| |
| |||||||
Log-Analyse und Auswertung: BKA Virus - Ukash 100€Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
08.11.2011, 00:34
| #1 |
 |  BKA Virus - Ukash 100€ Hallo, ich habe seit gestern den Bundespolizei Virus auf meinem Laptop, kam erst nicht an meinen Desktop dran, habe es aber durch Neustarten und dem Task Manager geschafft Malwarebytes zu öffnen und erst einen Quick Scan und danach noch einen Vollständigen Scan zu machen. Der Virus ist bisher nicht wieder aufgetaucht, aber ich mache mir dennoch sorgen das er noch auf dem Laptop sein könnte. Hier schon mal die Log-Datei vom Quick Scan: Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Datenbank Version: 8106 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8112.16421 07.11.2011 14:43:10 mbam-log-2011-11-07 (14-43-10).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 196336 Laufzeit: 12 Minute(n), 55 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 1 Infizierte Registrierungswerte: 2 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 3 Infizierte Dateien: 9 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileHunter (PUP.FileHunter) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\avupdate (Trojan.Agent) -> Value: avupdate -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\FileHunter Check for updates (PUP.FileHunter) -> Value: FileHunter Check for updates -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: c:\Users\Lisa\AppData\Roaming\filehunter (PUP.FileHunter) -> Quarantined and deleted successfully. c:\Users\Lisa\AppData\Roaming\filehunter\downloads (PUP.FileHunter) -> Quarantined and deleted successfully. c:\Users\Lisa\AppData\Roaming\filehunter\metafiles (PUP.FileHunter) -> Quarantined and deleted successfully. Infizierte Dateien: c:\Users\Lisa\AppData\Roaming\mahmud.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\Lisa\AppData\Local\Temp\FH\extension.exe (Adware.Soge) -> Quarantined and deleted successfully. c:\Users\Lisa\AppData\Roaming\filehunter\pumpa.state (PUP.FileHunter) -> Quarantined and deleted successfully. c:\Users\Lisa\AppData\Roaming\filehunter\filehunter.exe (PUP.FileHunter) -> Quarantined and deleted successfully. c:\Users\Lisa\AppData\Roaming\filehunter\pumpa.exe (PUP.FileHunter) -> Quarantined and deleted successfully. c:\Users\Lisa\AppData\Roaming\filehunter\uninstall.exe (PUP.FileHunter) -> Quarantined and deleted successfully. c:\Users\Lisa\AppData\Roaming\filehunter\update.exe (PUP.FileHunter) -> Quarantined and deleted successfully. c:\Users\Lisa\AppData\Roaming\filehunter\version (PUP.FileHunter) -> Quarantined and deleted successfully. c:\Users\Lisa\AppData\Local\Temp\FH\filehunter-win32.exe (PUP.FileHunter) -> Quarantined and deleted successfully. Und hier die Log-Datei vom Vollständigen Scan: Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Datenbank Version: 8106 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8112.16421 07.11.2011 18:01:53 mbam-log-2011-11-07 (18-01-53).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 434509 Laufzeit: 3 Stunde(n), 8 Minute(n), 48 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 2 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: c:\Users\Lisa\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\CMAA5O08\calc[1].exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\Lisa\AppData\LocalLow\Sun\Java\deployment\cache\6.0\49\4b9bc331-20eadc54 (Trojan.Agent) -> Quarantined and deleted successfully. |
|
08.11.2011, 11:10
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | BKA Virus - Ukash 100€ Führ bitte auch ESET aus, danach sehen wir weiter:
__________________ESET Online Scanner
__________________ |
|
09.11.2011, 20:13
| #3 |
| | BKA Virus - Ukash 100€ Ich hab es gestern versucht, Eset auszuführen, aber seit dem ich alles deaktiviert hatte konnte ich bis eben nicht mehr auf Windows zugreifen wegen dem Virus. Ich habe Angst das es nochmal passiert.
__________________ |
|
10.11.2011, 10:44
| #4 |
| | BKA Virus - Ukash 100€ Habe es jetzt nochmal versucht, habe allerdings diesmal die firewall angelassen. Der Log hierzu ist der hier : ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK |
|
10.11.2011, 16:00
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BKA Virus - Ukash 100€ Du hast offesichtlich den Hinweis ignoriert => Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt so öffnen: per Rechtsklick => als Administrator ausführen
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
14.11.2011, 12:41
| #6 |
| | BKA Virus - Ukash 100€ Okay, habe es jetzt hinbekommen. Hier der log : ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=97fa8863c81a994d99cd9d174276790a # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-11-14 12:53:37 # local_time=2011-11-14 01:53:37 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1033 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode=5121 16776637 100 96 109672068 135939885 0 0 # compatibility_mode=5892 16776574 100 100 353314 158747511 0 0 # compatibility_mode=8192 67108863 100 0 459794 459794 0 0 # scanned=271722 # found=20 # cleaned=0 # scan_time=17234 C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll Win32/Adware.Agent.NJT application (unable to clean) 00000000000000000000000000000000 I C:\Users\Lisa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7QMD9AWU\346440e85627a14e09047ce5896be528[1].htm HTML/Iframe.B.Gen virus (unable to clean) 00000000000000000000000000000000 I C:\Users\Lisa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NFN48CE8\main[1] Win32/LockScreen.AHO trojan (unable to clean) 00000000000000000000000000000000 I C:\Users\Lisa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R2KO38PF\b583367afa4befa58ef711c865ef5ea1[1].htm HTML/Iframe.B.Gen virus (unable to clean) 00000000000000000000000000000000 I C:\Users\Lisa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R2KO38PF\cc172[1].pdf JS/Exploit.Pdfka.PFS.Gen trojan (unable to clean) 00000000000000000000000000000000 I C:\Users\Lisa\AppData\Local\Mozilla\Firefox\Profiles\dntk5kcx.default\Cache\A\87\4A04Fd01 JS/TrojanClicker.Agent.NCQ trojan (unable to clean) 00000000000000000000000000000000 I C:\Users\Lisa\AppData\Local\Mozilla\Firefox\Profiles\dntk5kcx.default\Cache\C\49\FF4C7d01 HTML/ScrInject.B.Gen virus (unable to clean) 00000000000000000000000000000000 I C:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\8c1f310-2f629ab3 multiple threats (unable to clean) 00000000000000000000000000000000 I C:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\7059ff11-2e97e862 multiple threats (unable to clean) 00000000000000000000000000000000 I C:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\405e179f-5c369b50 Java/Agent.DW trojan (unable to clean) 00000000000000000000000000000000 I C:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\113eb22f-5b948351 Java/Agent.DW trojan (unable to clean) 00000000000000000000000000000000 I C:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\29bc6372-2a12a659 a variant of Java/Agent.DW trojan (unable to clean) 00000000000000000000000000000000 I C:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\5df207f6-5e1a03de Java/Agent.DW trojan (unable to clean) 00000000000000000000000000000000 I C:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\25ad543a-4087ac2f a variant of Java/Agent.DW trojan (unable to clean) 00000000000000000000000000000000 I C:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\4bda146-6c35a8b7 Java/Agent.DW trojan (unable to clean) 00000000000000000000000000000000 I C:\Users\Lisa\Documents\Desktop\Programme\FreeYouTubeDownload.exe Win32/Adware.ADON application (unable to clean) 00000000000000000000000000000000 I C:\Users\Lisa\Downloads\Facemoods.exe a variant of Win32/SweetIM.B application (unable to clean) 00000000000000000000000000000000 I C:\Users\Lisa\Downloads\SoftonicDownloader_fuer_outlook-on-the-desktop (1).exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I C:\Users\Lisa\Downloads\SoftonicDownloader_fuer_outlook-on-the-desktop.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I C:\Users\Lisa\Programme\MsgPlusLive-460.exe a variant of Win32/Adware.CiDHelp application (unable to clean) 00000000000000000000000000000000 I |
|
14.11.2011, 13:24
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BKA Virus - Ukash 100€ CustomScan mit OTL Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.11.2011, 18:05
| #8 |
| | BKA Virus - Ukash 100€ Hier der OTL log :OTL Logfile: Code:
ATTFilter OTL logfile created on: 14.11.2011 17:00:28 - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = D:\ Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 51,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 144,04 Gb Total Space | 14,06 Gb Free Space | 9,76% Space Free | Partition Type: NTFS Drive D: | 140,50 Gb Total Space | 51,06 Gb Free Space | 36,34% Space Free | Partition Type: NTFS Computer Name: LISAS-LAPPY | User Name: Lisa | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Programme\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.) PRC - C:\Programme\Tobit Radio.fx\Server\rfx-server.exe () PRC - C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation) PRC - C:\Users\Lisa\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.) PRC - D:\OTL.exe (OldTimer Tools) PRC - C:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation) PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) PRC - C:\Programme\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) PRC - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe () PRC - C:\Programme\Acer\Acer Bio Protection\CompPtcVUI.exe (Arachnoid Biometrics Identification Group Corp.) PRC - C:\Programme\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.) PRC - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.) PRC - C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Programme\Acer\Empowering Technology\Service\ETService.exe () PRC - C:\Programme\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated) PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated) PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated) PRC - C:\Windows\System32\vfsFPService.exe (Validity Sensors, Inc.) PRC - c:\Programme\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) PRC - C:\Programme\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.) PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems) PRC - C:\ACER\Mobility Center\MobilityService.exe () PRC - C:\Programme\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.) PRC - C:\Programme\McAfee\MSK\msksrver.exe (McAfee, Inc.) PRC - c:\Programme\McAfee\MSC\mcuimgr.exe (McAfee, Inc.) PRC - C:\Windows\PLFSetI.exe () PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - c:\Programme\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.) PRC - c:\Programme\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) PRC - C:\Programme\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.) PRC - C:\Programme\McAfee\MPF\MpfSrv.exe (McAfee, Inc.) PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) ========== Modules (SafeList) ========== MOD - c:\Programme\McAfee\SiteAdvisor\sahook.dll (McAfee, Inc.) MOD - D:\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (MBAMService) -- D:\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.) SRV - (Radio.fx) -- C:\Programme\Tobit Radio.fx\Server\rfx-server.exe () SRV - (NisSrv) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation) SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation) SRV - (Sony Ericsson PCCompanion) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software) SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (ETService) -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe () SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated) SRV - (vfsFPService) -- C:\Windows\System32\vfsFPService.exe (Validity Sensors, Inc.) SRV - (McNASvc) -- c:\Programme\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (RS_Service) -- C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) SRV - (mcmscsvc) -- C:\Programme\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.) SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems) SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe () SRV - (McSysmon) -- C:\Programme\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.) SRV - (MSK80Service) -- C:\Program Files\McAfee\MSK\MskSrver.exe (McAfee, Inc.) SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.) SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (McProxy) -- c:\Programme\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.) SRV - (McShield) -- C:\Programme\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.) SRV - (MpfService) -- C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.) ========== Driver Services (SafeList) ========== DRV - (MpKsl77d4cb73) -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{31070667-A90D-4240-A5B6-0C3D2513DE10}\MpKsl77d4cb73.sys (Microsoft Corporation) DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation) DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation) DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Programme\Acer Arcade Deluxe\PlayMovie\000.fcl (CyberLink Corp.) DRV - (L1E) -- C:\Windows\System32\drivers\L1E60x86.sys (Atheros Communications, Inc.) DRV - (WinUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation) DRV - (AlfaFF) -- C:\Windows\system32\Drivers\AlfaFF.sys (Alfa Corporation) DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corp.) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems) DRV - (vfs101x) -- C:\Windows\System32\drivers\vfs101x.sys (Validity Sensors, Inc.) DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation) DRV - (NETw4v32) Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation) DRV - (itecir) -- C:\Windows\System32\drivers\itecir.sys (ITE Tech. Inc. ) DRV - (mfesmfk) -- C:\Windows\System32\drivers\mfesmfk.sys (McAfee, Inc.) DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.) DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.) DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.) DRV - (mferkdk) -- C:\Windows\System32\drivers\mferkdk.sys (McAfee, Inc.) DRV - (MPFP) -- C:\Windows\System32\drivers\Mpfp.sys (McAfee, Inc.) DRV - (int15) -- C:\Windows\System32\drivers\int15.sys () DRV - (DritekPortIO) -- C:\Programme\Launch Manager\DPortIO.sys (Dritek System Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! Deutschland IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Deutschland IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Acer.com Worldwide - Select your local country or region [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Welcome to Facebook - Log In, Sign Up or Learn More IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 5F 87 2A EA 85 CC 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.defaulturl: "hxxp://search.live.com/results.aspx?FORM=IEFM1&q=" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Ask.com" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://de-de.facebook.com/" FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.0.14 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9 FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1 FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=DVSV5&o=15012&locale=de_DE&apn_uid=E81A7DDD-D39E-4122-997B-C4374F9E921D&apn_ptnrs=U9&apn_sauid=&apn_dtid=&&q=" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=" FF - user.js..browser.search.selectedEngine: "Search the web" FF - user.js..browser.search.order.1: "Search the web" FF - user.js..browser.search.defaultenginename: "Search the web" FF - user.js..keyword.URL: "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2011.11.10 18:55:18 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.10.22 16:34:19 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.10.22 16:34:18 | 000,000,000 | ---D | M] [2009.02.14 20:56:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lisa\AppData\Roaming\mozilla\Extensions [2009.02.14 20:56:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lisa\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org [2011.11.04 17:33:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions [2010.06.06 13:01:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.10.15 18:06:33 | 000,000,000 | ---D | M] (Winload Community Toolbar) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f} [2011.10.15 18:06:48 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011.10.15 18:06:53 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2011.08.17 22:54:10 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.05.13 13:31:11 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\engine@conduit.com [2011.10.04 18:05:54 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com [2011.11.04 17:33:26 | 000,000,000 | ---D | M] (toolplugin) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\welcome@toolmin.com [2011.04.29 13:19:18 | 000,002,342 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icq-search.xml [2011.04.26 13:01:18 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-1.xml [2010.12.03 13:22:29 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-10.xml [2011.01.21 14:17:08 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-11.xml [2011.03.25 17:59:54 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-12.xml [2011.03.30 10:32:14 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-13.xml [2011.05.06 14:07:51 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-14.xml [2011.06.09 12:48:49 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-15.xml [2011.06.29 13:37:40 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-16.xml [2011.08.18 14:41:17 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-17.xml [2011.08.30 16:21:14 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-18.xml [2011.10.15 18:07:06 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-19.xml [2009.05.16 16:58:32 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-2.xml [2009.07.15 16:01:25 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-3.xml [2009.10.01 17:06:21 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-4.xml [2009.10.01 21:47:25 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-5.xml [2009.10.04 12:36:04 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-6.xml [2009.10.30 12:24:27 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-7.xml [2009.12.25 14:52:55 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-8.xml [2010.07.25 16:38:37 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-9.xml [2011.09.25 16:27:46 | 000,000,168 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin.gif [2011.09.25 16:27:46 | 000,000,618 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin.src [2010.05.12 16:40:48 | 000,001,042 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin.xml [2009.03.25 16:43:15 | 000,001,632 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\live-search.xml [2008.05.23 23:54:47 | 000,002,386 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\siteadvisor.xml [2009.05.03 11:59:33 | 000,003,915 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\sweetim.xml [2011.04.21 12:50:19 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.01.22 00:56:03 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011.04.21 12:50:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2008.09.15 15:35:02 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\talkback@mozilla.org File not found (No name found) -- [2011.11.10 18:55:18 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR [2011.05.10 18:27:59 | 000,000,000 | ---D | M] (Mein Gutscheincode Finder) -- C:\PROGRAM FILES\MEIN GUTSCHEINCODE FINDER\FIREFOX () (No name found) -- C:\USERS\LISA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DNTK5KCX.DEFAULT\EXTENSIONS\FFXTLBR@FACEMOODS.COM.XPI [2011.08.30 16:13:59 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll [2011.02.02 20:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2011.05.10 13:20:49 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2011.05.10 13:20:49 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml [2011.05.10 13:20:49 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2011.05.10 13:20:49 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2011.11.04 17:33:26 | 000,000,158 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\Search the web.src [2011.05.10 13:20:49 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2011.05.10 13:20:49 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.04.29 10:24:55 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können.) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Programme\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll (Conversion One GmbH) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (McAfee Phishing Filter) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\Programme\McAfee\MSK\mcapbho.dll () O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.) O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Burn4Free Toolbar Helper) - {D187A56B-A33F-4CBE-9D77-459FC0BAE012} - C:\Programme\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll () O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Burn4Free Toolbar) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Programme\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll () O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (toolplugin) - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - C:\Users\Lisa\AppData\Roaming\toolplugin\toolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Burn4Free Toolbar) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Programme\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated) O4 - HKLM..\Run: [eDataSecurity Loader] C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated) O4 - HKLM..\Run: [ePower_DMC] C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.) O4 - HKLM..\Run: [eRecoveryService] File not found O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] D:\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [WarReg_PopUp] C:\Programme\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.) O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.) O4 - HKCU..\Run: [Netlog Music Tool] File not found O4 - HKCU..\Run: [Picasa Media Detector] File not found O4 - HKCU..\Run: [rfxsrvtray] C:\Program Files\Tobit Radio.fx\Client\rfx-tray.exe (Tobit.Software) O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson) O4 - HKCU..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O4 - HKLM..\RunOnce: [MessengerPlusLiveUninstall] C:\Users\Lisa\AppData\Local\Temp\MsgPlusUninstall.exe (Yuna Software) O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10v_ActiveX.exe (Adobe Systems, Inc.) O4 - Startup: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Lisa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe () O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe () O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.microsoft.com/OAS/ActiveX/MSDcode.cab (Microsoft Data Collection Control) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control) O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://static.pe.schuelervz.net/photouploader/ImageUploader5.cab?nocache=1222890201 (Image Uploader Control) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1229609271616 (WUWebControl Class) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} hxxp://static.pe.schuelervz.net/photouploader/ImageUploader5.cab?nocache=1212080657 (Image Uploader Control) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} hxxp://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab (IPSUploader4 Control) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll - C:\Programme\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.) O24 - Desktop WallPaper: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{a5ba3033-3e10-11e0-bc1f-c5ffb2b569e8}\Shell - "" = AutoRun O33 - MountPoints2\{a5ba3033-3e10-11e0-bc1f-c5ffb2b569e8}\Shell\AutoRun\command - "" = G:\Startme.exe O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: mcmscsvc - C:\Programme\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.) SafeBootMin: MCODS - C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.) SafeBootMin: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation) SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: mcmscsvc - C:\Programme\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.) SafeBootNet: MCODS - C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.) SafeBootNet: Messenger - Service SafeBootNet: MpfService - C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.) SafeBootNet: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation) SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {61E3FE32-07B9-4563-A3E0-2DE2D620FE10} - C:\Program Files\PixiePack Codec Pack\InstallerHelper.exe ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.l3acm - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3codec - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com) Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com) Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.11.11 00:45:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2011.11.08 14:23:09 | 000,000,000 | ---D | C] -- C:\Programme\ESET [2011.11.04 17:33:21 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\toolplugin [2011.11.02 14:02:24 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\Internet kram [2011.11.02 14:02:23 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\Bewerbungen [2011.11.02 14:02:21 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\Bewerbung Anlauf Lisa [2011.10.22 16:50:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.10.22 16:47:54 | 000,000,000 | ---D | C] -- C:\Programme\iPod [2011.10.22 16:33:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011.10.22 16:32:57 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime [2011.10.22 16:29:30 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour [1 C:\Users\Lisa\AppData\Roaming\*.tmp files -> C:\Users\Lisa\AppData\Roaming\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.11.14 17:03:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2011.11.14 16:22:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.11.14 15:39:21 | 000,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.11.14 15:39:21 | 000,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.11.14 13:16:42 | 000,000,226 | ---- | M] () -- C:\Windows\wininit.ini [2011.11.14 12:29:54 | 000,002,299 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\acervcmtmp.ini [2011.11.14 12:28:21 | 000,082,531 | ---- | M] () -- C:\Windows\System32\Config.MPF [2011.11.14 12:28:09 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.11.14 12:27:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.11.14 03:23:14 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml [2011.11.14 03:22:05 | 3219,578,880 | -HS- | M] () -- C:\hiberfil.sys [2011.11.14 03:21:04 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011.11.11 00:47:07 | 000,103,424 | ---- | M] () -- C:\Users\Lisa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.11.11 00:45:28 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk [2011.11.11 00:38:13 | 000,630,842 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.11.11 00:38:13 | 000,598,096 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.11.11 00:38:13 | 000,127,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.11.11 00:38:13 | 000,105,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.11.10 16:49:10 | 370,490,423 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011.11.08 23:10:08 | 000,041,888 | ---- | M] () -- C:\ProgramData\nvModes.001 [2011.11.08 23:06:35 | 000,041,888 | ---- | M] () -- C:\ProgramData\nvModes.dat [2011.11.06 22:57:59 | 000,000,574 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.11.02 10:47:04 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\McQcTask.job [2011.10.31 15:46:10 | 000,045,832 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\UserTile.png [2011.10.26 19:23:19 | 000,270,063 | ---- | M] () -- C:\Users\Lisa\Documents\Ausschreibung Azubi HB 2012.pdf [2011.10.26 19:17:49 | 000,001,245 | ---- | M] () -- C:\Windows\System32\mapisvc.inf [2011.10.22 16:50:16 | 000,001,668 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.10.20 15:04:01 | 000,032,639 | ---- | M] () -- C:\Users\Lisa\Documents\einzelverbindung oktober.pdf [2011.10.20 15:03:41 | 000,071,130 | ---- | M] () -- C:\Users\Lisa\Documents\Rechnung Oktober.pdf [2011.10.20 15:03:17 | 000,031,914 | ---- | M] () -- C:\Users\Lisa\Documents\einzelverbindung september.pdf [2011.10.20 15:02:55 | 000,061,776 | ---- | M] () -- C:\Users\Lisa\Documents\Rechnung September.pdf [2011.10.20 15:02:29 | 000,037,777 | ---- | M] () -- C:\Users\Lisa\Documents\einzelverbindung august.pdf [2011.10.20 15:02:09 | 000,057,357 | ---- | M] () -- C:\Users\Lisa\Documents\RechnungAugust.pdf [2011.10.20 15:01:48 | 000,029,665 | ---- | M] () -- C:\Users\Lisa\Documents\einzelverbindung juli.pdf [2011.10.20 15:01:20 | 000,054,823 | ---- | M] () -- C:\Users\Lisa\Documents\Rechnung Juli.pdf [2011.10.20 15:00:33 | 000,029,207 | ---- | M] () -- C:\Users\Lisa\Documents\einzelverbindung juni.pdf [2011.10.20 15:00:15 | 000,056,637 | ---- | M] () -- C:\Users\Lisa\Documents\Rechnung Juni.pdf [2011.10.20 14:59:52 | 000,031,145 | ---- | M] () -- C:\Users\Lisa\Documents\einzelverbindung mai.pdf [2011.10.20 14:59:27 | 000,054,578 | ---- | M] () -- C:\Users\Lisa\Documents\Rechnung Mai.pdf [2011.10.20 14:58:45 | 000,106,807 | ---- | M] () -- C:\Users\Lisa\Documents\Rechnung April.pdf [2011.10.20 14:58:15 | 000,106,203 | ---- | M] () -- C:\Users\Lisa\Documents\Rechnung März.pdf [1 C:\Users\Lisa\AppData\Roaming\*.tmp files -> C:\Users\Lisa\AppData\Roaming\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.11.11 00:45:28 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk [2011.11.06 22:29:48 | 3219,578,880 | -HS- | C] () -- C:\hiberfil.sys [2011.11.02 14:02:26 | 001,020,370 | ---- | C] () -- C:\Users\Lisa\Documents\Projekt Zeugniss.jpg [2011.11.02 14:02:26 | 000,701,766 | ---- | C] () -- C:\Users\Lisa\Documents\Zeugnisse.jpg [2011.11.02 14:02:26 | 000,232,263 | ---- | C] () -- C:\Users\Lisa\Documents\LisaAnlauf.jpg [2011.11.02 14:02:26 | 000,013,727 | ---- | C] () -- C:\Users\Lisa\Documents\Kurzbewerbung.rtf [2011.11.02 14:02:26 | 000,012,408 | ---- | C] () -- C:\Users\Lisa\Documents\MusterAnschreiben.rtf [2011.11.02 14:02:25 | 001,501,247 | ---- | C] () -- C:\Users\Lisa\Documents\Bewerbungsunterlagen März.pdf [2011.11.02 14:02:25 | 001,058,639 | ---- | C] () -- C:\Users\Lisa\Documents\Bewerbungsunterlagen.pdf [2011.11.02 14:02:25 | 000,006,956 | ---- | C] () -- C:\Users\Lisa\Documents\AirBerlin.pdf [2011.10.26 19:23:10 | 000,270,063 | ---- | C] () -- C:\Users\Lisa\Documents\Ausschreibung Azubi HB 2012.pdf [2011.10.22 16:50:16 | 000,001,668 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.10.20 15:04:00 | 000,032,639 | ---- | C] () -- C:\Users\Lisa\Documents\einzelverbindung oktober.pdf [2011.10.20 15:03:40 | 000,071,130 | ---- | C] () -- C:\Users\Lisa\Documents\Rechnung Oktober.pdf [2011.10.20 15:03:16 | 000,031,914 | ---- | C] () -- C:\Users\Lisa\Documents\einzelverbindung september.pdf [2011.10.20 15:02:55 | 000,061,776 | ---- | C] () -- C:\Users\Lisa\Documents\Rechnung September.pdf [2011.10.20 15:02:29 | 000,037,777 | ---- | C] () -- C:\Users\Lisa\Documents\einzelverbindung august.pdf [2011.10.20 15:02:08 | 000,057,357 | ---- | C] () -- C:\Users\Lisa\Documents\RechnungAugust.pdf [2011.10.20 15:01:47 | 000,029,665 | ---- | C] () -- C:\Users\Lisa\Documents\einzelverbindung juli.pdf [2011.10.20 15:01:19 | 000,054,823 | ---- | C] () -- C:\Users\Lisa\Documents\Rechnung Juli.pdf [2011.10.20 15:00:33 | 000,029,207 | ---- | C] () -- C:\Users\Lisa\Documents\einzelverbindung juni.pdf [2011.10.20 15:00:14 | 000,056,637 | ---- | C] () -- C:\Users\Lisa\Documents\Rechnung Juni.pdf [2011.10.20 14:59:51 | 000,031,145 | ---- | C] () -- C:\Users\Lisa\Documents\einzelverbindung mai.pdf [2011.10.20 14:59:22 | 000,054,578 | ---- | C] () -- C:\Users\Lisa\Documents\Rechnung Mai.pdf [2011.10.20 14:58:43 | 000,106,807 | ---- | C] () -- C:\Users\Lisa\Documents\Rechnung April.pdf [2011.10.20 14:58:14 | 000,106,203 | ---- | C] () -- C:\Users\Lisa\Documents\Rechnung März.pdf [2011.05.20 18:47:40 | 000,021,504 | ---- | C] () -- C:\Windows\jestertb.dll [2010.10.25 14:53:26 | 000,045,832 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\UserTile.png [2009.09.17 20:46:04 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.09.17 20:46:04 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009.09.12 22:41:02 | 000,554,496 | ---- | C] () -- C:\Windows\System32\dvmsg.dll [2009.08.03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009.08.03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe [2009.05.19 22:14:04 | 000,000,226 | ---- | C] () -- C:\Windows\wininit.ini [2009.03.24 19:25:10 | 000,002,299 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\acervcmtmp.ini [2008.09.14 12:53:24 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008.07.19 20:49:52 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib [2008.07.05 13:39:45 | 000,005,944 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\wklnhst.dat [2008.06.11 01:07:20 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2008.05.25 17:24:40 | 000,000,538 | ---- | C] () -- C:\Windows\mozver.dat [2008.05.25 17:20:12 | 000,018,944 | ---- | C] () -- C:\Windows\System32\wk32.dll [2008.05.25 17:20:12 | 000,003,584 | ---- | C] () -- C:\Windows\System32\ic32.dll [2008.05.25 01:18:11 | 000,000,680 | ---- | C] () -- C:\Users\Lisa\AppData\Local\d3d9caps.dat [2008.05.23 17:27:34 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2008.05.23 15:22:58 | 000,000,010 | ---- | C] () -- C:\Windows\popcinfo.dat [2008.05.23 00:57:22 | 000,103,424 | ---- | C] () -- C:\Users\Lisa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.05.22 23:18:54 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll [2008.05.22 17:03:50 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2008.05.21 20:27:41 | 000,041,888 | ---- | C] () -- C:\ProgramData\nvModes.001 [2008.05.21 20:25:20 | 000,041,888 | ---- | C] () -- C:\ProgramData\nvModes.dat [2008.05.19 11:27:46 | 000,000,022 | ---- | C] () -- C:\ProgramData\60a7806a-0eea-424c-a464-20f4730cd631 [2008.05.07 02:30:46 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe [2008.05.07 02:30:46 | 000,000,057 | ---- | C] () -- C:\Windows\PidList.ini [2008.05.07 02:26:43 | 001,548,099 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll [2008.03.28 20:22:04 | 000,001,024 | R--- | C] () -- C:\Windows\System32\NTIOFM4.dll [2008.03.28 20:22:04 | 000,001,024 | R--- | C] () -- C:\Windows\System32\NTIBUN5.dll [2008.03.28 19:29:19 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll [2008.03.28 19:25:31 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll [2008.03.28 19:21:05 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini [2008.03.28 19:21:05 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat [2008.03.28 19:19:46 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\RtkHDAud.dat [2008.03.28 11:58:20 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2008.02.29 05:14:04 | 000,223,744 | ---- | C] () -- C:\Windows\System32\b4fm.dll [2008.01.21 08:15:58 | 000,630,842 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2008.01.21 08:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2008.01.21 08:15:58 | 000,127,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2008.01.21 08:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2007.11.14 14:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll [2007.08.23 17:30:00 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2007.04.24 17:32:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll [2007.01.26 07:32:18 | 000,069,632 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys [2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 13:47:37 | 000,341,720 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 11:33:01 | 000,598,096 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 11:33:01 | 000,105,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001.11.14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll ========== LOP Check ========== [2008.05.23 15:24:10 | 000,000,000 | -HSD | M] -- C:\Users\Lisa\AppData\Roaming\.# [2008.05.22 23:30:33 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Acer [2008.03.28 19:43:38 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Acer GameZone Console [2008.09.15 16:04:02 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Ashampoo [2011.08.17 22:57:25 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\DVDVideoSoft [2011.08.17 22:54:06 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\DVDVideoSoftIEHelpers [2011.10.15 15:41:59 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\ICQ [2008.05.22 23:48:13 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\ICQ Toolbar [2009.08.11 16:14:31 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\LimeWire [2008.07.06 21:39:00 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Lionhead Studios [2011.05.10 18:29:42 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Philipp Winterberg [2010.04.17 11:05:06 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\PowerCinema [2008.07.18 21:19:43 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\RTPlayer [2008.07.05 13:40:16 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Template [2010.05.02 12:49:39 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Tobit [2011.11.04 17:33:26 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\toolplugin [2008.05.22 16:17:56 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Validity [2011.07.15 13:42:37 | 000,000,372 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job [2011.11.02 10:47:04 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job [2011.11.14 03:21:04 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2008.05.23 15:24:10 | 000,000,000 | -HSD | M] -- C:\Users\Lisa\AppData\Roaming\.# [2008.05.22 23:30:33 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Acer [2008.03.28 19:43:38 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Acer GameZone Console [2008.05.22 19:35:01 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Adobe [2011.10.31 09:03:23 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Apple Computer [2008.09.15 16:04:02 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Ashampoo [2008.05.22 16:21:33 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\CyberLink [2008.08.02 13:28:17 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\DivX [2010.04.17 11:29:59 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\dvdcss [2011.08.17 22:57:25 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\DVDVideoSoft [2011.08.17 22:54:06 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\DVDVideoSoftIEHelpers [2009.09.19 02:03:09 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Google [2011.10.15 15:41:59 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\ICQ [2008.05.22 23:48:13 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\ICQ Toolbar [2008.05.22 16:17:12 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Identities [2008.05.22 20:08:30 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\InstallShield [2011.10.08 20:20:13 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Intel [2009.08.11 16:14:31 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\LimeWire [2008.07.06 21:39:00 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Lionhead Studios [2008.05.22 16:18:10 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Macromedia [2011.04.28 02:54:15 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Malwarebytes [2006.11.02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Media Center Programs [2011.08.25 15:43:24 | 000,000,000 | --SD | M] -- C:\Users\Lisa\AppData\Roaming\Microsoft [2009.05.19 22:13:59 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Move Networks [2008.09.15 15:35:05 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Mozilla [2011.05.10 18:29:42 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Philipp Winterberg [2010.04.17 11:05:06 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\PowerCinema [2008.07.18 21:19:43 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\RTPlayer [2009.10.13 17:46:20 | 000,000,000 | R--D | M] -- C:\Users\Lisa\AppData\Roaming\SecuROM [2008.07.05 13:40:16 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Template [2010.05.02 12:49:39 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Tobit [2011.11.04 17:33:26 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\toolplugin [2011.09.14 23:38:12 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\U3 [2008.05.22 16:17:56 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Validity [2008.09.24 19:14:13 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\vlc [2008.05.22 23:48:11 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Yahoo! < %APPDATA%\*.exe /s > [2009.02.14 20:56:35 | 000,163,840 | ---- | M] (Mozilla Foundation) -- C:\Users\Lisa\AppData\Roaming\LimeWire\browser\xulrunner\crashreporter.exe [2009.02.14 20:56:37 | 000,196,608 | ---- | M] (Mozilla Foundation) -- C:\Users\Lisa\AppData\Roaming\LimeWire\browser\xulrunner\updater.exe [2009.02.14 20:56:37 | 000,014,848 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\LimeWire\browser\xulrunner\xpcshell.exe [2009.02.14 20:56:37 | 000,077,824 | ---- | M] (Mozilla Foundation) -- C:\Users\Lisa\AppData\Roaming\LimeWire\browser\xulrunner\xpicleanup.exe [2009.02.14 20:56:37 | 000,266,240 | ---- | M] (Mozilla Foundation) -- C:\Users\Lisa\AppData\Roaming\LimeWire\browser\xulrunner\xpidl.exe [2009.02.14 20:56:37 | 000,018,432 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\LimeWire\browser\xulrunner\xpt_dump.exe [2009.02.14 20:56:37 | 000,014,336 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\LimeWire\browser\xulrunner\xpt_link.exe [2009.02.14 20:56:37 | 000,073,728 | ---- | M] (Mozilla Foundation) -- C:\Users\Lisa\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner-stub.exe [2009.02.14 20:56:37 | 000,102,400 | ---- | M] (Mozilla Foundation) -- C:\Users\Lisa\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner.exe [2009.02.12 19:37:34 | 000,097,144 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Move Networks\ie_bin\MovePlayerUpgrade.exe [2009.05.19 22:13:59 | 000,034,062 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Move Networks\ie_bin\Uninst.exe [2011.06.10 14:52:27 | 003,486,088 | ---- | M] (Ask) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe [2008.05.04 16:02:26 | 004,603,904 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\U3\1738910A2252731E\LaunchPad.exe [2007.10.23 09:27:20 | 000,110,592 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\U3\temp\cleanup.exe [2008.05.02 10:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Users\Lisa\AppData\Roaming\U3\temp\Launchpad Removal.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: EVENTLOG.DLL > [2007.01.12 22:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Programme\Cyberlink\PowerDirector\EventLog.dll < MD5 for: IASTOR.SYS > [2007.09.29 21:03:32 | 000,384,024 | ---- | M] (Intel Corporation) MD5=16A4671255CFB842225F0FDB6DBDB414 -- C:\Programme\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys [2007.09.29 21:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Programme\Intel\Intel Matrix Storage Manager\driver\IaStor.sys [2007.09.29 21:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\drivers\iaStor.sys [2007.09.29 21:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7baf6192\iaStor.sys < MD5 for: IASTORV.SYS > [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: SCECLI.DLL > [2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll < MD5 for: USER32.DLL > [2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll [2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll [2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll < MD5 for: USERINIT.EXE > [2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe < MD5 for: WININIT.EXE > [2008.01.21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe [2008.01.21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe < MD5 for: WINLOGON.EXE > [2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < MD5 for: WS2IFSL.SYS > [2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys [2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > [2011.04.18 12:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\drivers\MpNWMon.sys < %systemroot%\System32\config\*.sav > [2008.01.21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008.01.21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008.01.21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2011.08.16 22:57:11 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll [2011.08.16 22:57:11 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll [2009.04.11 07:28:25 | 000,443,392 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\win32spl.dll < > ========== Alternate Data Streams ========== @Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:FEBEC560 @Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:FC420CE6 @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:B623B5B8 @Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:8173A019 @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:4F636E25 @Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:10D98D98 < End of report > |
|
14.11.2011, 20:11
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BKA Virus - Ukash 100€ Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! Deutschland
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Deutschland
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Acer.com Worldwide - Select your local country or region [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Welcome to Facebook - Log In, Sign Up or Learn More
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 5F 87 2A EA 85 CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache =
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "http://search.live.com/results.aspx?FORM=IEFM1&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://de-de.facebook.com/"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=DVSV5&o=15012&locale=de_DE&apn_uid=E81A7DDD-D39E-4122-997B-C4374F9E921D&apn_ptnrs=U9&apn_sauid=&apn_dtid=&&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="
FF - user.js..browser.search.selectedEngine: "Search the web"
FF - user.js..browser.search.order.1: "Search the web"
FF - user.js..browser.search.defaultenginename: "Search the web"
FF - user.js..keyword.URL: "http://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
[2011.10.15 18:06:33 | 000,000,000 | ---D | M] (Winload Community Toolbar) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}
[2011.10.15 18:06:48 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.10.15 18:06:53 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.08.17 22:54:10 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.05.13 13:31:11 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\engine@conduit.com
[2011.10.04 18:05:54 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com
[2011.11.04 17:33:26 | 000,000,000 | ---D | M] (toolplugin) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\welcome@toolmin.com
[2011.04.29 13:19:18 | 000,002,342 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icq-search.xml
[2011.04.26 13:01:18 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-1.xml
[2010.12.03 13:22:29 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-10.xml
[2011.01.21 14:17:08 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-11.xml
[2011.03.25 17:59:54 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-12.xml
[2011.03.30 10:32:14 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-13.xml
[2011.05.06 14:07:51 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-14.xml
[2011.06.09 12:48:49 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-15.xml
[2011.06.29 13:37:40 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-16.xml
[2011.08.18 14:41:17 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-17.xml
[2011.08.30 16:21:14 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-18.xml
[2011.10.15 18:07:06 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-19.xml
[2009.05.16 16:58:32 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-2.xml
[2009.07.15 16:01:25 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-3.xml
[2009.10.01 17:06:21 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-4.xml
[2009.10.01 21:47:25 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-5.xml
[2009.10.04 12:36:04 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-6.xml
[2009.10.30 12:24:27 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-7.xml
[2009.12.25 14:52:55 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-8.xml
[2010.07.25 16:38:37 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-9.xml
[2011.09.25 16:27:46 | 000,000,168 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin.gif
[2011.09.25 16:27:46 | 000,000,618 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin.src
[2010.05.12 16:40:48 | 000,001,042 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin.xml
[2009.03.25 16:43:15 | 000,001,632 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\live-search.xml
[2008.05.23 23:54:47 | 000,002,386 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\siteadvisor.xml
[2009.05.03 11:59:33 | 000,003,915 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\sweetim.xml
[2011.04.21 12:50:19 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.01.22 00:56:03 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.05.10 18:27:59 | 000,000,000 | ---D | M] (Mein Gutscheincode Finder) -- C:\PROGRAM FILES\MEIN GUTSCHEINCODE FINDER\FIREFOX
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können.) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Programme\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll (Conversion One GmbH)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Burn4Free Toolbar Helper) - {D187A56B-A33F-4CBE-9D77-459FC0BAE012} - C:\Programme\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll ()
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Burn4Free Toolbar) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Programme\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (toolplugin) - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - C:\Users\Lisa\AppData\Roaming\toolplugin\toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Burn4Free Toolbar) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Programme\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a5ba3033-3e10-11e0-bc1f-c5ffb2b569e8}\Shell - "" = AutoRun
O33 - MountPoints2\{a5ba3033-3e10-11e0-bc1f-c5ffb2b569e8}\Shell\AutoRun\command - "" = G:\Startme.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
[2008.05.23 15:24:10 | 000,000,000 | -HSD | M] -- C:\Users\Lisa\AppData\Roaming\.#
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:FEBEC560
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:FC420CE6
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:B623B5B8
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:8173A019
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:4F636E25
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:10D98D98
:Commands
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.11.2011, 23:25
| #10 |
| | BKA Virus - Ukash 100€ Hier der log : All processes killed ========== OTL ========== HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{40c3cc16-7269-4b32-9531-17f2950fb06f} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ deleted successfully. C:\Programme\Winload\prxtbWinl.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\StartPageCache| /E : value set successfully! Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}\ deleted successfully. c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll moved successfully. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{40c3cc16-7269-4b32-9531-17f2950fb06f} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found. File C:\Programme\Winload\prxtbWinl.dll not found. HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully! HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully! Prefs.js: "Ask.com" removed from browser.search.defaultengine Prefs.js: "Ask.com" removed from browser.search.defaultenginename Prefs.js: "hxxp://search.live.com/results.aspx?FORM=IEFM1&q=" removed from browser.search.defaulturl Prefs.js: "Ask.com" removed from browser.search.order.1 Prefs.js: "Ask.com" removed from browser.search.selectedEngine Prefs.js: true removed from browser.search.useDBForOrder Prefs.js: "hxxp://de-de.facebook.com/" removed from browser.startup.homepage Prefs.js: toolbar@ask.com:3.11.3.15590 removed from extensions.enabledItems Prefs.js: ffxtlbr@Facemoods.com:1.2.1 removed from extensions.enabledItems Prefs.js: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=DVSV5&o=15012&locale=de_DE&apn_uid=E81A7DDD-D39E-4122-997B-C4374F9E921D&apn_ptnrs=U9&apn_sauid=&apn_dtid=&&q=" removed from keyword.URL Prefs.js: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=" removed from sweetim.toolbar.previous.keyword.URL C:\Users\Lisa\AppData\Roaming\Mozilla\FireFox\Profiles\dntk5kcx.default\user.js moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}\searchplugin folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}\modules folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}\META-INF folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}\defaults folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}\components folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}\chrome folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f} folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\chrome folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\chrome folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\engine@conduit.com\searchplugin folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\engine@conduit.com\META-INF folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\engine@conduit.com\lib folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\engine@conduit.com\DualPackage folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\engine@conduit.com\defaults folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\engine@conduit.com\components folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\engine@conduit.com\chrome folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\engine@conduit.com folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\searchplugins folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\logs folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\defaults folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\datastore folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-18-Aug-2010-20-17-26-GMT folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-14-Sep-2011-18-09-45-GMT folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-29-Mar-2011-19-31-56-GMT folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-15-Mar-2011-17-00-07-GMT folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-29-Oct-2009-13-16-23-GMT folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-09-Jun-2011-11-49-00-GMT folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-25-Jul-2010-15-38-28-GMT folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-15-Oct-2011-13-02-40-GMT folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-31-Jan-2011-15-35-23-GMT folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-29-Apr-2011-09-21-59-GMT folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-21-Jan-2011-13-16-57-GMT folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-14-May-2010-13-57-37-GMT folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-13-May-2011-12-31-27-GMT folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-03-Dec-2010-12-22-31-GMT folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\content folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\welcome@toolmin.com\chrome\content folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\welcome@toolmin.com\chrome folder moved successfully. C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\welcome@toolmin.com folder moved successfully. C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icq-search.xml moved successfully. C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-1.xml moved successfully. C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-10.xml moved successfully. C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-11.xml moved successfully. C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-12.xml moved successfully. C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-13.xml moved successfully. C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-14.xml moved successfully. C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-15.xml moved successfully. C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-16.xml moved successfully. C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-17.xml moved successfully. C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-18.xml moved successfully. C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-19.xml moved successfully. C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-2.xml moved successfully. C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-3.xml moved successfully. C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-4.xml moved successfully. C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-5.xml moved successfully. C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-6.xml moved successfully. C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-7.xml moved successfully. C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-8.xml moved successfully. C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-9.xml moved successfully. C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin.gif moved successfully. C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin.src moved successfully. C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin.xml moved successfully. C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\live-search.xml moved successfully. C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\siteadvisor.xml moved successfully. C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\sweetim.xml moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully. C:\Programme\Mozilla Firefox\extensions\talkback@mozilla.org\components folder moved successfully. C:\Programme\Mozilla Firefox\extensions\talkback@mozilla.org folder moved successfully. C:\Programme\Mozilla Firefox\extensions folder moved successfully. Folder C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\ not found. C:\PROGRAM FILES\MEIN GUTSCHEINCODE FINDER\FIREFOX\chrome\skin folder moved successfully. C:\PROGRAM FILES\MEIN GUTSCHEINCODE FINDER\FIREFOX\chrome\locale\en-US folder moved successfully. C:\PROGRAM FILES\MEIN GUTSCHEINCODE FINDER\FIREFOX\chrome\locale folder moved successfully. C:\PROGRAM FILES\MEIN GUTSCHEINCODE FINDER\FIREFOX\chrome\content folder moved successfully. C:\PROGRAM FILES\MEIN GUTSCHEINCODE FINDER\FIREFOX\chrome folder moved successfully. C:\PROGRAM FILES\MEIN GUTSCHEINCODE FINDER\FIREFOX folder moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}\ deleted successfully. C:\Programme\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully. C:\Programme\ConduitEngine\prxConduitEngine.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found. File C:\Programme\Winload\prxtbWinl.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}\ deleted successfully. C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}\ deleted successfully. C:\Programme\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully. C:\Programme\Ask.com\GenericAskToolbar.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found. File C:\Programme\ConduitEngine\prxConduitEngine.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{40c3cc16-7269-4b32-9531-17f2950fb06f} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found. File C:\Programme\Winload\prxtbWinl.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}\ deleted successfully. File C:\Programme\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5CBE3B7C-1E47-477e-A7DD-396DB0476E29}\ deleted successfully. C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. File C:\Programme\Ask.com\GenericAskToolbar.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DFEFCDEE-CF1A-4FC8-89AF-189327213627} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-89AF-189327213627}\ deleted successfully. C:\Users\Lisa\AppData\Roaming\toolplugin\toolbar.dll moved successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}\ not found. File C:\Programme\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. File C:\Programme\Ask.com\GenericAskToolbar.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully. C:\Programme\Ask.com\Updater\Updater.exe moved successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! C:\autoexec.bat moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a5ba3033-3e10-11e0-bc1f-c5ffb2b569e8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a5ba3033-3e10-11e0-bc1f-c5ffb2b569e8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a5ba3033-3e10-11e0-bc1f-c5ffb2b569e8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a5ba3033-3e10-11e0-bc1f-c5ffb2b569e8}\ not found. File G:\Startme.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found. File E:\LaunchU3.exe -a not found. C:\Users\Lisa\AppData\Roaming\.# folder moved successfully. ADS C:\ProgramData\TEMP:FEBEC560 deleted successfully. ADS C:\ProgramData\TEMP:FC420CE6 deleted successfully. ADS C:\ProgramData\TEMP:B623B5B8 deleted successfully. ADS C:\ProgramData\TEMP:8173A019 deleted successfully. ADS C:\ProgramData\TEMP:4F636E25 deleted successfully. ADS C:\ProgramData\TEMP:10D98D98 deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Lisa ->Temp folder emptied: 759237466 bytes ->Temporary Internet Files folder emptied: 144630555 bytes ->Java cache emptied: 127816 bytes ->FireFox cache emptied: 317043684 bytes ->Apple Safari cache emptied: 0 bytes ->Flash cache emptied: 11700 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 239915258 bytes RecycleBin emptied: 9641870 bytes Total Files Cleaned = 1.402,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.22.3 log created on 11142011_231002 Files\Folders moved on Reboot... File\Folder C:\Windows\temp\mcafee_2j5gNyNZkfd45wo not found! File\Folder C:\Windows\temp\mcmsc_cFXdpGZg3sgql4I not found! File\Folder C:\Windows\temp\mcmsc_chhnls7THSDdSUs not found! C:\Windows\temp\sqlite_HDc31GHUhqpYn5g moved successfully. C:\Windows\temp\sqlite_pGNrWp3oNxnOc0z moved successfully. Registry entries deleted on Reboot... |
|
15.11.2011, 09:11
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BKA Virus - Ukash 100€ Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.11.2011, 17:44
| #12 |
| | BKA Virus - Ukash 100€ Hier nun der log: 17:41:26.0240 5224 TDSS rootkit removing tool 2.6.18.0 Nov 11 2011 15:47:15 17:41:27.0363 5224 ============================================================ 17:41:27.0363 5224 Current date / time: 2011/11/15 17:41:27.0363 17:41:27.0363 5224 SystemInfo: 17:41:27.0363 5224 17:41:27.0363 5224 OS Version: 6.0.6002 ServicePack: 2.0 17:41:27.0363 5224 Product type: Workstation 17:41:27.0363 5224 ComputerName: LISAS-LAPPY 17:41:27.0363 5224 UserName: Lisa 17:41:27.0363 5224 Windows directory: C:\Windows 17:41:27.0363 5224 System windows directory: C:\Windows 17:41:27.0363 5224 Processor architecture: Intel x86 17:41:27.0363 5224 Number of processors: 2 17:41:27.0363 5224 Page size: 0x1000 17:41:27.0363 5224 Boot type: Normal boot 17:41:27.0363 5224 ============================================================ 17:41:28.0486 5224 Initialize success 17:41:45.0443 8152 ============================================================ 17:41:45.0443 8152 Scan started 17:41:45.0443 8152 Mode: Manual; SigCheck; TDLFS; 17:41:45.0443 8152 ============================================================ 17:41:46.0301 8152 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 17:41:46.0613 8152 ACPI - ok 17:41:46.0722 8152 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 17:41:46.0910 8152 adp94xx - ok 17:41:46.0956 8152 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 17:41:47.0128 8152 adpahci - ok 17:41:47.0175 8152 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 17:41:47.0331 8152 adpu160m - ok 17:41:47.0362 8152 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 17:41:47.0518 8152 adpu320 - ok 17:41:47.0612 8152 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys 17:41:47.0877 8152 AFD - ok 17:41:47.0955 8152 AgereSoftModem (38325c6aa8eae011897d61ce48ec6435) C:\Windows\system32\DRIVERS\AGRSM.sys 17:41:48.0314 8152 AgereSoftModem - ok 17:41:48.0438 8152 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 17:41:48.0579 8152 agp440 - ok 17:41:48.0704 8152 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 17:41:48.0922 8152 aic78xx - ok 17:41:49.0094 8152 AlfaFF (8d59617a9c3dbf4650aa44f4e9215744) C:\Windows\system32\Drivers\AlfaFF.sys 17:41:49.0250 8152 AlfaFF - ok 17:41:49.0296 8152 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 17:41:49.0437 8152 aliide - ok 17:41:49.0484 8152 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 17:41:49.0577 8152 amdagp - ok 17:41:49.0624 8152 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 17:41:49.0764 8152 amdide - ok 17:41:49.0796 8152 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 17:41:49.0936 8152 AmdK7 - ok 17:41:49.0983 8152 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 17:41:50.0139 8152 AmdK8 - ok 17:41:50.0264 8152 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 17:41:50.0420 8152 arc - ok 17:41:50.0451 8152 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 17:41:50.0607 8152 arcsas - ok 17:41:50.0654 8152 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 17:41:50.0856 8152 AsyncMac - ok 17:41:50.0903 8152 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 17:41:50.0950 8152 atapi - ok 17:41:51.0012 8152 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 17:41:51.0184 8152 Beep - ok 17:41:51.0246 8152 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 17:41:51.0418 8152 blbdrive - ok 17:41:51.0527 8152 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 17:41:51.0621 8152 bowser - ok 17:41:51.0652 8152 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 17:41:51.0902 8152 BrFiltLo - ok 17:41:51.0933 8152 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 17:41:52.0136 8152 BrFiltUp - ok 17:41:52.0182 8152 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 17:41:52.0510 8152 Brserid - ok 17:41:52.0541 8152 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 17:41:52.0791 8152 BrSerWdm - ok 17:41:52.0822 8152 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 17:41:53.0056 8152 BrUsbMdm - ok 17:41:53.0103 8152 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 17:41:53.0321 8152 BrUsbSer - ok 17:41:53.0399 8152 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys 17:41:53.0586 8152 BthEnum - ok 17:41:53.0649 8152 BTHMODEM (9a966a8e86d1771911ae34a20d11bff3) C:\Windows\system32\DRIVERS\bthmodem.sys 17:41:53.0774 8152 BTHMODEM - ok 17:41:53.0820 8152 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys 17:41:54.0008 8152 BthPan - ok 17:41:54.0086 8152 BthPort (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys 17:41:54.0273 8152 BthPort - ok 17:41:54.0320 8152 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys 17:41:54.0507 8152 BTHUSB - ok 17:41:54.0585 8152 btwaudio (636f45a8500c1438cfa7dee15fc5c184) C:\Windows\system32\drivers\btwaudio.sys 17:41:54.0678 8152 btwaudio - ok 17:41:54.0725 8152 btwavdt (bf9256ff01b093a5d90bb7a35ec90410) C:\Windows\system32\drivers\btwavdt.sys 17:41:54.0881 8152 btwavdt - ok 17:41:54.0912 8152 btwrchid (0ab8c1ac177afb27309e1072faf34a37) C:\Windows\system32\DRIVERS\btwrchid.sys 17:41:55.0068 8152 btwrchid - ok 17:41:55.0131 8152 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 17:41:55.0224 8152 cdfs - ok 17:41:55.0287 8152 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 17:41:55.0458 8152 cdrom - ok 17:41:55.0490 8152 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys 17:41:55.0630 8152 circlass - ok 17:41:55.0692 8152 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 17:41:55.0755 8152 CLFS - ok 17:41:55.0833 8152 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 17:41:55.0958 8152 CmBatt - ok 17:41:55.0989 8152 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 17:41:56.0129 8152 cmdide - ok 17:41:56.0192 8152 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 17:41:56.0223 8152 Compbatt - ok 17:41:56.0254 8152 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 17:41:56.0301 8152 crcdisk - ok 17:41:56.0332 8152 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 17:41:56.0488 8152 Crusoe - ok 17:41:56.0582 8152 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys 17:41:56.0675 8152 DfsC - ok 17:41:56.0753 8152 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 17:41:56.0816 8152 disk - ok 17:41:56.0878 8152 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys 17:41:56.0972 8152 DKbFltr - ok 17:41:57.0065 8152 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys 17:41:57.0190 8152 DritekPortIO - ok 17:41:57.0237 8152 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 17:41:57.0408 8152 drmkaud - ok 17:41:57.0471 8152 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 17:41:57.0564 8152 DXGKrnl - ok 17:41:57.0611 8152 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 17:41:57.0814 8152 E1G60 - ok 17:41:57.0908 8152 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 17:41:57.0970 8152 Ecache - ok 17:41:58.0048 8152 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 17:41:58.0251 8152 elxstor - ok 17:41:58.0298 8152 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 17:41:58.0422 8152 ErrDev - ok 17:41:58.0563 8152 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 17:41:58.0734 8152 exfat - ok 17:41:58.0797 8152 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 17:41:58.0937 8152 fastfat - ok 17:41:58.0984 8152 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 17:41:59.0109 8152 fdc - ok 17:41:59.0171 8152 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 17:41:59.0234 8152 FileInfo - ok 17:41:59.0265 8152 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 17:41:59.0436 8152 Filetrace - ok 17:41:59.0468 8152 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 17:41:59.0608 8152 flpydisk - ok 17:41:59.0670 8152 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 17:41:59.0733 8152 FltMgr - ok 17:41:59.0826 8152 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\Windows\system32\DRIVERS\fssfltr.sys 17:41:59.0982 8152 fssfltr - ok 17:42:00.0092 8152 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 17:42:00.0201 8152 Fs_Rec - ok 17:42:00.0248 8152 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 17:42:00.0357 8152 gagp30kx - ok 17:42:00.0404 8152 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 17:42:00.0513 8152 GEARAspiWDM - ok 17:42:00.0606 8152 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 17:42:00.0794 8152 HdAudAddService - ok 17:42:00.0856 8152 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 17:42:00.0996 8152 HDAudBus - ok 17:42:01.0028 8152 HidBth (fcb3f4be408f72c1bd81bcaba87fc22f) C:\Windows\system32\DRIVERS\hidbth.sys 17:42:01.0199 8152 HidBth - ok 17:42:01.0246 8152 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys 17:42:01.0355 8152 HidIr - ok 17:42:01.0418 8152 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 17:42:01.0589 8152 HidUsb - ok 17:42:01.0636 8152 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 17:42:01.0776 8152 HpCISSs - ok 17:42:01.0823 8152 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 17:42:02.0042 8152 HTTP - ok 17:42:02.0088 8152 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 17:42:02.0229 8152 i2omp - ok 17:42:02.0291 8152 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 17:42:02.0463 8152 i8042prt - ok 17:42:02.0541 8152 iaStor (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys 17:42:02.0603 8152 iaStor - ok 17:42:02.0650 8152 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 17:42:02.0837 8152 iaStorV - ok 17:42:02.0868 8152 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 17:42:03.0024 8152 iirsp - ok 17:42:03.0087 8152 int15 (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\Windows\system32\drivers\int15.sys 17:42:03.0165 8152 int15 ( UnsignedFile.Multi.Generic ) - warning 17:42:03.0165 8152 int15 - detected UnsignedFile.Multi.Generic (1) 17:42:03.0258 8152 IntcAzAudAddService (92bcc487f16892cda495dbd8160272d9) C:\Windows\system32\drivers\RTKVHDA.sys 17:42:03.0508 8152 IntcAzAudAddService - ok 17:42:03.0539 8152 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 17:42:03.0570 8152 intelide - ok 17:42:03.0617 8152 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 17:42:03.0758 8152 intelppm - ok 17:42:03.0804 8152 IpInIp - ok 17:42:03.0851 8152 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 17:42:03.0992 8152 IPMIDRV - ok 17:42:04.0038 8152 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 17:42:04.0163 8152 IPNAT - ok 17:42:04.0210 8152 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 17:42:04.0350 8152 IRENUM - ok 17:42:04.0382 8152 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 17:42:04.0491 8152 isapnp - ok 17:42:04.0553 8152 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 17:42:04.0616 8152 iScsiPrt - ok 17:42:04.0647 8152 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 17:42:04.0787 8152 iteatapi - ok 17:42:04.0834 8152 itecir (8bcd857c7932ad005d5f9c89329da2e1) C:\Windows\system32\DRIVERS\itecir.sys 17:42:04.0959 8152 itecir - ok 17:42:04.0990 8152 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 17:42:05.0146 8152 iteraid - ok 17:42:05.0208 8152 JMCR (8123f605779db22ffc67fa84b8381803) C:\Windows\system32\DRIVERS\jmcr.sys 17:42:05.0411 8152 JMCR - ok 17:42:05.0458 8152 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 17:42:05.0598 8152 kbdclass - ok 17:42:05.0645 8152 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 17:42:05.0770 8152 kbdhid - ok 17:42:05.0832 8152 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 17:42:05.0910 8152 KSecDD - ok 17:42:06.0004 8152 L1E (24abddeb766c8459f9d562eb083b6cb8) C:\Windows\system32\DRIVERS\L1E60x86.sys 17:42:06.0160 8152 L1E - ok 17:42:06.0254 8152 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 17:42:06.0394 8152 lltdio - ok 17:42:06.0456 8152 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 17:42:06.0612 8152 LSI_FC - ok 17:42:06.0644 8152 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 17:42:06.0800 8152 LSI_SAS - ok 17:42:06.0846 8152 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 17:42:07.0002 8152 LSI_SCSI - ok 17:42:07.0034 8152 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 17:42:07.0127 8152 luafv - ok 17:42:07.0143 8152 MBAMProtector - ok 17:42:07.0190 8152 MBAMSwissArmy - ok 17:42:07.0330 8152 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 17:42:07.0470 8152 megasas - ok 17:42:07.0533 8152 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 17:42:07.0751 8152 MegaSR - ok 17:42:07.0814 8152 mfeavfk (c97cbfd71c1c215150a3b3e55f77a7a3) C:\Windows\system32\drivers\mfeavfk.sys 17:42:08.0282 8152 mfeavfk - ok 17:42:08.0344 8152 mfebopk (5447338b83a1a2354fb2fea7604387fd) C:\Windows\system32\drivers\mfebopk.sys 17:42:08.0765 8152 mfebopk - ok 17:42:08.0843 8152 mfehidk (6c9a6ed60b8fc3baf72fe1b1d096445b) C:\Windows\system32\drivers\mfehidk.sys 17:42:09.0530 8152 mfehidk - ok 17:42:09.0561 8152 mferkdk (a551154b51d6a93fccf70fc4e8eaf4bd) C:\Windows\system32\drivers\mferkdk.sys 17:42:10.0029 8152 mferkdk - ok 17:42:10.0122 8152 mfesmfk (299a86b780c9627aaa24e74292363ed2) C:\Windows\system32\drivers\mfesmfk.sys 17:42:10.0653 8152 mfesmfk - ok 17:42:10.0731 8152 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 17:42:10.0824 8152 Modem - ok 17:42:10.0856 8152 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 17:42:10.0934 8152 monitor - ok 17:42:10.0965 8152 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 17:42:11.0121 8152 mouclass - ok 17:42:11.0230 8152 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 17:42:11.0355 8152 mouhid - ok 17:42:11.0386 8152 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 17:42:11.0433 8152 MountMgr - ok 17:42:11.0495 8152 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys 17:42:11.0682 8152 MpFilter - ok 17:42:11.0714 8152 MPFP (96cf5286bc370b558735a7b891232d92) C:\Windows\system32\Drivers\Mpfp.sys 17:42:11.0760 8152 MPFP - ok 17:42:11.0807 8152 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 17:42:11.0979 8152 mpio - ok 17:42:12.0057 8152 MpKsl3cc6378f (5f53edfead46fa7adb78eee9ecce8fdf) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CE3CB8A6-43EE-4F9D-B3A0-2619A860C8BA}\MpKsl3cc6378f.sys 17:42:12.0119 8152 MpKsl3cc6378f - ok 17:42:12.0228 8152 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys 17:42:12.0338 8152 MpNWMon - ok 17:42:12.0384 8152 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 17:42:12.0572 8152 mpsdrv - ok 17:42:12.0618 8152 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 17:42:12.0759 8152 Mraid35x - ok 17:42:12.0821 8152 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 17:42:12.0915 8152 MRxDAV - ok 17:42:12.0977 8152 mrxsmb (5fe5cf325f5b02ebc60832d3440cb414) C:\Windows\system32\DRIVERS\mrxsmb.sys 17:42:13.0086 8152 mrxsmb - ok 17:42:13.0118 8152 mrxsmb10 (30b9c769446af379a2afb72b0392604d) C:\Windows\system32\DRIVERS\mrxsmb10.sys 17:42:13.0211 8152 mrxsmb10 - ok 17:42:13.0242 8152 mrxsmb20 (fea239b3ec4877e2b7e23204af589ddf) C:\Windows\system32\DRIVERS\mrxsmb20.sys 17:42:13.0289 8152 mrxsmb20 - ok 17:42:13.0336 8152 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys 17:42:13.0383 8152 msahci - ok 17:42:13.0430 8152 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 17:42:13.0586 8152 msdsm - ok 17:42:13.0632 8152 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 17:42:13.0726 8152 Msfs - ok 17:42:13.0773 8152 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 17:42:13.0820 8152 msisadrv - ok 17:42:13.0882 8152 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 17:42:14.0022 8152 MSKSSRV - ok 17:42:14.0100 8152 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 17:42:14.0225 8152 MSPCLOCK - ok 17:42:14.0256 8152 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 17:42:14.0381 8152 MSPQM - ok 17:42:14.0444 8152 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 17:42:14.0490 8152 MsRPC - ok 17:42:14.0522 8152 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 17:42:14.0568 8152 mssmbios - ok 17:42:14.0615 8152 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 17:42:14.0740 8152 MSTEE - ok 17:42:14.0771 8152 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 17:42:14.0834 8152 Mup - ok 17:42:14.0896 8152 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 17:42:15.0083 8152 NativeWifiP - ok 17:42:15.0177 8152 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 17:42:15.0270 8152 NDIS - ok 17:42:15.0317 8152 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 17:42:15.0458 8152 NdisTapi - ok 17:42:15.0489 8152 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 17:42:15.0614 8152 Ndisuio - ok 17:42:15.0692 8152 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 17:42:15.0863 8152 NdisWan - ok 17:42:15.0894 8152 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 17:42:16.0035 8152 NDProxy - ok 17:42:16.0066 8152 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 17:42:16.0160 8152 NetBIOS - ok 17:42:16.0206 8152 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 17:42:16.0440 8152 netbt - ok 17:42:16.0612 8152 NETw4v32 (caaea35dae7f4c19db05481dac22c2ba) C:\Windows\system32\DRIVERS\NETw4v32.sys 17:42:16.0986 8152 NETw4v32 - ok 17:42:17.0205 8152 NETw5v32 (8de67bd902095a13329fd82c85a1fa09) C:\Windows\system32\DRIVERS\NETw5v32.sys 17:42:17.0626 8152 NETw5v32 - ok 17:42:17.0751 8152 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 17:42:17.0907 8152 nfrd960 - ok 17:42:18.0032 8152 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 17:42:18.0203 8152 NisDrv - ok 17:42:18.0266 8152 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 17:42:18.0359 8152 Npfs - ok 17:42:18.0422 8152 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 17:42:18.0578 8152 nsiproxy - ok 17:42:18.0671 8152 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 17:42:18.0936 8152 Ntfs - ok 17:42:19.0014 8152 NTIDrvr (2757d2ba59aee155209e24942ab127c9) C:\Windows\system32\DRIVERS\NTIDrvr.sys 17:42:19.0155 8152 NTIDrvr - ok 17:42:19.0202 8152 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 17:42:19.0436 8152 ntrigdigi - ok 17:42:19.0451 8152 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 17:42:19.0592 8152 Null - ok 17:42:19.0872 8152 nvlddmkm (87a335a444551a432226720d18337ad9) C:\Windows\system32\DRIVERS\nvlddmkm.sys 17:42:20.0996 8152 nvlddmkm - ok 17:42:21.0136 8152 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 17:42:21.0292 8152 nvraid - ok 17:42:21.0354 8152 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 17:42:21.0510 8152 nvstor - ok 17:42:21.0542 8152 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 17:42:21.0666 8152 nv_agp - ok 17:42:21.0682 8152 NwlnkFlt - ok 17:42:21.0713 8152 NwlnkFwd - ok 17:42:21.0776 8152 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys 17:42:21.0994 8152 ohci1394 - ok 17:42:22.0072 8152 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 17:42:22.0306 8152 Parport - ok 17:42:22.0353 8152 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 17:42:22.0415 8152 partmgr - ok 17:42:22.0446 8152 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 17:42:22.0618 8152 Parvdm - ok 17:42:22.0665 8152 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 17:42:22.0712 8152 pci - ok 17:42:22.0758 8152 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys 17:42:22.0899 8152 pciide - ok 17:42:22.0930 8152 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 17:42:23.0055 8152 pcmcia - ok 17:42:23.0133 8152 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 17:42:23.0382 8152 PEAUTH - ok 17:42:23.0507 8152 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 17:42:23.0694 8152 PptpMiniport - ok 17:42:23.0726 8152 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys 17:42:23.0850 8152 Processor - ok 17:42:23.0944 8152 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 17:42:24.0022 8152 PSched - ok 17:42:24.0069 8152 PSDFilter (ab94285ff6c6bc5433407d8d182a4bb4) C:\Windows\system32\DRIVERS\psdfilter.sys 17:42:24.0116 8152 PSDFilter - ok 17:42:24.0162 8152 PSDNServ (2aaf9a5d7a63d26bfaea853c5f2292bc) C:\Windows\system32\DRIVERS\PSDNServ.sys 17:42:24.0240 8152 PSDNServ - ok 17:42:24.0287 8152 psdvdisk (0eb8cec99855beae5b0d02c2302619ef) C:\Windows\system32\DRIVERS\PSDVdisk.sys 17:42:24.0396 8152 psdvdisk - ok 17:42:24.0459 8152 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys 17:42:24.0521 8152 PxHelp20 - ok 17:42:24.0615 8152 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 17:42:24.0833 8152 ql2300 - ok 17:42:24.0864 8152 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 17:42:25.0036 8152 ql40xx - ok 17:42:25.0083 8152 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 17:42:25.0317 8152 QWAVEdrv - ok 17:42:25.0379 8152 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 17:42:25.0582 8152 RasAcd - ok 17:42:25.0629 8152 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 17:42:25.0816 8152 Rasl2tp - ok 17:42:25.0878 8152 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 17:42:26.0066 8152 RasPppoe - ok 17:42:26.0128 8152 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 17:42:26.0268 8152 RasSstp - ok 17:42:26.0331 8152 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 17:42:26.0456 8152 rdbss - ok 17:42:26.0487 8152 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 17:42:26.0627 8152 RDPCDD - ok 17:42:26.0674 8152 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 17:42:26.0814 8152 rdpdr - ok 17:42:26.0830 8152 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 17:42:26.0986 8152 RDPENCDD - ok 17:42:27.0048 8152 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 17:42:27.0251 8152 RDPWD - ok 17:42:27.0360 8152 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys 17:42:27.0548 8152 RFCOMM - ok 17:42:27.0641 8152 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 17:42:27.0766 8152 rspndr - ok 17:42:27.0828 8152 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 17:42:27.0969 8152 sbp2port - ok 17:42:28.0140 8152 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 17:42:28.0374 8152 secdrv - ok 17:42:28.0437 8152 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 17:42:28.0608 8152 Serenum - ok 17:42:28.0952 8152 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 17:42:29.0154 8152 Serial - ok 17:42:29.0232 8152 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 17:42:29.0373 8152 sermouse - ok 17:42:29.0435 8152 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys 17:42:29.0544 8152 sffdisk - ok 17:42:29.0591 8152 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 17:42:29.0716 8152 sffp_mmc - ok 17:42:29.0763 8152 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys 17:42:29.0888 8152 sffp_sd - ok 17:42:29.0919 8152 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 17:42:30.0137 8152 sfloppy - ok 17:42:30.0200 8152 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 17:42:30.0309 8152 sisagp - ok 17:42:30.0356 8152 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 17:42:30.0512 8152 SiSRaid2 - ok 17:42:30.0574 8152 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 17:42:30.0731 8152 SiSRaid4 - ok 17:42:30.0809 8152 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 17:42:30.0996 8152 Smb - ok 17:42:31.0105 8152 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 17:42:31.0152 8152 spldr - ok 17:42:31.0230 8152 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 17:42:31.0339 8152 srv - ok 17:42:31.0386 8152 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys 17:42:31.0480 8152 srv2 - ok 17:42:31.0527 8152 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys 17:42:31.0620 8152 srvnet - ok 17:42:31.0698 8152 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 17:42:31.0807 8152 swenum - ok 17:42:31.0854 8152 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 17:42:31.0995 8152 Symc8xx - ok 17:42:32.0041 8152 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 17:42:32.0182 8152 Sym_hi - ok 17:42:32.0229 8152 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 17:42:32.0369 8152 Sym_u3 - ok 17:42:32.0431 8152 SynTP (bf7aa84d5af0faa0978c840e63b17dbf) C:\Windows\system32\DRIVERS\SynTP.sys 17:42:32.0541 8152 SynTP - ok 17:42:32.0665 8152 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys 17:42:32.0977 8152 Tcpip - ok 17:42:33.0040 8152 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys 17:42:33.0149 8152 Tcpip6 - ok 17:42:33.0196 8152 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 17:42:33.0399 8152 tcpipreg - ok 17:42:33.0445 8152 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 17:42:33.0633 8152 TDPIPE - ok 17:42:33.0679 8152 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 17:42:33.0851 8152 TDTCP - ok 17:42:33.0913 8152 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 17:42:34.0085 8152 tdx - ok 17:42:34.0147 8152 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 17:42:34.0257 8152 TermDD - ok 17:42:34.0366 8152 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 17:42:34.0553 8152 tssecsrv - ok 17:42:34.0584 8152 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 17:42:34.0757 8152 tunmp - ok 17:42:34.0804 8152 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 17:42:34.0975 8152 tunnel - ok 17:42:35.0006 8152 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 17:42:35.0131 8152 uagp35 - ok 17:42:35.0178 8152 UBHelper (f763e070843ee2803de1395002b42938) C:\Windows\system32\drivers\UBHelper.sys 17:42:35.0225 8152 UBHelper - ok 17:42:35.0287 8152 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 17:42:35.0428 8152 udfs - ok 17:42:35.0490 8152 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 17:42:35.0615 8152 uliagpkx - ok 17:42:35.0662 8152 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 17:42:35.0818 8152 uliahci - ok 17:42:35.0864 8152 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 17:42:36.0036 8152 UlSata - ok 17:42:36.0083 8152 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 17:42:36.0239 8152 ulsata2 - ok 17:42:36.0286 8152 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 17:42:36.0426 8152 umbus - ok 17:42:36.0488 8152 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys 17:42:36.0644 8152 USBAAPL - ok 17:42:36.0722 8152 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 17:42:36.0863 8152 usbccgp - ok 17:42:36.0910 8152 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 17:42:37.0097 8152 usbcir - ok 17:42:37.0144 8152 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 17:42:37.0315 8152 usbehci - ok 17:42:37.0362 8152 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 17:42:37.0565 8152 usbhub - ok 17:42:37.0612 8152 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 17:42:37.0814 8152 usbohci - ok 17:42:37.0846 8152 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys 17:42:38.0064 8152 usbprint - ok 17:42:38.0095 8152 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 17:42:38.0267 8152 USBSTOR - ok 17:42:38.0314 8152 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 17:42:38.0485 8152 usbuhci - ok 17:42:38.0548 8152 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 17:42:38.0766 8152 usbvideo - ok 17:42:38.0828 8152 vfs101x (4d45a93a7dd638ca2db0a86fbfbf42d1) C:\Windows\system32\drivers\vfs101x.sys 17:42:38.0984 8152 vfs101x - ok 17:42:39.0047 8152 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 17:42:39.0187 8152 vga - ok 17:42:39.0218 8152 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 17:42:39.0359 8152 VgaSave - ok 17:42:39.0390 8152 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 17:42:39.0499 8152 viaagp - ok 17:42:39.0530 8152 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 17:42:39.0671 8152 ViaC7 - ok 17:42:39.0718 8152 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 17:42:39.0858 8152 viaide - ok 17:42:39.0905 8152 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 17:42:39.0952 8152 volmgr - ok 17:42:40.0030 8152 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 17:42:40.0108 8152 volmgrx - ok 17:42:40.0170 8152 volsnap (e269bb33062f9a6b4115c86781d767aa) C:\Windows\system32\drivers\volsnap.sys 17:42:40.0170 8152 Suspicious file (Forged): C:\Windows\system32\drivers\volsnap.sys. Real md5: e269bb33062f9a6b4115c86781d767aa, Fake md5: 147281c01fcb1df9252de2a10d5e7093 17:42:40.0170 8152 volsnap ( Rootkit.Win32.TDSS.tdl3 ) - infected 17:42:40.0170 8152 volsnap - detected Rootkit.Win32.TDSS.tdl3 (0) 17:42:40.0217 8152 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 17:42:40.0388 8152 vsmraid - ok 17:42:40.0529 8152 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 17:42:40.0778 8152 WacomPen - ok 17:42:40.0825 8152 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 17:42:40.0997 8152 Wanarp - ok 17:42:41.0028 8152 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 17:42:41.0122 8152 Wanarpv6 - ok 17:42:41.0184 8152 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 17:42:41.0324 8152 Wd - ok 17:42:41.0387 8152 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 17:42:41.0480 8152 Wdf01000 - ok 17:42:41.0699 8152 WinUSB (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\WinUSB.sys 17:42:41.0855 8152 WinUSB - ok 17:42:41.0933 8152 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys 17:42:41.0995 8152 WmiAcpi - ok 17:42:42.0151 8152 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 17:42:42.0323 8152 WpdUsb - ok 17:42:42.0385 8152 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 17:42:42.0510 8152 ws2ifsl - ok 17:42:42.0557 8152 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys 17:42:42.0728 8152 WSDPrintDevice - ok 17:42:42.0791 8152 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 17:42:43.0009 8152 WUDFRd - ok 17:42:43.0228 8152 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (74ec37b9eaf9fca015b933a526825c7a) C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl 17:42:43.0696 8152 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok 17:42:43.0789 8152 MBR (0x1B8) (bb9d3a6a13c5010348da7c900bb6af50) \Device\Harddisk0\DR0 17:42:44.0226 8152 \Device\Harddisk0\DR0 - ok 17:42:44.0273 8152 Boot (0x1200) (3102618fff443b5f7bc0eb71d9c4dbd4) \Device\Harddisk0\DR0\Partition0 17:42:44.0273 8152 \Device\Harddisk0\DR0\Partition0 - ok 17:42:44.0288 8152 Boot (0x1200) (09bb6984a517e4a0b571e6da0d0e33cb) \Device\Harddisk0\DR0\Partition1 17:42:44.0288 8152 \Device\Harddisk0\DR0\Partition1 - ok 17:42:44.0288 8152 ============================================================ 17:42:44.0288 8152 Scan finished 17:42:44.0288 8152 ============================================================ 17:42:44.0320 6176 Detected object count: 2 17:42:44.0320 6176 Actual detected object count: 2 17:42:59.0251 6176 int15 ( UnsignedFile.Multi.Generic ) - skipped by user 17:42:59.0251 6176 int15 ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:42:59.0251 6176 volsnap ( Rootkit.Win32.TDSS.tdl3 ) - skipped by user 17:42:59.0251 6176 volsnap ( Rootkit.Win32.TDSS.tdl3 ) - User select action: Skip |
|
15.11.2011, 20:13
| #13 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BKA Virus - Ukash 100€Zitat:
Starte Windows danach neu und mach ein neues Log mit dem TDSS-Killer.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.11.2011, 00:05
| #14 |
| | BKA Virus - Ukash 100€ Neues log : 00:00:30.0624 3088 TDSS rootkit removing tool 2.6.18.0 Nov 11 2011 15:47:15 00:00:31.0779 3088 ============================================================ 00:00:31.0779 3088 Current date / time: 2011/11/16 00:00:31.0779 00:00:31.0779 3088 SystemInfo: 00:00:31.0779 3088 00:00:31.0779 3088 OS Version: 6.0.6002 ServicePack: 2.0 00:00:31.0779 3088 Product type: Workstation 00:00:31.0779 3088 ComputerName: LISAS-LAPPY 00:00:31.0779 3088 UserName: Lisa 00:00:31.0779 3088 Windows directory: C:\Windows 00:00:31.0779 3088 System windows directory: C:\Windows 00:00:31.0779 3088 Processor architecture: Intel x86 00:00:31.0779 3088 Number of processors: 2 00:00:31.0779 3088 Page size: 0x1000 00:00:31.0779 3088 Boot type: Normal boot 00:00:31.0779 3088 ============================================================ 00:00:32.0746 3088 Initialize success 00:00:38.0705 2512 ============================================================ 00:00:38.0705 2512 Scan started 00:00:38.0705 2512 Mode: Manual; SigCheck; TDLFS; 00:00:38.0705 2512 ============================================================ 00:00:39.0236 2512 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 00:00:39.0548 2512 ACPI - ok 00:00:39.0610 2512 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 00:00:39.0828 2512 adp94xx - ok 00:00:39.0906 2512 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 00:00:40.0078 2512 adpahci - ok 00:00:40.0140 2512 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 00:00:40.0296 2512 adpu160m - ok 00:00:40.0328 2512 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 00:00:40.0484 2512 adpu320 - ok 00:00:40.0562 2512 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys 00:00:40.0749 2512 AFD - ok 00:00:40.0827 2512 AgereSoftModem (38325c6aa8eae011897d61ce48ec6435) C:\Windows\system32\DRIVERS\AGRSM.sys 00:00:41.0045 2512 AgereSoftModem - ok 00:00:41.0108 2512 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 00:00:41.0201 2512 agp440 - ok 00:00:41.0232 2512 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 00:00:41.0388 2512 aic78xx - ok 00:00:41.0451 2512 AlfaFF (8d59617a9c3dbf4650aa44f4e9215744) C:\Windows\system32\Drivers\AlfaFF.sys 00:00:41.0732 2512 AlfaFF - ok 00:00:41.0763 2512 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 00:00:41.0919 2512 aliide - ok 00:00:41.0981 2512 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 00:00:42.0075 2512 amdagp - ok 00:00:42.0106 2512 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 00:00:42.0246 2512 amdide - ok 00:00:42.0278 2512 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 00:00:42.0402 2512 AmdK7 - ok 00:00:42.0434 2512 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 00:00:42.0558 2512 AmdK8 - ok 00:00:42.0621 2512 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 00:00:42.0777 2512 arc - ok 00:00:42.0808 2512 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 00:00:42.0964 2512 arcsas - ok 00:00:42.0995 2512 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 00:00:43.0167 2512 AsyncMac - ok 00:00:43.0214 2512 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 00:00:43.0354 2512 atapi - ok 00:00:43.0401 2512 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 00:00:43.0588 2512 Beep - ok 00:00:43.0635 2512 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 00:00:43.0806 2512 blbdrive - ok 00:00:43.0916 2512 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 00:00:44.0040 2512 bowser - ok 00:00:44.0087 2512 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 00:00:44.0259 2512 BrFiltLo - ok 00:00:44.0306 2512 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 00:00:44.0462 2512 BrFiltUp - ok 00:00:44.0508 2512 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 00:00:44.0711 2512 Brserid - ok 00:00:44.0742 2512 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 00:00:44.0992 2512 BrSerWdm - ok 00:00:45.0054 2512 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 00:00:45.0257 2512 BrUsbMdm - ok 00:00:45.0288 2512 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 00:00:45.0491 2512 BrUsbSer - ok 00:00:45.0554 2512 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys 00:00:45.0725 2512 BthEnum - ok 00:00:45.0788 2512 BTHMODEM (9a966a8e86d1771911ae34a20d11bff3) C:\Windows\system32\DRIVERS\bthmodem.sys 00:00:45.0912 2512 BTHMODEM - ok 00:00:45.0944 2512 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys 00:00:46.0131 2512 BthPan - ok 00:00:46.0193 2512 BthPort (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys 00:00:46.0334 2512 BthPort - ok 00:00:46.0380 2512 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys 00:00:46.0521 2512 BTHUSB - ok 00:00:46.0568 2512 btwaudio (636f45a8500c1438cfa7dee15fc5c184) C:\Windows\system32\drivers\btwaudio.sys 00:00:46.0661 2512 btwaudio - ok 00:00:46.0708 2512 btwavdt (bf9256ff01b093a5d90bb7a35ec90410) C:\Windows\system32\drivers\btwavdt.sys 00:00:46.0864 2512 btwavdt - ok 00:00:46.0880 2512 btwrchid (0ab8c1ac177afb27309e1072faf34a37) C:\Windows\system32\DRIVERS\btwrchid.sys 00:00:47.0051 2512 btwrchid - ok 00:00:47.0114 2512 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 00:00:47.0192 2512 cdfs - ok 00:00:47.0238 2512 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 00:00:47.0410 2512 cdrom - ok 00:00:47.0441 2512 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys 00:00:47.0566 2512 circlass - ok 00:00:47.0613 2512 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 00:00:47.0738 2512 CLFS - ok 00:00:47.0800 2512 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 00:00:47.0956 2512 CmBatt - ok 00:00:47.0987 2512 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 00:00:48.0128 2512 cmdide - ok 00:00:48.0159 2512 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 00:00:48.0268 2512 Compbatt - ok 00:00:48.0299 2512 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 00:00:48.0393 2512 crcdisk - ok 00:00:48.0580 2512 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 00:00:48.0705 2512 Crusoe - ok 00:00:48.0954 2512 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys 00:00:49.0079 2512 DfsC - ok 00:00:49.0376 2512 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 00:00:49.0532 2512 disk - ok 00:00:49.0719 2512 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys 00:00:49.0812 2512 DKbFltr - ok 00:00:49.0906 2512 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys 00:00:50.0031 2512 DritekPortIO - ok 00:00:50.0171 2512 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 00:00:50.0327 2512 drmkaud - ok 00:00:50.0436 2512 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 00:00:50.0514 2512 DXGKrnl - ok 00:00:50.0561 2512 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 00:00:50.0764 2512 E1G60 - ok 00:00:50.0998 2512 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 00:00:51.0201 2512 Ecache - ok 00:00:51.0404 2512 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 00:00:51.0575 2512 elxstor - ok 00:00:51.0794 2512 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 00:00:51.0918 2512 ErrDev - ok 00:00:52.0340 2512 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 00:00:52.0496 2512 exfat - ok 00:00:52.0761 2512 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 00:00:52.0870 2512 fastfat - ok 00:00:53.0042 2512 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 00:00:53.0166 2512 fdc - ok 00:00:53.0291 2512 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 00:00:53.0463 2512 FileInfo - ok 00:00:53.0510 2512 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 00:00:53.0681 2512 Filetrace - ok 00:00:53.0697 2512 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 00:00:53.0822 2512 flpydisk - ok 00:00:53.0900 2512 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 00:00:54.0024 2512 FltMgr - ok 00:00:54.0118 2512 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\Windows\system32\DRIVERS\fssfltr.sys 00:00:54.0290 2512 fssfltr - ok 00:00:54.0368 2512 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 00:00:54.0477 2512 Fs_Rec - ok 00:00:54.0539 2512 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 00:00:54.0664 2512 gagp30kx - ok 00:00:54.0742 2512 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 00:00:54.0851 2512 GEARAspiWDM - ok 00:00:54.0960 2512 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 00:00:55.0148 2512 HdAudAddService - ok 00:00:55.0210 2512 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 00:00:55.0319 2512 HDAudBus - ok 00:00:55.0350 2512 HidBth (fcb3f4be408f72c1bd81bcaba87fc22f) C:\Windows\system32\DRIVERS\hidbth.sys 00:00:55.0538 2512 HidBth - ok 00:00:55.0569 2512 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys 00:00:55.0694 2512 HidIr - ok 00:00:55.0756 2512 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 00:00:55.0928 2512 HidUsb - ok 00:00:56.0177 2512 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 00:00:56.0349 2512 HpCISSs - ok 00:00:56.0598 2512 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 00:00:56.0786 2512 HTTP - ok 00:00:56.0879 2512 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 00:00:57.0035 2512 i2omp - ok 00:00:57.0098 2512 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 00:00:57.0285 2512 i8042prt - ok 00:00:57.0363 2512 iaStor (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys 00:00:57.0566 2512 iaStor - ok 00:00:57.0675 2512 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 00:00:57.0862 2512 iaStorV - ok 00:00:57.0893 2512 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 00:00:58.0065 2512 iirsp - ok 00:00:58.0112 2512 int15 (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\Windows\system32\drivers\int15.sys 00:00:58.0190 2512 int15 ( UnsignedFile.Multi.Generic ) - warning 00:00:58.0190 2512 int15 - detected UnsignedFile.Multi.Generic (1) 00:00:58.0283 2512 IntcAzAudAddService (92bcc487f16892cda495dbd8160272d9) C:\Windows\system32\drivers\RTKVHDA.sys 00:00:58.0533 2512 IntcAzAudAddService - ok 00:00:58.0548 2512 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 00:00:58.0704 2512 intelide - ok 00:00:58.0751 2512 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 00:00:58.0876 2512 intelppm - ok 00:00:58.0938 2512 IpInIp - ok 00:00:58.0970 2512 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 00:00:59.0110 2512 IPMIDRV - ok 00:00:59.0141 2512 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 00:00:59.0282 2512 IPNAT - ok 00:00:59.0313 2512 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 00:00:59.0438 2512 IRENUM - ok 00:00:59.0484 2512 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 00:00:59.0594 2512 isapnp - ok 00:00:59.0640 2512 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 00:00:59.0703 2512 iScsiPrt - ok 00:00:59.0750 2512 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 00:00:59.0890 2512 iteatapi - ok 00:00:59.0921 2512 itecir (8bcd857c7932ad005d5f9c89329da2e1) C:\Windows\system32\DRIVERS\itecir.sys 00:01:00.0046 2512 itecir - ok 00:01:00.0062 2512 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 00:01:00.0218 2512 iteraid - ok 00:01:00.0280 2512 JMCR (8123f605779db22ffc67fa84b8381803) C:\Windows\system32\DRIVERS\jmcr.sys 00:01:00.0436 2512 JMCR - ok 00:01:00.0467 2512 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 00:01:00.0623 2512 kbdclass - ok 00:01:00.0670 2512 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 00:01:00.0779 2512 kbdhid - ok 00:01:00.0842 2512 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 00:01:01.0014 2512 KSecDD - ok 00:01:01.0092 2512 L1E (24abddeb766c8459f9d562eb083b6cb8) C:\Windows\system32\DRIVERS\L1E60x86.sys 00:01:01.0264 2512 L1E - ok 00:01:01.0326 2512 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 00:01:01.0451 2512 lltdio - ok 00:01:01.0498 2512 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 00:01:01.0654 2512 LSI_FC - ok 00:01:01.0685 2512 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 00:01:01.0841 2512 LSI_SAS - ok 00:01:01.0888 2512 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 00:01:02.0044 2512 LSI_SCSI - ok 00:01:02.0075 2512 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 00:01:02.0215 2512 luafv - ok 00:01:02.0231 2512 MBAMProtector - ok 00:01:02.0278 2512 MBAMSwissArmy - ok 00:01:02.0403 2512 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 00:01:02.0543 2512 megasas - ok 00:01:02.0605 2512 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 00:01:02.0793 2512 MegaSR - ok 00:01:02.0839 2512 mfeavfk (c97cbfd71c1c215150a3b3e55f77a7a3) C:\Windows\system32\drivers\mfeavfk.sys 00:01:03.0370 2512 mfeavfk - ok 00:01:03.0385 2512 mfebopk (5447338b83a1a2354fb2fea7604387fd) C:\Windows\system32\drivers\mfebopk.sys 00:01:03.0885 2512 mfebopk - ok 00:01:03.0916 2512 mfehidk (6c9a6ed60b8fc3baf72fe1b1d096445b) C:\Windows\system32\drivers\mfehidk.sys 00:01:04.0665 2512 mfehidk - ok 00:01:04.0696 2512 mferkdk (a551154b51d6a93fccf70fc4e8eaf4bd) C:\Windows\system32\drivers\mferkdk.sys 00:01:05.0242 2512 mferkdk - ok 00:01:05.0320 2512 mfesmfk (299a86b780c9627aaa24e74292363ed2) C:\Windows\system32\drivers\mfesmfk.sys 00:01:05.0772 2512 mfesmfk - ok 00:01:05.0850 2512 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 00:01:05.0913 2512 Modem - ok 00:01:05.0944 2512 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 00:01:06.0022 2512 monitor - ok 00:01:06.0053 2512 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 00:01:06.0209 2512 mouclass - ok 00:01:06.0240 2512 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 00:01:06.0365 2512 mouhid - ok 00:01:06.0381 2512 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 00:01:06.0490 2512 MountMgr - ok 00:01:06.0537 2512 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys 00:01:06.0739 2512 MpFilter - ok 00:01:06.0771 2512 MPFP (96cf5286bc370b558735a7b891232d92) C:\Windows\system32\Drivers\Mpfp.sys 00:01:06.0911 2512 MPFP - ok 00:01:06.0958 2512 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 00:01:07.0114 2512 mpio - ok 00:01:07.0207 2512 MpKsl390fd072 (5f53edfead46fa7adb78eee9ecce8fdf) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CE3CB8A6-43EE-4F9D-B3A0-2619A860C8BA}\MpKsl390fd072.sys 00:01:07.0270 2512 MpKsl390fd072 - ok 00:01:07.0379 2512 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys 00:01:07.0488 2512 MpNWMon - ok 00:01:07.0551 2512 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 00:01:07.0707 2512 mpsdrv - ok 00:01:07.0753 2512 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 00:01:07.0894 2512 Mraid35x - ok 00:01:07.0956 2512 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 00:01:08.0143 2512 MRxDAV - ok 00:01:08.0206 2512 mrxsmb (5fe5cf325f5b02ebc60832d3440cb414) C:\Windows\system32\DRIVERS\mrxsmb.sys 00:01:08.0377 2512 mrxsmb - ok 00:01:08.0440 2512 mrxsmb10 (30b9c769446af379a2afb72b0392604d) C:\Windows\system32\DRIVERS\mrxsmb10.sys 00:01:08.0611 2512 mrxsmb10 - ok 00:01:08.0643 2512 mrxsmb20 (fea239b3ec4877e2b7e23204af589ddf) C:\Windows\system32\DRIVERS\mrxsmb20.sys 00:01:08.0799 2512 mrxsmb20 - ok 00:01:08.0845 2512 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys 00:01:08.0986 2512 msahci - ok 00:01:09.0017 2512 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 00:01:09.0173 2512 msdsm - ok 00:01:09.0235 2512 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 00:01:09.0345 2512 Msfs - ok 00:01:09.0391 2512 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 00:01:09.0485 2512 msisadrv - ok 00:01:09.0563 2512 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 00:01:09.0688 2512 MSKSSRV - ok 00:01:09.0766 2512 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 00:01:09.0875 2512 MSPCLOCK - ok 00:01:09.0906 2512 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 00:01:10.0015 2512 MSPQM - ok 00:01:10.0078 2512 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 00:01:10.0156 2512 MsRPC - ok 00:01:10.0203 2512 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 00:01:10.0249 2512 mssmbios - ok 00:01:10.0281 2512 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 00:01:10.0405 2512 MSTEE - ok 00:01:10.0437 2512 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 00:01:10.0546 2512 Mup - ok 00:01:10.0639 2512 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 00:01:10.0795 2512 NativeWifiP - ok 00:01:10.0873 2512 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 00:01:10.0951 2512 NDIS - ok 00:01:10.0998 2512 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 00:01:11.0107 2512 NdisTapi - ok 00:01:11.0139 2512 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 00:01:11.0263 2512 Ndisuio - ok 00:01:11.0326 2512 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 00:01:11.0497 2512 NdisWan - ok 00:01:11.0529 2512 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 00:01:11.0653 2512 NDProxy - ok 00:01:11.0685 2512 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 00:01:11.0809 2512 NetBIOS - ok 00:01:11.0872 2512 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 00:01:12.0075 2512 netbt - ok 00:01:12.0309 2512 NETw4v32 (caaea35dae7f4c19db05481dac22c2ba) C:\Windows\system32\DRIVERS\NETw4v32.sys 00:01:12.0558 2512 NETw4v32 - ok 00:01:12.0730 2512 NETw5v32 (8de67bd902095a13329fd82c85a1fa09) C:\Windows\system32\DRIVERS\NETw5v32.sys 00:01:13.0026 2512 NETw5v32 - ok 00:01:13.0073 2512 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 00:01:13.0229 2512 nfrd960 - ok 00:01:13.0276 2512 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 00:01:13.0447 2512 NisDrv - ok 00:01:13.0510 2512 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 00:01:13.0635 2512 Npfs - ok 00:01:13.0666 2512 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 00:01:13.0837 2512 nsiproxy - ok 00:01:13.0931 2512 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 00:01:14.0243 2512 Ntfs - ok 00:01:14.0305 2512 NTIDrvr (2757d2ba59aee155209e24942ab127c9) C:\Windows\system32\DRIVERS\NTIDrvr.sys 00:01:14.0461 2512 NTIDrvr - ok 00:01:14.0508 2512 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 00:01:14.0727 2512 ntrigdigi - ok 00:01:14.0758 2512 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 00:01:14.0883 2512 Null - ok 00:01:15.0195 2512 nvlddmkm (87a335a444551a432226720d18337ad9) C:\Windows\system32\DRIVERS\nvlddmkm.sys 00:01:16.0209 2512 nvlddmkm - ok 00:01:16.0365 2512 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 00:01:16.0521 2512 nvraid - ok 00:01:16.0583 2512 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 00:01:16.0739 2512 nvstor - ok 00:01:16.0786 2512 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 00:01:16.0911 2512 nv_agp - ok 00:01:16.0926 2512 NwlnkFlt - ok 00:01:16.0942 2512 NwlnkFwd - ok 00:01:17.0004 2512 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys 00:01:17.0191 2512 ohci1394 - ok 00:01:17.0379 2512 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 00:01:17.0597 2512 Parport - ok 00:01:17.0706 2512 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 00:01:17.0862 2512 partmgr - ok 00:01:17.0909 2512 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 00:01:18.0065 2512 Parvdm - ok 00:01:18.0112 2512 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 00:01:18.0221 2512 pci - ok 00:01:18.0268 2512 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys 00:01:18.0408 2512 pciide - ok 00:01:18.0439 2512 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 00:01:18.0549 2512 pcmcia - ok 00:01:18.0611 2512 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 00:01:18.0845 2512 PEAUTH - ok 00:01:18.0970 2512 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 00:01:19.0141 2512 PptpMiniport - ok 00:01:19.0188 2512 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys 00:01:19.0313 2512 Processor - ok 00:01:19.0407 2512 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 00:01:19.0469 2512 PSched - ok 00:01:19.0500 2512 PSDFilter (ab94285ff6c6bc5433407d8d182a4bb4) C:\Windows\system32\DRIVERS\psdfilter.sys 00:01:19.0609 2512 PSDFilter - ok 00:01:19.0656 2512 PSDNServ (2aaf9a5d7a63d26bfaea853c5f2292bc) C:\Windows\system32\DRIVERS\PSDNServ.sys 00:01:19.0750 2512 PSDNServ - ok 00:01:19.0781 2512 psdvdisk (0eb8cec99855beae5b0d02c2302619ef) C:\Windows\system32\DRIVERS\PSDVdisk.sys 00:01:19.0890 2512 psdvdisk - ok 00:01:19.0953 2512 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys 00:01:20.0077 2512 PxHelp20 - ok 00:01:20.0202 2512 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 00:01:20.0405 2512 ql2300 - ok 00:01:20.0530 2512 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 00:01:20.0733 2512 ql40xx - ok 00:01:20.0795 2512 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 00:01:20.0951 2512 QWAVEdrv - ok 00:01:21.0294 2512 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 00:01:21.0481 2512 RasAcd - ok 00:01:21.0731 2512 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 00:01:21.0918 2512 Rasl2tp - ok 00:01:22.0168 2512 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 00:01:22.0355 2512 RasPppoe - ok 00:01:22.0573 2512 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 00:01:22.0729 2512 RasSstp - ok 00:01:22.0885 2512 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 00:01:23.0104 2512 rdbss - ok 00:01:23.0275 2512 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 00:01:23.0400 2512 RDPCDD - ok 00:01:23.0494 2512 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 00:01:23.0665 2512 rdpdr - ok 00:01:23.0681 2512 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 00:01:23.0806 2512 RDPENCDD - ok 00:01:23.0899 2512 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 00:01:24.0087 2512 RDPWD - ok 00:01:24.0227 2512 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys 00:01:24.0399 2512 RFCOMM - ok 00:01:24.0539 2512 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 00:01:24.0664 2512 rspndr - ok 00:01:24.0711 2512 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 00:01:24.0867 2512 sbp2port - ok 00:01:24.0945 2512 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 00:01:25.0163 2512 secdrv - ok 00:01:25.0225 2512 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 00:01:25.0381 2512 Serenum - ok 00:01:25.0413 2512 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 00:01:25.0615 2512 Serial - ok 00:01:25.0647 2512 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 00:01:25.0771 2512 sermouse - ok 00:01:25.0849 2512 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys 00:01:25.0959 2512 sffdisk - ok 00:01:26.0005 2512 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 00:01:26.0115 2512 sffp_mmc - ok 00:01:26.0146 2512 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys 00:01:26.0271 2512 sffp_sd - ok 00:01:26.0302 2512 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 00:01:26.0505 2512 sfloppy - ok 00:01:26.0567 2512 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 00:01:26.0676 2512 sisagp - ok 00:01:26.0707 2512 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 00:01:26.0848 2512 SiSRaid2 - ok 00:01:26.0879 2512 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 00:01:27.0035 2512 SiSRaid4 - ok 00:01:27.0113 2512 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 00:01:27.0285 2512 Smb - ok 00:01:27.0363 2512 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 00:01:27.0456 2512 spldr - ok 00:01:27.0534 2512 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 00:01:27.0721 2512 srv - ok 00:01:27.0768 2512 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys 00:01:27.0955 2512 srv2 - ok 00:01:28.0002 2512 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys 00:01:28.0111 2512 srvnet - ok 00:01:28.0205 2512 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 00:01:28.0299 2512 swenum - ok 00:01:28.0345 2512 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 00:01:28.0486 2512 Symc8xx - ok 00:01:28.0533 2512 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 00:01:28.0689 2512 Sym_hi - ok 00:01:28.0720 2512 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 00:01:28.0860 2512 Sym_u3 - ok 00:01:28.0923 2512 SynTP (bf7aa84d5af0faa0978c840e63b17dbf) C:\Windows\system32\DRIVERS\SynTP.sys 00:01:29.0047 2512 SynTP - ok 00:01:29.0188 2512 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys 00:01:29.0391 2512 Tcpip - ok 00:01:29.0515 2512 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys 00:01:29.0625 2512 Tcpip6 - ok 00:01:29.0656 2512 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 00:01:29.0734 2512 tcpipreg - ok 00:01:29.0781 2512 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 00:01:29.0952 2512 TDPIPE - ok 00:01:29.0983 2512 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 00:01:30.0155 2512 TDTCP - ok 00:01:30.0217 2512 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 00:01:30.0373 2512 tdx - ok 00:01:30.0436 2512 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 00:01:30.0545 2512 TermDD - ok 00:01:30.0639 2512 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 00:01:30.0810 2512 tssecsrv - ok 00:01:30.0841 2512 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 00:01:30.0997 2512 tunmp - ok 00:01:31.0044 2512 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 00:01:31.0185 2512 tunnel - ok 00:01:31.0216 2512 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 00:01:31.0341 2512 uagp35 - ok 00:01:31.0387 2512 UBHelper (f763e070843ee2803de1395002b42938) C:\Windows\system32\drivers\UBHelper.sys 00:01:31.0481 2512 UBHelper - ok 00:01:31.0528 2512 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 00:01:31.0653 2512 udfs - ok 00:01:31.0731 2512 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 00:01:31.0840 2512 uliagpkx - ok 00:01:31.0871 2512 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 00:01:32.0043 2512 uliahci - ok 00:01:32.0074 2512 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 00:01:32.0245 2512 UlSata - ok 00:01:32.0277 2512 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 00:01:32.0433 2512 ulsata2 - ok 00:01:32.0479 2512 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 00:01:32.0589 2512 umbus - ok 00:01:32.0682 2512 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys 00:01:32.0838 2512 USBAAPL - ok 00:01:32.0869 2512 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 00:01:32.0994 2512 usbccgp - ok 00:01:33.0041 2512 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 00:01:33.0197 2512 usbcir - ok 00:01:33.0244 2512 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 00:01:33.0400 2512 usbehci - ok 00:01:33.0462 2512 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 00:01:33.0649 2512 usbhub - ok 00:01:33.0696 2512 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 00:01:33.0899 2512 usbohci - ok 00:01:33.0930 2512 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys 00:01:34.0149 2512 usbprint - ok 00:01:34.0180 2512 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 00:01:34.0351 2512 USBSTOR - ok 00:01:34.0383 2512 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 00:01:34.0554 2512 usbuhci - ok 00:01:34.0617 2512 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 00:01:34.0819 2512 usbvideo - ok 00:01:34.0960 2512 vfs101x (4d45a93a7dd638ca2db0a86fbfbf42d1) C:\Windows\system32\drivers\vfs101x.sys 00:01:35.0116 2512 vfs101x - ok 00:01:35.0163 2512 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 00:01:35.0287 2512 vga - ok 00:01:35.0334 2512 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 00:01:35.0459 2512 VgaSave - ok 00:01:35.0506 2512 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 00:01:35.0615 2512 viaagp - ok 00:01:35.0646 2512 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 00:01:35.0771 2512 ViaC7 - ok 00:01:35.0802 2512 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 00:01:35.0958 2512 viaide - ok 00:01:36.0005 2512 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 00:01:36.0114 2512 volmgr - ok 00:01:36.0177 2512 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 00:01:36.0348 2512 volmgrx - ok 00:01:36.0411 2512 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 00:01:36.0551 2512 volsnap - ok 00:01:36.0598 2512 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 00:01:36.0769 2512 vsmraid - ok 00:01:36.0847 2512 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 00:01:37.0066 2512 WacomPen - ok 00:01:37.0113 2512 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 00:01:37.0284 2512 Wanarp - ok 00:01:37.0300 2512 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 00:01:37.0378 2512 Wanarpv6 - ok 00:01:37.0440 2512 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 00:01:37.0581 2512 Wd - ok 00:01:37.0627 2512 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 00:01:37.0830 2512 Wdf01000 - ok 00:01:38.0189 2512 WinUSB (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\WinUSB.sys 00:01:38.0329 2512 WinUSB - ok 00:01:38.0407 2512 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys 00:01:38.0485 2512 WmiAcpi - ok 00:01:38.0626 2512 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 00:01:38.0813 2512 WpdUsb - ok 00:01:38.0922 2512 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 00:01:39.0063 2512 ws2ifsl - ok 00:01:39.0141 2512 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys 00:01:39.0312 2512 WSDPrintDevice - ok 00:01:39.0406 2512 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 00:01:39.0671 2512 WUDFRd - ok 00:01:39.0858 2512 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (74ec37b9eaf9fca015b933a526825c7a) C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl 00:01:40.0357 2512 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok 00:01:40.0482 2512 MBR (0x1B8) (bb9d3a6a13c5010348da7c900bb6af50) \Device\Harddisk0\DR0 00:01:40.0935 2512 \Device\Harddisk0\DR0 - ok 00:01:40.0981 2512 Boot (0x1200) (3102618fff443b5f7bc0eb71d9c4dbd4) \Device\Harddisk0\DR0\Partition0 00:01:40.0981 2512 \Device\Harddisk0\DR0\Partition0 - ok 00:01:40.0997 2512 Boot (0x1200) (09bb6984a517e4a0b571e6da0d0e33cb) \Device\Harddisk0\DR0\Partition1 00:01:40.0997 2512 \Device\Harddisk0\DR0\Partition1 - ok 00:01:40.0997 2512 ============================================================ 00:01:40.0997 2512 Scan finished 00:01:40.0997 2512 ============================================================ 00:01:41.0028 2524 Detected object count: 1 00:01:41.0028 2524 Actual detected object count: 1 00:03:18.0749 2524 int15 ( UnsignedFile.Multi.Generic ) - skipped by user 00:03:18.0749 2524 int15 ( UnsignedFile.Multi.Generic ) - User select action: Skip |
|
16.11.2011, 09:41
| #15 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BKA Virus - Ukash 100€ Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu BKA Virus - Ukash 100€ |
| anti-malware, appdata, bka virus, cache, check, dateien, desktop, explorer, install, install.exe, java, laptop, log-datei, malwarebytes, microsoft, neustarten, pup.filehunter, roaming, scan, software, task manager, temp, trojan.agent, trojaner bundespolizei bundeskriminalamt, ukash 100€, uninstall.exe, update.exe, updates, version, virus, öffnen |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
