"{4BBDC0E5-6457-CDB9-F1C4-C79321D448AA}" = CCC Help Portuguese
"{54A4CA37-EBF2-0512-C4C7-E432FEDD148B}" = CCC Help Swedish
"{557EDA52-5803-C91F-A0A5-635317063D8D}" = Catalyst Control Center Graphics Full New
"{5656D5EA-34E3-48FD-CA55-601925BF13AF}" = CCC Help Russian
"{5A9A2B89-58BC-DFB9-CF7F-1127A26A6D1D}" = CCC Help Spanish
"{65A7D970-7915-4311-E3CC-08745BDF6A66}" = CCC Help English
"{6AC06152-AD39-D387-6D3B-2A4D0556F207}" = Catalyst Control Center Graphics Previews Common
"{7222FE15-CEDA-9142-A488-CB4AA559F7F9}" = Catalyst Control Center Graphics Previews Vista
"{771A2007-443E-9A62-06A3-6ADB6BEDA9C4}" = CCC Help Czech
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{78D8028B-D2BA-A3B9-2EA8-D30F25E3F87F}" = ccc-core-static
"{7E06305E-6E2C-EBFA-69E9-782891EF06EF}" = Catalyst Control Center Localization All
"{8055552F-62EB-CA8A-ECA6-E12422199FFA}" = CCC Help Chinese Traditional
"{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller  Driver
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{934DE9F7-7498-0FC4-FC6A-166097F218F4}" = CCC Help Italian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A5ACDF54-6963-B634-2444-6A694B6CF7A3}" = CCC Help Finnish
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{ADFE8E88-7288-677A-114B-098547ED85CE}" = CCC Help Thai
"{B7E797F4-2642-BEF9-055B-13B930C9D665}" = CCC Help German
"{BC1FFF14-C10D-7087-C43A-4A8ECC9C98C4}" = ATI Catalyst Install Manager
"{C12A2A3D-0D08-8262-E189-E831A8AC3D37}" = Catalyst Control Center InstallProxy
"{C139A440-9691-AB3C-8AFB-F8FCAC960014}" = CCC Help Polish
"{C3A5A0C9-5DBE-7A06-1285-D00F21E19FCF}" = Catalyst Control Center Graphics Light
"{C91B7063-6966-A498-7FBA-BCF0A6EBD0B1}" = CCC Help Korean
"{CC53FB29-E042-1744-2D35-DE2A100B6210}" = CCC Help Greek
"{D6D5CFB3-7095-4073-B6B7-B7E909838C57}" = Razer Copperhead
"{E27ABEAB-2A23-737E-D290-FC42D45FCDA8}" = ATI AVIVO Codecs
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8266E63-44B0-5CD2-B29E-DA522ABFCFD1}" = CCC Help Turkish
"{FE2188AD-BDFA-AC75-F326-86043F06B48F}" = Catalyst Control Center HydraVision Full
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ASRock IES_is1" = ASRock IES v2.0.1
"ASRock InstantBoot_is1" = ASRock InstantBoot v1.23
"ASRock OC DNA_is1" = ASRock OC DNA v1.5
"ASRock OC Tuner_is1" = ASRock OC Tuner v2.2.74
"avast" = avast! Free Antivirus
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Diablo III" = Diablo III
"GIMP-2_is1" = GIMP 2.8.4
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 18.0.2 (x86 de)" = Mozilla Firefox 18.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"StarCraft II" = StarCraft II
"Steam App 28050" = Deus Ex: Human Revolution
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 13.01.2013 11:40:00 | Computer Name = Lo | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 18.0.0.4752,
 Zeitstempel: 0x50e79fbd  Name des fehlerhaften Moduls: xul.dll, Version: 18.0.0.4752,
 Zeitstempel: 0x50e79ecc  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000f8eb8  ID des fehlerhaften
 Prozesses: 0xd38  Startzeit der fehlerhaften Anwendung: 0x01cdf17ce41d915c  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\firefox.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files\Mozilla Firefox\xul.dll  Berichtskennung: 7d2e2c08-5d97-11e2-8d76-002522287a7c
 
Error - 14.01.2013 05:20:05 | Computer Name = Lo | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Common
 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
 "C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
 Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 18.01.2013 13:10:50 | Computer Name = Lo | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Common
 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
 "C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
 Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 25.01.2013 11:35:10 | Computer Name = Lo | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Common
 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
 "C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
 Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 05.02.2013 14:16:34 | Computer Name = Lo | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Common
 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
 "C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
 Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 07.02.2013 14:02:22 | Computer Name = Lo | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 18.0.2.4780,
 Zeitstempel: 0x510c057b  Name des fehlerhaften Moduls: xul.dll, Version: 18.0.2.4780,
 Zeitstempel: 0x510c04a9  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0012bdc8  ID des fehlerhaften
 Prozesses: 0x6f8  Startzeit der fehlerhaften Anwendung: 0x01ce051dd1543e50  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\firefox.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files\Mozilla Firefox\xul.dll  Berichtskennung: 84c4d0e9-7150-11e2-8e74-002522287a7c
 
Error - 08.02.2013 16:11:10 | Computer Name = Lo | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Common
 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
 "C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
 Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 11.02.2013 07:47:28 | Computer Name = Lo | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Common
 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
 "C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
 Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 14.02.2013 09:50:03 | Computer Name = Lo | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Common
 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
 "C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
 Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 15.02.2013 15:24:23 | Computer Name = Lo | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Common
 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
 "C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
 Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
[ System Events ]
Error - 13.02.2013 16:56:14 | Computer Name = Lo | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden 
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
 an den Computerhersteller, um aktualisierte Firmware zu erhalten.
 
Error - 14.02.2013 08:22:15 | Computer Name = Lo | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden 
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
 an den Computerhersteller, um aktualisierte Firmware zu erhalten.
 
Error - 14.02.2013 11:20:48 | Computer Name = Lo | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden 
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
 an den Computerhersteller, um aktualisierte Firmware zu erhalten.
 
Error - 14.02.2013 16:32:00 | Computer Name = Lo | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden 
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
 an den Computerhersteller, um aktualisierte Firmware zu erhalten.
 
Error - 14.02.2013 16:32:52 | Computer Name = Lo | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden 
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
 an den Computerhersteller, um aktualisierte Firmware zu erhalten.
 
Error - 14.02.2013 16:38:20 | Computer Name = Lo | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden 
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
 an den Computerhersteller, um aktualisierte Firmware zu erhalten.
 
Error - 15.02.2013 08:22:23 | Computer Name = Lo | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden 
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
 an den Computerhersteller, um aktualisierte Firmware zu erhalten.
 
Error - 15.02.2013 10:39:40 | Computer Name = Lo | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden 
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
 an den Computerhersteller, um aktualisierte Firmware zu erhalten.
 
Error - 15.02.2013 10:55:21 | Computer Name = Lo | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden 
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
 an den Computerhersteller, um aktualisierte Firmware zu erhalten.
 
Error - 15.02.2013 14:54:16 | Computer Name = Lo | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden 
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
 an den Computerhersteller, um aktualisierte Firmware zu erhalten.
 
 
< End of report >
--- --- ---





ich hoffe , das was ich jetzt gemacht habe , war alles richtig
__________________
Alt 15.02.2013, 21:02   #4
markusg
/// Malware-holic
 
25 Funde mit Malwarebyts - PUP.LoadTubes - Standard

25 Funde mit Malwarebyts - PUP.LoadTubes


hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 15.02.2013, 21:13   #5
passi
 
25 Funde mit Malwarebyts - PUP.LoadTubes - Standard

25 Funde mit Malwarebyts - PUP.LoadTubes


Hey ,du bist ja echt schneller als die Polizei erlaubt ^^

Ist das das was du brauchst?

Zitat:
21:10:35.0044 3440 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:10:35.0341 3440 ============================================================
21:10:35.0341 3440 Current date / time: 2013/02/15 21:10:35.0341
21:10:35.0341 3440 SystemInfo:
21:10:35.0341 3440
21:10:35.0341 3440 OS Version: 6.1.7601 ServicePack: 1.0
21:10:35.0341 3440 Product type: Workstation
21:10:35.0341 3440 ComputerName: LO
21:10:35.0341 3440 UserName: Passi
21:10:35.0341 3440 Windows directory: C:\Windows
21:10:35.0341 3440 System windows directory: C:\Windows
21:10:35.0341 3440 Processor architecture: Intel x86
21:10:35.0341 3440 Number of processors: 4
21:10:35.0341 3440 Page size: 0x1000
21:10:35.0341 3440 Boot type: Normal boot
21:10:35.0341 3440 ============================================================
21:10:36.0029 3440 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0x38080, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000050
21:10:36.0044 3440 ============================================================
21:10:36.0044 3440 \Device\Harddisk0\DR0:
21:10:36.0044 3440 MBR partitions:
21:10:36.0044 3440 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:10:36.0044 3440 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D27B000
21:10:36.0044 3440 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1D2AD800, BlocksNum 0x1D0D8000
21:10:36.0044 3440 ============================================================
21:10:36.0060 3440 C: <-> \Device\Harddisk0\DR0\Partition3
21:10:36.0076 3440 D: <-> \Device\Harddisk0\DR0\Partition2
21:10:36.0076 3440 ============================================================
21:10:36.0076 3440 Initialize success
21:10:36.0076 3440 ============================================================
21:10:58.0201 2408 ============================================================
21:10:58.0201 2408 Scan started
21:10:58.0201 2408 Mode: Manual; SigCheck; TDLFS;
21:10:58.0201 2408 ============================================================
21:10:58.0451 2408 ================ Scan system memory ========================
21:10:58.0451 2408 System memory - ok
21:10:58.0451 2408 ================ Scan services =============================
21:10:58.0544 2408 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:10:58.0591 2408 1394ohci - ok
21:10:58.0638 2408 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:10:58.0638 2408 ACPI - ok
21:10:58.0654 2408 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:10:58.0669 2408 AcpiPmi - ok
21:10:58.0701 2408 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:10:58.0716 2408 adp94xx - ok
21:10:58.0716 2408 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:10:58.0732 2408 adpahci - ok
21:10:58.0748 2408 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:10:58.0763 2408 adpu320 - ok
21:10:58.0779 2408 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:10:58.0794 2408 AeLookupSvc - ok
21:10:58.0826 2408 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
21:10:58.0841 2408 AFD - ok
21:10:58.0857 2408 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
21:10:58.0873 2408 agp440 - ok
21:10:58.0888 2408 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
21:10:58.0888 2408 aic78xx - ok
21:10:58.0904 2408 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
21:10:58.0919 2408 ALG - ok
21:10:58.0935 2408 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
21:10:58.0951 2408 aliide - ok
21:10:58.0966 2408 [ 7C80514AFAC57A3C1F4707F3E2AEC63A ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:10:58.0982 2408 AMD External Events Utility - ok
21:10:58.0998 2408 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
21:10:58.0998 2408 amdagp - ok
21:10:59.0013 2408 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
21:10:59.0029 2408 amdide - ok
21:10:59.0044 2408 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:10:59.0044 2408 AmdK8 - ok
21:10:59.0123 2408 [ 7E00428513C0A668E67A759DC6792A7F ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
21:10:59.0185 2408 amdkmdag - ok
21:10:59.0216 2408 [ E34E4AA9EC11D89A3228761EE59B5957 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:10:59.0216 2408 amdkmdap - ok
21:10:59.0248 2408 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:10:59.0248 2408 AmdPPM - ok
21:10:59.0294 2408 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:10:59.0310 2408 amdsata - ok
21:10:59.0326 2408 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:10:59.0341 2408 amdsbs - ok
21:10:59.0341 2408 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:10:59.0357 2408 amdxata - ok
21:10:59.0404 2408 [ 4FA3B5A200AB70F3B62F2A82DAC8DCBD ] AODService C:\Program Files\AMD\OverDrive\AODAssist.exe
21:10:59.0419 2408 AODService - ok
21:10:59.0451 2408 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
21:10:59.0466 2408 AppID - ok
21:10:59.0498 2408 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:10:59.0513 2408 AppIDSvc - ok
21:10:59.0544 2408 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
21:10:59.0576 2408 Appinfo - ok
21:10:59.0607 2408 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
21:10:59.0623 2408 AppMgmt - ok
21:10:59.0638 2408 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
21:10:59.0638 2408 arc - ok
21:10:59.0654 2408 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:10:59.0669 2408 arcsas - ok
21:10:59.0685 2408 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
21:10:59.0701 2408 aswFsBlk - ok
21:10:59.0716 2408 [ E2FEE0486D68BF85355D3EDA1A24FF68 ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
21:10:59.0732 2408 aswKbd - ok
21:10:59.0763 2408 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
21:10:59.0763 2408 aswMonFlt - ok
21:10:59.0779 2408 [ 81F638A2DD94ABBF0B43880AB38D8DBD ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
21:10:59.0794 2408 aswRdr - ok
21:10:59.0810 2408 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
21:10:59.0841 2408 aswSnx - ok
21:10:59.0841 2408 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
21:10:59.0857 2408 aswSP - ok
21:10:59.0873 2408 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
21:10:59.0888 2408 aswTdi - ok
21:10:59.0888 2408 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:10:59.0919 2408 AsyncMac - ok
21:10:59.0951 2408 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
21:10:59.0951 2408 atapi - ok
21:10:59.0998 2408 [ 36A49B49E982450AC117EDA6AB35BDF5 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
21:10:59.0998 2408 AtiHdmiService - ok
21:11:00.0029 2408 [ B73C832088DD54B55E04FF6F9646AD8C ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
21:11:00.0029 2408 AtiPcie - ok
21:11:00.0076 2408 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:11:00.0091 2408 AudioEndpointBuilder - ok
21:11:00.0107 2408 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:11:00.0123 2408 Audiosrv - ok
21:11:00.0169 2408 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:11:00.0185 2408 avast! Antivirus - ok
21:11:00.0201 2408 avast! Firewall - ok
21:11:00.0232 2408 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:11:00.0248 2408 AxInstSV - ok
21:11:00.0279 2408 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
21:11:00.0294 2408 b06bdrv - ok
21:11:00.0310 2408 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
21:11:00.0326 2408 b57nd60x - ok
21:11:00.0357 2408 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
21:11:00.0373 2408 BDESVC - ok
21:11:00.0373 2408 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
21:11:00.0404 2408 Beep - ok
21:11:00.0419 2408 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
21:11:00.0451 2408 BFE - ok
21:11:00.0482 2408 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
21:11:00.0513 2408 BITS - ok
21:11:00.0529 2408 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:11:00.0544 2408 blbdrive - ok
21:11:00.0560 2408 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:11:00.0576 2408 bowser - ok
21:11:00.0576 2408 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:11:00.0591 2408 BrFiltLo - ok
21:11:00.0591 2408 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:11:00.0607 2408 BrFiltUp - ok
21:11:00.0623 2408 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
21:11:00.0638 2408 Browser - ok
21:11:00.0654 2408 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:11:00.0669 2408 Brserid - ok
21:11:00.0669 2408 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:11:00.0685 2408 BrSerWdm - ok
21:11:00.0685 2408 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:11:00.0701 2408 BrUsbMdm - ok
21:11:00.0701 2408 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:11:00.0716 2408 BrUsbSer - ok
21:11:00.0716 2408 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:11:00.0732 2408 BTHMODEM - ok
21:11:00.0748 2408 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
21:11:00.0763 2408 bthserv - ok
21:11:00.0779 2408 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:11:00.0794 2408 cdfs - ok
21:11:00.0826 2408 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
21:11:00.0841 2408 cdrom - ok
21:11:00.0873 2408 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
21:11:00.0904 2408 CertPropSvc - ok
21:11:00.0904 2408 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:11:00.0919 2408 circlass - ok
21:11:00.0935 2408 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
21:11:00.0951 2408 CLFS - ok
21:11:00.0998 2408 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:11:00.0998 2408 clr_optimization_v2.0.50727_32 - ok
21:11:01.0076 2408 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:11:01.0091 2408 clr_optimization_v4.0.30319_32 - ok
21:11:01.0107 2408 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:11:01.0123 2408 CmBatt - ok
21:11:01.0138 2408 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:11:01.0154 2408 cmdide - ok
21:11:01.0185 2408 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
21:11:01.0201 2408 CNG - ok
21:11:01.0216 2408 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:11:01.0232 2408 Compbatt - ok
21:11:01.0263 2408 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:11:01.0279 2408 CompositeBus - ok
21:11:01.0294 2408 COMSysApp - ok
21:11:01.0294 2408 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:11:01.0310 2408 crcdisk - ok
21:11:01.0357 2408 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:11:01.0357 2408 CryptSvc - ok
21:11:01.0388 2408 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
21:11:01.0404 2408 CSC - ok
21:11:01.0451 2408 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
21:11:01.0466 2408 CscService - ok
21:11:01.0482 2408 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
21:11:01.0498 2408 DcomLaunch - ok
21:11:01.0529 2408 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
21:11:01.0544 2408 defragsvc - ok
21:11:01.0591 2408 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:11:01.0607 2408 DfsC - ok
21:11:01.0638 2408 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:11:01.0638 2408 Dhcp - ok
21:11:01.0654 2408 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
21:11:01.0685 2408 discache - ok
21:11:01.0701 2408 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:11:01.0701 2408 Disk - ok
21:11:01.0732 2408 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:11:01.0732 2408 Dnscache - ok
21:11:01.0763 2408 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
21:11:01.0794 2408 dot3svc - ok
21:11:01.0810 2408 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
21:11:01.0841 2408 DPS - ok
21:11:01.0857 2408 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:11:01.0873 2408 drmkaud - ok
21:11:01.0904 2408 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:11:01.0919 2408 DXGKrnl - ok
21:11:01.0935 2408 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
21:11:01.0966 2408 EapHost - ok
21:11:02.0029 2408 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
21:11:02.0060 2408 ebdrv - ok
21:11:02.0091 2408 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
21:11:02.0091 2408 EFS - ok
21:11:02.0154 2408 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:11:02.0169 2408 ehRecvr - ok
21:11:02.0185 2408 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
21:11:02.0201 2408 ehSched - ok
21:11:02.0216 2408 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:11:02.0232 2408 elxstor - ok
21:11:02.0248 2408 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:11:02.0263 2408 ErrDev - ok
21:11:02.0294 2408 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
21:11:02.0310 2408 EventSystem - ok
21:11:02.0341 2408 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
21:11:02.0373 2408 exfat - ok
21:11:02.0373 2408 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:11:02.0404 2408 fastfat - ok
21:11:02.0435 2408 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
21:11:02.0451 2408 Fax - ok
21:11:02.0482 2408 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:11:02.0482 2408 fdc - ok
21:11:02.0498 2408 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
21:11:02.0529 2408 fdPHost - ok
21:11:02.0560 2408 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
21:11:02.0576 2408 FDResPub - ok
21:11:02.0591 2408 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:11:02.0591 2408 FileInfo - ok
21:11:02.0607 2408 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:11:02.0638 2408 Filetrace - ok
21:11:02.0638 2408 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:11:02.0654 2408 flpydisk - ok
21:11:02.0763 2408 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:11:02.0779 2408 FltMgr - ok
21:11:02.0935 2408 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
21:11:02.0951 2408 FontCache - ok
21:11:03.0091 2408 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:11:03.0107 2408 FontCache3.0.0.0 - ok
21:11:03.0232 2408 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:11:03.0248 2408 FsDepends - ok
21:11:03.0388 2408 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:11:03.0404 2408 Fs_Rec - ok
21:11:03.0435 2408 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:11:03.0451 2408 fvevol - ok
21:11:03.0466 2408 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:11:03.0466 2408 gagp30kx - ok
21:11:03.0513 2408 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
21:11:03.0529 2408 gpsvc - ok
21:11:03.0638 2408 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:11:03.0654 2408 hcw85cir - ok
21:11:03.0779 2408 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:11:03.0794 2408 HdAudAddService - ok
21:11:03.0810 2408 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:11:03.0810 2408 HDAudBus - ok
21:11:03.0826 2408 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:11:03.0826 2408 HidBatt - ok
21:11:03.0841 2408 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:11:03.0857 2408 HidBth - ok
21:11:03.0873 2408 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:11:03.0888 2408 HidIr - ok
21:11:03.0904 2408 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
21:11:03.0919 2408 hidserv - ok
21:11:03.0966 2408 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:11:03.0982 2408 HidUsb - ok
21:11:03.0998 2408 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:11:04.0029 2408 hkmsvc - ok
21:11:04.0060 2408 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:11:04.0076 2408 HomeGroupListener - ok
21:11:04.0107 2408 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:11:04.0123 2408 HomeGroupProvider - ok
21:11:04.0154 2408 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:11:04.0169 2408 HpSAMD - ok
21:11:04.0201 2408 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:11:04.0232 2408 HTTP - ok
21:11:04.0263 2408 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:11:04.0279 2408 hwpolicy - ok
21:11:04.0310 2408 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:11:04.0326 2408 i8042prt - ok
21:11:04.0357 2408 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:11:04.0357 2408 iaStorV - ok
21:11:04.0419 2408 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:11:04.0435 2408 idsvc - ok
21:11:04.0451 2408 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:11:04.0466 2408 iirsp - ok
21:11:04.0498 2408 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
21:11:04.0529 2408 IKEEXT - ok
21:11:04.0544 2408 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
21:11:04.0544 2408 intelide - ok
21:11:04.0560 2408 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:11:04.0576 2408 intelppm - ok
21:11:04.0591 2408 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:11:04.0623 2408 IPBusEnum - ok
21:11:04.0623 2408 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:11:04.0638 2408 IpFilterDriver - ok
21:11:04.0669 2408 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:11:04.0685 2408 iphlpsvc - ok
21:11:04.0716 2408 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:11:04.0732 2408 IPMIDRV - ok
21:11:04.0732 2408 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:11:04.0763 2408 IPNAT - ok
21:11:04.0779 2408 [ 9F7E491FB0BA0F9E370163834FC1FE31 ] irda C:\Windows\system32\DRIVERS\irda.sys
21:11:04.0794 2408 irda - ok
21:11:04.0810 2408 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:11:04.0826 2408 IRENUM - ok
21:11:04.0841 2408 [ 4220D2F03D5C4226D0A1AA4B84025E45 ] Irmon C:\Windows\System32\irmon.dll
21:11:04.0857 2408 Irmon - ok
21:11:04.0888 2408 [ D04DA73127FFED720DFC4EB673A23E04 ] irsir C:\Windows\system32\DRIVERS\irsir.sys
21:11:04.0888 2408 irsir - ok
21:11:04.0919 2408 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:11:04.0935 2408 isapnp - ok
21:11:04.0951 2408 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:11:04.0951 2408 iScsiPrt - ok
21:11:04.0982 2408 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:11:04.0982 2408 kbdclass - ok
21:11:05.0013 2408 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:11:05.0013 2408 kbdhid - ok
21:11:05.0029 2408 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
21:11:05.0044 2408 KeyIso - ok
21:11:05.0060 2408 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:11:05.0076 2408 KSecDD - ok
21:11:05.0091 2408 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:11:05.0091 2408 KSecPkg - ok
21:11:05.0123 2408 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
21:11:05.0154 2408 KtmRm - ok
21:11:05.0154 2408 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
21:11:05.0185 2408 LanmanServer - ok
21:11:05.0216 2408 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:11:05.0232 2408 LanmanWorkstation - ok
21:11:05.0263 2408 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:11:05.0294 2408 lltdio - ok
21:11:05.0310 2408 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:11:05.0341 2408 lltdsvc - ok
21:11:05.0341 2408 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
21:11:05.0373 2408 lmhosts - ok
21:11:05.0388 2408 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:11:05.0404 2408 LSI_FC - ok
21:11:05.0419 2408 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:11:05.0435 2408 LSI_SAS - ok
21:11:05.0435 2408 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:11:05.0451 2408 LSI_SAS2 - ok
21:11:05.0451 2408 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:11:05.0466 2408 LSI_SCSI - ok
21:11:05.0482 2408 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
21:11:05.0498 2408 luafv - ok
21:11:05.0529 2408 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:11:05.0544 2408 Mcx2Svc - ok
21:11:05.0560 2408 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:11:05.0576 2408 megasas - ok
21:11:05.0576 2408 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:11:05.0591 2408 MegaSR - ok
21:11:05.0607 2408 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
21:11:05.0623 2408 MMCSS - ok
21:11:05.0638 2408 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
21:11:05.0669 2408 Modem - ok
21:11:05.0685 2408 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:11:05.0685 2408 monitor - ok
21:11:05.0732 2408 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:11:05.0732 2408 mouclass - ok
21:11:05.0763 2408 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:11:05.0779 2408 mouhid - ok
21:11:05.0826 2408 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:11:05.0841 2408 mountmgr - ok
21:11:05.0873 2408 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:11:05.0888 2408 MozillaMaintenance - ok
21:11:05.0904 2408 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
21:11:05.0919 2408 mpio - ok
21:11:05.0935 2408 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:11:05.0951 2408 mpsdrv - ok
21:11:05.0998 2408 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:11:06.0013 2408 MpsSvc - ok
21:11:06.0044 2408 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:11:06.0060 2408 MRxDAV - ok
21:11:06.0091 2408 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:11:06.0091 2408 mrxsmb - ok
21:11:06.0107 2408 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:11:06.0123 2408 mrxsmb10 - ok
21:11:06.0123 2408 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:11:06.0138 2408 mrxsmb20 - ok
21:11:06.0154 2408 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
21:11:06.0154 2408 msahci - ok
21:11:06.0185 2408 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:11:06.0201 2408 msdsm - ok
21:11:06.0216 2408 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
21:11:06.0232 2408 MSDTC - ok
21:11:06.0248 2408 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:11:06.0263 2408 Msfs - ok
21:11:06.0279 2408 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:11:06.0294 2408 mshidkmdf - ok
21:11:06.0310 2408 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:11:06.0326 2408 msisadrv - ok
21:11:06.0341 2408 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:11:06.0357 2408 MSiSCSI - ok
21:11:06.0373 2408 msiserver - ok
21:11:06.0388 2408 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:11:06.0419 2408 MSKSSRV - ok
21:11:06.0435 2408 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:11:06.0451 2408 MSPCLOCK - ok
21:11:06.0466 2408 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:11:06.0482 2408 MSPQM - ok
21:11:06.0498 2408 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:11:06.0513 2408 MsRPC - ok
21:11:06.0544 2408 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:11:06.0560 2408 mssmbios - ok
21:11:06.0560 2408 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:11:06.0576 2408 MSTEE - ok
21:11:06.0591 2408 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:11:06.0607 2408 MTConfig - ok
21:11:06.0607 2408 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
21:11:06.0623 2408 Mup - ok
21:11:06.0638 2408 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
21:11:06.0654 2408 napagent - ok
21:11:06.0685 2408 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:11:06.0701 2408 NativeWifiP - ok
21:11:06.0748 2408 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:11:06.0779 2408 NDIS - ok
21:11:06.0779 2408 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:11:06.0794 2408 NdisCap - ok
21:11:06.0826 2408 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:11:06.0841 2408 NdisTapi - ok
21:11:06.0873 2408 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:11:06.0888 2408 Ndisuio - ok
21:11:06.0935 2408 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:11:06.0951 2408 NdisWan - ok
21:11:06.0966 2408 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:11:06.0982 2408 NDProxy - ok
21:11:06.0998 2408 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:11:07.0013 2408 NetBIOS - ok
21:11:07.0044 2408 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:11:07.0076 2408 NetBT - ok
21:11:07.0076 2408 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
21:11:07.0091 2408 Netlogon - ok
21:11:07.0123 2408 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
21:11:07.0154 2408 Netman - ok
21:11:07.0169 2408 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
21:11:07.0185 2408 netprofm - ok
21:11:07.0201 2408 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:11:07.0216 2408 NetTcpPortSharing - ok
21:11:07.0232 2408 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:11:07.0248 2408 nfrd960 - ok
21:11:07.0263 2408 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
21:11:07.0279 2408 NlaSvc - ok
21:11:07.0279 2408 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:11:07.0294 2408 Npfs - ok
21:11:07.0326 2408 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
21:11:07.0357 2408 nsi - ok
21:11:07.0357 2408 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:11:07.0388 2408 nsiproxy - ok
21:11:07.0435 2408 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:11:07.0451 2408 Ntfs - ok
21:11:07.0466 2408 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
21:11:07.0482 2408 Null - ok
21:11:07.0529 2408 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:11:07.0544 2408 nvraid - ok
21:11:07.0560 2408 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:11:07.0560 2408 nvstor - ok
21:11:07.0591 2408 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:11:07.0607 2408 nv_agp - ok
21:11:07.0638 2408 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:11:07.0654 2408 ohci1394 - ok
21:11:07.0685 2408 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:11:07.0701 2408 ose - ok
21:11:07.0716 2408 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:11:07.0732 2408 p2pimsvc - ok
21:11:07.0748 2408 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
21:11:07.0763 2408 p2psvc - ok
21:11:07.0779 2408 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:11:07.0794 2408 Parport - ok
21:11:07.0810 2408 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:11:07.0826 2408 partmgr - ok
21:11:07.0841 2408 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
21:11:07.0841 2408 Parvdm - ok
21:11:07.0857 2408 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:11:07.0873 2408 PcaSvc - ok
21:11:07.0888 2408 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
21:11:07.0904 2408 pci - ok
21:11:07.0919 2408 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
21:11:07.0919 2408 pciide - ok
21:11:07.0935 2408 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:11:07.0951 2408 pcmcia - ok
21:11:07.0966 2408 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
21:11:07.0982 2408 pcw - ok
21:11:07.0998 2408 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:11:08.0029 2408 PEAUTH - ok
21:11:08.0060 2408 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:11:08.0076 2408 PeerDistSvc - ok
21:11:08.0138 2408 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
21:11:08.0185 2408 pla - ok
21:11:08.0201 2408 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:11:08.0216 2408 PlugPlay - ok
21:11:08.0232 2408 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:11:08.0248 2408 PNRPAutoReg - ok
21:11:08.0263 2408 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:11:08.0279 2408 PNRPsvc - ok
21:11:08.0294 2408 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:11:08.0326 2408 PolicyAgent - ok
21:11:08.0357 2408 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
21:11:08.0388 2408 Power - ok
21:11:08.0419 2408 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:11:08.0435 2408 PptpMiniport - ok
21:11:08.0451 2408 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:11:08.0451 2408 Processor - ok
21:11:08.0466 2408 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
21:11:08.0482 2408 ProfSvc - ok
21:11:08.0498 2408 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:11:08.0513 2408 ProtectedStorage - ok
21:11:08.0529 2408 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:11:08.0544 2408 Psched - ok
21:11:08.0576 2408 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:11:08.0607 2408 ql2300 - ok
21:11:08.0623 2408 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:11:08.0623 2408 ql40xx - ok
21:11:08.0654 2408 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
21:11:08.0669 2408 QWAVE - ok
21:11:08.0685 2408 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:11:08.0701 2408 QWAVEdrv - ok
21:11:08.0716 2408 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:11:08.0732 2408 RasAcd - ok
21:11:08.0748 2408 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:11:08.0763 2408 RasAgileVpn - ok
21:11:08.0779 2408 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
21:11:08.0810 2408 RasAuto - ok
21:11:08.0810 2408 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:11:08.0841 2408 Rasl2tp - ok
21:11:08.0873 2408 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
21:11:08.0904 2408 RasMan - ok
21:11:08.0904 2408 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:11:08.0935 2408 RasPppoe - ok
21:11:08.0935 2408 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:11:08.0951 2408 RasSstp - ok
21:11:08.0998 2408 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:11:09.0013 2408 rdbss - ok
21:11:09.0029 2408 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:11:09.0044 2408 rdpbus - ok
21:11:09.0076 2408 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:11:09.0091 2408 RDPCDD - ok
21:11:09.0123 2408 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:11:09.0123 2408 RDPDR - ok
21:11:09.0154 2408 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:11:09.0169 2408 RDPENCDD - ok
21:11:09.0169 2408 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:11:09.0201 2408 RDPREFMP - ok
21:11:09.0216 2408 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:11:09.0232 2408 RDPWD - ok
21:11:09.0279 2408 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:11:09.0294 2408 rdyboost - ok
21:11:09.0310 2408 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
21:11:09.0326 2408 RemoteAccess - ok
21:11:09.0357 2408 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:11:09.0388 2408 RemoteRegistry - ok
21:11:09.0404 2408 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:11:09.0419 2408 RpcEptMapper - ok
21:11:09.0435 2408 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
21:11:09.0451 2408 RpcLocator - ok
21:11:09.0466 2408 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
21:11:09.0498 2408 RpcSs - ok
21:11:09.0498 2408 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:11:09.0529 2408 rspndr - ok
21:11:09.0544 2408 [ 6465166DD9B2F841DABAD16ABDADBE98 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
21:11:09.0560 2408 RTL8167 - ok
21:11:09.0591 2408 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:11:09.0607 2408 s3cap - ok
21:11:09.0607 2408 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
21:11:09.0623 2408 SamSs - ok
21:11:09.0638 2408 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:11:09.0654 2408 sbp2port - ok
21:11:09.0685 2408 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:11:09.0701 2408 SCardSvr - ok
21:11:09.0732 2408 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:11:09.0763 2408 scfilter - ok
21:11:09.0794 2408 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
21:11:09.0826 2408 Schedule - ok
21:11:09.0841 2408 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:11:09.0857 2408 SCPolicySvc - ok
21:11:09.0888 2408 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:11:09.0904 2408 SDRSVC - ok
21:11:09.0935 2408 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:11:09.0951 2408 secdrv - ok
21:11:09.0966 2408 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
21:11:09.0982 2408 seclogon - ok
21:11:10.0013 2408 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
21:11:10.0029 2408 SENS - ok
21:11:10.0060 2408 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:11:10.0076 2408 SensrSvc - ok
21:11:10.0091 2408 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:11:10.0107 2408 Serenum - ok
21:11:10.0107 2408 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:11:10.0123 2408 Serial - ok
21:11:10.0154 2408 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:11:10.0154 2408 sermouse - ok
21:11:10.0185 2408 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
21:11:10.0216 2408 SessionEnv - ok
21:11:10.0232 2408 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:11:10.0248 2408 sffdisk - ok
21:11:10.0248 2408 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:11:10.0263 2408 sffp_mmc - ok
21:11:10.0279 2408 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:11:10.0279 2408 sffp_sd - ok
21:11:10.0294 2408 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:11:10.0310 2408 sfloppy - ok
21:11:10.0326 2408 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:11:10.0357 2408 SharedAccess - ok
21:11:10.0373 2408 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:11:10.0388 2408 ShellHWDetection - ok
21:11:10.0404 2408 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
21:11:10.0404 2408 sisagp - ok
21:11:10.0419 2408 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:11:10.0435 2408 SiSRaid2 - ok
21:11:10.0451 2408 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:11:10.0451 2408 SiSRaid4 - ok
21:11:10.0466 2408 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
21:11:10.0482 2408 SkypeUpdate - ok
21:11:10.0498 2408 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:11:10.0529 2408 Smb - ok
21:11:10.0560 2408 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:11:10.0576 2408 SNMPTRAP - ok
21:11:10.0591 2408 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
21:11:10.0591 2408 spldr - ok
21:11:10.0623 2408 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
21:11:10.0638 2408 Spooler - ok
21:11:10.0701 2408 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
21:11:10.0748 2408 sppsvc - ok
21:11:10.0794 2408 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:11:10.0826 2408 sppuinotify - ok
21:11:10.0857 2408 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\Windows\system32\Drivers\sptd.sys
21:11:10.0857 2408 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
21:11:10.0857 2408 sptd ( LockedFile.Multi.Generic ) - warning
21:11:10.0857 2408 sptd - detected LockedFile.Multi.Generic (1)
21:11:10.0888 2408 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:11:10.0888 2408 srv - ok
21:11:10.0904 2408 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:11:10.0919 2408 srv2 - ok
21:11:10.0951 2408 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:11:10.0951 2408 srvnet - ok
21:11:10.0982 2408 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:11:10.0998 2408 SSDPSRV - ok
21:11:11.0013 2408 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:11:11.0029 2408 SstpSvc - ok
21:11:11.0044 2408 Steam Client Service - ok
21:11:11.0076 2408 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:11:11.0076 2408 stexstor - ok
21:11:11.0123 2408 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
21:11:11.0138 2408 StiSvc - ok
21:11:11.0154 2408 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:11:11.0154 2408 storflt - ok
21:11:11.0169 2408 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
21:11:11.0185 2408 StorSvc - ok
21:11:11.0216 2408 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:11:11.0232 2408 storvsc - ok
21:11:11.0263 2408 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
21:11:11.0263 2408 swenum - ok
21:11:11.0279 2408 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
21:11:11.0310 2408 swprv - ok
21:11:11.0357 2408 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
21:11:11.0388 2408 SysMain - ok
21:11:11.0404 2408 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:11:11.0419 2408 TabletInputService - ok
21:11:11.0451 2408 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
21:11:11.0482 2408 TapiSrv - ok
21:11:11.0498 2408 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
21:11:11.0529 2408 TBS - ok
21:11:11.0560 2408 [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:11:11.0576 2408 Tcpip - ok
21:11:11.0607 2408 [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:11:11.0623 2408 TCPIP6 - ok
21:11:11.0654 2408 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:11:11.0669 2408 tcpipreg - ok
21:11:11.0685 2408 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:11:11.0701 2408 TDPIPE - ok
21:11:11.0701 2408 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:11:11.0716 2408 TDTCP - ok
21:11:11.0748 2408 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:11:11.0763 2408 tdx - ok
21:11:11.0779 2408 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:11:11.0794 2408 TermDD - ok
21:11:11.0826 2408 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
21:11:11.0841 2408 TermService - ok
21:11:11.0857 2408 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
21:11:11.0873 2408 Themes - ok
21:11:11.0888 2408 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
21:11:11.0904 2408 THREADORDER - ok
21:11:11.0935 2408 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
21:11:11.0951 2408 TrkWks - ok
21:11:11.0982 2408 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:11:12.0013 2408 TrustedInstaller - ok
21:11:12.0029 2408 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:11:12.0044 2408 tssecsrv - ok
21:11:12.0076 2408 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:11:12.0091 2408 TsUsbFlt - ok
21:11:12.0123 2408 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:11:12.0154 2408 tunnel - ok
21:11:12.0169 2408 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:11:12.0185 2408 uagp35 - ok
21:11:12.0201 2408 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:11:12.0216 2408 udfs - ok
21:11:12.0232 2408 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:11:12.0248 2408 UI0Detect - ok
21:11:12.0279 2408 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:11:12.0294 2408 uliagpkx - ok
21:11:12.0341 2408 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
21:11:12.0341 2408 umbus - ok
21:11:12.0373 2408 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:11:12.0373 2408 UmPass - ok
21:11:12.0404 2408 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
21:11:12.0419 2408 UmRdpService - ok
21:11:12.0451 2408 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
21:11:12.0466 2408 upnphost - ok
21:11:12.0482 2408 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:11:12.0498 2408 usbccgp - ok
21:11:12.0529 2408 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:11:12.0544 2408 usbcir - ok
21:11:12.0560 2408 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:11:12.0576 2408 usbehci - ok
21:11:12.0591 2408 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:11:12.0607 2408 usbhub - ok
21:11:12.0607 2408 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:11:12.0623 2408 usbohci - ok
21:11:12.0638 2408 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:11:12.0654 2408 usbprint - ok
21:11:12.0654 2408 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:11:12.0669 2408 USBSTOR - ok
21:11:12.0685 2408 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:11:12.0701 2408 usbuhci - ok
21:11:12.0716 2408 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
21:11:12.0732 2408 UxSms - ok
21:11:12.0748 2408 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
21:11:12.0748 2408 VaultSvc - ok
21:11:12.0763 2408 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:11:12.0779 2408 vdrvroot - ok
21:11:12.0826 2408 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
21:11:12.0841 2408 vds - ok
21:11:12.0857 2408 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:11:12.0873 2408 vga - ok
21:11:12.0888 2408 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:11:12.0904 2408 VgaSave - ok
21:11:12.0904 2408 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:11:12.0919 2408 vhdmp - ok
21:11:12.0951 2408 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
21:11:12.0951 2408 viaagp - ok
21:11:12.0966 2408 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
21:11:12.0982 2408 ViaC7 - ok
21:11:13.0013 2408 [ A6CAB31A6CFCD41E5213A924B2413EF1 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
21:11:13.0029 2408 VIAHdAudAddService - ok
21:11:13.0060 2408 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
21:11:13.0076 2408 viaide - ok
21:11:13.0091 2408 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:11:13.0107 2408 vmbus - ok
21:11:13.0107 2408 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:11:13.0123 2408 VMBusHID - ok
21:11:13.0123 2408 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:11:13.0138 2408 volmgr - ok
21:11:13.0154 2408 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:11:13.0169 2408 volmgrx - ok
21:11:13.0185 2408 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:11:13.0201 2408 volsnap - ok
21:11:13.0216 2408 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:11:13.0232 2408 vsmraid - ok
21:11:13.0263 2408 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
21:11:13.0294 2408 VSS - ok
21:11:13.0310 2408 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:11:13.0326 2408 vwifibus - ok
21:11:13.0357 2408 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
21:11:13.0388 2408 W32Time - ok
21:11:13.0404 2408 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:11:13.0404 2408 WacomPen - ok
21:11:13.0451 2408 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:11:13.0466 2408 WANARP - ok
21:11:13.0482 2408 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:11:13.0498 2408 Wanarpv6 - ok
21:11:13.0529 2408 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
21:11:13.0544 2408 wbengine - ok
21:11:13.0560 2408 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:11:13.0576 2408 WbioSrvc - ok
21:11:13.0607 2408 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:11:13.0638 2408 wcncsvc - ok
21:11:13.0654 2408 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:11:13.0669 2408 WcsPlugInService - ok
21:11:13.0669 2408 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:11:13.0685 2408 Wd - ok
21:11:13.0701 2408 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:11:13.0732 2408 Wdf01000 - ok
21:11:13.0732 2408 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:11:13.0748 2408 WdiServiceHost - ok
21:11:13.0748 2408 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:11:13.0763 2408 WdiSystemHost - ok
21:11:13.0794 2408 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
21:11:13.0810 2408 WebClient - ok
21:11:13.0826 2408 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:11:13.0857 2408 Wecsvc - ok
21:11:13.0873 2408 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:11:13.0888 2408 wercplsupport - ok
21:11:13.0919 2408 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
21:11:13.0935 2408 WerSvc - ok
21:11:13.0951 2408 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:11:13.0982 2408 WfpLwf - ok
21:11:13.0982 2408 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:11:13.0998 2408 WIMMount - ok
21:11:14.0060 2408 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
21:11:14.0076 2408 WinDefend - ok
21:11:14.0076 2408 WinHttpAutoProxySvc - ok
21:11:14.0138 2408 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:11:14.0154 2408 Winmgmt - ok
21:11:14.0201 2408 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
21:11:14.0232 2408 WinRM - ok
21:11:14.0279 2408 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
21:11:14.0294 2408 WinUsb - ok
21:11:14.0326 2408 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:11:14.0341 2408 Wlansvc - ok
21:11:14.0373 2408 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:11:14.0388 2408 WmiAcpi - ok
21:11:14.0404 2408 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:11:14.0419 2408 wmiApSrv - ok
21:11:14.0451 2408 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
21:11:14.0466 2408 WMPNetworkSvc - ok
21:11:14.0482 2408 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:11:14.0498 2408 WPCSvc - ok
21:11:14.0513 2408 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:11:14.0529 2408 WPDBusEnum - ok
21:11:14.0560 2408 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:11:14.0576 2408 ws2ifsl - ok
21:11:14.0591 2408 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
21:11:14.0607 2408 wscsvc - ok
21:11:14.0607 2408 WSearch - ok
21:11:14.0654 2408 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
21:11:14.0685 2408 wuauserv - ok
21:11:14.0701 2408 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:11:14.0716 2408 WudfPf - ok
21:11:14.0748 2408 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:11:14.0763 2408 WUDFRd - ok
21:11:14.0779 2408 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:11:14.0794 2408 wudfsvc - ok
21:11:14.0826 2408 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
21:11:14.0841 2408 WwanSvc - ok
21:11:14.0841 2408 ================ Scan global ===============================
21:11:14.0873 2408 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
21:11:14.0888 2408 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
21:11:14.0904 2408 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
21:11:14.0935 2408 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
21:11:14.0966 2408 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
21:11:14.0966 2408 [Global] - ok
21:11:14.0966 2408 ================ Scan MBR ==================================
21:11:14.0982 2408 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:11:15.0154 2408 \Device\Harddisk0\DR0 - ok
21:11:15.0154 2408 ================ Scan VBR ==================================
21:11:15.0154 2408 [ A96C18EED86C70C53B2F8CEFAC968C46 ] \Device\Harddisk0\DR0\Partition1
21:11:15.0154 2408 \Device\Harddisk0\DR0\Partition1 - ok
21:11:15.0169 2408 [ 948788CDDC3115261E66C3073F606944 ] \Device\Harddisk0\DR0\Partition2
21:11:15.0185 2408 \Device\Harddisk0\DR0\Partition2 - ok
21:11:15.0201 2408 [ 42ECD6519B12D727CACD6E17548AD18D ] \Device\Harddisk0\DR0\Partition3
21:11:15.0201 2408 \Device\Harddisk0\DR0\Partition3 - ok
21:11:15.0201 2408 ============================================================
21:11:15.0201 2408 Scan finished
21:11:15.0201 2408 ============================================================
21:11:15.0201 2440 Detected object count: 1
21:11:15.0201 2440 Actual detected object count: 1
21:11:57.0873 2440 sptd ( LockedFile.Multi.Generic ) - skipped by user
21:11:57.0873 2440 sptd ( LockedFile.Multi.Generic ) - User select action: Skip


Alt 15.02.2013, 21:41   #6
markusg
/// Malware-holic
 
25 Funde mit Malwarebyts - PUP.LoadTubes - Standard

25 Funde mit Malwarebyts - PUP.LoadTubes


Yes sir.
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> 25 Funde mit Malwarebyts - PUP.LoadTubes

Alt 15.02.2013, 21:56   #7
passi
 
25 Funde mit Malwarebyts - PUP.LoadTubes - Standard

25 Funde mit Malwarebyts - PUP.LoadTubes


hier bitte :

Combofix Logfile:
Code:
ATTFilter
ComboFix 13-02-15.01 - Passi 15.02.2013  21:48:40.1.4 - x86
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.3199.2244 [GMT 1:00]
ausgeführt von:: c:\users\Passi\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Passi\AppData\Roaming\convert\convert.exe
D:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-01-15 bis 2013-02-15  ))))))))))))))))))))))))))))))
.
.
2013-02-15 14:33 . 2013-02-15 14:33	--------	d-----w-	c:\users\Passi\AppData\Roaming\Malwarebytes
2013-02-15 14:33 . 2013-02-15 14:33	--------	d-----w-	c:\programdata\Malwarebytes
2013-02-15 14:33 . 2013-02-15 14:33	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2013-02-15 14:33 . 2012-12-14 15:49	21104	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-02-15 12:27 . 2013-01-08 04:57	6991832	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{CD289B1D-61B0-41E5-B47E-024525968DB7}\mpengine.dll
2013-02-14 15:23 . 2013-02-14 15:23	--------	d-----w-	c:\users\Passi\AppData\Roaming\QuickScan
2013-02-14 12:28 . 2013-01-04 03:00	2347008	----a-w-	c:\windows\system32\win32k.sys
2013-02-14 12:28 . 2013-01-05 05:00	3967848	----a-w-	c:\windows\system32\ntkrnlpa.exe
2013-02-14 12:28 . 2013-01-05 05:00	3913064	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-02-14 12:28 . 2013-01-03 05:05	1293672	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-02-14 12:28 . 2013-01-03 05:04	187752	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-14 12:28 . 2013-01-04 04:50	169984	----a-w-	c:\windows\system32\winsrv.dll
2013-02-10 15:00 . 2013-02-10 15:00	--------	d-----w-	c:\users\Passi\.thumbnails
2013-02-10 14:58 . 2013-02-10 14:58	--------	d-----w-	c:\users\Passi\AppData\Local\fontconfig
2013-02-10 14:58 . 2013-02-14 14:50	--------	d-----w-	c:\users\Passi\.gimp-2.8
2013-02-10 14:58 . 2013-02-10 14:58	--------	d-----w-	c:\users\Passi\AppData\Local\gegl-0.2
2013-02-10 14:57 . 2013-02-10 14:58	--------	d-----w-	c:\program files\GIMP 2
2013-02-10 14:56 . 2013-02-10 14:56	--------	d-----w-	c:\users\Passi\AppData\Local\Programs
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-15 14:41 . 2012-10-07 06:26	71024	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-15 14:41 . 2012-10-07 06:26	691568	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-01-17 00:28 . 2012-10-06 21:19	232336	------w-	c:\windows\system32\MpSigStub.exe
2012-12-16 14:13 . 2012-12-21 18:08	295424	----a-w-	c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 18:08	34304	----a-w-	c:\windows\system32\atmlib.dll
2012-12-07 12:26 . 2013-01-11 13:44	308736	----a-w-	c:\windows\system32\Wpc.dll
2012-12-07 12:20 . 2013-01-11 13:44	2576384	----a-w-	c:\windows\system32\gameux.dll
2012-12-07 10:46 . 2013-01-11 13:44	43520	----a-w-	c:\windows\system32\csrr.rs
2012-12-07 10:46 . 2013-01-11 13:44	30720	----a-w-	c:\windows\system32\usk.rs
2012-12-07 10:46 . 2013-01-11 13:44	45568	----a-w-	c:\windows\system32\oflc-nz.rs
2012-12-07 10:46 . 2013-01-11 13:44	44544	----a-w-	c:\windows\system32\pegibbfc.rs
2012-12-07 10:46 . 2013-01-11 13:44	20480	----a-w-	c:\windows\system32\pegi-pt.rs
2012-12-07 10:46 . 2013-01-11 13:44	23552	----a-w-	c:\windows\system32\oflc.rs
2012-12-07 10:46 . 2013-01-11 13:44	20480	----a-w-	c:\windows\system32\pegi-fi.rs
2012-12-07 10:46 . 2013-01-11 13:44	46592	----a-w-	c:\windows\system32\fpb.rs
2012-12-07 10:46 . 2013-01-11 13:44	20480	----a-w-	c:\windows\system32\pegi.rs
2012-12-07 10:46 . 2013-01-11 13:44	21504	----a-w-	c:\windows\system32\grb.rs
2012-12-07 10:46 . 2013-01-11 13:44	40960	----a-w-	c:\windows\system32\cob-au.rs
2012-12-07 10:46 . 2013-01-11 13:44	15360	----a-w-	c:\windows\system32\djctq.rs
2012-12-07 10:46 . 2013-01-11 13:44	55296	----a-w-	c:\windows\system32\cero.rs
2012-12-07 10:46 . 2013-01-11 13:44	51712	----a-w-	c:\windows\system32\esrb.rs
2012-11-30 04:47 . 2013-01-11 13:44	293376	----a-w-	c:\windows\system32\KernelBase.dll
2012-11-30 04:45 . 2013-01-11 13:44	4608	---ha-w-	c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-11 13:44	4096	---ha-w-	c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-11 13:44	4096	---ha-w-	c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-11 13:44	4096	---ha-w-	c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-11 13:44	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-11 13:44	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45 . 2013-01-11 13:44	3584	---ha-w-	c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-11 13:44	3584	---ha-w-	c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-11 13:44	3584	---ha-w-	c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 04:45 . 2013-01-11 13:44	3584	---ha-w-	c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 04:45 . 2013-01-11 13:44	3584	---ha-w-	c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 04:45 . 2013-01-11 13:44	3584	---ha-w-	c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 04:45 . 2013-01-11 13:44	3072	---ha-w-	c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-11 13:44	3072	---ha-w-	c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 04:45 . 2013-01-11 13:44	3072	---ha-w-	c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 04:45 . 2013-01-11 13:44	3072	---ha-w-	c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 04:45 . 2013-01-11 13:44	5120	---ha-w-	c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 04:45 . 2013-01-11 13:44	3072	---ha-w-	c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 04:45 . 2013-01-11 13:44	3072	---ha-w-	c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 04:45 . 2013-01-11 13:44	3072	---ha-w-	c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 04:45 . 2013-01-11 13:44	3072	---ha-w-	c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 04:45 . 2013-01-11 13:44	3072	---ha-w-	c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 04:45 . 2013-01-11 13:44	3072	---ha-w-	c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 04:45 . 2013-01-11 13:44	3072	---ha-w-	c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 02:55 . 2013-01-11 13:44	271360	----a-w-	c:\windows\system32\conhost.exe
2012-11-30 02:38 . 2013-01-11 13:44	6144	---ha-w-	c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38 . 2013-01-11 13:44	4608	---ha-w-	c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38 . 2013-01-11 13:44	3584	---ha-w-	c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38 . 2013-01-11 13:44	3072	---ha-w-	c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-23 02:48 . 2013-01-11 13:43	49152	----a-w-	c:\windows\system32\taskhost.exe
2012-11-22 04:45 . 2013-01-11 13:44	626688	----a-w-	c:\windows\system32\usp10.dll
2012-11-20 04:51 . 2013-01-11 13:43	220160	----a-w-	c:\windows\system32\ncrypt.dll
2013-02-06 14:25 . 2013-02-06 14:25	262552	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50	121528	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-02 98304]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-15 1474560]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"razer"="c:\program files\Razer\Copperhead\razerhid.exe" [2005-10-08 155648]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Steam"="c:\program files\Steam\Steam.exe" -silent
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
.
R2 AODService;AODService;c:\program files\AMD\OverDrive\AODAssist.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 18760043
*NewlyCreated* - 25690372
*Deregistered* - 18760043
*Deregistered* - 25690372
.
.
------- Zusätzlicher Suchlauf -------
.
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Passi\AppData\Roaming\Mozilla\Firefox\Profiles\4lt8fsih.default\
FF - prefs.js: browser.startup.homepage - hxxp://de-de.facebook.com/
FF - user.js: extentions.y2layers.installId - c3df0d04-a5a7-43f6-ad78-79c9abf82d58
FF - user.js: extentions.y2layers.defaultEnableAppsList - DropDownDeals,ezLooker,pagerage,buzzdock,toprelatedtopics,twittube,YontooNewOffers
FF - user.js: extensions.autoDisableScopes - 14
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-{074B8D21-D95E-44FE-A38E-40445E30C6D3}_is1 - d:\spiele\L2 High Five Clean\system\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-02-15  21:53:27
ComboFix-quarantined-files.txt  2013-02-15 20:53
.
Vor Suchlauf: 5 Verzeichnis(se), 197.896.671.232 Bytes frei
Nach Suchlauf: 8 Verzeichnis(se), 197.725.011.968 Bytes frei
.
- - End Of File - - ADEB705B83425C201438EB70FE602780
--- --- ---
Alt 15.02.2013, 22:48   #8
markusg
/// Malware-holic
 
25 Funde mit Malwarebyts - PUP.LoadTubes - Standard

25 Funde mit Malwarebyts - PUP.LoadTubes


hi
Bitte malwarebytes öffnen, Update, und ein Update einspielen, dann einen vollständigen Scan, log posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 16.02.2013, 10:17   #9
passi
 
25 Funde mit Malwarebyts - PUP.LoadTubes - Standard

25 Funde mit Malwarebyts - PUP.LoadTubes


Einen wunderschönen guten morgen allerseits

Hier der Bericht


Zitat:
^Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.02.15.08

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Passi :: LO [Administrator]

16.02.2013 09:50:41
MBAM-log-2013-02-16 (10-16-38).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 290199
Laufzeit: 23 Minute(n), 10 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
D:\Spiele\L2 Age\L2Age.exe (Trojan.Downloader) -> Keine Aktion durchgeführt.

(Ende)

Alt 17.02.2013, 17:11   #10
markusg
/// Malware-holic
 
25 Funde mit Malwarebyts - PUP.LoadTubes - Standard

25 Funde mit Malwarebyts - PUP.LoadTubes


hi

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 17.02.2013, 20:25   #11
passi
 
25 Funde mit Malwarebyts - PUP.LoadTubes - Standard

25 Funde mit Malwarebyts - PUP.LoadTubes


Huhu


Zitat:
Acrobat.com Adobe Systems Incorporated 06.10.2012 1.1.377 (Nötig)
Adobe AIR Adobe Systems Inc. 06.10.2012 1.0.4990 (Nötig)
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 15.02.2013 6,00MB 11.6.602.168 (Nötig)
Adobe Reader 9 Adobe Systems Incorporated 06.10.2012 202MB 9.0.0 (Nötig)
AMD OverDrive Advanced Micro Devices, Inc. 06.10.2012 21,9MB 3.0.2.0289 (Nötig)
ASRock IES v2.0.1 06.10.2012 (Nötig)
ASRock InstantBoot v1.23 06.10.2012 (Nötig)
ASRock OC DNA v1.5 06.10.2012 (Nötig)
ASRock OC Tuner v2.2.74 06.10.2012 (Nötig)
ATI Catalyst Install Manager ATI Technologies, Inc. 06.10.2012 16,3MB 3.0.762.0 (Nötig)
avast! Free Antivirus AVAST Software 17.11.2012 7.0.1474.0 (Nötig, Virenscanner)
CCleaner Piriform 23.01.2013 3.27 (Nötig)
Deus Ex: Human Revolution Eidos Montreal 07.10.2012 ( Spiel , unnötig? )
Diablo III Blizzard Entertainment 28.10.2012 1.0.5.12811 ( Spiel , unnötig? )
GIMP 2.8.4 The GIMP Team 10.02.2013 222MB 2.8.4 ( Fotobearbeitungsprogramm , unnötig )
ICQ7M ICQ 07.10.2012 7.8 ( unnötig? )
Malwarebytes Anti-Malware Version 1.70.0.1100 Malwarebytes Corporation 15.02.2013 18,4MB 1.70.0.1100 ( nötig )
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 07.10.2012 38,8MB 4.0.30319 ( nötig )
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 07.10.2012 2,93MB 4.0.30319 ( nötig )
Microsoft Office Professional Edition 2003 Microsoft Corporation 07.10.2012 412MB 11.0.5614.0 ( nötig )
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 07.10.2012 1,42MB 9.0.21022 ( nötig )
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 07.10.2012 240KB 9.0.30729 ( nötig )
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 06.10.2012 596KB 9.0.30729.4148 ( nötig )
Mozilla Firefox 18.0.2 (x86 de) Mozilla 06.02.2013 43,2MB 18.0.2 ( nötig )
Mozilla Maintenance Service Mozilla 06.02.2013 330KB 18.0.2 ( nötig )
Razer Copperhead 07.10.2012 ( Maustreiber , nötig )
Realtek Ethernet Controller Driver Realtek 06.10.2012 1.00.0008 ( nötig )
Skype™ 5.10 Skype Technologies S.A. 07.10.2012 19,4MB 5.10.116 ( nötig )
StarCraft II Blizzard Entertainment 18.01.2013 1.5.4.24540 ( Spiel , unnötig? )
Steam Valve Corporation 07.10.2012 35,4MB 1.0.0.0 ( Spiel , unnötig? )
TeamSpeak 3 Client TeamSpeak Systems GmbH 24.11.2012 3.0.9.2 ( Spiel , unnötig? )
VIA Plattform-Geräte-Manager VIA Technologies, Inc. 06.10.2012 2,61MB 1.34 ( unbekannt)
Yontoo 1.10.02 Yontoo LLC 06.10.2012 1,16MB 1.10.02 ( unbekannt)

nur die letzten beiden sagen mir jetzt gerade nicht wirklich was ....

Alt 17.02.2013, 20:29   #12
markusg
/// Malware-holic
 
25 Funde mit Malwarebyts - PUP.LoadTubes - Standard

25 Funde mit Malwarebyts - PUP.LoadTubes


deinstaliere:
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden, instalieren.
adobe reader:
Adobe - Adobe Reader herunterladen - Alle Versionen
haken bei mcafee security scan raus nehmen

bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
Sicherheit (erweitert)
Erweiterte Sicherheit anhaken
und alle Dateien auswählen.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok



deinstaliere:
Deus
Diablo
GIMP
ICQ7M
StarCraft
Steam
TeamSpeak
Yontoo
ob icq etc unnötig sind, musst du wissen.

Öffne CCleaner, analysieren, starten, PC neustarten.
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 18.02.2013, 16:37   #13
passi
 
25 Funde mit Malwarebyts - PUP.LoadTubes - Standard

25 Funde mit Malwarebyts - PUP.LoadTubes


Huhu,

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.112 - Datei am 18/02/2013 um 16:34:59 erstellt
# Aktualisiert am 10/02/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzer : Passi - LO
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Passi\Desktop\Virenbekämpfung\adwcleaner0.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Program Files\Yontoo
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\Passi\AppData\Roaming\Mozilla\Firefox\Profiles\4lt8fsih.default\extensions\plugin@yontoo.com
Ordner Gelöscht : C:\Users\Passi\AppData\Roaming\Mozilla\Firefox\Profiles\4lt8fsih.default\extensions\software@loadtubes.com

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v18.0.2 (de)

Datei : C:\Users\Passi\AppData\Roaming\Mozilla\Firefox\Profiles\4lt8fsih.default\prefs.js

C:\Users\Passi\AppData\Roaming\Mozilla\Firefox\Profiles\4lt8fsih.default\user.js ... Gelöscht !

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [2428 octets] - [18/02/2013 16:34:59]

########## EOF - C:\AdwCleaner[S1].txt - [2488 octets] ##########[/QUOTE]
--- --- ---
Alt 18.02.2013, 16:59   #14
markusg
/// Malware-holic
 
25 Funde mit Malwarebyts - PUP.LoadTubes - Standard

25 Funde mit Malwarebyts - PUP.LoadTubes


Hi,
Lade bitte Hitmanpro:
HitmanPro - Download - Filepony
Lizenz, Testlizenz.
Scan, nichts löschen, Log als xml exportieren, posten, oder packen und anhängen.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 18.02.2013, 17:24   #15
passi
 
25 Funde mit Malwarebyts - PUP.LoadTubes - Standard

25 Funde mit Malwarebyts - PUP.LoadTubes


So da ist es

Zitat:
Code:
ATTFilter
HitmanPro 3.7.2.188
www.hitmanpro.com

   Computer name . . . . : LO
   Windows . . . . . . . : 6.1.1.7601.X86/4
   User name . . . . . . : Lo\Passi
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2013-02-18 17:21:19
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 23s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 0

   Objects scanned . . . : 807.244
   Files scanned . . . . : 6.894
   Remnants scanned  . . : 305.862 files / 494.488 keys

Miniport ____________________________________________________________________

   Primary
      DriverObject . . . : 85F6E258
      DriverName . . . . : \Driver\atapi
      DriverPath . . . . : \SystemRoot\system32\drivers\atapi.sys
      StartIo  . . . . . : 00000000 +0
      IRP_MJ_SCSI  . . . : 852631F8 +0
   Solution
      DriverObject . . . : 85F6E258
      DriverName . . . . : \Driver\atapi
      DriverPath . . . . : \SystemRoot\system32\drivers\atapi.sys
      StartIo  . . . . . : 00000000 +0
      IRP_MJ_SCSI  . . . : 8B6FE44E \SystemRoot\system32\drivers\ataport.SYS+25678

Antwort
Seite 1 von 3 1 23

Themen zu 25 Funde mit Malwarebyts - PUP.LoadTubes
administrator, anti-malware, antivirus, appdata, autostart, avast, dateien, explorer, gelöscht, html, install.exe, installiert, malwarebytes, microsoft, nichts, quarantäne, roaming, seltsame, service, software, speicher, spiele, surfen, uninstall.exe, version, woche


« Mein Computer stürzt bei Downloads ab (standbild) | Avira findet TR/FakeAV.NP und TRFakeSysdef.A.345 »


Ähnliche Themen: 25 Funde mit Malwarebyts - PUP.LoadTubes


  1. Windows7 64Bit: mit malwarebyts schädliche Elemente gefunden, außerdem wurde eine "Telekom-Rechnung" mit Anhang geöffnet.
    Plagegeister aller Art und deren Bekämpfung - 05.12.2014 (5)
  2. Avast und Malwarebyts werden blockiert, unerklärliche Fehlermeldung nach dem Hochfahren
    Antiviren-, Firewall- und andere Schutzprogramme - 30.05.2014 (26)
  3. PUP.LoadTubes
    Plagegeister aller Art und deren Bekämpfung - 02.05.2013 (16)
  4. PUP.LoadTubes + 16-Bit-MS-DOS-Teilsystem
    Plagegeister aller Art und deren Bekämpfung - 11.04.2013 (23)
  5. 27 Pup.LoadTubes gefunden
    Log-Analyse und Auswertung - 30.03.2013 (15)
  6. 8 Virenfunde namens PUP.LoadTubes
    Plagegeister aller Art und deren Bekämpfung - 02.02.2013 (23)
  7. Pub.LoadTubes
    Plagegeister aller Art und deren Bekämpfung - 23.01.2013 (1)
  8. 59 Funde mit Malwarebyts (Registy)
    Plagegeister aller Art und deren Bekämpfung - 07.01.2013 (23)
  9. PUP.LoadTubes bei Scan mit Malewarebytes gefunden
    Log-Analyse und Auswertung - 23.11.2012 (21)
  10. PUP.Loadtubes-Fund in 10 Dateien und 2 Verzeichnissen - was tun?
    Plagegeister aller Art und deren Bekämpfung - 26.10.2012 (16)
  11. Wie entferne ich den Trojaner PUP.LoadTubes?
    Log-Analyse und Auswertung - 25.10.2012 (23)
  12. TR/Trash.Gen, TR/Crypt.xpack.gen, PUB.LoadTubes
    Plagegeister aller Art und deren Bekämpfung - 18.10.2012 (13)
  13. Infektion mit PUP.LoadTubes festgestellt
    Plagegeister aller Art und deren Bekämpfung - 13.10.2012 (47)
  14. PUP.LoadTubes 23 Meldungen von Malwarebytes
    Plagegeister aller Art und deren Bekämpfung - 09.10.2012 (11)
  15. PUP.LoadTubes an 22 Stellen im PC gefunden
    Log-Analyse und Auswertung - 02.10.2012 (6)
  16. GUV Virus weiterhin auf dem Rechner? Malewarebytes = keine Funde/ Antivir = 2 Funde
    Plagegeister aller Art und deren Bekämpfung - 24.09.2012 (3)
  17. PC sehr langsam! Malwarebyts findet keine Viren o.ä. !
    Log-Analyse und Auswertung - 15.11.2010 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema 25 Funde mit Malwarebyts - PUP.LoadTubes - Hallo , ich habe seit einigen Tagen ( ca 3 - 4 ) sehr seltsame Lags , egal ob ich Spiele öffne oder nur am surfen bin! Habe mir eigentlich - 25 Funde mit Malwarebyts - PUP.LoadTubes...
Archiv
Du betrachtest: 25 Funde mit Malwarebyts - PUP.LoadTubes auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131