| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Firefox öffnet Tab zu KreditwerbungWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
13.01.2012, 19:12
| #1 |
 |  Firefox öffnet Tab zu Kreditwerbung Hallo Trojanerboard, seit heute öffnet mein Firefox beim surfen manchmal ein neuen Tab zur seite "hxxp://www.delta-credit.de/anfrage/textads/textads.php?type=3&js=1" habe daraufhin mein System mit Avast, Malwarebytes, OTL und HijackThis gescannt, keiner der oben genannten Scanner hat einen Fund gehabt. Habe danach meine Cookies gelöscht und bisher trat es noch nicht wieder auf. Meine Frage lautet nun, könnte mein PC infiziert sein? Sind cookies in der lage Tabs zu öffnen? es wäre mir neu. danke schonmal, mfg Lea  |
|
13.01.2012, 19:56
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Firefox öffnet Tab zu KreditwerbungZitat:
Die Logs von Malwarebytes bitte alle posten, egal ob Fund oder kein Fund
__________________ |
|
13.01.2012, 21:04
| #3 |
| | Firefox öffnet Tab zu Kreditwerbung Hallo cosinus, im Anhang habe ich meinen MWB log, danke schonmal für die Antwort.
__________________ |
|
13.01.2012, 23:37
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox öffnet Tab zu Kreditwerbung Führ bitte auch ESET aus, danach sehen wir weiter: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
14.01.2012, 10:01
| #5 |
| | Firefox öffnet Tab zu Kreditwerbung Hallo, hier der Inhalt der log Datei: ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=f556ddf60707ba418326b974d02b19aa # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2012-01-14 08:45:20 # local_time=2012-01-14 09:45:20 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=5893 16776573 100 94 45307 78157208 0 0 # compatibility_mode=8192 67108863 100 0 3778 3778 0 0 # scanned=92258 # found=0 # cleaned=0 # scan_time=3361 |
|
14.01.2012, 15:42
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox öffnet Tab zu Kreditwerbung Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ --> Firefox öffnet Tab zu Kreditwerbung |
|
14.01.2012, 16:36
| #7 |
| | Firefox öffnet Tab zu Kreditwerbung Okay dann hier mal im code danke erneut für die hilfeCode:
ATTFilter OTL logfile created on: 14.01.2012 16:01:25 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\lalle\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,60 Gb Total Physical Memory | 2,61 Gb Available Physical Memory | 72,37% Memory free 7,21 Gb Paging File | 6,03 Gb Available in Paging File | 83,73% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 195,21 Gb Total Space | 165,22 Gb Free Space | 84,63% Space Free | Partition Type: NTFS Drive D: | 102,78 Gb Total Space | 95,10 Gb Free Space | 92,53% Space Free | Partition Type: NTFS Computer Name: LEA-PC | User Name: lalle | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.01.14 15:59:18 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\lalle\Desktop\OTL.exe PRC - [2011.11.28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe PRC - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2011.07.05 23:08:26 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2011.07.05 11:27:04 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012.01.06 11:15:30 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.11.18 10:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.11.28 18:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2011.11.28 18:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2011.11.28 18:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr) DRV:64bit: - [2011.11.28 18:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2011.11.28 18:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2011.11.28 18:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2011.08.20 03:29:32 | 000,391,728 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2011.07.13 15:06:32 | 000,114,704 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2011.07.05 23:50:28 | 009,359,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011.07.05 22:32:20 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011.04.16 02:37:50 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata) DRV:64bit: - [2011.04.16 02:37:50 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata) DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.03.05 00:16:20 | 000,436,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010.11.29 16:50:38 | 000,044,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D0 FD 1F 11 A0 D2 CC 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..network.proxy.type: 0 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.12.22 22:24:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.22 14:34:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.12.22 14:34:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lalle\AppData\Roaming\mozilla\Extensions [2012.01.06 23:02:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lalle\AppData\Roaming\mozilla\Firefox\Profiles\1zwzcijm.default\extensions [2011.12.22 14:34:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions () (No name found) -- C:\USERS\LALLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1ZWZCIJM.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011.12.21 08:42:29 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.12.22 22:49:22 | 000,001,400 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.12.22 22:49:22 | 000,001,679 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.12.22 22:49:22 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.12.22 22:49:22 | 000,006,818 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.12.22 22:39:20 | 000,001,272 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.12.22 22:49:22 | 000,000,903 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [Steam] D:\Program Files (x86)\Steam\steam.exe (Valve Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D32CB9C9-17E1-40F1-B874-A1D53A99B129}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) MsConfig:64bit - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: WudfRd - Driver SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WudfRd - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WudfRd - Driver SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfRd - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.01.14 15:59:11 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\lalle\Desktop\OTL.exe [2012.01.14 08:46:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012.01.14 08:36:01 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{DC681D8A-0F29-47A7-BFD4-650AB268DEE7} [2012.01.14 08:35:47 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{0ECCCD9D-79B7-4496-A3F1-AA7880396A3B} [2012.01.13 18:07:51 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Roaming\Malwarebytes [2012.01.13 18:06:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.01.13 18:06:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.01.13 18:06:27 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.01.13 18:06:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.01.13 17:27:33 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{D1A70E75-676D-48C0-A1DF-94655BAB221A} [2012.01.13 17:27:09 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{4C1EA8C8-B23F-4473-8AB5-A8C403EC608E} [2012.01.13 05:26:41 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{EA8167B5-B889-4A3A-9329-1DEC50A8201F} [2012.01.13 05:26:21 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{9DBFC890-F439-4BA0-94AB-A5558DE0610D} [2012.01.12 17:25:55 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{CB76F60C-E380-4667-BB6C-1188304E646E} [2012.01.12 17:25:31 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{241641D5-42CB-4A23-908C-CEC73E417CD9} [2012.01.12 10:30:50 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Roaming\mIRC [2012.01.12 04:04:58 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{47481585-D293-4AFE-8713-4CB51F05A29C} [2012.01.12 04:04:38 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{3FFDFF3E-744E-4CBC-A576-0868EDE5DBCA} [2012.01.11 15:13:52 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{3CF6EDC2-D588-4DD7-90BA-A19CF8DDC937} [2012.01.11 15:13:28 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{D7874D69-E4EF-4BB7-85C8-EB9110B9319F} [2012.01.11 01:57:19 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{00BFC7BE-2A87-494D-83FD-BA05255AB49F} [2012.01.11 01:57:06 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{F5385CBA-C9AF-4FB6-AB4C-7886EBD8FAFC} [2012.01.10 08:59:03 | 000,000,000 | ---D | C] -- C:\Users\lalle\Documents\GUILD WARS [2012.01.10 08:58:47 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2012.01.10 08:58:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs [2012.01.10 06:32:46 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{41E6D052-BEAC-49E6-A5D3-538EF1F1FA22} [2012.01.10 06:32:26 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{B6F62F18-1082-4D1B-A05A-7BA55669B565} [2012.01.09 13:41:07 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{22861669-849C-4562-A0FC-0DF0713024B0} [2012.01.09 13:40:41 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{4A20DEC4-8E0F-42B7-A4DC-027409861F04} [2012.01.09 01:40:15 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{586AA580-38DA-44EB-85B1-28066F7688B6} [2012.01.09 01:39:51 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{A1F95583-FC71-4A91-A1C9-D1DB2437FE8E} [2012.01.08 14:47:11 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{F82CF327-3A54-444E-94E3-D96FAAEA62FF} [2012.01.07 22:41:43 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{A8330709-749C-4FFA-8F35-3C64C734E406} [2012.01.07 22:41:21 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{BFB14069-4529-436B-8F27-3CD72F06AA4D} [2012.01.07 09:22:30 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{7DBF697D-F1A7-4EF5-8D4C-CB6AC54376C7} [2012.01.07 09:22:15 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{2904365D-71E8-42BF-B3A2-C8287A35329A} [2012.01.07 09:06:49 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{BD7EF157-7672-49AC-8C68-DA5BE7193F41} [2012.01.07 09:06:33 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{5DFABD86-7BF6-43C9-855B-9965C8B175B9} [2012.01.06 19:38:46 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{0BDC9BCD-9DF8-4437-B592-B7823A0F9589} [2012.01.06 19:38:34 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{EF4FB0D1-03BD-4C50-844F-806E88B84185} [2012.01.06 06:14:07 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{BD0695DE-8FF0-43CA-B8D5-49BC6C5A5C67} [2012.01.06 06:13:54 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{E2C93CFA-C94E-4C77-998D-8D8C3D06645C} [2012.01.05 21:21:41 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{1CA9FDF5-2808-45B7-88E5-8CD91D587179} [2012.01.04 19:59:41 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{C9EB83F0-DA03-4EE6-B490-6F06AA1CE20B} [2012.01.04 19:59:18 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{0C5F8133-6792-43BB-BE0D-B76B24624D8C} [2012.01.03 18:35:10 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{08DB17E1-2BEE-4727-A5B4-DF0B891B049C} [2012.01.03 18:34:47 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{E988C562-969F-416B-9EDD-E95DF2E0C265} [2012.01.03 06:34:21 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{65A0F17E-F3F3-421F-9DB5-958908A67A39} [2012.01.03 06:34:07 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{B2D2C557-F0C2-41B1-B581-BEFD751CC2E5} [2012.01.02 15:44:47 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{1C5DA7A1-2171-4B57-A5A7-A124F3CE7012} [2012.01.02 15:44:31 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{E9E25A50-718E-49CD-808B-E98C5DA9B408} [2012.01.01 16:42:48 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{92441769-9A39-4786-A41D-9B6F07D3B137} [2012.01.01 16:42:25 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{9B2C2FB1-C1F0-4E74-B354-4FE3CE9A5F48} [2012.01.01 04:41:59 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{51001F31-82BA-4AB9-A789-0E97C5AB9900} [2012.01.01 04:41:38 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{858EF44B-8A56-4B59-9920-9CE6346F61D3} [2011.12.31 05:13:38 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{51177C8E-FF11-4280-B369-40B6A280BBF4} [2011.12.31 05:13:24 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{84EF66D8-5C1B-4C88-8047-F703CC7B2A56} [2011.12.30 16:27:53 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{74EB302A-358D-4667-B0CD-CEF7203CA484} [2011.12.30 16:27:36 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{C696CDA4-B1B1-4C16-A70B-0F440A8CB8F7} [2011.12.30 02:14:46 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{E009B223-8AC7-4DEA-9C8D-D8C0BF2C4D4C} [2011.12.30 02:14:24 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{EED772A7-EE5F-4865-BFE9-B32A7553BB98} [2011.12.29 15:00:30 | 000,000,000 | ---D | C] -- C:\Users\lalle\Documents\Meine empfangenen Dateien [2011.12.29 14:13:49 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{02B5EBEE-68A3-47F9-930B-C629AE1DA70B} [2011.12.29 14:13:30 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{95F66DED-12D2-4981-88A8-C99E71A8E0EC} [2011.12.28 13:43:12 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{D37F4D0F-D188-4A91-964D-B4229F69679A} [2011.12.28 13:42:47 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{9D2AC9B7-A063-45E0-8721-006CD9392479} [2011.12.27 05:03:52 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{6AFDFE1D-4A51-4883-81B6-E7D919355E90} [2011.12.27 05:03:28 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{E673FD7F-4507-4781-9EA3-DD4C48AFC619} [2011.12.26 11:38:45 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{C1957A96-1FE4-4913-9202-8B919BA875BA} [2011.12.26 11:38:18 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{278F5508-DF24-4C48-B058-BC1EFEDDE2F7} [2011.12.25 14:46:25 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{5819ECD1-4FF4-479B-8A51-5DBBAF5F8ADF} [2011.12.25 14:46:03 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{E6041F31-29A2-4A06-BE81-947C8DDA39F8} [2011.12.25 02:45:33 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{62BC20FA-B490-4033-BD60-55360AE1EFDD} [2011.12.25 02:45:24 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{E867FAA0-B31C-40E2-8A49-4C9B4E235272} [2011.12.25 02:45:21 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{5EB2FA2E-8E1E-4C75-B456-4DA894DA5C58} [2011.12.24 11:40:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2011.12.24 11:40:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2011.12.24 08:06:39 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{09F0E9BC-EB4A-4AA0-81E0-8FA3AC45B7B1} [2011.12.24 08:06:22 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{0DC3629B-FC51-49BB-81AD-77413AFE113E} [2011.12.23 16:34:24 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll [2011.12.23 16:34:24 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll [2011.12.23 16:34:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL [2011.12.23 16:33:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Futuremark Shared [2011.12.23 16:32:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark [2011.12.23 14:12:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2011.12.23 14:05:10 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{E7CE2E0E-5E78-4512-A27D-5C5FF0A12226} [2011.12.23 14:04:48 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{34EF9D78-D7F6-4CF9-841B-23A573BF6F72} [2011.12.23 12:18:13 | 000,000,000 | ---D | C] -- C:\ProgramData\TrackMania [2011.12.23 12:17:51 | 000,000,000 | ---D | C] -- C:\Users\lalle\Documents\TrackMania [2011.12.23 12:16:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmNationsForever [2011.12.23 00:24:02 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{C268BF45-82D9-469D-B29A-13C03AA9D38D} [2011.12.23 00:23:38 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\{A64026DF-7CAE-4849-9919-AC4DBDBF4948} [2011.12.23 00:23:24 | 000,000,000 | ---D | C] -- C:\Users\lalle\Tracing [2011.12.23 00:21:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live [2011.12.23 00:21:16 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2011.12.23 00:20:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2011.12.23 00:20:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2011.12.23 00:18:57 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\Windows Live [2011.12.23 00:18:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live [2011.12.22 22:55:18 | 000,000,000 | ---D | C] -- C:\Users\lalle\Documents\ICQ [2011.12.22 22:49:22 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\IO [2011.12.22 22:40:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ-Banner-Remover [2011.12.22 22:40:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ-Banner-Remover [2011.12.22 22:39:20 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Roaming\Opera [2011.12.22 22:39:15 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Roaming\OCS [2011.12.22 22:34:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.7 [2011.12.22 22:33:28 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Roaming\ICQ [2011.12.22 22:33:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.7 [2011.12.22 22:16:22 | 000,304,472 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2011.12.22 22:16:22 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2011.12.22 22:16:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2011.12.22 22:16:21 | 000,591,192 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2011.12.22 22:16:21 | 000,058,712 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2011.12.22 22:16:21 | 000,042,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2011.12.22 22:16:20 | 000,256,960 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011.12.22 22:16:20 | 000,066,904 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2011.12.22 22:15:57 | 000,199,816 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2011.12.22 22:15:57 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2011.12.22 22:15:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2011.12.22 22:15:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2011.12.22 17:53:29 | 000,000,000 | ---D | C] -- C:\Users\lalle\riotsGamesLogs [2011.12.22 17:52:57 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Roaming\LolClient [2011.12.22 16:15:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games [2011.12.22 15:12:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hewlett-Packard [2011.12.22 15:03:18 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\PMB Files [2011.12.22 15:03:16 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2011.12.22 15:03:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks [2011.12.22 14:55:45 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Roaming\.minecraft [2011.12.22 14:55:13 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2011.12.22 14:42:57 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Roaming\Macromedia [2011.12.22 14:42:57 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Roaming\Adobe [2011.12.22 14:42:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2011.12.22 14:42:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2011.12.22 14:34:47 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Roaming\Mozilla [2011.12.22 14:34:47 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\Mozilla [2011.12.22 14:34:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2011.12.22 14:15:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2011.12.22 14:15:29 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2011.12.22 14:15:12 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2011.12.22 14:15:12 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2011.12.22 14:15:11 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2011.12.22 14:15:11 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2011.12.22 14:15:11 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2011.12.22 14:15:11 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2011.12.22 14:15:11 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2011.12.22 14:15:11 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2011.12.22 14:15:05 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2011.12.22 14:15:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2011.12.22 14:11:55 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Roaming\Synaptics [2011.12.22 14:11:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Synaptics [2011.12.22 14:10:19 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics [2011.12.22 13:57:23 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\AMD [2011.12.22 13:57:03 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Roaming\ATI [2011.12.22 13:57:03 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\ATI [2011.12.22 13:57:03 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2011.12.22 13:50:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2011.12.22 13:50:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies [2011.12.22 13:50:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies [2011.12.22 13:50:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2011.12.22 13:49:51 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD [2011.12.22 13:49:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2011.12.22 13:49:08 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2011.12.22 13:49:07 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2011.12.22 13:48:41 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2011.12.22 13:47:47 | 000,000,000 | ---D | C] -- C:\swsetup [2011.12.22 13:44:18 | 000,436,840 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2011.12.22 13:44:14 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2011.12.22 13:44:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2011.12.22 13:43:30 | 000,000,000 | ---D | C] -- C:\LAN Driver [2011.12.22 13:22:28 | 000,000,000 | R--D | C] -- C:\Users\lalle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2011.12.22 13:22:28 | 000,000,000 | R--D | C] -- C:\Users\lalle\Searches [2011.12.22 13:22:28 | 000,000,000 | R--D | C] -- C:\Users\lalle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2011.12.22 13:22:17 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Roaming\Identities [2011.12.22 13:22:14 | 000,000,000 | R--D | C] -- C:\Users\lalle\Contacts [2011.12.22 13:22:12 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\VirtualStore [2011.12.22 13:21:51 | 000,000,000 | -HSD | C] -- C:\Users\lalle\Vorlagen [2011.12.22 13:21:51 | 000,000,000 | -HSD | C] -- C:\Users\lalle\AppData\Local\Verlauf [2011.12.22 13:21:51 | 000,000,000 | -HSD | C] -- C:\Users\lalle\AppData\Local\Temporary Internet Files [2011.12.22 13:21:51 | 000,000,000 | -HSD | C] -- C:\Users\lalle\Startmenü [2011.12.22 13:21:51 | 000,000,000 | -HSD | C] -- C:\Users\lalle\SendTo [2011.12.22 13:21:51 | 000,000,000 | -HSD | C] -- C:\Users\lalle\Recent [2011.12.22 13:21:51 | 000,000,000 | -HSD | C] -- C:\Users\lalle\Netzwerkumgebung [2011.12.22 13:21:51 | 000,000,000 | -HSD | C] -- C:\Users\lalle\Lokale Einstellungen [2011.12.22 13:21:51 | 000,000,000 | -HSD | C] -- C:\Users\lalle\Documents\Eigene Videos [2011.12.22 13:21:51 | 000,000,000 | -HSD | C] -- C:\Users\lalle\Documents\Eigene Musik [2011.12.22 13:21:51 | 000,000,000 | -HSD | C] -- C:\Users\lalle\Eigene Dateien [2011.12.22 13:21:51 | 000,000,000 | -HSD | C] -- C:\Users\lalle\Documents\Eigene Bilder [2011.12.22 13:21:51 | 000,000,000 | -HSD | C] -- C:\Users\lalle\Druckumgebung [2011.12.22 13:21:51 | 000,000,000 | -HSD | C] -- C:\Users\lalle\Cookies [2011.12.22 13:21:51 | 000,000,000 | -HSD | C] -- C:\Users\lalle\AppData\Local\Anwendungsdaten [2011.12.22 13:21:51 | 000,000,000 | -HSD | C] -- C:\Users\lalle\Anwendungsdaten [2011.12.22 13:21:50 | 000,000,000 | --SD | C] -- C:\Users\lalle\AppData\Roaming\Microsoft [2011.12.22 13:21:50 | 000,000,000 | R--D | C] -- C:\Users\lalle\Videos [2011.12.22 13:21:50 | 000,000,000 | R--D | C] -- C:\Users\lalle\Saved Games [2011.12.22 13:21:50 | 000,000,000 | R--D | C] -- C:\Users\lalle\Pictures [2011.12.22 13:21:50 | 000,000,000 | R--D | C] -- C:\Users\lalle\Music [2011.12.22 13:21:50 | 000,000,000 | R--D | C] -- C:\Users\lalle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2011.12.22 13:21:50 | 000,000,000 | R--D | C] -- C:\Users\lalle\Links [2011.12.22 13:21:50 | 000,000,000 | R--D | C] -- C:\Users\lalle\Favorites [2011.12.22 13:21:50 | 000,000,000 | R--D | C] -- C:\Users\lalle\Downloads [2011.12.22 13:21:50 | 000,000,000 | R--D | C] -- C:\Users\lalle\Documents [2011.12.22 13:21:50 | 000,000,000 | R--D | C] -- C:\Users\lalle\Desktop [2011.12.22 13:21:50 | 000,000,000 | R--D | C] -- C:\Users\lalle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2011.12.22 13:21:50 | 000,000,000 | -H-D | C] -- C:\Users\lalle\AppData [2011.12.22 13:21:50 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\Temp [2011.12.22 13:21:50 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Local\Microsoft [2011.12.22 13:21:50 | 000,000,000 | ---D | C] -- C:\Users\lalle\AppData\Roaming\Media Center Programs [2011.12.22 13:21:44 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2011.12.22 13:21:44 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2011.12.22 13:21:44 | 000,000,000 | -HSD | C] -- C:\Recovery [2011.12.22 13:21:44 | 000,000,000 | -HSD | C] -- C:\Programme [2011.12.22 13:21:44 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2011.12.22 13:21:44 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2011.12.22 13:21:44 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2011.12.22 13:21:44 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2011.12.22 13:21:44 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2011.12.22 13:21:44 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2011.12.22 13:21:44 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2011.12.22 13:21:44 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2011.12.22 13:16:33 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2011.12.22 13:14:12 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2011.12.22 13:13:09 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2011.12.22 13:12:36 | 000,000,000 | ---D | C] -- C:\Windows\Panther ========== Files - Modified Within 30 Days ========== [2012.01.14 16:04:20 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.01.14 16:04:20 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.01.14 15:59:18 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\lalle\Desktop\OTL.exe [2012.01.14 15:56:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.01.14 15:56:05 | 2902,646,784 | -HS- | M] () -- C:\hiberfil.sys [2012.01.11 03:02:59 | 001,519,874 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.01.11 03:02:59 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.01.11 03:02:59 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.01.11 03:02:59 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.01.11 03:02:59 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.01.10 11:13:05 | 000,004,956 | ---- | M] () -- C:\Users\lalle\Desktop\ebasy.rtf [2012.01.09 01:41:38 | 000,000,308 | ---- | M] () -- C:\Users\lalle\Desktop\facebok text bilder.rtf [2012.01.01 05:32:53 | 000,004,544 | ---- | M] () -- C:\Users\lalle\Desktop\am pc checken ob mouseover über taskleiste geht.jnt [2011.12.23 16:34:24 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll [2011.12.23 16:34:24 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll [2011.12.23 14:02:47 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.12.22 22:24:12 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2011.12.22 14:10:28 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf [2011.12.22 13:55:32 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2011.12.22 13:17:42 | 000,177,271 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2011.12.22 13:17:42 | 000,177,271 | ---- | M] () -- C:\Windows\SysNative\license.rtf ========== Files Created - No Company Name ========== [2012.01.10 10:27:50 | 000,004,956 | ---- | C] () -- C:\Users\lalle\Desktop\ebasy.rtf [2012.01.09 01:41:27 | 000,000,308 | ---- | C] () -- C:\Users\lalle\Desktop\facebok text bilder.rtf [2012.01.01 05:32:53 | 000,004,544 | ---- | C] () -- C:\Users\lalle\Desktop\am pc checken ob mouseover über taskleiste geht.jnt [2011.12.23 00:22:07 | 000,002,486 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [2011.12.22 22:16:20 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2011.12.22 14:34:09 | 000,001,154 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011.12.22 14:15:13 | 000,000,712 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX0.dat [2011.12.22 14:15:13 | 000,000,176 | ---- | C] () -- C:\Windows\SysNative\drivers\RTHDAEQ0.dat [2011.12.22 14:10:28 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf [2011.12.22 13:55:32 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.12.22 13:44:18 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll [2011.12.22 13:22:37 | 000,001,409 | ---- | C] () -- C:\Users\lalle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2011.12.22 13:22:31 | 000,001,443 | ---- | C] () -- C:\Users\lalle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2011.12.22 13:17:25 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2011.12.22 13:17:11 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2011.12.22 13:13:09 | 2902,646,784 | -HS- | C] () -- C:\hiberfil.sys [2011.08.20 03:26:18 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll [2011.07.05 11:47:06 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2011.03.18 01:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat ========== LOP Check ========== [2011.12.22 14:56:31 | 000,000,000 | ---D | M] -- C:\Users\lalle\AppData\Roaming\.minecraft [2012.01.14 10:35:09 | 000,000,000 | ---D | M] -- C:\Users\lalle\AppData\Roaming\ICQ [2011.12.22 17:52:57 | 000,000,000 | ---D | M] -- C:\Users\lalle\AppData\Roaming\LolClient [2011.12.22 22:39:15 | 000,000,000 | ---D | M] -- C:\Users\lalle\AppData\Roaming\OCS [2011.12.22 22:39:20 | 000,000,000 | ---D | M] -- C:\Users\lalle\AppData\Roaming\Opera [2011.12.22 14:11:55 | 000,000,000 | ---D | M] -- C:\Users\lalle\AppData\Roaming\Synaptics [2009.07.14 06:08:49 | 000,015,750 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2011.12.22 14:56:31 | 000,000,000 | ---D | M] -- C:\Users\lalle\AppData\Roaming\.minecraft [2011.12.22 14:42:57 | 000,000,000 | ---D | M] -- C:\Users\lalle\AppData\Roaming\Adobe [2011.12.22 13:57:03 | 000,000,000 | ---D | M] -- C:\Users\lalle\AppData\Roaming\ATI [2012.01.14 10:35:09 | 000,000,000 | ---D | M] -- C:\Users\lalle\AppData\Roaming\ICQ [2011.12.22 13:22:17 | 000,000,000 | ---D | M] -- C:\Users\lalle\AppData\Roaming\Identities [2011.12.22 17:52:57 | 000,000,000 | ---D | M] -- C:\Users\lalle\AppData\Roaming\LolClient [2011.12.22 14:42:57 | 000,000,000 | ---D | M] -- C:\Users\lalle\AppData\Roaming\Macromedia [2012.01.13 18:07:51 | 000,000,000 | ---D | M] -- C:\Users\lalle\AppData\Roaming\Malwarebytes [2011.04.12 08:54:56 | 000,000,000 | ---D | M] -- C:\Users\lalle\AppData\Roaming\Media Center Programs [2011.12.23 00:22:28 | 000,000,000 | --SD | M] -- C:\Users\lalle\AppData\Roaming\Microsoft [2012.01.12 14:45:58 | 000,000,000 | ---D | M] -- C:\Users\lalle\AppData\Roaming\mIRC [2011.12.22 14:34:52 | 000,000,000 | ---D | M] -- C:\Users\lalle\AppData\Roaming\Mozilla [2011.12.22 22:39:15 | 000,000,000 | ---D | M] -- C:\Users\lalle\AppData\Roaming\OCS [2011.12.22 22:39:20 | 000,000,000 | ---D | M] -- C:\Users\lalle\AppData\Roaming\Opera [2011.12.22 14:11:55 | 000,000,000 | ---D | M] -- C:\Users\lalle\AppData\Roaming\Synaptics < %APPDATA%\*.exe /s > [2011.12.22 22:39:15 | 000,106,496 | ---- | M] (OCS) -- C:\Users\lalle\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [2011.12.22 22:39:15 | 000,040,960 | ---- | M] () -- C:\Users\lalle\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: IASTORV.SYS > [2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys < MD5 for: NETLOGON.DLL > [2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll < MD5 for: NVSTOR.SYS > [2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll [2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll [2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2011.12.24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < > < End of report > |
|
14.01.2012, 17:18
| #8 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox öffnet Tab zu Kreditwerbung Recht unauffällig. Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.01.2012, 17:23
| #9 |
| | Firefox öffnet Tab zu Kreditwerbung Ist deinstalliert. Und ja mein Laptop ist auch sehr neu, war ein Weihnachtsgeschenk. Der Media Booster wurde bei League of Legends mit installiert, wird glaub ich zum patchen des Spiels benötigt, hab den jetzt aber mal gelöscht. |
|
14.01.2012, 17:30
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox öffnet Tab zu Kreditwerbung Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.01.2012, 17:43
| #11 |
| | Firefox öffnet Tab zu Kreditwerbung Meine Programme und eigene Dateien lassen sich problemlos aufrufen. Habe auch schon mehrere Threads hier gesehen und alle nutzen Firefox, kann es an einem addon liegen? Habe adblock plus für Firefox, evtl. haben die Leute mit dem selben Problem ja ebenfalls dieses Addon installiert. Hier das Log: Code:
ATTFilter 17:39:55.0087 2052 TDSS rootkit removing tool 2.7.1.0 Jan 13 2012 15:24:05
17:39:55.0462 2052 ============================================================
17:39:55.0462 2052 Current date / time: 2012/01/14 17:39:55.0462
17:39:55.0462 2052 SystemInfo:
17:39:55.0462 2052
17:39:55.0462 2052 OS Version: 6.1.7601 ServicePack: 1.0
17:39:55.0462 2052 Product type: Workstation
17:39:55.0462 2052 ComputerName: LEA-PC
17:39:55.0477 2052 UserName: lalle
17:39:55.0477 2052 Windows directory: C:\Windows
17:39:55.0477 2052 System windows directory: C:\Windows
17:39:55.0477 2052 Running under WOW64
17:39:55.0477 2052 Processor architecture: Intel x64
17:39:55.0477 2052 Number of processors: 2
17:39:55.0477 2052 Page size: 0x1000
17:39:55.0477 2052 Boot type: Normal boot
17:39:55.0477 2052 ============================================================
17:39:56.0008 2052 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000, SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000040
17:39:56.0086 2052 Initialize success
17:40:07.0770 2776 ============================================================
17:40:07.0770 2776 Scan started
17:40:07.0770 2776 Mode: Manual; SigCheck; TDLFS;
17:40:07.0770 2776 ============================================================
17:40:08.0379 2776 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:40:08.0550 2776 1394ohci - ok
17:40:08.0597 2776 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:40:08.0628 2776 ACPI - ok
17:40:08.0675 2776 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:40:08.0753 2776 AcpiPmi - ok
17:40:08.0800 2776 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
17:40:08.0831 2776 adp94xx - ok
17:40:08.0847 2776 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
17:40:08.0878 2776 adpahci - ok
17:40:08.0940 2776 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
17:40:08.0956 2776 adpu320 - ok
17:40:09.0034 2776 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
17:40:09.0096 2776 AFD - ok
17:40:09.0127 2776 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:40:09.0159 2776 agp440 - ok
17:40:09.0205 2776 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:40:09.0221 2776 aliide - ok
17:40:09.0268 2776 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:40:09.0283 2776 amdide - ok
17:40:09.0330 2776 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
17:40:09.0377 2776 amdiox64 - ok
17:40:09.0408 2776 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
17:40:09.0439 2776 AmdK8 - ok
17:40:09.0673 2776 amdkmdag (7054d5d028b6ca727d0575192d633fa9) C:\Windows\system32\DRIVERS\atikmdag.sys
17:40:10.0017 2776 amdkmdag - ok
17:40:10.0110 2776 amdkmdap (1cd2bc11467fd5fc7be9827a9f3d8566) C:\Windows\system32\DRIVERS\atikmpag.sys
17:40:10.0204 2776 amdkmdap - ok
17:40:10.0251 2776 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:40:10.0282 2776 AmdPPM - ok
17:40:10.0329 2776 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:40:10.0344 2776 amdsata - ok
17:40:10.0360 2776 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
17:40:10.0391 2776 amdsbs - ok
17:40:10.0407 2776 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:40:10.0438 2776 amdxata - ok
17:40:10.0469 2776 amd_sata (f9d46b6b322708bd5afcc8767ebdc901) C:\Windows\system32\DRIVERS\amd_sata.sys
17:40:10.0500 2776 amd_sata - ok
17:40:10.0516 2776 amd_xata (329cc9c7e20deebcd4cd10816193ef14) C:\Windows\system32\DRIVERS\amd_xata.sys
17:40:10.0531 2776 amd_xata - ok
17:40:10.0578 2776 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:40:10.0656 2776 AppID - ok
17:40:10.0719 2776 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
17:40:10.0734 2776 arc - ok
17:40:10.0750 2776 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
17:40:10.0781 2776 arcsas - ok
17:40:10.0797 2776 aswFsBlk (ce6d8bcc4787704ea4feeb92b0d0caf8) C:\Windows\system32\drivers\aswFsBlk.sys
17:40:10.0828 2776 aswFsBlk - ok
17:40:10.0875 2776 aswMonFlt (0debeb2e3fbd0bf5343125cce617f105) C:\Windows\system32\drivers\aswMonFlt.sys
17:40:10.0890 2776 aswMonFlt - ok
17:40:10.0906 2776 aswRdr (952edc2e81f85d1781958d4128bf59f8) C:\Windows\system32\drivers\aswRdr.sys
17:40:10.0937 2776 aswRdr - ok
17:40:10.0953 2776 aswSnx (dd383e2ac941c545a85ab72503da6c12) C:\Windows\system32\drivers\aswSnx.sys
17:40:10.0999 2776 aswSnx - ok
17:40:10.0999 2776 aswSP (ef5403fb8b2dcb791ec365fdf6040a4a) C:\Windows\system32\drivers\aswSP.sys
17:40:11.0031 2776 aswSP - ok
17:40:11.0046 2776 aswTdi (34165da5c6b30c0f9d61246bf8a28040) C:\Windows\system32\drivers\aswTdi.sys
17:40:11.0062 2776 aswTdi - ok
17:40:11.0093 2776 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:40:11.0171 2776 AsyncMac - ok
17:40:11.0202 2776 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:40:11.0218 2776 atapi - ok
17:40:11.0280 2776 AtiHDAudioService (cbd14f698def12ee3557604b726cb8eb) C:\Windows\system32\drivers\AtihdW76.sys
17:40:11.0311 2776 AtiHDAudioService - ok
17:40:11.0389 2776 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
17:40:11.0436 2776 b06bdrv - ok
17:40:11.0483 2776 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:40:11.0530 2776 b57nd60a - ok
17:40:11.0577 2776 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:40:11.0655 2776 Beep - ok
17:40:11.0717 2776 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:40:11.0764 2776 blbdrive - ok
17:40:11.0811 2776 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:40:11.0857 2776 bowser - ok
17:40:11.0889 2776 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
17:40:11.0951 2776 BrFiltLo - ok
17:40:11.0951 2776 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
17:40:11.0998 2776 BrFiltUp - ok
17:40:12.0029 2776 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:40:12.0107 2776 Brserid - ok
17:40:12.0123 2776 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:40:12.0154 2776 BrSerWdm - ok
17:40:12.0169 2776 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:40:12.0201 2776 BrUsbMdm - ok
17:40:12.0216 2776 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:40:12.0263 2776 BrUsbSer - ok
17:40:12.0279 2776 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
17:40:12.0341 2776 BTHMODEM - ok
17:40:12.0403 2776 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
17:40:12.0481 2776 BTHPORT - ok
17:40:12.0528 2776 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
17:40:12.0559 2776 BTHUSB - ok
17:40:12.0591 2776 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:40:12.0684 2776 cdfs - ok
17:40:12.0715 2776 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:40:12.0778 2776 cdrom - ok
17:40:12.0825 2776 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
17:40:12.0887 2776 circlass - ok
17:40:12.0918 2776 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:40:12.0965 2776 CLFS - ok
17:40:13.0027 2776 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:40:13.0059 2776 CmBatt - ok
17:40:13.0074 2776 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:40:13.0105 2776 cmdide - ok
17:40:13.0137 2776 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
17:40:13.0183 2776 CNG - ok
17:40:13.0199 2776 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:40:13.0230 2776 Compbatt - ok
17:40:13.0246 2776 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
17:40:13.0308 2776 CompositeBus - ok
17:40:13.0402 2776 cpuz130 - ok
17:40:13.0433 2776 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
17:40:13.0464 2776 crcdisk - ok
17:40:13.0542 2776 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
17:40:13.0589 2776 CSC - ok
17:40:13.0651 2776 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:40:13.0729 2776 DfsC - ok
17:40:13.0745 2776 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:40:13.0823 2776 discache - ok
17:40:13.0854 2776 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
17:40:13.0870 2776 Disk - ok
17:40:13.0901 2776 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
17:40:13.0948 2776 dmvsc - ok
17:40:13.0995 2776 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:40:14.0073 2776 drmkaud - ok
17:40:14.0119 2776 DXGKrnl (ce7743807258a7d383c427e3c178a49e) C:\Windows\System32\drivers\dxgkrnl.sys
17:40:14.0166 2776 DXGKrnl - ok
17:40:14.0275 2776 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
17:40:14.0385 2776 ebdrv - ok
17:40:14.0509 2776 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
17:40:14.0556 2776 elxstor - ok
17:40:14.0587 2776 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:40:14.0619 2776 ErrDev - ok
17:40:14.0681 2776 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:40:14.0759 2776 exfat - ok
17:40:14.0775 2776 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:40:14.0853 2776 fastfat - ok
17:40:14.0899 2776 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
17:40:14.0931 2776 fdc - ok
17:40:14.0977 2776 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:40:14.0993 2776 FileInfo - ok
17:40:15.0009 2776 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:40:15.0102 2776 Filetrace - ok
17:40:15.0102 2776 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
17:40:15.0133 2776 flpydisk - ok
17:40:15.0165 2776 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:40:15.0196 2776 FltMgr - ok
17:40:15.0211 2776 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:40:15.0243 2776 FsDepends - ok
17:40:15.0258 2776 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
17:40:15.0274 2776 Fs_Rec - ok
17:40:15.0289 2776 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:40:15.0336 2776 fvevol - ok
17:40:15.0367 2776 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
17:40:15.0399 2776 gagp30kx - ok
17:40:15.0430 2776 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:40:15.0477 2776 hcw85cir - ok
17:40:15.0508 2776 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:40:15.0555 2776 HdAudAddService - ok
17:40:15.0586 2776 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:40:15.0633 2776 HDAudBus - ok
17:40:15.0648 2776 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
17:40:15.0679 2776 HidBatt - ok
17:40:15.0711 2776 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
17:40:15.0757 2776 HidBth - ok
17:40:15.0773 2776 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
17:40:15.0804 2776 HidIr - ok
17:40:15.0851 2776 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:40:15.0898 2776 HidUsb - ok
17:40:15.0929 2776 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:40:15.0945 2776 HpSAMD - ok
17:40:15.0976 2776 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:40:16.0085 2776 HTTP - ok
17:40:16.0101 2776 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:40:16.0116 2776 hwpolicy - ok
17:40:16.0147 2776 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
17:40:16.0179 2776 i8042prt - ok
17:40:16.0225 2776 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:40:16.0257 2776 iaStorV - ok
17:40:16.0288 2776 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
17:40:16.0303 2776 iirsp - ok
17:40:16.0428 2776 IntcAzAudAddService (e395d888ef6d3777134a9e09ff7582c2) C:\Windows\system32\drivers\RTKVHD64.sys
17:40:16.0522 2776 IntcAzAudAddService - ok
17:40:16.0537 2776 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:40:16.0553 2776 intelide - ok
17:40:16.0584 2776 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
17:40:16.0631 2776 intelppm - ok
17:40:16.0647 2776 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:40:16.0725 2776 IpFilterDriver - ok
17:40:16.0740 2776 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:40:16.0787 2776 IPMIDRV - ok
17:40:16.0803 2776 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:40:16.0881 2776 IPNAT - ok
17:40:16.0912 2776 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:40:16.0959 2776 IRENUM - ok
17:40:16.0974 2776 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:40:17.0005 2776 isapnp - ok
17:40:17.0037 2776 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:40:17.0068 2776 iScsiPrt - ok
17:40:17.0083 2776 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:40:17.0115 2776 kbdclass - ok
17:40:17.0146 2776 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
17:40:17.0177 2776 kbdhid - ok
17:40:17.0208 2776 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
17:40:17.0239 2776 KSecDD - ok
17:40:17.0255 2776 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
17:40:17.0286 2776 KSecPkg - ok
17:40:17.0286 2776 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:40:17.0380 2776 ksthunk - ok
17:40:17.0427 2776 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:40:17.0505 2776 lltdio - ok
17:40:17.0551 2776 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
17:40:17.0567 2776 LSI_FC - ok
17:40:17.0598 2776 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
17:40:17.0629 2776 LSI_SAS - ok
17:40:17.0629 2776 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
17:40:17.0661 2776 LSI_SAS2 - ok
17:40:17.0676 2776 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
17:40:17.0707 2776 LSI_SCSI - ok
17:40:17.0723 2776 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:40:17.0817 2776 luafv - ok
17:40:17.0832 2776 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
17:40:17.0848 2776 megasas - ok
17:40:17.0879 2776 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
17:40:17.0910 2776 MegaSR - ok
17:40:17.0957 2776 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:40:18.0035 2776 Modem - ok
17:40:18.0066 2776 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:40:18.0113 2776 monitor - ok
17:40:18.0144 2776 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:40:18.0175 2776 mouclass - ok
17:40:18.0207 2776 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:40:18.0253 2776 mouhid - ok
17:40:18.0300 2776 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:40:18.0316 2776 mountmgr - ok
17:40:18.0331 2776 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:40:18.0363 2776 mpio - ok
17:40:18.0378 2776 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:40:18.0456 2776 mpsdrv - ok
17:40:18.0487 2776 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:40:18.0534 2776 MRxDAV - ok
17:40:18.0581 2776 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:40:18.0612 2776 mrxsmb - ok
17:40:18.0643 2776 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:40:18.0675 2776 mrxsmb10 - ok
17:40:18.0706 2776 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:40:18.0737 2776 mrxsmb20 - ok
17:40:18.0768 2776 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:40:18.0784 2776 msahci - ok
17:40:18.0799 2776 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:40:18.0831 2776 msdsm - ok
17:40:18.0862 2776 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:40:18.0940 2776 Msfs - ok
17:40:18.0955 2776 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:40:19.0049 2776 mshidkmdf - ok
17:40:19.0065 2776 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:40:19.0080 2776 msisadrv - ok
17:40:19.0127 2776 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:40:19.0221 2776 MSKSSRV - ok
17:40:19.0236 2776 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:40:19.0299 2776 MSPCLOCK - ok
17:40:19.0314 2776 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:40:19.0408 2776 MSPQM - ok
17:40:19.0455 2776 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:40:19.0486 2776 MsRPC - ok
17:40:19.0501 2776 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
17:40:19.0517 2776 mssmbios - ok
17:40:19.0548 2776 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:40:19.0626 2776 MSTEE - ok
17:40:19.0642 2776 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
17:40:19.0673 2776 MTConfig - ok
17:40:19.0689 2776 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:40:19.0704 2776 Mup - ok
17:40:19.0751 2776 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:40:19.0813 2776 NativeWifiP - ok
17:40:19.0876 2776 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
17:40:19.0923 2776 NDIS - ok
17:40:19.0954 2776 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:40:20.0032 2776 NdisCap - ok
17:40:20.0063 2776 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:40:20.0141 2776 NdisTapi - ok
17:40:20.0172 2776 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:40:20.0250 2776 Ndisuio - ok
17:40:20.0266 2776 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:40:20.0344 2776 NdisWan - ok
17:40:20.0359 2776 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:40:20.0453 2776 NDProxy - ok
17:40:20.0469 2776 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:40:20.0547 2776 NetBIOS - ok
17:40:20.0578 2776 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:40:20.0656 2776 NetBT - ok
17:40:20.0718 2776 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
17:40:20.0734 2776 nfrd960 - ok
17:40:20.0749 2776 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:40:20.0843 2776 Npfs - ok
17:40:20.0859 2776 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:40:20.0921 2776 nsiproxy - ok
17:40:20.0999 2776 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:40:21.0077 2776 Ntfs - ok
17:40:21.0108 2776 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:40:21.0202 2776 Null - ok
17:40:21.0280 2776 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:40:21.0295 2776 nvraid - ok
17:40:21.0327 2776 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:40:21.0358 2776 nvstor - ok
17:40:21.0405 2776 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:40:21.0436 2776 nv_agp - ok
17:40:21.0451 2776 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:40:21.0498 2776 ohci1394 - ok
17:40:21.0529 2776 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
17:40:21.0576 2776 Parport - ok
17:40:21.0592 2776 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
17:40:21.0623 2776 partmgr - ok
17:40:21.0639 2776 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:40:21.0670 2776 pci - ok
17:40:21.0685 2776 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:40:21.0701 2776 pciide - ok
17:40:21.0732 2776 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
17:40:21.0763 2776 pcmcia - ok
17:40:21.0779 2776 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:40:21.0795 2776 pcw - ok
17:40:21.0826 2776 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:40:21.0935 2776 PEAUTH - ok
17:40:22.0044 2776 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:40:22.0122 2776 PptpMiniport - ok
17:40:22.0138 2776 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
17:40:22.0185 2776 Processor - ok
17:40:22.0231 2776 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:40:22.0309 2776 Psched - ok
17:40:22.0387 2776 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
17:40:22.0450 2776 ql2300 - ok
17:40:22.0465 2776 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
17:40:22.0497 2776 ql40xx - ok
17:40:22.0512 2776 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:40:22.0559 2776 QWAVEdrv - ok
17:40:22.0575 2776 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:40:22.0653 2776 RasAcd - ok
17:40:22.0699 2776 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:40:22.0777 2776 RasAgileVpn - ok
17:40:22.0793 2776 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:40:22.0887 2776 Rasl2tp - ok
17:40:22.0918 2776 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:40:22.0996 2776 RasPppoe - ok
17:40:23.0011 2776 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:40:23.0089 2776 RasSstp - ok
17:40:23.0121 2776 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:40:23.0199 2776 rdbss - ok
17:40:23.0214 2776 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:40:23.0261 2776 rdpbus - ok
17:40:23.0277 2776 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:40:23.0355 2776 RDPCDD - ok
17:40:23.0386 2776 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
17:40:23.0448 2776 RDPDR - ok
17:40:23.0464 2776 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:40:23.0557 2776 RDPENCDD - ok
17:40:23.0589 2776 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:40:23.0667 2776 RDPREFMP - ok
17:40:23.0682 2776 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
17:40:23.0760 2776 RDPWD - ok
17:40:23.0807 2776 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:40:23.0823 2776 rdyboost - ok
17:40:23.0885 2776 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:40:23.0963 2776 rspndr - ok
17:40:24.0010 2776 RTL8167 (3372196f61af48503656ef6aa3e92d1b) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:40:24.0041 2776 RTL8167 - ok
17:40:24.0072 2776 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
17:40:24.0119 2776 s3cap - ok
17:40:24.0150 2776 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:40:24.0166 2776 sbp2port - ok
17:40:24.0197 2776 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:40:24.0275 2776 scfilter - ok
17:40:24.0306 2776 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:40:24.0384 2776 secdrv - ok
17:40:24.0431 2776 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
17:40:24.0462 2776 Serenum - ok
17:40:24.0493 2776 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
17:40:24.0525 2776 Serial - ok
17:40:24.0556 2776 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
17:40:24.0603 2776 sermouse - ok
17:40:24.0634 2776 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:40:24.0665 2776 sffdisk - ok
17:40:24.0681 2776 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:40:24.0727 2776 sffp_mmc - ok
17:40:24.0743 2776 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:40:24.0790 2776 sffp_sd - ok
17:40:24.0805 2776 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
17:40:24.0852 2776 sfloppy - ok
17:40:24.0899 2776 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
17:40:24.0930 2776 SiSRaid2 - ok
17:40:24.0946 2776 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
17:40:24.0961 2776 SiSRaid4 - ok
17:40:24.0993 2776 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:40:25.0071 2776 Smb - ok
17:40:25.0102 2776 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:40:25.0133 2776 spldr - ok
17:40:25.0180 2776 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:40:25.0227 2776 srv - ok
17:40:25.0258 2776 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:40:25.0305 2776 srv2 - ok
17:40:25.0320 2776 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:40:25.0351 2776 srvnet - ok
17:40:25.0445 2776 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
17:40:25.0461 2776 stexstor - ok
17:40:25.0507 2776 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
17:40:25.0523 2776 storflt - ok
17:40:25.0554 2776 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
17:40:25.0585 2776 storvsc - ok
17:40:25.0585 2776 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
17:40:25.0617 2776 swenum - ok
17:40:25.0679 2776 SynTP (b344b6dbeb992cc368daf6264bbfed8e) C:\Windows\system32\DRIVERS\SynTP.sys
17:40:25.0710 2776 SynTP - ok
17:40:25.0804 2776 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
17:40:25.0882 2776 Tcpip - ok
17:40:25.0944 2776 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
17:40:26.0007 2776 TCPIP6 - ok
17:40:26.0053 2776 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:40:26.0131 2776 tcpipreg - ok
17:40:26.0163 2776 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:40:26.0241 2776 TDPIPE - ok
17:40:26.0256 2776 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
17:40:26.0334 2776 TDTCP - ok
17:40:26.0365 2776 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:40:26.0428 2776 tdx - ok
17:40:26.0443 2776 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
17:40:26.0475 2776 TermDD - ok
17:40:26.0521 2776 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:40:26.0584 2776 tssecsrv - ok
17:40:26.0631 2776 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:40:26.0662 2776 TsUsbFlt - ok
17:40:26.0677 2776 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
17:40:26.0709 2776 TsUsbGD - ok
17:40:26.0740 2776 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:40:26.0833 2776 tunnel - ok
17:40:26.0849 2776 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
17:40:26.0880 2776 uagp35 - ok
17:40:26.0896 2776 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:40:26.0989 2776 udfs - ok
17:40:27.0036 2776 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:40:27.0067 2776 uliagpkx - ok
17:40:27.0099 2776 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
17:40:27.0130 2776 umbus - ok
17:40:27.0145 2776 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
17:40:27.0177 2776 UmPass - ok
17:40:27.0208 2776 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:40:27.0239 2776 usbccgp - ok
17:40:27.0286 2776 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:40:27.0317 2776 usbcir - ok
17:40:27.0348 2776 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
17:40:27.0395 2776 usbehci - ok
17:40:27.0442 2776 usbfilter (76e2ffad301490ba27b947c6507752fb) C:\Windows\system32\DRIVERS\usbfilter.sys
17:40:27.0457 2776 usbfilter - ok
17:40:27.0504 2776 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:40:27.0551 2776 usbhub - ok
17:40:27.0598 2776 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
17:40:27.0629 2776 usbohci - ok
17:40:27.0660 2776 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
17:40:27.0707 2776 usbprint - ok
17:40:27.0738 2776 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
17:40:27.0801 2776 USBSTOR - ok
17:40:27.0816 2776 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
17:40:27.0863 2776 usbuhci - ok
17:40:27.0910 2776 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
17:40:27.0957 2776 usbvideo - ok
17:40:28.0003 2776 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:40:28.0019 2776 vdrvroot - ok
17:40:28.0050 2776 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:40:28.0081 2776 vga - ok
17:40:28.0097 2776 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:40:28.0175 2776 VgaSave - ok
17:40:28.0191 2776 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:40:28.0222 2776 vhdmp - ok
17:40:28.0237 2776 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:40:28.0253 2776 viaide - ok
17:40:28.0300 2776 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
17:40:28.0315 2776 vmbus - ok
17:40:28.0362 2776 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
17:40:28.0393 2776 VMBusHID - ok
17:40:28.0409 2776 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:40:28.0425 2776 volmgr - ok
17:40:28.0456 2776 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:40:28.0487 2776 volmgrx - ok
17:40:28.0518 2776 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\Windows\system32\drivers\volsnap.sys
17:40:28.0549 2776 volsnap - ok
17:40:28.0581 2776 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
17:40:28.0612 2776 vsmraid - ok
17:40:28.0627 2776 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
17:40:28.0674 2776 vwifibus - ok
17:40:28.0705 2776 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
17:40:28.0752 2776 WacomPen - ok
17:40:28.0799 2776 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:40:28.0877 2776 WANARP - ok
17:40:28.0877 2776 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:40:28.0955 2776 Wanarpv6 - ok
17:40:28.0986 2776 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
17:40:29.0017 2776 Wd - ok
17:40:29.0033 2776 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:40:29.0080 2776 Wdf01000 - ok
17:40:29.0127 2776 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:40:29.0189 2776 WfpLwf - ok
17:40:29.0205 2776 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:40:29.0236 2776 WIMMount - ok
17:40:29.0329 2776 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:40:29.0361 2776 WmiAcpi - ok
17:40:29.0407 2776 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:40:29.0470 2776 ws2ifsl - ok
17:40:29.0501 2776 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:40:29.0595 2776 WudfPf - ok
17:40:29.0641 2776 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:40:29.0751 2776 \Device\Harddisk0\DR0 - ok
17:40:29.0766 2776 Boot (0x1200) (84254897814803003119f74cc0ee92f4) \Device\Harddisk0\DR0\Partition0
17:40:29.0766 2776 \Device\Harddisk0\DR0\Partition0 - ok
17:40:29.0797 2776 Boot (0x1200) (2251bef1ceaf1e7b7c8a60e3381f727d) \Device\Harddisk0\DR0\Partition1
17:40:29.0813 2776 \Device\Harddisk0\DR0\Partition1 - ok
17:40:29.0829 2776 Boot (0x1200) (37cd079cb06ce9029bd5c222da095e6f) \Device\Harddisk0\DR0\Partition2
17:40:29.0829 2776 \Device\Harddisk0\DR0\Partition2 - ok
17:40:29.0829 2776 ============================================================
17:40:29.0829 2776 Scan finished
17:40:29.0829 2776 ============================================================
17:40:29.0844 3408 Detected object count: 0
17:40:29.0844 3408 Actual detected object count: 0
|
|
14.01.2012, 19:57
| #12 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox öffnet Tab zu Kreditwerbung Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Firefox öffnet Tab zu Kreditwerbung |
| avast, cookies, firefox, fund, gelöscht, gescannt, heute, hijack, hijackthis, infiziert, malwarebytes, neue, neuen, pc infiziert, scanner, schonmal, seite, surfe, surfen, system, tab, troja, trojanerboard, werbung, öffnen, öffnet |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
