| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojaner Bundespolizei 2x50€ über UkashWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
14.07.2012, 14:06
| #1 |
 |  Trojaner Bundespolizei 2x50€ über Ukash Hallo zusammen, hallo Larusso, seit letztem Mal bin ich vorsichtiger geworden, jetzt hat es meinen Bruder erwischt. Folgendes Problem tritt auf: Nach dem Hochfahren des Laptops erscheint kurz der Desktop. Anschließend öffnet sich ein Fenster, in dem man aufgefordert wird, 2 x 50 € via Ukash angeblich an die Bundespolizei zu überweisen. Computer ist vollständig gesperrt, nichtmal der Taskmanager lässt sich starten. Ist das der Verschlüsselungstrojaner? Was sollen wir tun? Ich hoffe, das war ausführlich und zugleich kurz genug. Vielen Dank schon mal für die Unterstützung. Beste Grüße Phil Jetzt habe ich den oben beschriebenen Scan mit Malwarebytes durchgeführt. Hier die dazugehörigen Log-Files: Malwarebytes Anti-Malware (Test) 1.62.0.1300 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: v2012.07.12.08 Windows 7 x64 NTFS (Abgesichertenmodus/Netzwerkfähig) Internet Explorer 9.0.8112.16421 Alex :: ALEX-PC [Administrator] Schutz: Deaktiviert 12.07.2012 17:56:22 mbam-log-2012-07-12 (17-56-22).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 215791 Laufzeit: 3 Minute(n), 5 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 2 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|{08BC4517-B486-7316-1792-8CB9A46C8708} (Trojan.ZbotR.Gen) -> Daten: C:\Users\Alex\AppData\Roaming\Peav\qair.exe -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|{D7746E83-1621-82F6-612B-F52090C7846C} (Trojan.ZbotR.Gen) -> Daten: C:\Users\Alex\AppData\Roaming\Daidq\cyyco.exe -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 3 C:\Users\Alex\Downloads\SoftonicDownloader_fuer_red-eclipse.exe (PUP.ToolbarDownloader) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Alex\0.05911214225287442.exe (Trojan.Agent.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk (Trojan.Ransom.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) All processes killed ========== OTL ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SkypePM not found. File C:\Users\Peter\AppData\Local\Skype\SkypePM.exe not found. ========== COMMANDS ========== [EMPTYFLASH] User: Alex ->Flash cache emptied: 8343882 bytes User: All Users User: AppData User: Default ->Flash cache emptied: 56466 bytes User: Default User ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 8,00 mb [EMPTYTEMP] User: Alex ->Temp folder emptied: 3485745498 bytes ->Temporary Internet Files folder emptied: 3496316281 bytes ->Java cache emptied: 8119363 bytes ->FireFox cache emptied: 43964385 bytes ->Google Chrome cache emptied: 271530952 bytes ->Flash cache emptied: 0 bytes User: All Users User: AppData User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 308558523 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36068370 bytes RecycleBin emptied: 11171394466 bytes Total Files Cleaned = 17.950,00 mb OTL by OldTimer - Version 3.2.53.1 log created on 07122012_172856 Files\Folders moved on Reboot... C:\Users\Alex\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. PendingFileRenameOperations files... File C:\Users\Alex\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found! Registry entries deleted on Reboot... Files\Folders moved on Reboot... C:\Users\Alex\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. PendingFileRenameOperations files... File C:\Users\Alex\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found! Registry entries deleted on Reboot... |
|
15.07.2012, 17:44
| #2 |
| /// Helfer-Team  | Trojaner Bundespolizei 2x50€ über Ukash 1. Schritt Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten. 2. Schritt Systemscan mit OTL (bebilderte Anleitung)
__________________ |
|
15.07.2012, 22:03
| #3 |
| | Trojaner Bundespolizei 2x50€ über Ukash Hallo t'john,
__________________oben beschriebener Laptop hat wohl einen Blitzschlag abbekommen...läuft gar nicht mehr. Wir haben aber noch ein anderes Gerät, das auch befallen scheint. Hierfür die Logfiles: Malwarebytes Anti Malware: Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.07.15.09 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Hornochse :: HORNOCHSE-PC [Administrator] 15.07.2012 20:56:05 mbam-log-2012-07-15 (22-27-33).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 339508 Laufzeit: 1 Stunde(n), 28 Minute(n), 28 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 1 C:\Users\Hornochse\AppData\Roaming\BAcroIEHelpe153.dll (Trojan.Banker) -> Keine Aktion durchgeführt. Infizierte Registrierungsschlüssel: 4 HKCR\CLSID\{20C28584-8F10-4D92-987C-0A1008E2435A} (Trojan.Agent) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{20C28584-8F10-4D92-987C-0A1008E2435A} (Trojan.Agent) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{20C28584-8F10-4D92-987C-0A1008E2435A} (Trojan.Agent) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{20C28584-8F10-4D92-987C-0A1008E2435A} (Trojan.Agent) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Userinit (Trojan.Agent) -> Daten: C:\Users\Hornochse\AppData\Roaming\appconf32.exe -> Keine Aktion durchgeführt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 8 C:\Users\Hornochse\AppData\Roaming\BAcroIEHelpe153.dll (Trojan.Banker) -> Keine Aktion durchgeführt. C:\Users\Hornochse\AppData\Local\Temp\wpbt0.dll (Spyware.Zbot.DG) -> Keine Aktion durchgeführt. C:\Users\Hornochse\AppData\Roaming\appconf32.exe (Trojan.Agent) -> Keine Aktion durchgeführt. C:\Users\Hornochse\AppData\Roaming\AcroIEHelpe153.dll (Trojan.Agent) -> Keine Aktion durchgeführt. C:\Users\Hornochse\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CWYIYFIV\contacts[1].exe (Spyware.Zbot.DG) -> Keine Aktion durchgeführt. C:\Users\Hornochse\Downloads\SoftonicDownloader_fuer_ace-of-spades (1).exe (PUP.ToolbarDownloader) -> Keine Aktion durchgeführt. C:\Users\Hornochse\Downloads\SoftonicDownloader_fuer_ace-of-spades.exe (PUP.ToolbarDownloader) -> Keine Aktion durchgeführt. C:\Users\Hornochse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk (Trojan.Ransom.Gen) -> Keine Aktion durchgeführt. (Ende) Logfiles Oldtimer:OTL Logfile: Code:
ATTFilter OTL logfile created on: 15.07.2012 22:33:36 - Run 1 OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Hornochse\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1013,45 Mb Total Physical Memory | 94,55 Mb Available Physical Memory | 9,33% Memory free 2,24 Gb Paging File | 0,87 Gb Available in Paging File | 39,04% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 102,48 Gb Total Space | 53,09 Gb Free Space | 51,80% Space Free | Partition Type: NTFS Computer Name: HORNOCHSE-PC | User Name: Hornochse | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Hornochse\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe (Microsoft Corporation) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Users\Hornochse\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd) PRC - C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation) PRC - c:\Programme\Microsoft Security Client\MpCmdRun.exe (Microsoft Corporation) PRC - c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) PRC - C:\Programme\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Windows\System32\MpSigStub.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) PRC - C:\Programme\sony\VAIO Update 5\VAIOUpdt.exe (Sony Corporation) PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Programme\sony\VAIO Event Service\VESMgr.exe (Sony Corporation) PRC - C:\Programme\sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation) PRC - C:\Programme\sony\VAIO Power Management\SPMgr.exe (Sony Corporation) PRC - C:\Programme\sony\ISB Utility\ISBMgr.exe (Sony Corporation) PRC - C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.) PRC - C:\Programme\Apoint\ApntEx.exe (Alps Electric Co., Ltd.) PRC - C:\Programme\Apoint\ApMsgFwd.exe (Alps Electric Co., Ltd.) PRC - C:\Programme\sony\Wireless Switch Setting Utility\Switcher.exe (Sony Corporation) PRC - C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) PRC - C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation) PRC - C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) ========== Modules (No Company Name) ========== MOD - C:\Users\Hornochse\AppData\Roaming\10001.066\components\AcroFF066.dll () MOD - C:\Users\Hornochse\AppData\Roaming\BAcroIEHelpe168.dll () MOD - C:\Users\HORNOC~1\AppData\Local\Temp\wpbt0.dll () MOD - C:\Users\Hornochse\AppData\Roaming\Spotify\Data\libcef.dll () MOD - C:\Programme\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\System32\igfxTMM.dll () MOD - C:\Windows\System32\hccutils.dll () ========== Win32 Services (SafeList) ========== SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon File not found SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SRV - (BBSvc) -- C:\Programme\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.) SRV - (BBUpdate) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) SRV - (MSSQL$VAIO_VEDB) SQL Server (VAIO_VEDB) -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) SRV - (SQLBrowser) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) SRV - (MSSQLServerADHelper) -- C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation) SRV - (MSCamSvc) -- C:\Programme\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation) SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten) SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia.) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (VAIO Event Service) -- C:\Programme\sony\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (SSScsiSV) -- C:\Programme\Common Files\Sony Shared\AvLib\SSScsiSV.exe (Sony Corporation) SRV - (SonicStage Back-End Service) -- C:\Programme\Common Files\Sony Shared\AvLib\SsBeSvc.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Programme\sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation) SRV - (VAIOMediaPlatform-UCLS-UPnP) VAIO Media Content Collection (UPnP) -- C:\Programme\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP) -- C:\Programme\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation) SRV - (VAIOMediaPlatform-UCLS-AppServer) -- C:\Programme\sony\VAIO Media Integrated Server\UCLS.exe (Sony Corporation) SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation) SRV - (VAIOMediaPlatform-UCLS-HTTP) VAIO Media Content Collection (HTTP) -- C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP) -- C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation) SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation) SRV - (MSCSPTISRV) -- C:\Programme\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe (Sony Corporation) SRV - (SPTISRV) -- C:\Programme\Common Files\Sony Shared\AvLib\SPTISRV.exe (Sony Corporation) SRV - (PACSPTISVR) -- C:\Programme\Common Files\Sony Shared\AvLib\PACSPTISVR.exe () SRV - (Vcsw) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) SRV - (VzFw) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation) SRV - (VzCdbSvc) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) ========== Driver Services (SafeList) ========== DRV - (zxudkpom) -- C:\Windows\system32\drivers\zxudkpom.sys File not found DRV - (zxsjuuaj) -- C:\Windows\system32\drivers\zxsjuuaj.sys File not found DRV - (zxitcnkr) -- C:\Windows\system32\drivers\zxitcnkr.sys File not found DRV - (zxhbinch) -- C:\Windows\system32\drivers\zxhbinch.sys File not found DRV - (zwdedesy) -- C:\Windows\system32\drivers\zwdedesy.sys File not found DRV - (zvdkqedh) -- C:\Windows\system32\drivers\zvdkqedh.sys File not found DRV - (zuctgmjg) -- C:\Windows\system32\drivers\zuctgmjg.sys File not found DRV - (ztpmmksv) -- C:\Windows\system32\drivers\ztpmmksv.sys File not found DRV - (zrrchwzd) -- C:\Windows\system32\drivers\zrrchwzd.sys File not found DRV - (zrmtfdpp) -- C:\Windows\system32\drivers\zrmtfdpp.sys File not found DRV - (zqfegoce) -- C:\Windows\system32\drivers\zqfegoce.sys File not found DRV - (zpgpgrpu) -- C:\Windows\system32\drivers\zpgpgrpu.sys File not found DRV - (zofvpcpb) -- C:\Windows\system32\drivers\zofvpcpb.sys File not found DRV - (zoayhorf) -- C:\Windows\system32\drivers\zoayhorf.sys File not found DRV - (zkcqblwm) -- C:\Windows\system32\drivers\zkcqblwm.sys File not found DRV - (zjomwuex) -- C:\Windows\system32\drivers\zjomwuex.sys File not found DRV - (ziodlcvr) -- C:\Windows\system32\drivers\ziodlcvr.sys File not found DRV - (zhvdkssp) -- C:\Windows\system32\drivers\zhvdkssp.sys File not found DRV - (zhgvmwwl) -- C:\Windows\system32\drivers\zhgvmwwl.sys File not found DRV - (zgguyrwp) -- C:\Windows\system32\drivers\zgguyrwp.sys File not found DRV - (zepdogyc) -- C:\Windows\system32\drivers\zepdogyc.sys File not found DRV - (zddfqfao) -- C:\Windows\system32\drivers\zddfqfao.sys File not found DRV - (zcxjanqn) -- C:\Windows\system32\drivers\zcxjanqn.sys File not found DRV - (zcqdbpeb) -- C:\Windows\system32\drivers\zcqdbpeb.sys File not found DRV - (zbahpufg) -- C:\Windows\system32\drivers\zbahpufg.sys File not found DRV - (yzfhikap) -- C:\Windows\system32\drivers\yzfhikap.sys File not found DRV - (yyzdtlar) -- C:\Windows\system32\drivers\yyzdtlar.sys File not found DRV - (yvgpttas) -- C:\Windows\system32\drivers\yvgpttas.sys File not found DRV - (yubxjcky) -- C:\Windows\system32\drivers\yubxjcky.sys File not found DRV - (ytpcvykc) -- C:\Windows\system32\drivers\ytpcvykc.sys File not found DRV - (ysudkhhx) -- C:\Windows\system32\drivers\ysudkhhx.sys File not found DRV - (ysjhmhoo) -- C:\Windows\system32\drivers\ysjhmhoo.sys File not found DRV - (yscxtdwp) -- C:\Windows\system32\drivers\yscxtdwp.sys File not found DRV - (ysasyyrz) -- C:\Windows\system32\drivers\ysasyyrz.sys File not found DRV - (yrhcakxa) -- C:\Windows\system32\drivers\yrhcakxa.sys File not found DRV - (yrdmyfcu) -- C:\Windows\system32\drivers\yrdmyfcu.sys File not found DRV - (ypptricg) -- C:\Windows\system32\drivers\ypptricg.sys File not found DRV - (ypazmidf) -- C:\Windows\system32\drivers\ypazmidf.sys File not found DRV - (yozbhvpt) -- C:\Windows\system32\drivers\yozbhvpt.sys File not found DRV - (ymigkqnb) -- C:\Windows\system32\drivers\ymigkqnb.sys File not found DRV - (ymhegvdh) -- C:\Windows\system32\drivers\ymhegvdh.sys File not found DRV - (ykkisxmv) -- C:\Windows\system32\drivers\ykkisxmv.sys File not found DRV - (yjjrrtgo) -- C:\Windows\system32\drivers\yjjrrtgo.sys File not found DRV - (yidijiya) -- C:\Windows\system32\drivers\yidijiya.sys File not found DRV - (ygcubqlm) -- C:\Windows\system32\drivers\ygcubqlm.sys File not found DRV - (yfmoiqob) -- C:\Windows\system32\drivers\yfmoiqob.sys File not found DRV - (ydrqvfkt) -- C:\Windows\system32\drivers\ydrqvfkt.sys File not found DRV - (ybrfkblr) -- C:\Windows\system32\drivers\ybrfkblr.sys File not found DRV - (ybmebrbs) -- C:\Windows\system32\drivers\ybmebrbs.sys File not found DRV - (ybhhosqp) -- C:\Windows\system32\drivers\ybhhosqp.sys File not found DRV - (yaumvcel) -- C:\Windows\system32\drivers\yaumvcel.sys File not found DRV - (yaeidifo) -- C:\Windows\system32\drivers\yaeidifo.sys File not found DRV - (xzbhbgnv) -- C:\Windows\system32\drivers\xzbhbgnv.sys File not found DRV - (xzatnqok) -- C:\Windows\system32\drivers\xzatnqok.sys File not found DRV - (xyzuqkme) -- C:\Windows\system32\drivers\xyzuqkme.sys File not found DRV - (xvoujzhz) -- C:\Windows\system32\drivers\xvoujzhz.sys File not found DRV - (xvcsppno) -- C:\Windows\system32\drivers\xvcsppno.sys File not found DRV - (xukadgrh) -- C:\Windows\system32\drivers\xukadgrh.sys File not found DRV - (xuimremg) -- C:\Windows\system32\drivers\xuimremg.sys File not found DRV - (xtnajelk) -- C:\Windows\system32\drivers\xtnajelk.sys File not found DRV - (xqfjflpt) -- C:\Windows\system32\drivers\xqfjflpt.sys File not found DRV - (xprzpnwa) -- C:\Windows\system32\drivers\xprzpnwa.sys File not found DRV - (xnhmpthr) -- C:\Windows\system32\drivers\xnhmpthr.sys File not found DRV - (xnallhhy) -- C:\Windows\system32\drivers\xnallhhy.sys File not found DRV - (xjxtyyab) -- C:\Windows\system32\drivers\xjxtyyab.sys File not found DRV - (xjosndzq) -- C:\Windows\system32\drivers\xjosndzq.sys File not found DRV - (xhnisqxk) -- C:\Windows\system32\drivers\xhnisqxk.sys File not found DRV - (xgxojtfk) -- C:\Windows\system32\drivers\xgxojtfk.sys File not found DRV - (xgpxtkzb) -- C:\Windows\system32\drivers\xgpxtkzb.sys File not found DRV - (xgjapuvc) -- C:\Windows\system32\drivers\xgjapuvc.sys File not found DRV - (xfhknpyn) -- C:\Windows\system32\drivers\xfhknpyn.sys File not found DRV - (xevgosxx) -- C:\Windows\system32\drivers\xevgosxx.sys File not found DRV - (xeislfsw) -- C:\Windows\system32\drivers\xeislfsw.sys File not found DRV - (xczablzs) -- C:\Windows\system32\drivers\xczablzs.sys File not found DRV - (xcvymxnf) -- C:\Windows\system32\drivers\xcvymxnf.sys File not found DRV - (xcsifhan) -- C:\Windows\system32\drivers\xcsifhan.sys File not found DRV - (xcsfaxcm) -- C:\Windows\system32\drivers\xcsfaxcm.sys File not found DRV - (xclwypyk) -- C:\Windows\system32\drivers\xclwypyk.sys File not found DRV - (xbzebnxn) -- C:\Windows\system32\drivers\xbzebnxn.sys File not found DRV - (xbgvpzvf) -- C:\Windows\system32\drivers\xbgvpzvf.sys File not found DRV - (xatotysx) -- C:\Windows\system32\drivers\xatotysx.sys File not found DRV - (xapbbmtf) -- C:\Windows\system32\drivers\xapbbmtf.sys File not found DRV - (xamczksp) -- C:\Windows\system32\drivers\xamczksp.sys File not found DRV - (xaczmbfi) -- C:\Windows\system32\drivers\xaczmbfi.sys File not found DRV - (xacibglf) -- C:\Windows\system32\drivers\xacibglf.sys File not found DRV - (wzeiztev) -- C:\Windows\system32\drivers\wzeiztev.sys File not found DRV - (wyuscdue) -- C:\Windows\system32\drivers\wyuscdue.sys File not found DRV - (wxiltzci) -- C:\Windows\system32\drivers\wxiltzci.sys File not found DRV - (wvoahymi) -- C:\Windows\system32\drivers\wvoahymi.sys File not found DRV - (wuasexok) -- C:\Windows\system32\drivers\wuasexok.sys File not found DRV - (wtfkorlj) -- C:\Windows\system32\drivers\wtfkorlj.sys File not found DRV - (wtdthxgb) -- C:\Windows\system32\drivers\wtdthxgb.sys File not found DRV - (wsurnhrl) -- C:\Windows\system32\drivers\wsurnhrl.sys File not found DRV - (wslgdacs) -- C:\Windows\system32\drivers\wslgdacs.sys File not found DRV - (wsjumttr) -- C:\Windows\system32\drivers\wsjumttr.sys File not found DRV - (wsamnxda) -- C:\Windows\system32\drivers\wsamnxda.sys File not found DRV - (wqpjpmqu) -- C:\Windows\system32\drivers\wqpjpmqu.sys File not found DRV - (wplrzdrp) -- C:\Windows\system32\drivers\wplrzdrp.sys File not found DRV - (wpdmtwsx) -- C:\Windows\system32\drivers\wpdmtwsx.sys File not found DRV - (wpaqfqwz) -- C:\Windows\system32\drivers\wpaqfqwz.sys File not found DRV - (wndpfkvw) -- C:\Windows\system32\drivers\wndpfkvw.sys File not found DRV - (wmxzppee) -- C:\Windows\system32\drivers\wmxzppee.sys File not found DRV - (wmmihhgp) -- C:\Windows\system32\drivers\wmmihhgp.sys File not found DRV - (wmginqfb) -- C:\Windows\system32\drivers\wmginqfb.sys File not found DRV - (wmdfltou) -- C:\Windows\system32\drivers\wmdfltou.sys File not found DRV - (wlboytvs) -- C:\Windows\system32\drivers\wlboytvs.sys File not found DRV - (wkbglymk) -- C:\Windows\system32\drivers\wkbglymk.sys File not found DRV - (wjxypzbq) -- C:\Windows\system32\drivers\wjxypzbq.sys File not found DRV - (wjbepiwm) -- C:\Windows\system32\drivers\wjbepiwm.sys File not found DRV - (wivdelkf) -- C:\Windows\system32\drivers\wivdelkf.sys File not found DRV - (whfipwpm) -- C:\Windows\system32\drivers\whfipwpm.sys File not found DRV - (wfwdefhc) -- C:\Windows\system32\drivers\wfwdefhc.sys File not found DRV - (wflxzktl) -- C:\Windows\system32\drivers\wflxzktl.sys File not found DRV - (wersuelm) -- C:\Windows\system32\drivers\wersuelm.sys File not found DRV - (weahopuj) -- C:\Windows\system32\drivers\weahopuj.sys File not found DRV - (wdqjlsia) -- C:\Windows\system32\drivers\wdqjlsia.sys File not found DRV - (wcmkupns) -- C:\Windows\system32\drivers\wcmkupns.sys File not found DRV - (wbxavevw) -- C:\Windows\system32\drivers\wbxavevw.sys File not found DRV - (wbufyykm) -- C:\Windows\system32\drivers\wbufyykm.sys File not found DRV - (wayunwxb) -- C:\Windows\system32\drivers\wayunwxb.sys File not found DRV - (vzxkbqav) -- C:\Windows\system32\drivers\vzxkbqav.sys File not found DRV - (vztbnqpf) -- C:\Windows\system32\drivers\vztbnqpf.sys File not found DRV - (vymnksxq) -- C:\Windows\system32\drivers\vymnksxq.sys File not found DRV - (vyifjxrg) -- C:\Windows\system32\drivers\vyifjxrg.sys File not found DRV - (vyaousnd) -- C:\Windows\system32\drivers\vyaousnd.sys File not found DRV - (vxjegnpy) -- C:\Windows\system32\drivers\vxjegnpy.sys File not found DRV - (vxgduaux) -- C:\Windows\system32\drivers\vxgduaux.sys File not found DRV - (vwnehuyx) -- C:\Windows\system32\drivers\vwnehuyx.sys File not found DRV - (vwdxubjf) -- C:\Windows\system32\drivers\vwdxubjf.sys File not found DRV - (vvpttxgf) -- C:\Windows\system32\drivers\vvpttxgf.sys File not found DRV - (vvnemelp) -- C:\Windows\system32\drivers\vvnemelp.sys File not found DRV - (vvmlqjjf) -- C:\Windows\system32\drivers\vvmlqjjf.sys File not found DRV - (vuqdqeul) -- C:\Windows\system32\drivers\vuqdqeul.sys File not found DRV - (vtwitefv) -- C:\Windows\system32\drivers\vtwitefv.sys File not found DRV - (vtdnvshq) -- C:\Windows\system32\drivers\vtdnvshq.sys File not found DRV - (vsdtijak) -- C:\Windows\system32\drivers\vsdtijak.sys File not found DRV - (vqlnvyez) -- C:\Windows\system32\drivers\vqlnvyez.sys File not found DRV - (vqgifqui) -- C:\Windows\system32\drivers\vqgifqui.sys File not found DRV - (vpjjkmfg) -- C:\Windows\system32\drivers\vpjjkmfg.sys File not found DRV - (vmsengjh) -- C:\Windows\system32\drivers\vmsengjh.sys File not found DRV - (vkumsiwd) -- C:\Windows\system32\drivers\vkumsiwd.sys File not found DRV - (vkluadac) -- C:\Windows\system32\drivers\vkluadac.sys File not found DRV - (vkcvsnno) -- C:\Windows\system32\drivers\vkcvsnno.sys File not found DRV - (vjhsozmx) -- C:\Windows\system32\drivers\vjhsozmx.sys File not found DRV - (vhfyigmv) -- C:\Windows\system32\drivers\vhfyigmv.sys File not found DRV - (vfvkykfc) -- C:\Windows\system32\drivers\vfvkykfc.sys File not found DRV - (vfurjxwt) -- C:\Windows\system32\drivers\vfurjxwt.sys File not found DRV - (vfccaljp) -- C:\Windows\system32\drivers\vfccaljp.sys File not found DRV - (vcuuxtmk) -- C:\Windows\system32\drivers\vcuuxtmk.sys File not found DRV - (vcrbzjye) -- C:\Windows\system32\drivers\vcrbzjye.sys File not found DRV - (vcinhaaj) -- C:\Windows\system32\drivers\vcinhaaj.sys File not found DRV - (vbxetaem) -- C:\Windows\system32\drivers\vbxetaem.sys File not found DRV - (uyxwowuu) -- C:\Windows\system32\drivers\uyxwowuu.sys File not found DRV - (uywyadpt) -- C:\Windows\system32\drivers\uywyadpt.sys File not found DRV - (uyrprhuo) -- C:\Windows\system32\drivers\uyrprhuo.sys File not found DRV - (uyjxabwc) -- C:\Windows\system32\drivers\uyjxabwc.sys File not found DRV - (uygrvxjz) -- C:\Windows\system32\drivers\uygrvxjz.sys File not found DRV - (uxpehuww) -- C:\Windows\system32\drivers\uxpehuww.sys File not found DRV - (uxmymdpj) -- C:\Windows\system32\drivers\uxmymdpj.sys File not found DRV - (uxjzfsrq) -- C:\Windows\system32\drivers\uxjzfsrq.sys File not found DRV - (uwzrpaxq) -- C:\Windows\system32\drivers\uwzrpaxq.sys File not found DRV - (uwcdaobc) -- C:\Windows\system32\drivers\uwcdaobc.sys File not found DRV - (uvurpndv) -- C:\Windows\system32\drivers\uvurpndv.sys File not found DRV - (uvqxdayj) -- C:\Windows\system32\drivers\uvqxdayj.sys File not found DRV - (uuxaiujo) -- C:\Windows\system32\drivers\uuxaiujo.sys File not found DRV - (uukrcpmx) -- C:\Windows\system32\drivers\uukrcpmx.sys File not found DRV - (usrxsswg) -- C:\Windows\system32\drivers\usrxsswg.sys File not found DRV - (usifkghw) -- C:\Windows\system32\drivers\usifkghw.sys File not found DRV - (upxnobvw) -- C:\Windows\system32\drivers\upxnobvw.sys File not found DRV - (upkpgler) -- C:\Windows\system32\drivers\upkpgler.sys File not found DRV - (upelrods) -- C:\Windows\system32\drivers\upelrods.sys File not found DRV - (uoqtgfbx) -- C:\Windows\system32\drivers\uoqtgfbx.sys File not found DRV - (unqfmneu) -- C:\Windows\system32\drivers\unqfmneu.sys File not found DRV - (umzxkgvb) -- C:\Windows\system32\drivers\umzxkgvb.sys File not found DRV - (umjdwynz) -- C:\Windows\system32\drivers\umjdwynz.sys File not found DRV - (umfvumpq) -- C:\Windows\system32\drivers\umfvumpq.sys File not found DRV - (ulkename) -- C:\Windows\system32\drivers\ulkename.sys File not found DRV - (uljghlha) -- C:\Windows\system32\drivers\uljghlha.sys File not found DRV - (uleifpmy) -- C:\Windows\system32\drivers\uleifpmy.sys File not found DRV - (ujwqngxb) -- C:\Windows\system32\drivers\ujwqngxb.sys File not found DRV - (ujucwnpz) -- C:\Windows\system32\drivers\ujucwnpz.sys File not found DRV - (ujrsawpu) -- C:\Windows\system32\drivers\ujrsawpu.sys File not found DRV - (ujexgljf) -- C:\Windows\system32\drivers\ujexgljf.sys File not found DRV - (uirdklgk) -- C:\Windows\system32\drivers\uirdklgk.sys File not found DRV - (ugzoejof) -- C:\Windows\system32\drivers\ugzoejof.sys File not found DRV - (ugzcxpvz) -- C:\Windows\system32\drivers\ugzcxpvz.sys File not found DRV - (ugcydnqk) -- C:\Windows\system32\drivers\ugcydnqk.sys File not found DRV - (uebeymmb) -- C:\Windows\system32\drivers\uebeymmb.sys File not found DRV - (uduybpwr) -- C:\Windows\system32\drivers\uduybpwr.sys File not found DRV - (udevkuff) -- C:\Windows\system32\drivers\udevkuff.sys File not found DRV - (ubejwsmp) -- C:\Windows\system32\drivers\ubejwsmp.sys File not found DRV - (uasdzcci) -- C:\Windows\system32\drivers\uasdzcci.sys File not found DRV - (tzwadfiy) -- C:\Windows\system32\drivers\tzwadfiy.sys File not found DRV - (tzrrnrop) -- C:\Windows\system32\drivers\tzrrnrop.sys File not found DRV - (tyopnnrq) -- C:\Windows\system32\drivers\tyopnnrq.sys File not found DRV - (tyctlxaw) -- C:\Windows\system32\drivers\tyctlxaw.sys File not found DRV - (twekxhwp) -- C:\Windows\system32\drivers\twekxhwp.sys File not found DRV - (twcnhbcu) -- C:\Windows\system32\drivers\twcnhbcu.sys File not found DRV - (twarlcta) -- C:\Windows\system32\drivers\twarlcta.sys File not found DRV - (tvtksqbn) -- C:\Windows\system32\drivers\tvtksqbn.sys File not found DRV - (ttyzkzdi) -- C:\Windows\system32\drivers\ttyzkzdi.sys File not found DRV - (tsmjhqvk) -- C:\Windows\system32\drivers\tsmjhqvk.sys File not found DRV - (trzbfsao) -- C:\Windows\system32\drivers\trzbfsao.sys File not found DRV - (trwfkexh) -- C:\Windows\system32\drivers\trwfkexh.sys File not found DRV - (trlfzrct) -- C:\Windows\system32\drivers\trlfzrct.sys File not found DRV - (trjdmima) -- C:\Windows\system32\drivers\trjdmima.sys File not found DRV - (tqrvignj) -- C:\Windows\system32\drivers\tqrvignj.sys File not found DRV - (tpjfjszj) -- C:\Windows\system32\drivers\tpjfjszj.sys File not found DRV - (tnboeuxr) -- C:\Windows\system32\drivers\tnboeuxr.sys File not found DRV - (tnbocydl) -- C:\Windows\system32\drivers\tnbocydl.sys File not found DRV - (tlyfywah) -- C:\Windows\system32\drivers\tlyfywah.sys File not found DRV - (tllwxyrl) -- C:\Windows\system32\drivers\tllwxyrl.sys File not found DRV - (tkrawgzc) -- C:\Windows\system32\drivers\tkrawgzc.sys File not found DRV - (tkeqdyaq) -- C:\Windows\system32\drivers\tkeqdyaq.sys File not found DRV - (tkblkosv) -- C:\Windows\system32\drivers\tkblkosv.sys File not found DRV - (tjhwtskq) -- C:\Windows\system32\drivers\tjhwtskq.sys File not found DRV - (tjetftzc) -- C:\Windows\system32\drivers\tjetftzc.sys File not found DRV - (tidqqrlf) -- C:\Windows\system32\drivers\tidqqrlf.sys File not found DRV - (thvqmyey) -- C:\Windows\system32\drivers\thvqmyey.sys File not found DRV - (tgrmcjyk) -- C:\Windows\system32\drivers\tgrmcjyk.sys File not found DRV - (tgenhjqz) -- C:\Windows\system32\drivers\tgenhjqz.sys File not found DRV - (tfpvtjpx) -- C:\Windows\system32\drivers\tfpvtjpx.sys File not found DRV - (tfogarjx) -- C:\Windows\system32\drivers\tfogarjx.sys File not found DRV - (tdioiqus) -- C:\Windows\system32\drivers\tdioiqus.sys File not found DRV - (tbtslxak) -- C:\Windows\system32\drivers\tbtslxak.sys File not found DRV - (tbkaklcj) -- C:\Windows\system32\drivers\tbkaklcj.sys File not found DRV - (szllqmbq) -- C:\Windows\system32\drivers\szllqmbq.sys File not found DRV - (szlhpkny) -- C:\Windows\system32\drivers\szlhpkny.sys File not found DRV - (synrpgwf) -- C:\Windows\system32\drivers\synrpgwf.sys File not found DRV - (sxukobrj) -- C:\Windows\system32\drivers\sxukobrj.sys File not found DRV - (svrirqsk) -- C:\Windows\system32\drivers\svrirqsk.sys File not found DRV - (svovaaev) -- C:\Windows\system32\drivers\svovaaev.sys File not found DRV - (sugvhfiy) -- C:\Windows\system32\drivers\sugvhfiy.sys File not found DRV - (sufmgeao) -- C:\Windows\system32\drivers\sufmgeao.sys File not found DRV - (ssdqqnal) -- C:\Windows\system32\drivers\ssdqqnal.sys File not found DRV - (srgowute) -- C:\Windows\system32\drivers\srgowute.sys File not found DRV - (sregzcep) -- C:\Windows\system32\drivers\sregzcep.sys File not found DRV - (sqrjuius) -- C:\Windows\system32\drivers\sqrjuius.sys File not found DRV - (sqirrdld) -- C:\Windows\system32\drivers\sqirrdld.sys File not found DRV - (sozqlgde) -- C:\Windows\system32\drivers\sozqlgde.sys File not found DRV - (snlaklzh) -- C:\Windows\system32\drivers\snlaklzh.sys File not found DRV - (snjpxffg) -- C:\Windows\system32\drivers\snjpxffg.sys File not found DRV - (sneloxdm) -- C:\Windows\system32\drivers\sneloxdm.sys File not found DRV - (slrcmiju) -- C:\Windows\system32\drivers\slrcmiju.sys File not found DRV - (sljgolyi) -- C:\Windows\system32\drivers\sljgolyi.sys File not found DRV - (skucbuec) -- C:\Windows\system32\drivers\skucbuec.sys File not found DRV - (sknnbkub) -- C:\Windows\system32\drivers\sknnbkub.sys File not found DRV - (sjuhmeup) -- C:\Windows\system32\drivers\sjuhmeup.sys File not found DRV - (shiuykvq) -- C:\Windows\system32\drivers\shiuykvq.sys File not found DRV - (sgebjybh) -- C:\Windows\system32\drivers\sgebjybh.sys File not found DRV - (sfqagskn) -- C:\Windows\system32\drivers\sfqagskn.sys File not found DRV - (seztnsye) -- C:\Windows\system32\drivers\seztnsye.sys File not found DRV - (seyphgmk) -- C:\Windows\system32\drivers\seyphgmk.sys File not found DRV - (sejcnvwd) -- C:\Windows\system32\drivers\sejcnvwd.sys File not found DRV - (sdlylgbf) -- C:\Windows\system32\drivers\sdlylgbf.sys File not found DRV - (sdeqnepj) -- C:\Windows\system32\drivers\sdeqnepj.sys File not found DRV - (scokjpcy) -- C:\Windows\system32\drivers\scokjpcy.sys File not found DRV - (scitgaqj) -- C:\Windows\system32\drivers\scitgaqj.sys File not found DRV - (sbdbixea) -- C:\Windows\system32\drivers\sbdbixea.sys File not found DRV - (rzqbpqot) -- C:\Windows\system32\drivers\rzqbpqot.sys File not found DRV - (rzchaksh) -- C:\Windows\system32\drivers\rzchaksh.sys File not found DRV - (ryfqmrks) -- C:\Windows\system32\drivers\ryfqmrks.sys File not found DRV - (rybrseee) -- C:\Windows\system32\drivers\rybrseee.sys File not found DRV - (rxrsxdqg) -- C:\Windows\system32\drivers\rxrsxdqg.sys File not found DRV - (rxqlvlru) -- C:\Windows\system32\drivers\rxqlvlru.sys File not found DRV - (rxdeyiey) -- C:\Windows\system32\drivers\rxdeyiey.sys File not found DRV - (rwhhipwl) -- C:\Windows\system32\drivers\rwhhipwl.sys File not found DRV - (rwcmclms) -- C:\Windows\system32\drivers\rwcmclms.sys File not found DRV - (rvmrtccp) -- C:\Windows\system32\drivers\rvmrtccp.sys File not found DRV - (rvjhuufx) -- C:\Windows\system32\drivers\rvjhuufx.sys File not found DRV - (rucglypj) -- C:\Windows\system32\drivers\rucglypj.sys File not found DRV - (rtxdklao) -- C:\Windows\system32\drivers\rtxdklao.sys File not found DRV - (rtqwuoii) -- C:\Windows\system32\drivers\rtqwuoii.sys File not found DRV - (rsgxcfot) -- C:\Windows\system32\drivers\rsgxcfot.sys File not found DRV - (rrhjtcir) -- C:\Windows\system32\drivers\rrhjtcir.sys File not found DRV - (rqybxypa) -- C:\Windows\system32\drivers\rqybxypa.sys File not found DRV - (rnlcucze) -- C:\Windows\system32\drivers\rnlcucze.sys File not found DRV - (rjcsjmlt) -- C:\Windows\system32\drivers\rjcsjmlt.sys File not found DRV - (rihjepdv) -- C:\Windows\system32\drivers\rihjepdv.sys File not found DRV - (rgvzvxbc) -- C:\Windows\system32\drivers\rgvzvxbc.sys File not found DRV - (rgoedmxq) -- C:\Windows\system32\drivers\rgoedmxq.sys File not found DRV - (rfxukkxi) -- C:\Windows\system32\drivers\rfxukkxi.sys File not found DRV - (rfxtpnew) -- C:\Windows\system32\drivers\rfxtpnew.sys File not found DRV - (rdsuccnf) -- C:\Windows\system32\drivers\rdsuccnf.sys File not found DRV - (rcbnaosv) -- C:\Windows\system32\drivers\rcbnaosv.sys File not found DRV - (rcbfyodg) -- C:\Windows\system32\drivers\rcbfyodg.sys File not found DRV - (rbxhgets) -- C:\Windows\system32\drivers\rbxhgets.sys File not found DRV - (rbnxsiem) -- C:\Windows\system32\drivers\rbnxsiem.sys File not found DRV - (rbhyiyuo) -- C:\Windows\system32\drivers\rbhyiyuo.sys File not found DRV - (rbfmaqvc) -- C:\Windows\system32\drivers\rbfmaqvc.sys File not found DRV - (qyosdhst) -- C:\Windows\system32\drivers\qyosdhst.sys File not found DRV - (qxwxormf) -- C:\Windows\system32\drivers\qxwxormf.sys File not found DRV - (qxgdtepd) -- C:\Windows\system32\drivers\qxgdtepd.sys File not found DRV - (qxeabwws) -- C:\Windows\system32\drivers\qxeabwws.sys File not found DRV - (qwztvyjb) -- C:\Windows\system32\drivers\qwztvyjb.sys File not found DRV - (qwzldrlm) -- C:\Windows\system32\drivers\qwzldrlm.sys File not found DRV - (qwwjsrpa) -- C:\Windows\system32\drivers\qwwjsrpa.sys File not found DRV - (qwnzlbyz) -- C:\Windows\system32\drivers\qwnzlbyz.sys File not found DRV - (qwbullwa) -- C:\Windows\system32\drivers\qwbullwa.sys File not found DRV - (qvtphohg) -- C:\Windows\system32\drivers\qvtphohg.sys File not found DRV - (qvhpwfoq) -- C:\Windows\system32\drivers\qvhpwfoq.sys File not found DRV - (quvotptr) -- C:\Windows\system32\drivers\quvotptr.sys File not found DRV - (quvbdifn) -- C:\Windows\system32\drivers\quvbdifn.sys File not found DRV - (quphgiwt) -- C:\Windows\system32\drivers\quphgiwt.sys File not found DRV - (qtyjdlsg) -- C:\Windows\system32\drivers\qtyjdlsg.sys File not found DRV - (qtslccjl) -- C:\Windows\system32\drivers\qtslccjl.sys File not found DRV - (qsfkskuu) -- C:\Windows\system32\drivers\qsfkskuu.sys File not found DRV - (qrztltuj) -- C:\Windows\system32\drivers\qrztltuj.sys File not found DRV - (qrjyqnjz) -- C:\Windows\system32\drivers\qrjyqnjz.sys File not found DRV - (qqcawrvg) -- C:\Windows\system32\drivers\qqcawrvg.sys File not found DRV - (qpzdewlv) -- C:\Windows\system32\drivers\qpzdewlv.sys File not found DRV - (qpuqtarw) -- C:\Windows\system32\drivers\qpuqtarw.sys File not found DRV - (qptgpxlr) -- C:\Windows\system32\drivers\qptgpxlr.sys File not found DRV - (qpfjbytn) -- C:\Windows\system32\drivers\qpfjbytn.sys File not found DRV - (qorvtdfj) -- C:\Windows\system32\drivers\qorvtdfj.sys File not found DRV - (qojruayp) -- C:\Windows\system32\drivers\qojruayp.sys File not found DRV - (qodvdati) -- C:\Windows\system32\drivers\qodvdati.sys File not found DRV - (qnzutzhc) -- C:\Windows\system32\drivers\qnzutzhc.sys File not found DRV - (qlztziqp) -- C:\Windows\system32\drivers\qlztziqp.sys File not found DRV - (qkshnyjo) -- C:\Windows\system32\drivers\qkshnyjo.sys File not found DRV - (qjzsdtuq) -- C:\Windows\system32\drivers\qjzsdtuq.sys File not found DRV - (qjwjneua) -- C:\Windows\system32\drivers\qjwjneua.sys File not found DRV - (qhkofamh) -- C:\Windows\system32\drivers\qhkofamh.sys File not found DRV - (qfxqbtfk) -- C:\Windows\system32\drivers\qfxqbtfk.sys File not found DRV - (qfofzllh) -- C:\Windows\system32\drivers\qfofzllh.sys File not found DRV - (qfkxdxcz) -- C:\Windows\system32\drivers\qfkxdxcz.sys File not found DRV - (qdredtbo) -- C:\Windows\system32\drivers\qdredtbo.sys File not found DRV - (qdkgbegb) -- C:\Windows\system32\drivers\qdkgbegb.sys File not found DRV - (qdciakwl) -- C:\Windows\system32\drivers\qdciakwl.sys File not found DRV - (qcdjtatn) -- C:\Windows\system32\drivers\qcdjtatn.sys File not found DRV - (qbgevfls) -- C:\Windows\system32\drivers\qbgevfls.sys File not found DRV - (qawegfua) -- C:\Windows\system32\drivers\qawegfua.sys File not found DRV - (qaqmynds) -- C:\Windows\system32\drivers\qaqmynds.sys File not found DRV - (qaqdegjy) -- C:\Windows\system32\drivers\qaqdegjy.sys File not found DRV - (pztudedh) -- C:\Windows\system32\drivers\pztudedh.sys File not found DRV - (pzovfaqh) -- C:\Windows\system32\drivers\pzovfaqh.sys File not found DRV - (pzlzgjsh) -- C:\Windows\system32\drivers\pzlzgjsh.sys File not found DRV - (pyxgvstm) -- C:\Windows\system32\drivers\pyxgvstm.sys File not found DRV - (pvnsfzbt) -- C:\Windows\system32\drivers\pvnsfzbt.sys File not found DRV - (pvkxcwwt) -- C:\Windows\system32\drivers\pvkxcwwt.sys File not found DRV - (puzgmydw) -- C:\Windows\system32\drivers\puzgmydw.sys File not found DRV - (punumucf) -- C:\Windows\system32\drivers\punumucf.sys File not found DRV - (ptmqcvkg) -- C:\Windows\system32\drivers\ptmqcvkg.sys File not found DRV - (przrmktm) -- C:\Windows\system32\drivers\przrmktm.sys File not found DRV - (prqostly) -- C:\Windows\system32\drivers\prqostly.sys File not found DRV - (prauqtaj) -- C:\Windows\system32\drivers\prauqtaj.sys File not found DRV - (pqhotvhm) -- C:\Windows\system32\drivers\pqhotvhm.sys File not found DRV - (pqbbolek) -- C:\Windows\system32\drivers\pqbbolek.sys File not found DRV - (pppjbdjh) -- C:\Windows\system32\drivers\pppjbdjh.sys File not found DRV - (ppkeikty) -- C:\Windows\system32\drivers\ppkeikty.sys File not found DRV - (poxokgsk) -- C:\Windows\system32\drivers\poxokgsk.sys File not found DRV - (poswpbxp) -- C:\Windows\system32\drivers\poswpbxp.sys File not found DRV - (pokhtcae) -- C:\Windows\system32\drivers\pokhtcae.sys File not found DRV - (pnplblyi) -- C:\Windows\system32\drivers\pnplblyi.sys File not found DRV - (pnnpcsry) -- C:\Windows\system32\drivers\pnnpcsry.sys File not found DRV - (pmycgwuu) -- C:\Windows\system32\drivers\pmycgwuu.sys File not found DRV - (pmxrfjua) -- C:\Windows\system32\drivers\pmxrfjua.sys File not found DRV - (plqlwlrp) -- C:\Windows\system32\drivers\plqlwlrp.sys File not found DRV - (plicrbtt) -- C:\Windows\system32\drivers\plicrbtt.sys File not found DRV - (pknvmivg) -- C:\Windows\system32\drivers\pknvmivg.sys File not found DRV - (pkliaiii) -- C:\Windows\system32\drivers\pkliaiii.sys File not found DRV - (piuhtqod) -- C:\Windows\system32\drivers\piuhtqod.sys File not found DRV - (pifzwvvo) -- C:\Windows\system32\drivers\pifzwvvo.sys File not found DRV - (phwtefiz) -- C:\Windows\system32\drivers\phwtefiz.sys File not found DRV - (pgdabuvz) -- C:\Windows\system32\drivers\pgdabuvz.sys File not found DRV - (pfohazts) -- C:\Windows\system32\drivers\pfohazts.sys File not found DRV - (pdeoxwgn) -- C:\Windows\system32\drivers\pdeoxwgn.sys File not found DRV - (pcwkupxr) -- C:\Windows\system32\drivers\pcwkupxr.sys File not found DRV - (pbshynrx) -- C:\Windows\system32\drivers\pbshynrx.sys File not found DRV - (pbiqqvps) -- C:\Windows\system32\drivers\pbiqqvps.sys File not found DRV - (pbididnd) -- C:\Windows\system32\drivers\pbididnd.sys File not found DRV - (pazovxqi) -- C:\Windows\system32\drivers\pazovxqi.sys File not found DRV - (pagdorha) -- C:\Windows\system32\drivers\pagdorha.sys File not found DRV - (ozsuqmne) -- C:\Windows\system32\drivers\ozsuqmne.sys File not found DRV - (oyhvzbtl) -- C:\Windows\system32\drivers\oyhvzbtl.sys File not found DRV - (oxzyexcx) -- C:\Windows\system32\drivers\oxzyexcx.sys File not found DRV - (owygcqqb) -- C:\Windows\system32\drivers\owygcqqb.sys File not found DRV - (owxyaaho) -- C:\Windows\system32\drivers\owxyaaho.sys File not found DRV - (ovvvtshh) -- C:\Windows\system32\drivers\ovvvtshh.sys File not found DRV - (ovvdwqhn) -- C:\Windows\system32\drivers\ovvdwqhn.sys File not found DRV - (ouyclecm) -- C:\Windows\system32\drivers\ouyclecm.sys File not found DRV - (ouuyewbs) -- C:\Windows\system32\drivers\ouuyewbs.sys File not found DRV - (otuvsnjt) -- C:\Windows\system32\drivers\otuvsnjt.sys File not found DRV - (otpmaaka) -- C:\Windows\system32\drivers\otpmaaka.sys File not found DRV - (ordxouqx) -- C:\Windows\system32\drivers\ordxouqx.sys File not found DRV - (oqibqbce) -- C:\Windows\system32\drivers\oqibqbce.sys File not found DRV - (oppqebbp) -- C:\Windows\system32\drivers\oppqebbp.sys File not found DRV - (oobihelq) -- C:\Windows\system32\drivers\oobihelq.sys File not found DRV - (onlghdak) -- C:\Windows\system32\drivers\onlghdak.sys File not found DRV - (olzokgji) -- C:\Windows\system32\drivers\olzokgji.sys File not found DRV - (olmazfvb) -- C:\Windows\system32\drivers\olmazfvb.sys File not found DRV - (ollqtcef) -- C:\Windows\system32\drivers\ollqtcef.sys File not found DRV - (olhbxntc) -- C:\Windows\system32\drivers\olhbxntc.sys File not found DRV - (okjrvvyd) -- C:\Windows\system32\drivers\okjrvvyd.sys File not found DRV - (okbignal) -- C:\Windows\system32\drivers\okbignal.sys File not found DRV - (oibbznwz) -- C:\Windows\system32\drivers\oibbznwz.sys File not found DRV - (ohwqwmeg) -- C:\Windows\system32\drivers\ohwqwmeg.sys File not found DRV - (ohqiqwom) -- C:\Windows\system32\drivers\ohqiqwom.sys File not found DRV - (ognpitmh) -- C:\Windows\system32\drivers\ognpitmh.sys File not found DRV - (ofrszdqu) -- C:\Windows\system32\drivers\ofrszdqu.sys File not found DRV - (ofkngqsz) -- C:\Windows\system32\drivers\ofkngqsz.sys File not found DRV - (oeldwwfg) -- C:\Windows\system32\drivers\oeldwwfg.sys File not found DRV - (odsshemk) -- C:\Windows\system32\drivers\odsshemk.sys File not found DRV - (ocoupntn) -- C:\Windows\system32\drivers\ocoupntn.sys File not found DRV - (obavaijb) -- C:\Windows\system32\drivers\obavaijb.sys File not found DRV - (oarvkegg) -- C:\Windows\system32\drivers\oarvkegg.sys File not found DRV - (oanvtwgj) -- C:\Windows\system32\drivers\oanvtwgj.sys File not found DRV - (nzaqdxqe) -- C:\Windows\system32\drivers\nzaqdxqe.sys File not found DRV - (nyxblplj) -- C:\Windows\system32\drivers\nyxblplj.sys File not found DRV - (nxyiaeav) -- C:\Windows\system32\drivers\nxyiaeav.sys File not found DRV - (nxybfcxf) -- C:\Windows\system32\drivers\nxybfcxf.sys File not found DRV - (nxqtkkvn) -- C:\Windows\system32\drivers\nxqtkkvn.sys File not found DRV - (nwzzobqt) -- C:\Windows\system32\drivers\nwzzobqt.sys File not found DRV - (nwqsozfx) -- C:\Windows\system32\drivers\nwqsozfx.sys File not found DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found DRV - (nvovkmqp) -- C:\Windows\system32\drivers\nvovkmqp.sys File not found DRV - (nuvsyzga) -- C:\Windows\system32\drivers\nuvsyzga.sys File not found DRV - (nstxdqkn) -- C:\Windows\system32\drivers\nstxdqkn.sys File not found DRV - (nsgmiycu) -- C:\Windows\system32\drivers\nsgmiycu.sys File not found DRV - (nqwjtvjd) -- C:\Windows\system32\drivers\nqwjtvjd.sys File not found DRV - (nqmfgdno) -- C:\Windows\system32\drivers\nqmfgdno.sys File not found DRV - (nposbfne) -- C:\Windows\system32\drivers\nposbfne.sys File not found DRV - (nomsabmw) -- C:\Windows\system32\drivers\nomsabmw.sys File not found DRV - (nommloeb) -- C:\Windows\system32\drivers\nommloeb.sys File not found DRV - (nnohbyxj) -- C:\Windows\system32\drivers\nnohbyxj.sys File not found DRV - (nnctmagn) -- C:\Windows\system32\drivers\nnctmagn.sys File not found DRV - (nnbopyjr) -- C:\Windows\system32\drivers\nnbopyjr.sys File not found DRV - (nmplcgtx) -- C:\Windows\system32\drivers\nmplcgtx.sys File not found DRV - (nmofnbnk) -- C:\Windows\system32\drivers\nmofnbnk.sys File not found DRV - (nlydclgf) -- C:\Windows\system32\drivers\nlydclgf.sys File not found DRV - (nlrxkmkp) -- C:\Windows\system32\drivers\nlrxkmkp.sys File not found DRV - (nlkhtfzp) -- C:\Windows\system32\drivers\nlkhtfzp.sys File not found DRV - (njjmdmdj) -- C:\Windows\system32\drivers\njjmdmdj.sys File not found DRV - (njgofvjr) -- C:\Windows\system32\drivers\njgofvjr.sys File not found DRV - (ngombplo) -- C:\Windows\system32\drivers\ngombplo.sys File not found DRV - (ngnhqtzs) -- C:\Windows\system32\drivers\ngnhqtzs.sys File not found DRV - (nfnicrwm) -- C:\Windows\system32\drivers\nfnicrwm.sys File not found DRV - (nervmubi) -- C:\Windows\system32\drivers\nervmubi.sys File not found DRV - (neptfyia) -- C:\Windows\system32\drivers\neptfyia.sys File not found DRV - (nctinnfj) -- C:\Windows\system32\drivers\nctinnfj.sys File not found DRV - (najpyovy) -- C:\Windows\system32\drivers\najpyovy.sys File not found DRV - (naftsdgq) -- C:\Windows\system32\drivers\naftsdgq.sys File not found DRV - (mztljlyk) -- C:\Windows\system32\drivers\mztljlyk.sys File not found DRV - (mzsidsmt) -- C:\Windows\system32\drivers\mzsidsmt.sys File not found DRV - (mzrebixn) -- C:\Windows\system32\drivers\mzrebixn.sys File not found DRV - (myvyfeyq) -- C:\Windows\system32\drivers\myvyfeyq.sys File not found DRV - (mypskyjb) -- C:\Windows\system32\drivers\mypskyjb.sys File not found DRV - (myoqulum) -- C:\Windows\system32\drivers\myoqulum.sys File not found DRV - (myfdioyr) -- C:\Windows\system32\drivers\myfdioyr.sys File not found DRV - (mxxttbrv) -- C:\Windows\system32\drivers\mxxttbrv.sys File not found DRV - (mwpjwfgz) -- C:\Windows\system32\drivers\mwpjwfgz.sys File not found DRV - (mvvpzyuw) -- C:\Windows\system32\drivers\mvvpzyuw.sys File not found DRV - (mvbsslvl) -- C:\Windows\system32\drivers\mvbsslvl.sys File not found DRV - (muihrqeu) -- C:\Windows\system32\drivers\muihrqeu.sys File not found DRV - (mtulanxu) -- C:\Windows\system32\drivers\mtulanxu.sys File not found DRV - (mthassln) -- C:\Windows\system32\drivers\mthassln.sys File not found DRV - (msopuclq) -- C:\Windows\system32\drivers\msopuclq.sys File not found DRV - (msltkilc) -- C:\Windows\system32\drivers\msltkilc.sys File not found DRV - (mshuijob) -- C:\Windows\system32\drivers\mshuijob.sys File not found DRV - (mryhdwba) -- C:\Windows\system32\drivers\mryhdwba.sys File not found DRV - (mrhbusvq) -- C:\Windows\system32\drivers\mrhbusvq.sys File not found DRV - (mrahjdgu) -- C:\Windows\system32\drivers\mrahjdgu.sys File not found DRV - (mqtjgnhx) -- C:\Windows\system32\drivers\mqtjgnhx.sys File not found DRV - (mpuyfwnq) -- C:\Windows\system32\drivers\mpuyfwnq.sys File not found DRV - (MpKslafea51e4) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6138ECEF-CE8A-4024-9F8A-0E63BD673459}\MpKslafea51e4.sys File not found DRV - (mozoebft) -- C:\Windows\system32\drivers\mozoebft.sys File not found DRV - (mozgvtka) -- C:\Windows\system32\drivers\mozgvtka.sys File not found DRV - (moklawzf) -- C:\Windows\system32\drivers\moklawzf.sys File not found DRV - (mnvqzaiy) -- C:\Windows\system32\drivers\mnvqzaiy.sys File not found DRV - (mngtazxp) -- C:\Windows\system32\drivers\mngtazxp.sys File not found DRV - (mlnqkjcz) -- C:\Windows\system32\drivers\mlnqkjcz.sys File not found DRV - (mkrntsfn) -- C:\Windows\system32\drivers\mkrntsfn.sys File not found DRV - (mkqnnvdl) -- C:\Windows\system32\drivers\mkqnnvdl.sys File not found DRV - (mjtssjet) -- C:\Windows\system32\drivers\mjtssjet.sys File not found DRV - (midppwsa) -- C:\Windows\system32\drivers\midppwsa.sys File not found DRV - (mgvfvsen) -- C:\Windows\system32\drivers\mgvfvsen.sys File not found DRV - (mgsqaslq) -- C:\Windows\system32\drivers\mgsqaslq.sys File not found DRV - (mgjqvfti) -- C:\Windows\system32\drivers\mgjqvfti.sys File not found DRV - (mfyqhahe) -- C:\Windows\system32\drivers\mfyqhahe.sys File not found DRV - (mfgfbnbd) -- C:\Windows\system32\drivers\mfgfbnbd.sys File not found DRV - (mefjkygt) -- C:\Windows\system32\drivers\mefjkygt.sys File not found DRV - (mdzuoogh) -- C:\Windows\system32\drivers\mdzuoogh.sys File not found DRV - (mddlnlts) -- C:\Windows\system32\drivers\mddlnlts.sys File not found DRV - (mddftkak) -- C:\Windows\system32\drivers\mddftkak.sys File not found DRV - (mcvididw) -- C:\Windows\system32\drivers\mcvididw.sys File not found DRV - (mcprvtvx) -- C:\Windows\system32\drivers\mcprvtvx.sys File not found DRV - (mcaavpql) -- C:\Windows\system32\drivers\mcaavpql.sys File not found DRV - (mbzvebpm) -- C:\Windows\system32\drivers\mbzvebpm.sys File not found DRV - (maqbkudw) -- C:\Windows\system32\drivers\maqbkudw.sys File not found DRV - (magdyzgg) -- C:\Windows\system32\drivers\magdyzgg.sys File not found DRV - (lydnxzbm) -- C:\Windows\system32\drivers\lydnxzbm.sys File not found DRV - (lxuxjjeo) -- C:\Windows\system32\drivers\lxuxjjeo.sys File not found DRV - (lxhtkuga) -- C:\Windows\system32\drivers\lxhtkuga.sys File not found DRV - (lxbwiitg) -- C:\Windows\system32\drivers\lxbwiitg.sys File not found DRV - (lvitgmog) -- C:\Windows\system32\drivers\lvitgmog.sys File not found DRV - (ltlmpiat) -- C:\Windows\system32\drivers\ltlmpiat.sys File not found DRV - (ltjrxvpb) -- C:\Windows\system32\drivers\ltjrxvpb.sys File not found DRV - (lsgslkbs) -- C:\Windows\system32\drivers\lsgslkbs.sys File not found DRV - (lsfwvugo) -- C:\Windows\system32\drivers\lsfwvugo.sys File not found DRV - (lsdrizcg) -- C:\Windows\system32\drivers\lsdrizcg.sys File not found DRV - (lrmmuaql) -- C:\Windows\system32\drivers\lrmmuaql.sys File not found DRV - (lqivifjq) -- C:\Windows\system32\drivers\lqivifjq.sys File not found DRV - (lpuldbql) -- C:\Windows\system32\drivers\lpuldbql.sys File not found DRV - (loityflw) -- C:\Windows\system32\drivers\loityflw.sys File not found DRV - (lockbubk) -- C:\Windows\system32\drivers\lockbubk.sys File not found DRV - (loaovxex) -- C:\Windows\system32\drivers\loaovxex.sys File not found DRV - (lnwfemrf) -- C:\Windows\system32\drivers\lnwfemrf.sys File not found DRV - (lnmwlgpv) -- C:\Windows\system32\drivers\lnmwlgpv.sys File not found DRV - (lnkcbdac) -- C:\Windows\system32\drivers\lnkcbdac.sys File not found DRV - (lljbvrzp) -- C:\Windows\system32\drivers\lljbvrzp.sys File not found DRV - (ljsljgfh) -- C:\Windows\system32\drivers\ljsljgfh.sys File not found DRV - (ljjhvque) -- C:\Windows\system32\drivers\ljjhvque.sys File not found DRV - (ljijgdbo) -- C:\Windows\system32\drivers\ljijgdbo.sys File not found DRV - (ljcruqkx) -- C:\Windows\system32\drivers\ljcruqkx.sys File not found DRV - (livzoylz) -- C:\Windows\system32\drivers\livzoylz.sys File not found DRV - (lirmoiij) -- C:\Windows\system32\drivers\lirmoiij.sys File not found DRV - (lhzaxtnp) -- C:\Windows\system32\drivers\lhzaxtnp.sys File not found DRV - (lfjrjnux) -- C:\Windows\system32\drivers\lfjrjnux.sys File not found DRV - (lesjvthj) -- C:\Windows\system32\drivers\lesjvthj.sys File not found DRV - (leaixgkl) -- C:\Windows\system32\drivers\leaixgkl.sys File not found DRV - (lcfgzzog) -- C:\Windows\system32\drivers\lcfgzzog.sys File not found DRV - (lbzyvoge) -- C:\Windows\system32\drivers\lbzyvoge.sys File not found DRV - (lavqncsn) -- C:\Windows\system32\drivers\lavqncsn.sys File not found DRV - (lagatxvx) -- C:\Windows\system32\drivers\lagatxvx.sys File not found DRV - (kzrdpkad) -- C:\Windows\system32\drivers\kzrdpkad.sys File not found DRV - (kzedmzhy) -- C:\Windows\system32\drivers\kzedmzhy.sys File not found DRV - (kyrargeh) -- C:\Windows\system32\drivers\kyrargeh.sys File not found DRV - (kxqxyfzc) -- C:\Windows\system32\drivers\kxqxyfzc.sys File not found DRV - (kxqbnoll) -- C:\Windows\system32\drivers\kxqbnoll.sys File not found DRV - (kxhumgrm) -- C:\Windows\system32\drivers\kxhumgrm.sys File not found DRV - (kxbmrmlq) -- C:\Windows\system32\drivers\kxbmrmlq.sys File not found DRV - (kwbyskwj) -- C:\Windows\system32\drivers\kwbyskwj.sys File not found DRV - (kvrhreyt) -- C:\Windows\system32\drivers\kvrhreyt.sys File not found DRV - (ktbirayk) -- C:\Windows\system32\drivers\ktbirayk.sys File not found DRV - (ksvnzpdh) -- C:\Windows\system32\drivers\ksvnzpdh.sys File not found DRV - (kskmuotf) -- C:\Windows\system32\drivers\kskmuotf.sys File not found DRV - (ksjsgmvf) -- C:\Windows\system32\drivers\ksjsgmvf.sys File not found DRV - (krmyuzjp) -- C:\Windows\system32\drivers\krmyuzjp.sys File not found DRV - (kqaahvls) -- C:\Windows\system32\drivers\kqaahvls.sys File not found DRV - (kpsgipre) -- C:\Windows\system32\drivers\kpsgipre.sys File not found DRV - (kokmrude) -- C:\Windows\system32\drivers\kokmrude.sys File not found DRV - (kogsrrsd) -- C:\Windows\system32\drivers\kogsrrsd.sys File not found DRV - (knuzukse) -- C:\Windows\system32\drivers\knuzukse.sys File not found DRV - (knhwdkfw) -- C:\Windows\system32\drivers\knhwdkfw.sys File not found DRV - (kmmfdrsr) -- C:\Windows\system32\drivers\kmmfdrsr.sys File not found DRV - (klnfsigb) -- C:\Windows\system32\drivers\klnfsigb.sys File not found DRV - (kklyrwyc) -- C:\Windows\system32\drivers\kklyrwyc.sys File not found DRV - (kjrqavrw) -- C:\Windows\system32\drivers\kjrqavrw.sys File not found DRV - (kjbddxog) -- C:\Windows\system32\drivers\kjbddxog.sys File not found DRV - (kiairoao) -- C:\Windows\system32\drivers\kiairoao.sys File not found DRV - (khoqhhca) -- C:\Windows\system32\drivers\khoqhhca.sys File not found DRV - (kgjjqjet) -- C:\Windows\system32\drivers\kgjjqjet.sys File not found DRV - (kghfngqb) -- C:\Windows\system32\drivers\kghfngqb.sys File not found DRV - (kgdfnyre) -- C:\Windows\system32\drivers\kgdfnyre.sys File not found DRV - (kfqinehi) -- C:\Windows\system32\drivers\kfqinehi.sys File not found DRV - (kdqvshvz) -- C:\Windows\system32\drivers\kdqvshvz.sys File not found DRV - (kczixjae) -- C:\Windows\system32\drivers\kczixjae.sys File not found DRV - (kcytbvgw) -- C:\Windows\system32\drivers\kcytbvgw.sys File not found DRV - (kchcznxc) -- C:\Windows\system32\drivers\kchcznxc.sys File not found DRV - (kcadoqqo) -- C:\Windows\system32\drivers\kcadoqqo.sys File not found DRV - (kaebdpth) -- C:\Windows\system32\drivers\kaebdpth.sys File not found DRV - (jzupvsjd) -- C:\Windows\system32\drivers\jzupvsjd.sys File not found DRV - (jxtuneqa) -- C:\Windows\system32\drivers\jxtuneqa.sys File not found DRV - (jvjnbtzs) -- C:\Windows\system32\drivers\jvjnbtzs.sys File not found DRV - (jvahefnj) -- C:\Windows\system32\drivers\jvahefnj.sys File not found DRV - (juylcsdc) -- C:\Windows\system32\drivers\juylcsdc.sys File not found DRV - (juqcfzfs) -- C:\Windows\system32\drivers\juqcfzfs.sys File not found DRV - (juitsmjs) -- C:\Windows\system32\drivers\juitsmjs.sys File not found DRV - (juboqqvc) -- C:\Windows\system32\drivers\juboqqvc.sys File not found DRV - (jtfqphyw) -- C:\Windows\system32\drivers\jtfqphyw.sys File not found DRV - (jsxtvyud) -- C:\Windows\system32\drivers\jsxtvyud.sys File not found DRV - (jsmhefch) -- C:\Windows\system32\drivers\jsmhefch.sys File not found DRV - (jsljkcfo) -- C:\Windows\system32\drivers\jsljkcfo.sys File not found DRV - (jsfokrer) -- C:\Windows\system32\drivers\jsfokrer.sys File not found DRV - (jrsyvzuk) -- C:\Windows\system32\drivers\jrsyvzuk.sys File not found DRV - (jqvnmibd) -- C:\Windows\system32\drivers\jqvnmibd.sys File not found DRV - (jqdjimxz) -- C:\Windows\system32\drivers\jqdjimxz.sys File not found DRV - (jpjneumo) -- C:\Windows\system32\drivers\jpjneumo.sys File not found DRV - (jobslcoa) -- C:\Windows\system32\drivers\jobslcoa.sys File not found DRV - (jnpnowiu) -- C:\Windows\system32\drivers\jnpnowiu.sys File not found DRV - (jnmaplhk) -- C:\Windows\system32\drivers\jnmaplhk.sys File not found DRV - (jmjqsbfr) -- C:\Windows\system32\drivers\jmjqsbfr.sys File not found DRV - (jifmbyqr) -- C:\Windows\system32\drivers\jifmbyqr.sys File not found DRV - (jghojqfq) -- C:\Windows\system32\drivers\jghojqfq.sys File not found DRV - (jfxkyyjt) -- C:\Windows\system32\drivers\jfxkyyjt.sys File not found DRV - (jetdfzsz) -- C:\Windows\system32\drivers\jetdfzsz.sys File not found DRV - (jegewtws) -- C:\Windows\system32\drivers\jegewtws.sys File not found DRV - (jeevldvx) -- C:\Windows\system32\drivers\jeevldvx.sys File not found DRV - (jdneljlx) -- C:\Windows\system32\drivers\jdneljlx.sys File not found DRV - (jdenfzoc) -- C:\Windows\system32\drivers\jdenfzoc.sys File not found DRV - (jbxtliye) -- C:\Windows\system32\drivers\jbxtliye.sys File not found DRV - (jbthbdtx) -- C:\Windows\system32\drivers\jbthbdtx.sys File not found DRV - (jbnmrwhn) -- C:\Windows\system32\drivers\jbnmrwhn.sys File not found DRV - (japgcyuw) -- C:\Windows\system32\drivers\japgcyuw.sys File not found DRV - (jaffkgwq) -- C:\Windows\system32\drivers\jaffkgwq.sys File not found DRV - (izwnmwcl) -- C:\Windows\system32\drivers\izwnmwcl.sys File not found DRV - (izorkpva) -- C:\Windows\system32\drivers\izorkpva.sys File not found DRV - (iwpokkmw) -- C:\Windows\system32\drivers\iwpokkmw.sys File not found DRV - (iuggokxo) -- C:\Windows\system32\drivers\iuggokxo.sys File not found DRV - (isvyqrum) -- C:\Windows\system32\drivers\isvyqrum.sys File not found DRV - (isurmkrv) -- C:\Windows\system32\drivers\isurmkrv.sys File not found DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found DRV - (ipidqnua) -- C:\Windows\system32\drivers\ipidqnua.sys File not found DRV - (iotixsxt) -- C:\Windows\system32\drivers\iotixsxt.sys File not found DRV - (iodzgozc) -- C:\Windows\system32\drivers\iodzgozc.sys File not found DRV - (inkgpnkn) -- C:\Windows\system32\drivers\inkgpnkn.sys File not found DRV - (inejyecp) -- C:\Windows\system32\drivers\inejyecp.sys File not found DRV - (imtugajm) -- C:\Windows\system32\drivers\imtugajm.sys File not found DRV - (imiidesz) -- C:\Windows\system32\drivers\imiidesz.sys File not found DRV - (iluwbrlr) -- C:\Windows\system32\drivers\iluwbrlr.sys File not found DRV - (ilmgfpmc) -- C:\Windows\system32\drivers\ilmgfpmc.sys File not found DRV - (ilisselo) -- C:\Windows\system32\drivers\ilisselo.sys File not found DRV - (ilaekutc) -- C:\Windows\system32\drivers\ilaekutc.sys File not found DRV - (iktxjjep) -- C:\Windows\system32\drivers\iktxjjep.sys File not found DRV - (ijudvvuw) -- C:\Windows\system32\drivers\ijudvvuw.sys File not found DRV - (iidzvrmc) -- C:\Windows\system32\drivers\iidzvrmc.sys File not found DRV - (ihwlmazv) -- C:\Windows\system32\drivers\ihwlmazv.sys File not found DRV - (igvmqljq) -- C:\Windows\system32\drivers\igvmqljq.sys File not found DRV - (idaijtbj) -- C:\Windows\system32\drivers\idaijtbj.sys File not found DRV - (icyxetmh) -- C:\Windows\system32\drivers\icyxetmh.sys File not found DRV - (icikdhtq) -- C:\Windows\system32\drivers\icikdhtq.sys File not found DRV - (icgxuorq) -- C:\Windows\system32\drivers\icgxuorq.sys File not found DRV - (iaejjool) -- C:\Windows\system32\drivers\iaejjool.sys File not found DRV - (hzkgegcu) -- C:\Windows\system32\drivers\hzkgegcu.sys File not found DRV - (hywvamvm) -- C:\Windows\system32\drivers\hywvamvm.sys File not found DRV - (hyoajxpu) -- C:\Windows\system32\drivers\hyoajxpu.sys File not found DRV - (hxdaxpxo) -- C:\Windows\system32\drivers\hxdaxpxo.sys File not found DRV - (hvwnxtvb) -- C:\Windows\system32\drivers\hvwnxtvb.sys File not found DRV - (huvmmkmj) -- C:\Windows\system32\drivers\huvmmkmj.sys File not found DRV - (hujxitkb) -- C:\Windows\system32\drivers\hujxitkb.sys File not found DRV - (htlelzrw) -- C:\Windows\system32\drivers\htlelzrw.sys File not found DRV - (htkfrbmz) -- C:\Windows\system32\drivers\htkfrbmz.sys File not found DRV - (htilyoqm) -- C:\Windows\system32\drivers\htilyoqm.sys File not found DRV - (hshaucuu) -- C:\Windows\system32\drivers\hshaucuu.sys File not found DRV - (hsgmkpkf) -- C:\Windows\system32\drivers\hsgmkpkf.sys File not found DRV - (hryadeyf) -- C:\Windows\system32\drivers\hryadeyf.sys File not found DRV - (hrtbcfsg) -- C:\Windows\system32\drivers\hrtbcfsg.sys File not found DRV - (hqqokcbo) -- C:\Windows\system32\drivers\hqqokcbo.sys File not found DRV - (hqjgwjpm) -- C:\Windows\system32\drivers\hqjgwjpm.sys File not found DRV - (hprfpgbm) -- C:\Windows\system32\drivers\hprfpgbm.sys File not found DRV - (hopcnttg) -- C:\Windows\system32\drivers\hopcnttg.sys File not found DRV - (hnoghgog) -- C:\Windows\system32\drivers\hnoghgog.sys File not found DRV - (hnmybibm) -- C:\Windows\system32\drivers\hnmybibm.sys File not found DRV - (hmxpojgv) -- C:\Windows\system32\drivers\hmxpojgv.sys File not found DRV - (hlobyped) -- C:\Windows\system32\drivers\hlobyped.sys File not found DRV - (hlfrzokg) -- C:\Windows\system32\drivers\hlfrzokg.sys File not found DRV - (hldurrqy) -- C:\Windows\system32\drivers\hldurrqy.sys File not found DRV - (hjjtwory) -- C:\Windows\system32\drivers\hjjtwory.sys File not found DRV - (hhnvqxbv) -- C:\Windows\system32\drivers\hhnvqxbv.sys File not found DRV - (hhnmnqgb) -- C:\Windows\system32\drivers\hhnmnqgb.sys File not found DRV - (hhhmiyqd) -- C:\Windows\system32\drivers\hhhmiyqd.sys File not found DRV - (hgqhzoqd) -- C:\Windows\system32\drivers\hgqhzoqd.sys File not found DRV - (hesneint) -- C:\Windows\system32\drivers\hesneint.sys File not found DRV - (helxpxzw) -- C:\Windows\system32\drivers\helxpxzw.sys File not found DRV - (hdoohqii) -- C:\Windows\system32\drivers\hdoohqii.sys File not found DRV - (hdairdfn) -- C:\Windows\system32\drivers\hdairdfn.sys File not found DRV - (hcyarwvd) -- C:\Windows\system32\drivers\hcyarwvd.sys File not found DRV - (hbxataoo) -- C:\Windows\system32\drivers\hbxataoo.sys File not found DRV - (hbrgiwtl) -- C:\Windows\system32\drivers\hbrgiwtl.sys File not found DRV - (hakmytpz) -- C:\Windows\system32\drivers\hakmytpz.sys File not found DRV - (gzxmweqj) -- C:\Windows\system32\drivers\gzxmweqj.sys File not found DRV - (gzcjzkuo) -- C:\Windows\system32\drivers\gzcjzkuo.sys File not found DRV - (gzbgdlix) -- C:\Windows\system32\drivers\gzbgdlix.sys File not found DRV - (gyqbhtuk) -- C:\Windows\system32\drivers\gyqbhtuk.sys File not found DRV - (gyejkdnc) -- C:\Windows\system32\drivers\gyejkdnc.sys File not found DRV - (gxruoryb) -- C:\Windows\system32\drivers\gxruoryb.sys File not found DRV - (gxodvhpi) -- C:\Windows\system32\drivers\gxodvhpi.sys File not found DRV - (gxejbjkz) -- C:\Windows\system32\drivers\gxejbjkz.sys File not found DRV - (gwwtciax) -- C:\Windows\system32\drivers\gwwtciax.sys File not found DRV - (gwaeaalb) -- C:\Windows\system32\drivers\gwaeaalb.sys File not found DRV - (gupxwhvl) -- C:\Windows\system32\drivers\gupxwhvl.sys File not found DRV - (gukicrxm) -- C:\Windows\system32\drivers\gukicrxm.sys File not found DRV - (gsodrcpc) -- C:\Windows\system32\drivers\gsodrcpc.sys File not found DRV - (gsiavpgs) -- C:\Windows\system32\drivers\gsiavpgs.sys File not found DRV - (gryhiczo) -- C:\Windows\system32\drivers\gryhiczo.sys File not found DRV - (grnizfky) -- C:\Windows\system32\drivers\grnizfky.sys File not found DRV - (grfwigan) -- C:\Windows\system32\drivers\grfwigan.sys File not found DRV - (gqxqwynb) -- C:\Windows\system32\drivers\gqxqwynb.sys File not found DRV - (gpybhlpr) -- C:\Windows\system32\drivers\gpybhlpr.sys File not found DRV - (gopssrfi) -- C:\Windows\system32\drivers\gopssrfi.sys File not found DRV - (gohukynx) -- C:\Windows\system32\drivers\gohukynx.sys File not found DRV - (gmwpsgae) -- C:\Windows\system32\drivers\gmwpsgae.sys File not found DRV - (gmeygisg) -- C:\Windows\system32\drivers\gmeygisg.sys File not found DRV - (gmaqnbfi) -- C:\Windows\system32\drivers\gmaqnbfi.sys File not found DRV - (glocgfaa) -- C:\Windows\system32\drivers\glocgfaa.sys File not found DRV - (gkwnygoa) -- C:\Windows\system32\drivers\gkwnygoa.sys File not found DRV - (gkfjnthc) -- C:\Windows\system32\drivers\gkfjnthc.sys File not found DRV - (giqvubas) -- C:\Windows\system32\drivers\giqvubas.sys File not found DRV - (gipguoqz) -- C:\Windows\system32\drivers\gipguoqz.sys File not found DRV - (ghaniegs) -- C:\Windows\system32\drivers\ghaniegs.sys File not found DRV - (ggzadjyi) -- C:\Windows\system32\drivers\ggzadjyi.sys File not found DRV - (ggrugkbd) -- C:\Windows\system32\drivers\ggrugkbd.sys File not found DRV - (ggfopkxs) -- C:\Windows\system32\drivers\ggfopkxs.sys File not found DRV - (gfuqoudp) -- C:\Windows\system32\drivers\gfuqoudp.sys File not found DRV - (gfrcjxdl) -- C:\Windows\system32\drivers\gfrcjxdl.sys File not found DRV - (gezewaed) -- C:\Windows\system32\drivers\gezewaed.sys File not found DRV - (gdsvqqcz) -- C:\Windows\system32\drivers\gdsvqqcz.sys File not found DRV - (gciwiitm) -- C:\Windows\system32\drivers\gciwiitm.sys File not found DRV - (gbbpwtex) -- C:\Windows\system32\drivers\gbbpwtex.sys File not found DRV - (gawtdlpr) -- C:\Windows\system32\drivers\gawtdlpr.sys File not found DRV - (gailyapn) -- C:\Windows\system32\drivers\gailyapn.sys File not found DRV - (fxuzskih) -- C:\Windows\system32\drivers\fxuzskih.sys File not found DRV - (fxlqmmkc) -- C:\Windows\system32\drivers\fxlqmmkc.sys File not found DRV - (fwfbegfj) -- C:\Windows\system32\drivers\fwfbegfj.sys File not found DRV - (futbctua) -- C:\Windows\system32\drivers\futbctua.sys File not found DRV - (fuhwtxiu) -- C:\Windows\system32\drivers\fuhwtxiu.sys File not found DRV - (fubeobon) -- C:\Windows\system32\drivers\fubeobon.sys File not found DRV - (ftgapnet) -- C:\Windows\system32\drivers\ftgapnet.sys File not found DRV - (fselxmxt) -- C:\Windows\system32\drivers\fselxmxt.sys File not found DRV - (fqhijknq) -- C:\Windows\system32\drivers\fqhijknq.sys File not found DRV - (fqasmciu) -- C:\Windows\system32\drivers\fqasmciu.sys File not found DRV - (fpuyzshm) -- C:\Windows\system32\drivers\fpuyzshm.sys File not found DRV - (fpsgdgmx) -- C:\Windows\system32\drivers\fpsgdgmx.sys File not found DRV - (foetkbiv) -- C:\Windows\system32\drivers\foetkbiv.sys File not found DRV - (flrargnr) -- C:\Windows\system32\drivers\flrargnr.sys File not found DRV - (fkoogvml) -- C:\Windows\system32\drivers\fkoogvml.sys File not found DRV - (fkkbitmj) -- C:\Windows\system32\drivers\fkkbitmj.sys File not found DRV - (fjvfgjkc) -- C:\Windows\system32\drivers\fjvfgjkc.sys File not found DRV - (finkkfaw) -- C:\Windows\system32\drivers\finkkfaw.sys File not found DRV - (fimwujjo) -- C:\Windows\system32\drivers\fimwujjo.sys File not found DRV - (fhkrkthm) -- C:\Windows\system32\drivers\fhkrkthm.sys File not found DRV - (fgmbqose) -- C:\Windows\system32\drivers\fgmbqose.sys File not found DRV - (fdjfnaxo) -- C:\Windows\system32\drivers\fdjfnaxo.sys File not found DRV - (fbudxvna) -- C:\Windows\system32\drivers\fbudxvna.sys File not found DRV - (fbktjbow) -- C:\Windows\system32\drivers\fbktjbow.sys File not found DRV - (fbdsvplt) -- C:\Windows\system32\drivers\fbdsvplt.sys File not found DRV - (faxutjlc) -- C:\Windows\system32\drivers\faxutjlc.sys File not found DRV - (faglzzsu) -- C:\Windows\system32\drivers\faglzzsu.sys File not found DRV - (ezkkteni) -- C:\Windows\system32\drivers\ezkkteni.sys File not found DRV - (ezavxofj) -- C:\Windows\system32\drivers\ezavxofj.sys File not found DRV - (exqodhhr) -- C:\Windows\system32\drivers\exqodhhr.sys File not found DRV - (exqcjebl) -- C:\Windows\system32\drivers\exqcjebl.sys File not found DRV - (exonfeqg) -- C:\Windows\system32\drivers\exonfeqg.sys File not found DRV - (exgsrvdk) -- C:\Windows\system32\drivers\exgsrvdk.sys File not found DRV - (ewqrhchp) -- C:\Windows\system32\drivers\ewqrhchp.sys File not found DRV - (euofofwb) -- C:\Windows\system32\drivers\euofofwb.sys File not found DRV - (eulaupop) -- C:\Windows\system32\drivers\eulaupop.sys File not found DRV - (etxioljb) -- C:\Windows\system32\drivers\etxioljb.sys File not found DRV - (etgbzkmc) -- C:\Windows\system32\drivers\etgbzkmc.sys File not found DRV - (esebujbo) -- C:\Windows\system32\drivers\esebujbo.sys File not found DRV - (erzhensk) -- C:\Windows\system32\drivers\erzhensk.sys File not found DRV - (erjofcjs) -- C:\Windows\system32\drivers\erjofcjs.sys File not found DRV - (eqdnfuat) -- C:\Windows\system32\drivers\eqdnfuat.sys File not found DRV - (epaguqub) -- C:\Windows\system32\drivers\epaguqub.sys File not found DRV - (eozkqqej) -- C:\Windows\system32\drivers\eozkqqej.sys File not found DRV - (eovnjfus) -- C:\Windows\system32\drivers\eovnjfus.sys File not found DRV - (eottyshl) -- C:\Windows\system32\drivers\eottyshl.sys File not found DRV - (eoqikpyd) -- C:\Windows\system32\drivers\eoqikpyd.sys File not found DRV - (envgdxgq) -- C:\Windows\system32\drivers\envgdxgq.sys File not found DRV - (emecadtz) -- C:\Windows\system32\drivers\emecadtz.sys File not found DRV - (emboyvjf) -- C:\Windows\system32\drivers\emboyvjf.sys File not found DRV - (elutuquz) -- C:\Windows\system32\drivers\elutuquz.sys File not found DRV - (eexnpnom) -- C:\Windows\system32\drivers\eexnpnom.sys File not found DRV - (edqwyvpp) -- C:\Windows\system32\drivers\edqwyvpp.sys File not found DRV - (edlvdrfs) -- C:\Windows\system32\drivers\edlvdrfs.sys File not found DRV - (eczhhnpy) -- C:\Windows\system32\drivers\eczhhnpy.sys File not found DRV - (ecvlhjfr) -- C:\Windows\system32\drivers\ecvlhjfr.sys File not found DRV - (ectwcktf) -- C:\Windows\system32\drivers\ectwcktf.sys File not found DRV - (ebqgobvl) -- C:\Windows\system32\drivers\ebqgobvl.sys File not found DRV - (ebgvflhd) -- C:\Windows\system32\drivers\ebgvflhd.sys File not found DRV - (eamulzsw) -- C:\Windows\system32\drivers\eamulzsw.sys File not found DRV - (eajxiezv) -- C:\Windows\system32\drivers\eajxiezv.sys File not found DRV - (eagjdgeg) -- C:\Windows\system32\drivers\eagjdgeg.sys File not found DRV - (dxtkkcca) -- C:\Windows\system32\drivers\dxtkkcca.sys File not found DRV - (dxldetzw) -- C:\Windows\system32\drivers\dxldetzw.sys File not found DRV - (dvmveoqc) -- C:\Windows\system32\drivers\dvmveoqc.sys File not found DRV - (dvgyqcao) -- C:\Windows\system32\drivers\dvgyqcao.sys File not found DRV - (duuluitf) -- C:\Windows\system32\drivers\duuluitf.sys File not found DRV - (dqusmplr) -- C:\Windows\system32\drivers\dqusmplr.sys File not found DRV - (dqbrinwk) -- C:\Windows\system32\drivers\dqbrinwk.sys File not found DRV - (dqarmupj) -- C:\Windows\system32\drivers\dqarmupj.sys File not found DRV - (dpxjtrdb) -- C:\Windows\system32\drivers\dpxjtrdb.sys File not found DRV - (dpwibhty) -- C:\Windows\system32\drivers\dpwibhty.sys File not found DRV - (dnjcjyja) -- C:\Windows\system32\drivers\dnjcjyja.sys File not found DRV - (dnbazpud) -- C:\Windows\system32\drivers\dnbazpud.sys File not found DRV - (dmynkmwc) -- C:\Windows\system32\drivers\dmynkmwc.sys File not found DRV - (dlvwppet) -- C:\Windows\system32\drivers\dlvwppet.sys File not found DRV - (dlminrcy) -- C:\Windows\system32\drivers\dlminrcy.sys File not found DRV - (dkeecokh) -- C:\Windows\system32\drivers\dkeecokh.sys File not found DRV - (djixqorr) -- C:\Windows\system32\drivers\djixqorr.sys File not found DRV - (diphprbg) -- C:\Windows\system32\drivers\diphprbg.sys File not found DRV - (dhytlogn) -- C:\Windows\system32\drivers\dhytlogn.sys File not found DRV - (dhtbctmx) -- C:\Windows\system32\drivers\dhtbctmx.sys File not found DRV - (dgxwippm) -- C:\Windows\system32\drivers\dgxwippm.sys File not found DRV - (dgasomsx) -- C:\Windows\system32\drivers\dgasomsx.sys File not found DRV - (dejuyjor) -- C:\Windows\system32\drivers\dejuyjor.sys File not found DRV - (ddggddpr) -- C:\Windows\system32\drivers\ddggddpr.sys File not found DRV - (dbthjajb) -- C:\Windows\system32\drivers\dbthjajb.sys File not found DRV - (daxujupg) -- C:\Windows\system32\drivers\daxujupg.sys File not found DRV - (daqwhsgu) -- C:\Windows\system32\drivers\daqwhsgu.sys File not found DRV - (czqgaobj) -- C:\Windows\system32\drivers\czqgaobj.sys File not found DRV - (czlhxgix) -- C:\Windows\system32\drivers\czlhxgix.sys File not found DRV - (czkgmuwj) -- C:\Windows\system32\drivers\czkgmuwj.sys File not found DRV - (cynjnxmp) -- C:\Windows\system32\drivers\cynjnxmp.sys File not found DRV - (cymshgqo) -- C:\Windows\system32\drivers\cymshgqo.sys File not found DRV - (cwnhdpha) -- C:\Windows\system32\drivers\cwnhdpha.sys File not found DRV - (cvxtsclr) -- C:\Windows\system32\drivers\cvxtsclr.sys File not found DRV - (cvufjqnf) -- C:\Windows\system32\drivers\cvufjqnf.sys File not found DRV - (cvsftbya) -- C:\Windows\system32\drivers\cvsftbya.sys File not found DRV - (cuwhatbn) -- C:\Windows\system32\drivers\cuwhatbn.sys File not found DRV - (csvtatwl) -- C:\Windows\system32\drivers\csvtatwl.sys File not found DRV - (crfoicng) -- C:\Windows\system32\drivers\crfoicng.sys File not found DRV - (cpvywcxp) -- C:\Windows\system32\drivers\cpvywcxp.sys File not found DRV - (cpodbkye) -- C:\Windows\system32\drivers\cpodbkye.sys File not found DRV - (cpalgupk) -- C:\Windows\system32\drivers\cpalgupk.sys File not found DRV - (cozehpra) -- C:\Windows\system32\drivers\cozehpra.sys File not found DRV - (cnteikbm) -- C:\Windows\system32\drivers\cnteikbm.sys File not found DRV - (cnslxnis) -- C:\Windows\system32\drivers\cnslxnis.sys File not found DRV - (cmlkyixr) -- C:\Windows\system32\drivers\cmlkyixr.sys File not found DRV - (clgncqdv) -- C:\Windows\system32\drivers\clgncqdv.sys File not found DRV - (ckloxitp) -- C:\Windows\system32\drivers\ckloxitp.sys File not found DRV - (ckihgkjo) -- C:\Windows\system32\drivers\ckihgkjo.sys File not found DRV - (cjzrxxhd) -- C:\Windows\system32\drivers\cjzrxxhd.sys File not found DRV - (cjoywfja) -- C:\Windows\system32\drivers\cjoywfja.sys File not found DRV - (cjknqszb) -- C:\Windows\system32\drivers\cjknqszb.sys File not found DRV - (cizyhcfq) -- C:\Windows\system32\drivers\cizyhcfq.sys File not found DRV - (chykpnbj) -- C:\Windows\system32\drivers\chykpnbj.sys File not found DRV - (cgmbredk) -- C:\Windows\system32\drivers\cgmbredk.sys File not found DRV - (cfgqtyry) -- C:\Windows\system32\drivers\cfgqtyry.sys File not found DRV - (cerahawt) -- C:\Windows\system32\drivers\cerahawt.sys File not found DRV - (cehwojam) -- C:\Windows\system32\drivers\cehwojam.sys File not found DRV - (cdpgiika) -- C:\Windows\system32\drivers\cdpgiika.sys File not found DRV - (cbdokawp) -- C:\Windows\system32\drivers\cbdokawp.sys File not found DRV - (bzjihoxh) -- C:\Windows\system32\drivers\bzjihoxh.sys File not found DRV - (byugieuj) -- C:\Windows\system32\drivers\byugieuj.sys File not found DRV - (byhthagx) -- C:\Windows\system32\drivers\byhthagx.sys File not found DRV - (bxlrrxzu) -- C:\Windows\system32\drivers\bxlrrxzu.sys File not found DRV - (bxbqhrnp) -- C:\Windows\system32\drivers\bxbqhrnp.sys File not found DRV - (bwdsaxwx) -- C:\Windows\system32\drivers\bwdsaxwx.sys File not found DRV - (buhkbbrz) -- C:\Windows\system32\drivers\buhkbbrz.sys File not found DRV - (btmzsotk) -- C:\Windows\system32\drivers\btmzsotk.sys File not found DRV - (btlpwljx) -- C:\Windows\system32\drivers\btlpwljx.sys File not found DRV - (brgitmmi) -- C:\Windows\system32\drivers\brgitmmi.sys File not found DRV - (bqypaeoj) -- C:\Windows\system32\drivers\bqypaeoj.sys File not found DRV - (bpyywtne) -- C:\Windows\system32\drivers\bpyywtne.sys File not found DRV - (boqtuntv) -- C:\Windows\system32\drivers\boqtuntv.sys File not found DRV - (bnehwrcp) -- C:\Windows\system32\drivers\bnehwrcp.sys File not found DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found DRV - (bksnvnnd) -- C:\Windows\system32\drivers\bksnvnnd.sys File not found DRV - (bjwomxue) -- C:\Windows\system32\drivers\bjwomxue.sys File not found DRV - (bjuimgcg) -- C:\Windows\system32\drivers\bjuimgcg.sys File not found DRV - (bjqxbywc) -- C:\Windows\system32\drivers\bjqxbywc.sys File not found DRV - (bjgfspnx) -- C:\Windows\system32\drivers\bjgfspnx.sys File not found DRV - (bjaoivco) -- C:\Windows\system32\drivers\bjaoivco.sys File not found DRV - (bizgzcut) -- C:\Windows\system32\drivers\bizgzcut.sys File not found DRV - (bivpkdle) -- C:\Windows\system32\drivers\bivpkdle.sys File not found DRV - (bikzakso) -- C:\Windows\system32\drivers\bikzakso.sys File not found DRV - (bikgatir) -- C:\Windows\system32\drivers\bikgatir.sys File not found DRV - (bhwogbpg) -- C:\Windows\system32\drivers\bhwogbpg.sys File not found DRV - (bhggiiar) -- C:\Windows\system32\drivers\bhggiiar.sys File not found DRV - (bgbjmydc) -- C:\Windows\system32\drivers\bgbjmydc.sys File not found DRV - (bfywygds) -- C:\Windows\system32\drivers\bfywygds.sys File not found DRV - (bfjaehqq) -- C:\Windows\system32\drivers\bfjaehqq.sys File not found DRV - (bfgiouui) -- C:\Windows\system32\drivers\bfgiouui.sys File not found DRV - (bepmgjkl) -- C:\Windows\system32\drivers\bepmgjkl.sys File not found DRV - (bdhbgexh) -- C:\Windows\system32\drivers\bdhbgexh.sys File not found DRV - (bdgilewb) -- C:\Windows\system32\drivers\bdgilewb.sys File not found DRV - (bdfbcmuw) -- C:\Windows\system32\drivers\bdfbcmuw.sys File not found DRV - (bclaucni) -- C:\Windows\system32\drivers\bclaucni.sys File not found DRV - (bcirsnyh) -- C:\Windows\system32\drivers\bcirsnyh.sys File not found DRV - (bcfxlipk) -- C:\Windows\system32\drivers\bcfxlipk.sys File not found DRV - (bbxoqtno) -- C:\Windows\system32\drivers\bbxoqtno.sys File not found DRV - (bbqblmln) -- C:\Windows\system32\drivers\bbqblmln.sys File not found DRV - (bbowcslz) -- C:\Windows\system32\drivers\bbowcslz.sys File not found DRV - (bboemagj) -- C:\Windows\system32\drivers\bboemagj.sys File not found DRV - (bbnzyfrf) -- C:\Windows\system32\drivers\bbnzyfrf.sys File not found DRV - (bawrbdsf) -- C:\Windows\system32\drivers\bawrbdsf.sys File not found DRV - (bakscjxf) -- C:\Windows\system32\drivers\bakscjxf.sys File not found DRV - (azpxhlcv) -- C:\Windows\system32\drivers\azpxhlcv.sys File not found DRV - (aytoqxdv) -- C:\Windows\system32\drivers\aytoqxdv.sys File not found DRV - (ayjsnuny) -- C:\Windows\system32\drivers\ayjsnuny.sys File not found DRV - (awdubqqu) -- C:\Windows\system32\drivers\awdubqqu.sys File not found DRV - (avvxkwxh) -- C:\Windows\system32\drivers\avvxkwxh.sys File not found DRV - (avpexzwo) -- C:\Windows\system32\drivers\avpexzwo.sys File not found DRV - (avovhgzx) -- C:\Windows\system32\drivers\avovhgzx.sys File not found DRV - (auqdnvzw) -- C:\Windows\system32\drivers\auqdnvzw.sys File not found DRV - (atjqdfun) -- C:\Windows\system32\drivers\atjqdfun.sys File not found DRV - (asvbutse) -- C:\Windows\system32\drivers\asvbutse.sys File not found DRV - (ashiygis) -- C:\Windows\system32\drivers\ashiygis.sys File not found DRV - (asdjaunc) -- C:\Windows\system32\drivers\asdjaunc.sys File not found DRV - (arzcvbst) -- C:\Windows\system32\drivers\arzcvbst.sys File not found DRV - (arfywxxw) -- C:\Windows\system32\drivers\arfywxxw.sys File not found DRV - (aqtqpnnt) -- C:\Windows\system32\drivers\aqtqpnnt.sys File not found DRV - (apqyupke) -- C:\Windows\system32\drivers\apqyupke.sys File not found DRV - (aoulmjmi) -- C:\Windows\system32\drivers\aoulmjmi.sys File not found DRV - (anruosaq) -- C:\Windows\system32\drivers\anruosaq.sys File not found DRV - (annyrymq) -- C:\Windows\system32\drivers\annyrymq.sys File not found DRV - (anjkieil) -- C:\Windows\system32\drivers\anjkieil.sys File not found DRV - (akiepsum) -- C:\Windows\system32\drivers\akiepsum.sys File not found DRV - (akhqjujl) -- C:\Windows\system32\drivers\akhqjujl.sys File not found DRV - (akewrjhd) -- C:\Windows\system32\drivers\akewrjhd.sys File not found DRV - (ajzdffsm) -- C:\Windows\system32\drivers\ajzdffsm.sys File not found DRV - (ajgxbcxz) -- C:\Windows\system32\drivers\ajgxbcxz.sys File not found DRV - (ajgqacto) -- C:\Windows\system32\drivers\ajgqacto.sys File not found DRV - (ajgarlnd) -- C:\Windows\system32\drivers\ajgarlnd.sys File not found DRV - (ajdaojvi) -- C:\Windows\system32\drivers\ajdaojvi.sys File not found DRV - (aiyoecxj) -- C:\Windows\system32\drivers\aiyoecxj.sys File not found DRV - (ahvxrcey) -- C:\Windows\system32\drivers\ahvxrcey.sys File not found DRV - (ahdhchll) -- C:\Windows\system32\drivers\ahdhchll.sys File not found DRV - (agifilod) -- C:\Windows\system32\drivers\agifilod.sys File not found DRV - (afxbkjll) -- C:\Windows\system32\drivers\afxbkjll.sys File not found DRV - (affmdyod) -- C:\Windows\system32\drivers\affmdyod.sys File not found DRV - (aesmhqct) -- C:\Windows\system32\drivers\aesmhqct.sys File not found DRV - (adynxikb) -- C:\Windows\system32\drivers\adynxikb.sys File not found DRV - (adpzyfgk) -- C:\Windows\system32\drivers\adpzyfgk.sys File not found DRV - (acwcgkpc) -- C:\Windows\system32\drivers\acwcgkpc.sys File not found DRV - (acemcnos) -- C:\Windows\system32\drivers\acemcnos.sys File not found DRV - (ablvrjni) -- C:\Windows\system32\drivers\ablvrjni.sys File not found DRV - (aanxogyk) -- C:\Windows\system32\drivers\aanxogyk.sys File not found DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation) DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation) DRV - (Uim_IM) -- C:\Windows\System32\drivers\Uim_IM.sys (Paragon) DRV - (UimBus) -- C:\Windows\System32\drivers\UimBus.sys (Windows (R) 2000 DDK provider) DRV - (MSHUSBVideo) -- C:\Windows\System32\drivers\nx6000.sys (Microsoft Corporation) DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys () DRV - (ss_bmdm) -- C:\Windows\System32\drivers\ss_bmdm.sys (MCCI Corporation) DRV - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\Windows\System32\drivers\ss_bbus.sys (MCCI) DRV - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\Windows\System32\drivers\ss_bmdfl.sys (MCCI Corporation) DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia) DRV - (ti21sony) -- C:\Windows\System32\drivers\ti21sony.sys (Texas Instruments) DRV - (SNC) -- C:\Windows\System32\drivers\SonyNC.sys (Sony Corporation) DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation) DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.) DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com IE - HKLM\..\SearchScopes,DefaultScope = {47A69BFA-63EF-41C2-B09F-7F84F19B5FDF} IE - HKLM\..\SearchScopes\{47A69BFA-63EF-41C2-B09F-7F84F19B5FDF}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta= IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\SearchScopes,DefaultScope = {47A69BFA-63EF-41C2-B09F-7F84F19B5FDF} IE - HKCU\..\SearchScopes\{47A69BFA-63EF-41C2-B09F-7F84F19B5FDF}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SNYK_deDE414 IE - HKCU\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050 IE - HKCU\..\SearchScopes\Plasmoo: "URL" = hxxp://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "DVDVideoSoftTB Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "DVDVideoSoftTB Customized Web Search" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=13" FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Hornochse\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Hornochse\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Hornochse\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.03.12 22:02:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.03.12 21:59:33 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}: C:\Users\Hornochse\AppData\Roaming\10001.066 [2012.07.15 21:03:37 | 000,000,000 | ---D | M] [2012.03.12 22:02:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hornochse\AppData\Roaming\mozilla\Extensions [2012.03.12 22:03:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hornochse\AppData\Roaming\mozilla\Firefox\Profiles\v89qzxlt.default\extensions [2011.05.24 11:32:14 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Hornochse\AppData\Roaming\mozilla\Firefox\Profiles\v89qzxlt.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2011.04.26 12:09:40 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Hornochse\AppData\Roaming\mozilla\Firefox\Profiles\v89qzxlt.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.02.18 19:06:16 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\Hornochse\AppData\Roaming\mozilla\Firefox\Profiles\v89qzxlt.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444} [2011.04.26 12:09:57 | 000,000,000 | ---D | M] (Plasmoo Search Engine) -- C:\Users\Hornochse\AppData\Roaming\mozilla\Firefox\Profiles\v89qzxlt.default\extensions\engine@plasmoo.com [2012.03.12 22:02:44 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.07.15 21:03:37 | 000,000,000 | ---D | M] (Java Link Helper) -- C:\USERS\HORNOCHSE\APPDATA\ROAMING\10001.066 [2011.01.18 02:08:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2012.02.16 16:55:53 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.03.12 21:59:18 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012.02.16 13:02:53 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.02.16 12:48:01 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.02.16 13:02:53 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.02.16 13:02:53 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.02.16 13:02:53 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.02.16 13:02:53 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: hxxp://plasmoo.com CHR - default_search_provider: Plasmoo (Enabled) CHR - default_search_provider: search_url = hxxp://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms} CHR - default_search_provider: suggest_url = CHR - homepage: hxxp://plasmoo.com CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Hornochse\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Hornochse\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Hornochse\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll CHR - plugin: BitDefender QuickScan (Enabled) = C:\Users\Hornochse\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.99_0\npqscan.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: Bitdefender QuickScan = C:\Users\Hornochse\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.115_0\ O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Google BAE\BAE.dll (Your Company Name) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation) O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKCU..\Run: [Facebook Update] C:\Users\Hornochse\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKCU..\Run: [Spotify] C:\Users\Hornochse\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) O4 - HKCU..\Run: [Userinit] C:\Users\Hornochse\AppData\Roaming\appconf32.exe () O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Hornochse\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{63322D96-B808-49C1-BA74-E67EB9A64D31}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{75150A78-C350-47D0-A029-3EEC5D8DD586}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation) O24 - Desktop WallPaper: C:\Users\Hornochse\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Hornochse\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.07.15 22:31:08 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Hornochse\Desktop\OTL.exe [2012.07.15 22:28:35 | 000,000,000 | ---D | C] -- C:\Users\Hornochse\Desktop\Virusbekämpfung [2012.07.15 21:03:37 | 000,000,000 | ---D | C] -- C:\Users\Hornochse\AppData\Roaming\10001.066 [2012.07.15 20:55:09 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2012.07.15 20:47:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.07.15 20:46:56 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.07.15 20:46:55 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.06.25 15:14:10 | 000,000,000 | ---D | C] -- C:\Users\Hornochse\AppData\Roaming\10001.058 [2012.06.24 18:32:57 | 000,000,000 | ---D | C] -- C:\Users\Hornochse\AppData\Roaming\10001.056 [2012.06.23 16:00:06 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll [2012.06.23 16:00:05 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll [2012.06.23 15:59:23 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll [2012.06.23 15:59:23 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll [2012.06.23 15:59:22 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll [2012.06.23 15:59:02 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2012.06.23 15:59:01 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2012.06.22 20:15:56 | 000,000,000 | ---D | C] -- C:\Users\Hornochse\AppData\Roaming\10001.055 [2012.06.21 22:33:47 | 000,000,000 | ---D | C] -- C:\Users\Hornochse\AppData\Roaming\10001.054 [2012.06.20 12:08:03 | 000,000,000 | ---D | C] -- C:\xmldm [2012.06.19 22:28:00 | 000,000,000 | ---D | C] -- C:\Users\Hornochse\AppData\Roaming\10053 [2012.06.18 22:21:16 | 000,000,000 | ---D | C] -- C:\Users\Hornochse\AppData\Roaming\10052 [2012.06.17 21:21:45 | 000,000,000 | ---D | C] -- C:\Users\Hornochse\AppData\Roaming\10051 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Hornochse\AppData\Roaming\*.tmp files -> C:\Users\Hornochse\AppData\Roaming\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.07.15 22:45:09 | 000,000,048 | ---- | M] () -- C:\Users\Hornochse\AppData\Roaming\blckdom.res [2012.07.15 22:44:54 | 000,043,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\kaacwqmw.sys [2012.07.15 22:44:49 | 000,001,136 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3394552714-174292016-736106197-1003UA.job [2012.07.15 22:44:37 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.07.15 22:37:53 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.07.15 22:37:53 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.07.15 22:31:17 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Hornochse\Desktop\OTL.exe [2012.07.15 21:03:24 | 000,167,104 | ---- | M] () -- C:\Users\Hornochse\AppData\Roaming\AcroIEHelpe168.dll [2012.07.15 21:03:24 | 000,006,400 | ---- | M] () -- C:\Users\Hornochse\AppData\Roaming\BAcroIEHelpe168.dll [2012.07.15 20:57:00 | 000,001,154 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3394552714-174292016-736106197-1003UA.job [2012.07.15 20:56:01 | 000,001,132 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3394552714-174292016-736106197-1003Core.job [2012.07.15 20:55:26 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2012.07.15 20:52:34 | 000,002,062 | ---- | M] () -- C:\Users\Hornochse\Desktop\Google Chrome.lnk [2012.07.15 20:51:22 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.15 20:40:06 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.07.15 20:37:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.07.15 20:37:17 | 1063,444,480 | -HS- | M] () -- C:\hiberfil.sys [2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.06.27 16:11:08 | 004,503,728 | ---- | M] () -- C:\ProgramData\0tbpw.pad [2012.06.27 15:35:36 | 000,007,224 | ---- | M] () -- C:\Users\Hornochse\AppData\Roaming\BAcroIEHelpe153.dll [2012.06.25 14:29:41 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3394552714-174292016-736106197-1003Core.job [2012.06.16 03:23:07 | 000,326,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Hornochse\AppData\Roaming\*.tmp files -> C:\Users\Hornochse\AppData\Roaming\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.07.15 21:03:24 | 000,167,104 | ---- | C] () -- C:\Users\Hornochse\AppData\Roaming\AcroIEHelpe168.dll [2012.07.15 21:03:24 | 000,006,400 | ---- | C] () -- C:\Users\Hornochse\AppData\Roaming\BAcroIEHelpe168.dll [2012.07.15 20:47:29 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.15 20:37:17 | 1063,444,480 | -HS- | C] () -- C:\hiberfil.sys [2012.06.27 16:06:27 | 000,001,720 | ---- | C] () -- C:\Users\Hornochse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk [2012.06.27 16:06:24 | 004,503,728 | ---- | C] () -- C:\ProgramData\0tbpw.pad [2012.06.27 15:35:36 | 000,007,224 | ---- | C] () -- C:\Users\Hornochse\AppData\Roaming\BAcroIEHelpe153.dll [2012.06.12 23:33:09 | 000,000,048 | ---- | C] () -- C:\Users\Hornochse\AppData\Roaming\blckdom.res [2012.03.12 16:44:27 | 000,000,680 | ---- | C] () -- C:\Users\Hornochse\AppData\Local\d3d9caps.dat [2011.04.14 09:18:07 | 000,000,032 | ---- | C] () -- C:\Windows\System32\EUOD.DAT [2011.01.28 22:38:28 | 000,014,336 | ---- | C] () -- C:\Users\Hornochse\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.01.28 22:27:41 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2011.01.28 22:27:40 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2011.01.17 10:46:16 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2011.01.17 10:44:48 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2011.01.17 10:44:48 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2011.01.16 20:20:47 | 000,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll [2011.01.16 20:17:50 | 000,532,480 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll [2008.12.09 17:23:13 | 000,053,704 | RHS- | C] () -- C:\Users\Hornochse\AppData\Roaming\appconf32.exe ========== Alternate Data Streams ========== @Alternate Data Stream - 540 bytes -> C:\Windows\System32\drivers\kaacwqmw.sys:changelist < End of report > und OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 15.07.2012 22:33:36 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Hornochse\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1013,45 Mb Total Physical Memory | 94,55 Mb Available Physical Memory | 9,33% Memory free
2,24 Gb Paging File | 0,87 Gb Available in Paging File | 39,04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 102,48 Gb Total Space | 53,09 Gb Free Space | 51,80% Space Free | Partition Type: NTFS
Computer Name: HORNOCHSE-PC | User Name: Hornochse | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{21BD85DB-8965-410B-A3E5-28D11ADDC561}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{28CFDEA3-1FFE-445E-BD6B-A4637549DBF5}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{30CAC280-B7C7-460E-83D4-DF4BEA179011}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{3B38AC7A-DCD0-4749-8B2E-04CA88BB155F}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{43490E81-CDF3-431B-BDB1-A488B1E7E8D2}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{53DCFB50-E3D9-4C2A-8CA4-14B46B15201D}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{59CCEE54-53B7-4477-B088-AF86FBAA395B}" = dir=in | app=c:\users\hornochse\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{69BC1499-64D0-4BEB-9B09-984CE7939F25}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{6D3723AC-15B9-4BBF-99E8-6D45CD83A2A4}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{7C9DDA84-39BD-489E-8948-69D834B8E77B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{7DE48F36-4100-4752-A0FA-29E1559BD09A}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{8F64E31D-E8A2-4AB0-AC32-CC7A31C5CD83}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{9A68F12A-99E1-4D61-BA01-913857FA4D94}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{AB7B2D5E-40E8-4AB2-B501-90E96FF7899D}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{B853D6C8-BE18-4F9F-BA31-E6B14A1C8375}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{D84F9B45-DA15-4151-85B2-E649328EA555}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{DB006990-0CCA-4585-833E-B5493CF2448F}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{F327FE1C-EA46-419B-9D8C-32739879DBED}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"TCP Query User{801CD1C3-E334-4B9E-B5CF-F25667F693A5}C:\users\hornochse\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\hornochse\appdata\roaming\spotify\spotify.exe |
"TCP Query User{B3DD5F13-1DF9-43C3-AE33-AEDB78FB33EE}C:\users\hornochse\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\hornochse\appdata\roaming\spotify\spotify.exe |
"UDP Query User{4EF2616E-7B8A-4A0A-9B62-D7F58610B58F}C:\users\hornochse\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\hornochse\appdata\roaming\spotify\spotify.exe |
"UDP Query User{B84D932A-FD4F-4104-BB93-6D80DC875D8A}C:\users\hornochse\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\hornochse\appdata\roaming\spotify\spotify.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (VAIO_VEDB)
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{16D0F2D2-242C-4885-BEF1-4B1655C141AE}" = Bing Bar
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1BEF9285-5530-426B-A5F1-5836B95C7EB1}" = VAIO Original Screen Saver
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}" = VAIO Cozy Orange Wallpaper
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{47957648-B46A-4211-85E1-01A15B6A1B45}" = Ace of Spades
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{500162A0-4DD5-460A-BAFD-895AAE48C532}" = VAIO Media Content Collection 6.0
"{500C3FDC-5E5F-485F-BDF5-2C445839CBE0}" =
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{55B781F0-060E-11D4-99D7-00C04FCCB775}" =
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 6.0
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 6.0
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5E343EF6-D27C-4CFC-9FAE-9AAFB541BCEE}" = VAIO Photo 2007
"{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}" = Microsoft LifeCam
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 6.0
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{934A3213-1CB6-4264-84A2-EE080C017BCA}" = VAIO Tender Green Wallpaper
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97BCD719-6ECB-458F-97D6-F38D2E07375E}" = VAIO Aqua Breeze Wallpaper
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.05 Menu Data
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{9FA8B5F5-4BDC-4CF4-9202-AA97FF79AE98}" = VAIO Media
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.3
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A947C2B3-7445-42C4-9063-EE704CACCB22}" = VAIO Hardware Diagnostics
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-A80000000002}" = Adobe Reader 8 - Deutsch
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 6.0
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{C183A21C-395A-490F-99D4-CCAB35E32859}" =
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E809063C-51A3-4269-8984-D1EB742F2151}" = Click to DVD 2.6.00
"{E89D31F3-7F6C-47A3-8669-0A8DDE27B664}" = VAIO Media Registration Tool
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FC37C108-821D-4EDE-8F40-D5B497586805}" = VAIO Control Center
"{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}" = LAN-Express AS IEEE 802.11 Wireless LAN
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 10.0.2 (x86 de)" = Mozilla Firefox 10.0.2 (x86 de)
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-13-24-01
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"Uninstall_is1" = Uninstall 1.0.0.1
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11.05.2012 00:35:21 | Computer Name = Hornochse-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16421 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: 13c4 Anfangszeit: 01cd2ed7c91579a9 Zeitpunkt
der Beendigung: 1123
Error - 11.05.2012 01:55:08 | Computer Name = Hornochse-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16421 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: 12ec Anfangszeit: 01cd2f3710bcf530 Zeitpunkt
der Beendigung: 2412
Error - 11.05.2012 15:01:03 | Computer Name = Hornochse-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16421 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: 818 Anfangszeit: 01cd2f38982fae80 Zeitpunkt
der Beendigung: 1327
Error - 12.05.2012 01:41:01 | Computer Name = Hornochse-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16421 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: bb4 Anfangszeit: 01cd2ffb59aa8680 Zeitpunkt
der Beendigung: 999
Error - 13.05.2012 09:52:28 | Computer Name = Hornochse-PC | Source = Google Update | ID = 20
Description =
Error - 13.05.2012 12:43:25 | Computer Name = Hornochse-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16421 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: 146c Anfangszeit: 01cd30986e6fb7f0 Zeitpunkt
der Beendigung: 9581
Error - 13.05.2012 14:18:41 | Computer Name = Hornochse-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16421 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: 13d4 Anfangszeit: 01cd312788456ff0 Zeitpunkt
der Beendigung: 6070
Error - 13.05.2012 14:26:38 | Computer Name = Hornochse-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16421 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: 55c Anfangszeit: 01cd3134d6a6f9e0 Zeitpunkt
der Beendigung: 10382
Error - 15.05.2012 19:24:12 | Computer Name = Hornochse-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16421 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: 11f0 Anfangszeit: 01cd32eb3c9e19b0 Zeitpunkt
der Beendigung: 8
Error - 20.05.2012 17:33:45 | Computer Name = Hornochse-PC | Source = System Restore | ID = 8193
Description =
[ System Events ]
Error - 01.07.2012 11:54:46 | Computer Name = Hornochse-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 01.07.2012 11:54:46 | Computer Name = Hornochse-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 01.07.2012 11:54:46 | Computer Name = Hornochse-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 01.07.2012 11:54:46 | Computer Name = Hornochse-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 01.07.2012 11:54:46 | Computer Name = Hornochse-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 01.07.2012 12:04:14 | Computer Name = Hornochse-PC | Source = DCOM | ID = 10005
Description =
Error - 01.07.2012 12:04:14 | Computer Name = Hornochse-PC | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.129.549.0 Aktualisierungsquelle: %%859
Aktualisierungsphase:
%%852 Quellpfad: Default URL Signaturtyp: %%800 Aktualisierungstyp: %%803 Benutzer:
NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.8502.0 Fehlercode:
0x8007043c Fehlerbeschreibung: Der Dienst kann nicht im abgesicherten Modus gestartet
werden.
Error - 15.07.2012 14:37:22 | Computer Name = Hornochse-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 01.07.2012 um 18:09:16 unerwartet heruntergefahren.
Error - 15.07.2012 14:39:01 | Computer Name = Hornochse-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 15.07.2012 14:39:01 | Computer Name = Hornochse-PC | Source = Service Control Manager | ID = 7026
Description =
< End of report >
Vielen Dank für deine Hilfe. Grüße Phil |
|
16.07.2012, 13:06
| #4 |
| /// Helfer-Team | Trojaner Bundespolizei 2x50€ über Ukash Gibt es einen Grund warum Du die Funde nicht geloescht hast? Fixen mit OTL Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).
Code:
ATTFilter :OTL
IE - HKLM\..\SearchScopes,DefaultScope = {47A69BFA-63EF-41C2-B09F-7F84F19B5FDF}
IE - HKLM\..\SearchScopes\{47A69BFA-63EF-41C2-B09F-7F84F19B5FDF}: "URL" = http://www.google.de/search?hl=de&q={searchTerms}&meta=
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\..\SearchScopes,DefaultScope = {47A69BFA-63EF-41C2-B09F-7F84F19B5FDF}
IE - HKCU\..\SearchScopes\{47A69BFA-63EF-41C2-B09F-7F84F19B5FDF}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SNYK_deDE414
IE - HKCU\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\..\SearchScopes\Plasmoo: "URL" = http://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - prefs.js..browser.search.defaultthis.engineName: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT2269050&SearchSource=13"
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Hornochse\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Hornochse\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKCU..\Run: [Facebook Update] C:\Users\Hornochse\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Spotify] C:\Users\Hornochse\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Userinit] C:\Users\Hornochse\AppData\Roaming\appconf32.exe ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O32 - HKLM CDRom: AutoRun - 1
[2008.12.09 17:23:13 | 000,053,704 | RHS- | C] () -- C:\Users\Hornochse\AppData\Roaming\appconf32.exe
@Alternate Data Stream - 540 bytes -> C:\Windows\System32\drivers\kaacwqmw.sys:changelist
[2012.07.15 22:44:49 | 000,001,136 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3394552714-174292016-736106197-1003UA.job
[2012.07.15 22:44:37 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.15 22:45:09 | 000,000,048 | ---- | M] () -- C:\Users\Hornochse\AppData\Roaming\blckdom.res
[2012.07.15 20:57:00 | 000,001,154 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3394552714-174292016-736106197-1003UA.job
[2012.07.15 20:56:01 | 000,001,132 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3394552714-174292016-736106197-1003Core.job
[2012.07.15 20:40:06 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.27 16:11:08 | 004,503,728 | ---- | M] () -- C:\ProgramData\0tbpw.pad
[2012.06.25 14:29:41 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3394552714-174292016-736106197-1003Core.job
[2012.06.27 16:06:27 | 000,001,720 | ---- | C] () -- C:\Users\Hornochse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.06.27 16:06:24 | 004,503,728 | ---- | C] () -- C:\ProgramData\0tbpw.pad
[2008.12.09 17:23:13 | 000,053,704 | RHS- | C] () -- C:\Users\Hornochse\AppData\Roaming\appconf32.exe
:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden. Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen! |
|
16.07.2012, 17:08
| #5 |
| | Trojaner Bundespolizei 2x50€ über Ukash Hallo t'john, nein, warum ich sie nicht gelöscht hab, dafür hab ich keine Erklärung. Hier die Logs von OTL: Code:
ATTFilter All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{47A69BFA-63EF-41C2-B09F-7F84F19B5FDF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47A69BFA-63EF-41C2-B09F-7F84F19B5FDF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{47A69BFA-63EF-41C2-B09F-7F84F19B5FDF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47A69BFA-63EF-41C2-B09F-7F84F19B5FDF}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Prefs.js: "DVDVideoSoftTB Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "DVDVideoSoftTB Customized Web Search" removed from browser.search.selectedEngine
Prefs.js: false removed from browser.search.update
Prefs.js: "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=13" removed from browser.startup.homepage
Prefs.js: engine@conduit.com:3.3.3.2 removed from extensions.enabledItems
Prefs.js: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2 removed from extensions.enabledItems
Prefs.js: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 removed from extensions.enabledItems
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Users\Hornochse\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Users\Hornochse\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
File C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update deleted successfully.
C:\Users\Hornochse\AppData\Local\Facebook\Update\FacebookUpdate.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Spotify deleted successfully.
C:\Users\Hornochse\AppData\Roaming\Spotify\Spotify.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Userinit not found.
File C:\Users\Hornochse\AppData\Roaming\appconf32.exe not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon\ deleted successfully.
C:\Windows\System32\VESWinlogon.dll moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File C:\Users\Hornochse\AppData\Roaming\appconf32.exe not found.
Unable to delete ADS C:\Windows\System32\drivers\kaacwqmw.sys:changelist .
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3394552714-174292016-736106197-1003UA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Users\Hornochse\AppData\Roaming\blckdom.res moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3394552714-174292016-736106197-1003UA.job moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3394552714-174292016-736106197-1003Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\ProgramData\0tbpw.pad moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3394552714-174292016-736106197-1003Core.job moved successfully.
File C:\Users\Hornochse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk not found.
File C:\ProgramData\0tbpw.pad not found.
File C:\Users\Hornochse\AppData\Roaming\appconf32.exe not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Hornochse\Desktop\cmd.bat deleted successfully.
C:\Users\Hornochse\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 116 bytes
User: Default User
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Hornochse
->Temp folder emptied: 1029013127 bytes
->Temporary Internet Files folder emptied: 1978242722 bytes
->Java cache emptied: 1260837 bytes
->FireFox cache emptied: 8837383 bytes
->Google Chrome cache emptied: 338050285 bytes
->Flash cache emptied: 5928 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 216187119 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 3.406,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Hornochse
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.54.0 log created on 07162012_175428
Files\Folders moved on Reboot...
File\Folder C:\Windows\temp\JET2DF2.tmp not found!
PendingFileRenameOperations files...
File C:\Windows\temp\JET2DF2.tmp not found!
Registry entries deleted on Reboot...
Beste Grüße Phil |
|
16.07.2012, 17:23
| #6 |
| /// Helfer-Team | Trojaner Bundespolizei 2x50€ über Ukash Sehr gut!  Wie laeuft der Rechner? 1. Schritt FUNDE LOESCHEN! Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten. danach: Downloade Dir bitte AdwCleaner auf deinen Desktop.
__________________ --> Trojaner Bundespolizei 2x50€ über Ukash |
|
16.07.2012, 21:11
| #7 |
| | Trojaner Bundespolizei 2x50€ über Ukash Hi t'john, Rechner läuft soweit stabil. Danke!!!  Hier die Logs: Code:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.07.16.10 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Hornochse :: HORNOCHSE-PC [Administrator] Schutz: Aktiviert 16.07.2012 21:08:52 mbam-log-2012-07-16 (22-08-00).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 315299 Laufzeit: 55 Minute(n), 25 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 2 C:\Users\Hornochse\Downloads\SoftonicDownloader_fuer_ace-of-spades (1).exe (PUP.ToolbarDownloader) -> Keine Aktion durchgeführt. C:\Users\Hornochse\Downloads\SoftonicDownloader_fuer_ace-of-spades.exe (PUP.ToolbarDownloader) -> Keine Aktion durchgeführt. (Ende) Code:
ATTFilter # AdwCleaner v1.702 - Logfile created 07/16/2012 at 20:56:45
# Updated 13/07/2012 by Xplode
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# User : Hornochse - HORNOCHSE-PC
# Running from : C:\Users\Hornochse\Desktop\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
Folder Found : C:\Users\Hornochse\AppData\Local\Conduit
Folder Found : C:\Users\Hornochse\AppData\Roaming\Mozilla\Firefox\Profiles\v89qzxlt.default\Conduit
Folder Found : C:\Users\Hornochse\AppData\Roaming\Mozilla\Firefox\Profiles\v89qzxlt.default\ConduitEngine
Folder Found : C:\Users\Hornochse\AppData\Roaming\Mozilla\Firefox\Profiles\v89qzxlt.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
Folder Found : C:\Users\Hornochse\AppData\Roaming\Mozilla\Firefox\Profiles\v89qzxlt.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
***** [Registry] *****
[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Description
Key Found : HKLM\SOFTWARE\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
***** [Registre - GUID] *****
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Registry is clean.
-\\ Mozilla Firefox v10.0.2 (de)
Profile name : default
File : C:\Users\Hornochse\AppData\Roaming\Mozilla\Firefox\Profiles\v89qzxlt.default\prefs.js
Found : user_pref("CT2269050..clientLogIsEnabled", false);
Found : user_pref("CT2269050..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2269050..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2269050.AppTrackingLastCheckTime", "Sun Mar 27 2011 12:26:15 GMT+0200");
Found : user_pref("CT2269050.CT2269050", "CT2269050");
Found : user_pref("CT2269050.CurrentServerDate", "25-3-2011");
Found : user_pref("CT2269050.DialogsAlignMode", "LTR");
Found : user_pref("CT2269050.DialogsGetterLastCheckTime", "Fri Mar 25 2011 17:45:35 GMT+0100");
Found : user_pref("CT2269050.DownloadReferralCookieData", "");
Found : user_pref("CT2269050.EMailNotifierPollDate", "Sun Mar 27 2011 12:26:05 GMT+0200");
Found : user_pref("CT2269050.FirstServerDate", "25-3-2011");
Found : user_pref("CT2269050.FirstTime", true);
Found : user_pref("CT2269050.FirstTimeFF3", true);
Found : user_pref("CT2269050.FixPageNotFoundErrors", true);
Found : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2269050.HasUserGlobalKeys", true);
Found : user_pref("CT2269050.Initialize", true);
Found : user_pref("CT2269050.InitializeCommonPrefs", true);
Found : user_pref("CT2269050.InstallationAndCookieDataSentCount", 2);
Found : user_pref("CT2269050.InstallationId", "StubInstaller");
Found : user_pref("CT2269050.InstallationType", "ConduitIntegration");
Found : user_pref("CT2269050.InstalledDate", "Sun Mar 27 2011 12:26:20 GMT+0200");
Found : user_pref("CT2269050.InvalidateCache", false);
Found : user_pref("CT2269050.IsGrouping", false);
Found : user_pref("CT2269050.IsMulticommunity", false);
Found : user_pref("CT2269050.IsOpenThankYouPage", true);
Found : user_pref("CT2269050.IsOpenUninstallPage", true);
Found : user_pref("CT2269050.LanguagePackLastCheckTime", "Sun Mar 27 2011 12:26:05 GMT+0200");
Found : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2269050.LastLogin_3.3.3.2", "Sun Mar 27 2011 12:26:05 GMT+0200");
Found : user_pref("CT2269050.LatestVersion", "3.2.5.2");
Found : user_pref("CT2269050.Locale", "en");
Found : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Found : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Found : user_pref("CT2269050.RadioIsPodcast", false);
Found : user_pref("CT2269050.RadioLastCheckTime", "Sun Mar 27 2011 12:26:06 GMT+0200");
Found : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Found : user_pref("CT2269050.RadioMediaID", "12473383");
Found : user_pref("CT2269050.RadioMediaType", "Media Player");
Found : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Found : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Found : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Found : user_pref("CT2269050.SavedHomepage", "resource:/browserconfig.properties");
Found : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Found : user_pref("CT2269050.SearchInNewTabEnabled", true);
Found : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Sun Mar 27 2011 12:26:05 GMT+0200");
Found : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2269050.ServiceMapLastCheckTime", "Sun Mar 27 2011 12:26:05 GMT+0200");
Found : user_pref("CT2269050.SettingsLastCheckTime", "Sun Mar 27 2011 12:26:05 GMT+0200");
Found : user_pref("CT2269050.SettingsLastUpdate", "1300785496");
Found : user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Fri Mar 25 2011 17:45:32 GMT+0100");
Found : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1246786978");
Found : user_pref("CT2269050.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2269050");
Found : user_pref("CT2269050.UserID", "UN04879024851606173");
Found : user_pref("CT2269050.WeatherNetwork", "");
Found : user_pref("CT2269050.WeatherPollDate", "Sun Mar 27 2011 12:26:06 GMT+0200");
Found : user_pref("CT2269050.WeatherUnit", "C");
Found : user_pref("CT2269050.alertChannelId", "666138");
Found : user_pref("CT2269050.approveUntrustedApps", true);
Found : user_pref("CT2269050.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.[...]
Found : user_pref("CT2269050.globalFirstTimeInfoLastCheckTime", "Sun Mar 27 2011 12:26:05 GMT+0200");
Found : user_pref("CT2269050.isAppTrackingManagerOn", true);
Found : user_pref("CT2269050.myStuffEnabled", true);
Found : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2269050.testingCtid", "");
Found : user_pref("CT2269050.toolbarAppMetaDataLastCheckTime", "Sun Mar 27 2011 12:26:05 GMT+0200");
Found : user_pref("CT2269050.toolbarContextMenuLastCheckTime", "Fri Mar 25 2011 17:45:37 GMT+0100");
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/666138/661999/DE", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2269050", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2269050",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2269050/CT2269050[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Found : user_pref("CommunityToolbar.EngineOwner", "CT2269050");
Found : user_pref("CommunityToolbar.EngineOwnerGuid", "{872b5b88-9db5-4310-bdd0-ac189557e5f5}");
Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "dvdvideosofttb");
Found : user_pref("CommunityToolbar.IsEngineShown", true);
Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Found : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2269050");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{872b5b88-9db5-4310-bdd0-ac189557e5f5}");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "dvdvideosofttb");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2269050");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2269050");
Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Mar 25 2011 17:45:34 GMT+01[...]
Found : user_pref("CommunityToolbar.alert.alertEnabled", true);
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Mar 27 2011 12:26:12 GMT+0200");
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 0);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Mar 27 2011 12:26:05 GMT+0200");
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "1aaa4672-ff9e-45a7-9c38-f3cad1d169b9");
Found : user_pref("CommunityToolbar.globalUserId", "bca284ba-0cfb-49e2-ba28-f906c13445a1");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
Found : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Sun Mar 27 2011 12:26:16 GMT+0200");
Found : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Fri Mar 25 2011 17:45:34 GMT+0100");
Found : user_pref("ConduitEngine.FirstServerDate", "03/25/2011 19");
Found : user_pref("ConduitEngine.FirstTime", true);
Found : user_pref("ConduitEngine.FirstTimeFF3", true);
Found : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Found : user_pref("ConduitEngine.HideEngineAfterRestart", true);
Found : user_pref("ConduitEngine.Initialize", true);
Found : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Found : user_pref("ConduitEngine.InstalledDate", "Fri Mar 25 2011 17:45:35 GMT+0100");
Found : user_pref("ConduitEngine.IsMulticommunity", false);
Found : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Found : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Found : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sun Mar 27 2011 12:26:06 GMT+0200");
Found : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sun Mar 27 2011 12:26:06 GMT+0200");
Found : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Found : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Found : user_pref("ConduitEngine.SettingsLastCheckTime", "Sun Mar 27 2011 12:26:06 GMT+0200");
Found : user_pref("ConduitEngine.UserID", "UN01977653352509512");
Found : user_pref("ConduitEngine.engineLocale", "de");
Found : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sun Mar 27 2011 12:26:06 GMT+0200");
Found : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sun Mar 27 2011 12:26:06 GMT+0200");
Found : user_pref("ConduitEngine.initDone", true);
Found : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
-\\ Google Chrome v20.0.1132.57
File : C:\Users\Hornochse\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [14076 octets] - [16/07/2012 20:56:45]
########## EOF - C:\AdwCleaner[R1].txt - [14205 octets] ##########
Beste Grüße Phil |
|
16.07.2012, 21:32
| #8 |
| /// Helfer-Team | Trojaner Bundespolizei 2x50€ über Ukash Sehr gut!
dann: Malware-Scan mit Emsisoft Anti-Malware Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm. Lade über Jetzt Updaten die aktuellen Signaturen herunter. Wähle den Freeware-Modus aus. Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers. Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten. Anleitung: http://www.trojaner-board.de/103809-...i-malware.html |
|
17.07.2012, 10:40
| #9 |
| | Trojaner Bundespolizei 2x50€ über Ukash Hi t'john, im Folgenden zuerst die Logfiles von ADW: Code:
ATTFilter # AdwCleaner v1.702 - Logfile created 07/17/2012 at 11:22:56
# Updated 13/07/2012 by Xplode
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# User : Hornochse - HORNOCHSE-PC
# Running from : C:\Users\Hornochse\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Folder Deleted : C:\Users\Hornochse\AppData\Local\Conduit
Folder Deleted : C:\Users\Hornochse\AppData\Roaming\Mozilla\Firefox\Profiles\v89qzxlt.default\Conduit
Folder Deleted : C:\Users\Hornochse\AppData\Roaming\Mozilla\Firefox\Profiles\v89qzxlt.default\ConduitEngine
Folder Deleted : C:\Users\Hornochse\AppData\Roaming\Mozilla\Firefox\Profiles\v89qzxlt.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
Folder Deleted : C:\Users\Hornochse\AppData\Roaming\Mozilla\Firefox\Profiles\v89qzxlt.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
***** [Registry] *****
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Description
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
***** [Registre - GUID] *****
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Registry is clean.
-\\ Mozilla Firefox v10.0.2 (de)
Profile name : default
File : C:\Users\Hornochse\AppData\Roaming\Mozilla\Firefox\Profiles\v89qzxlt.default\prefs.js
Deleted : user_pref("CT2269050..clientLogIsEnabled", false);
Deleted : user_pref("CT2269050..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2269050..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2269050.AppTrackingLastCheckTime", "Sun Mar 27 2011 12:26:15 GMT+0200");
Deleted : user_pref("CT2269050.CT2269050", "CT2269050");
Deleted : user_pref("CT2269050.CurrentServerDate", "25-3-2011");
Deleted : user_pref("CT2269050.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2269050.DialogsGetterLastCheckTime", "Fri Mar 25 2011 17:45:35 GMT+0100");
Deleted : user_pref("CT2269050.DownloadReferralCookieData", "");
Deleted : user_pref("CT2269050.EMailNotifierPollDate", "Sun Mar 27 2011 12:26:05 GMT+0200");
Deleted : user_pref("CT2269050.FirstServerDate", "25-3-2011");
Deleted : user_pref("CT2269050.FirstTime", true);
Deleted : user_pref("CT2269050.FirstTimeFF3", true);
Deleted : user_pref("CT2269050.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2269050.HasUserGlobalKeys", true);
Deleted : user_pref("CT2269050.Initialize", true);
Deleted : user_pref("CT2269050.InitializeCommonPrefs", true);
Deleted : user_pref("CT2269050.InstallationAndCookieDataSentCount", 2);
Deleted : user_pref("CT2269050.InstallationId", "StubInstaller");
Deleted : user_pref("CT2269050.InstallationType", "ConduitIntegration");
Deleted : user_pref("CT2269050.InstalledDate", "Sun Mar 27 2011 12:26:20 GMT+0200");
Deleted : user_pref("CT2269050.InvalidateCache", false);
Deleted : user_pref("CT2269050.IsGrouping", false);
Deleted : user_pref("CT2269050.IsMulticommunity", false);
Deleted : user_pref("CT2269050.IsOpenThankYouPage", true);
Deleted : user_pref("CT2269050.IsOpenUninstallPage", true);
Deleted : user_pref("CT2269050.LanguagePackLastCheckTime", "Sun Mar 27 2011 12:26:05 GMT+0200");
Deleted : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2269050.LastLogin_3.3.3.2", "Sun Mar 27 2011 12:26:05 GMT+0200");
Deleted : user_pref("CT2269050.LatestVersion", "3.2.5.2");
Deleted : user_pref("CT2269050.Locale", "en");
Deleted : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2269050.RadioIsPodcast", false);
Deleted : user_pref("CT2269050.RadioLastCheckTime", "Sun Mar 27 2011 12:26:06 GMT+0200");
Deleted : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Deleted : user_pref("CT2269050.RadioMediaID", "12473383");
Deleted : user_pref("CT2269050.RadioMediaType", "Media Player");
Deleted : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Deleted : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Deleted : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Deleted : user_pref("CT2269050.SavedHomepage", "resource:/browserconfig.properties");
Deleted : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Deleted : user_pref("CT2269050.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Sun Mar 27 2011 12:26:05 GMT+0200");
Deleted : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2269050.ServiceMapLastCheckTime", "Sun Mar 27 2011 12:26:05 GMT+0200");
Deleted : user_pref("CT2269050.SettingsLastCheckTime", "Sun Mar 27 2011 12:26:05 GMT+0200");
Deleted : user_pref("CT2269050.SettingsLastUpdate", "1300785496");
Deleted : user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Fri Mar 25 2011 17:45:32 GMT+0100");
Deleted : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1246786978");
Deleted : user_pref("CT2269050.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2269050");
Deleted : user_pref("CT2269050.UserID", "UN04879024851606173");
Deleted : user_pref("CT2269050.WeatherNetwork", "");
Deleted : user_pref("CT2269050.WeatherPollDate", "Sun Mar 27 2011 12:26:06 GMT+0200");
Deleted : user_pref("CT2269050.WeatherUnit", "C");
Deleted : user_pref("CT2269050.alertChannelId", "666138");
Deleted : user_pref("CT2269050.approveUntrustedApps", true);
Deleted : user_pref("CT2269050.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.[...]
Deleted : user_pref("CT2269050.globalFirstTimeInfoLastCheckTime", "Sun Mar 27 2011 12:26:05 GMT+0200");
Deleted : user_pref("CT2269050.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2269050.myStuffEnabled", true);
Deleted : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2269050.testingCtid", "");
Deleted : user_pref("CT2269050.toolbarAppMetaDataLastCheckTime", "Sun Mar 27 2011 12:26:05 GMT+0200");
Deleted : user_pref("CT2269050.toolbarContextMenuLastCheckTime", "Fri Mar 25 2011 17:45:37 GMT+0100");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/666138/661999/DE", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2269050", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2269050",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2269050/CT2269050[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Deleted : user_pref("CommunityToolbar.EngineOwner", "CT2269050");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{872b5b88-9db5-4310-bdd0-ac189557e5f5}");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "dvdvideosofttb");
Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2269050");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{872b5b88-9db5-4310-bdd0-ac189557e5f5}");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "dvdvideosofttb");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2269050");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2269050");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Mar 25 2011 17:45:34 GMT+01[...]
Deleted : user_pref("CommunityToolbar.alert.alertEnabled", true);
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Mar 27 2011 12:26:12 GMT+0200");
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 0);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Mar 27 2011 12:26:05 GMT+0200");
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "1aaa4672-ff9e-45a7-9c38-f3cad1d169b9");
Deleted : user_pref("CommunityToolbar.globalUserId", "bca284ba-0cfb-49e2-ba28-f906c13445a1");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Sun Mar 27 2011 12:26:16 GMT+0200");
Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Fri Mar 25 2011 17:45:34 GMT+0100");
Deleted : user_pref("ConduitEngine.FirstServerDate", "03/25/2011 19");
Deleted : user_pref("ConduitEngine.FirstTime", true);
Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Deleted : user_pref("ConduitEngine.HideEngineAfterRestart", true);
Deleted : user_pref("ConduitEngine.Initialize", true);
Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Deleted : user_pref("ConduitEngine.InstalledDate", "Fri Mar 25 2011 17:45:35 GMT+0100");
Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sun Mar 27 2011 12:26:06 GMT+0200");
Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sun Mar 27 2011 12:26:06 GMT+0200");
Deleted : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Sun Mar 27 2011 12:26:06 GMT+0200");
Deleted : user_pref("ConduitEngine.UserID", "UN01977653352509512");
Deleted : user_pref("ConduitEngine.engineLocale", "de");
Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sun Mar 27 2011 12:26:06 GMT+0200");
Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sun Mar 27 2011 12:26:06 GMT+0200");
Deleted : user_pref("ConduitEngine.initDone", true);
Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
-\\ Google Chrome v20.0.1132.57
File : C:\Users\Hornochse\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [14207 octets] - [16/07/2012 20:56:45]
AdwCleaner[S1].txt - [14463 octets] - [17/07/2012 11:22:56]
########## EOF - C:\AdwCleaner[S1].txt - [14592 octets] ##########
Hier noch der Bericht von Emsisoft: Code:
ATTFilter Emsisoft Anti-Malware - Version 6.6
Letztes Update: 17.07.2012 11:57:06
Scan Einstellungen:
Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\
Archiv Scan: An
ADS Scan: An
Scan Beginn: 17.07.2012 11:58:02
Gescannt 559116
Gefunden 0
Scan Ende: 17.07.2012 13:05:29
Scan Zeit: 1:07:27
Phil |
|
17.07.2012, 15:44
| #10 |
| /// Helfer-Team | Trojaner Bundespolizei 2x50€ über Ukash Sehr gut! damit bist Du sauber und entlassen!  Deinstalliere: Emsisoft Anti-Malware Tool-Bereinigung mit OTL Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.
Lektuere zum abarbeiten: http://www.trojaner-board.de/90880-d...tallation.html http://www.trojaner-board.de/105213-...tellungen.html PluginCheck http://www.trojaner-board.de/96344-a...-rechners.html Secunia Online Software Inspector http://www.trojaner-board.de/71715-k...iendungen.html http://www.trojaner-board.de/83238-a...sschalten.html |
|
18.07.2012, 05:39
| #11 |
| | Trojaner Bundespolizei 2x50€ über Ukash Vielen Dank für die Hilfe  und viel Erfolg noch in weiteren Schlachten gegen die Cyberbedrohungen. Beste Grüße Phil |
|
| Themen zu Trojaner Bundespolizei 2x50€ über Ukash |
| 2x 50 €, angeblich, bruder, bundespolizei, ctfmon.lnk, erschein, erscheint, fenster, gesperrt, hallo zusammen, heuristiks/extra, heuristiks/shuriken, hochfahren, hoffe, laptops, larusso, letztem, problem, schließe, starte, taskma, taskmanager, tritt, troja, trojan.agent.ge, trojaner, verschlüsselungs, vollständig, zugleich, zusammen, öffnet |
Linear-Darstellung
