| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: clicktocontinue by coupondopdownWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
31.03.2013, 23:12
| #1 |
 |  clicktocontinue by coupondopdown Hallo, ich habe wie einige User vor mir auch besagten Virus. Nach einer Anleitung von t'jojn aus diesem Forum habe ich bereits mit Malwarebytes Anti-Rootkit meinen PC scannen lassen. Nach Schritt 1 hier die Log-Datei: --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.01.0.1022 (c) Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 9.0.8112.16421 Java version: 1.6.0_35 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, Q:\ DRIVE_FIXED CPU speed: 2.394000 GHz Memory total: 4079665152, free: 871555072 ------------ Kernel report ------------ 03/31/2013 22:56:39 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kdcom.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\system32\PSHED.dll \SystemRoot\system32\CLFS.SYS \SystemRoot\system32\CI.dll \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\ACPI.sys \SystemRoot\system32\drivers\WMILIB.SYS \SystemRoot\system32\drivers\msisadrv.sys \SystemRoot\system32\drivers\pci.sys \SystemRoot\system32\drivers\vdrvroot.sys \SystemRoot\system32\DRIVERS\LPCFilter.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\system32\drivers\compbatt.sys \SystemRoot\system32\drivers\BATTC.SYS \SystemRoot\system32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\system32\DRIVERS\pciide.sys \SystemRoot\system32\DRIVERS\PCIIDEX.SYS \SystemRoot\system32\DRIVERS\iaStor.sys \SystemRoot\system32\drivers\atapi.sys \SystemRoot\system32\drivers\ataport.SYS \SystemRoot\system32\drivers\msahci.sys \SystemRoot\system32\drivers\amdxata.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\system32\drivers\fileinfo.sys \SystemRoot\system32\DRIVERS\MpFilter.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\msrpc.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\drivers\volsnap.sys \SystemRoot\system32\DRIVERS\TVALZ_O.SYS \SystemRoot\System32\Drivers\spldr.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\hwpolicy.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\system32\drivers\disk.sys \SystemRoot\system32\drivers\CLASSPNP.SYS \SystemRoot\system32\DRIVERS\cdrom.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\drivers\VIDEOPRT.SYS \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\system32\drivers\rdpencdd.sys \SystemRoot\system32\drivers\rdprefmp.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\DRIVERS\wfplwf.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\drivers\termdd.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\system32\drivers\mssmbios.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\drivers\blbdrive.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\DRIVERS\igdkmd64.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\system32\DRIVERS\HECIx64.sys \SystemRoot\system32\DRIVERS\usbehci.sys \SystemRoot\system32\DRIVERS\USBPORT.SYS \SystemRoot\system32\drivers\HDAudBus.sys \SystemRoot\system32\DRIVERS\Rt64win7.sys \SystemRoot\system32\DRIVERS\rtl8192Ce.sys \SystemRoot\system32\DRIVERS\vwifibus.sys \SystemRoot\system32\drivers\CmBatt.sys \SystemRoot\system32\DRIVERS\i8042prt.sys \SystemRoot\system32\DRIVERS\CeKbFilter.sys \SystemRoot\system32\DRIVERS\kbdclass.sys \SystemRoot\system32\DRIVERS\SynTP.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\drivers\mouclass.sys \SystemRoot\system32\DRIVERS\tdcmdpst.sys \SystemRoot\system32\DRIVERS\Impcd.sys \SystemRoot\system32\DRIVERS\intelppm.sys \SystemRoot\system32\drivers\CompositeBus.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\DRIVERS\tap0901.sys \SystemRoot\system32\drivers\swenum.sys \SystemRoot\system32\drivers\ks.sys \SystemRoot\system32\DRIVERS\umbus.sys \SystemRoot\system32\drivers\usbhub.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\drivers\RTKVHD64.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\Drivers\dump_iaStor.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\system32\DRIVERS\monitor.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\system32\DRIVERS\usbccgp.sys \SystemRoot\System32\Drivers\usbvideo.sys \SystemRoot\system32\DRIVERS\pgeffect.sys \SystemRoot\system32\drivers\luafv.sys \SystemRoot\system32\DRIVERS\Sftvollh.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\system32\DRIVERS\vwifimp.sys \SystemRoot\system32\DRIVERS\NisDrvWFP.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\system32\DRIVERS\Sftfslh.sys \SystemRoot\system32\DRIVERS\Sftplaylh.sys \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\system32\DRIVERS\Sftredirlh.sys \SystemRoot\system32\DRIVERS\asyncmac.sys \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\mbamswissarmy.sys \Windows\System32\ntdll.dll \Windows\System32\smss.exe \Windows\System32\apisetschema.dll \Windows\System32\autochk.exe \Windows\System32\usp10.dll \Windows\System32\iertutil.dll \Windows\System32\nsi.dll \Windows\System32\urlmon.dll \Windows\System32\sechost.dll \Windows\System32\imm32.dll \Windows\System32\kernel32.dll \Windows\System32\comdlg32.dll \Windows\System32\difxapi.dll \Windows\System32\oleaut32.dll \Windows\System32\clbcatq.dll \Windows\System32\normaliz.dll \Windows\System32\rpcrt4.dll \Windows\System32\lpk.dll \Windows\System32\user32.dll \Windows\System32\imagehlp.dll \Windows\System32\wininet.dll \Windows\System32\gdi32.dll \Windows\System32\psapi.dll \Windows\System32\ws2_32.dll \Windows\System32\setupapi.dll \Windows\System32\shell32.dll \Windows\System32\msvcrt.dll \Windows\System32\Wldap32.dll \Windows\System32\shlwapi.dll \Windows\System32\advapi32.dll \Windows\System32\ole32.dll \Windows\System32\msctf.dll \Windows\System32\wintrust.dll \Windows\System32\crypt32.dll \Windows\System32\cfgmgr32.dll \Windows\System32\comctl32.dll \Windows\System32\devobj.dll \Windows\System32\KernelBase.dll \Windows\System32\msasn1.dll ----------- End ----------- <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa8004c99060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IAAStorageDevice-1\ Lower Device Object: 0xfffffa8004a0b050 Lower Device Driver Name: \Driver\iaStor\ Driver name found: iaStor Initialization returned 0x0 Load Function returned 0x0 Downloaded database version: v2013.03.31.04 Downloaded database version: v2013.03.25.01 Initializing... Done! <<<2>>> Device number: 0, partition: 2 Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa8004c99060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8004c99b90, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8004c99060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa8004a0b050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0xfffff8a012039350, 0xfffffa8004c99060, 0xfffffa800421f250 Lower DeviceData: 0xfffff8a00134b250, 0xfffffa8004a0b050, 0xfffffa800b851700 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning directory: C:\Windows\system32\drivers... <<<2>>> Device number: 0, partition: 2 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 90B4D6F9 Partition information: Partition 0 type is Other (0x27) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 819200 Partition file system is NTFS Partition is bootable Partition 1 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 821248 Numsec = 488386560 Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 489207808 Numsec = 487565312 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 500107862016 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)... Physical Sector Size: 512 Drive: 1, DevicePointer: 0xfffffa800b5ed060, DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8004278870, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa800b5ed060, DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa80041b34f0, DeviceName: \Device\0000007f\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 1 Scanning MBR on drive 1... Inspecting partition table: MBR Signature: 55AA Disk Signature: C3072E18 Partition information: Partition 0 type is Other (0xc) Partition is ACTIVE. Partition starts at LBA: 10680 Numsec = 15939912 Partition file system is FAT32 Partition is not bootable Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 8166703104 bytes Sector size: 512 bytes Done! Performing system, memory and registry scan... Infected: HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} --> [PUP.Blabbers] Infected: c:\Program Files (x86)\BrowserCompanion\jsloader.dll --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\CLASSES\TYPELIB\{8830DDF0-3042-404D-A62C-384A85E34833} --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\CLASSES\INTERFACE\{817923CB-4744-4216-B250-CF7EDA8F1767} --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{817923CB-4744-4216-B250-CF7EDA8F1767} --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{8830DDF0-3042-404D-A62C-384A85E34833} --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\CLASSES\wit4ie.WitBHO.2 --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\CLASSES\wit4ie.WitBHO --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\WOW6432NODE\CLASSES\wit4ie.WitBHO --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{00CBB66B-1D3B-46D3-9577-323A336ACB50} --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\WOW6432NODE\CLASSES\wit4ie.WitBHO.2 --> [PUP.Blabbers] Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{00CBB66B-1D3B-46D3-9577-323A336ACB50} --> [PUP.Blabbers] Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{00CBB66B-1D3B-46D3-9577-323A336ACB50} --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} --> [PUP.Blabbers] Infected: c:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\CLASSES\TYPELIB\{830B56CB-FD22-44AA-9887-7898F4F4158D} --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{830B56CB-FD22-44AA-9887-7898F4F4158D} --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\CLASSES\tdataprotocol.CTData.1 --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\CLASSES\tdataprotocol.CTData --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\WOW6432NODE\CLASSES\tdataprotocol.CTData --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\WOW6432NODE\CLASSES\tdataprotocol.CTData.1 --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} --> [PUP.Blabbers] Infected: c:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\CLASSES\TYPELIB\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\CLASSES\INTERFACE\{9F0C17EB-EF2C-4278-9136-2D547656BC03} --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9F0C17EB-EF2C-4278-9136-2D547656BC03} --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\CLASSES\updatebho.TimerBHO.1 --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\CLASSES\updatebho.TimerBHO --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\WOW6432NODE\CLASSES\updatebho.TimerBHO --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{963B125B-8B21-49A2-A3A8-E37092276531} --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\WOW6432NODE\CLASSES\updatebho.TimerBHO.1 --> [PUP.Blabbers] Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{963B125B-8B21-49A2-A3A8-E37092276531} --> [PUP.Blabbers] Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{963B125B-8B21-49A2-A3A8-E37092276531} --> [PUP.Blabbers] Infected: c:\Users\Alice\Downloads\DownloadAcceleratorSetup.exe --> [PUP.Adware.InstallCore] Infected: c:\Program Files (x86)\BrowserCompanion\blabbers-ff-full.xpi --> [PUP.Blabbers] Infected: c:\Program Files (x86)\BrowserCompanion --> [PUP.Blabbers] Infected: c:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx --> [PUP.Blabbers] Infected: c:\Program Files (x86)\BrowserCompanion\logo.ico --> [PUP.Blabbers] Infected: c:\Program Files (x86)\BrowserCompanion\terms.lnk.url --> [PUP.Blabbers] Infected: c:\Program Files (x86)\BrowserCompanion\toolbar.dll --> [PUP.Blabbers] Infected: c:\Program Files (x86)\BrowserCompanion\uninstall.exe --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BrowserCompanion --> [PUP.Blabbers] Infected: c:\Program Files (x86)\BrowserCompanion\updater.ini --> [PUP.Blabbers] Infected: c:\Program Files (x86)\BrowserCompanion\widgetserv.exe --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\CLASSES\PROTOCOLS\HANDLER\BASE64|CLSID --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\CLASSES\PROTOCOLS\HANDLER\BASE64 --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\CLASSES\PROTOCOLS\HANDLER\CHROME|CLSID --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\CLASSES\PROTOCOLS\HANDLER\CHROME --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\CLASSES\PROTOCOLS\HANDLER\PROX|CLSID --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\CLASSES\PROTOCOLS\HANDLER\PROX --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\WOW6432NODE\CLASSES\PROTOCOLS\HANDLER\BASE64|CLSID --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\WOW6432NODE\CLASSES\PROTOCOLS\HANDLER\BASE64 --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\WOW6432NODE\CLASSES\PROTOCOLS\HANDLER\CHROME|CLSID --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\WOW6432NODE\CLASSES\PROTOCOLS\HANDLER\CHROME --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\WOW6432NODE\CLASSES\PROTOCOLS\HANDLER\PROX|CLSID --> [PUP.Blabbers] Infected: HKLM\SOFTWARE\WOW6432NODE\CLASSES\PROTOCOLS\HANDLER\PROX --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\BCHelper.exe --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cmpguid.js --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\fix2.js --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\fix3.js --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\fix4.js --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\fixJQ1_71.js --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\fixJQ1_71_2.js --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\fixJQ1_83.js --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\icon.png --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\jquery4toolbar.js --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\jquery4toolbar183.js --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\lock.js --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\witapi.js --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\witmain.js --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\wittoolbar.js --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\witwidgetapi.js --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\1048fa0383ec8c1a4365d4bd4fed1de5 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\1048fa0383ec8c1a4365d4bd4fed1de5_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\150b7566b7871fb6e0ef44753d0c6dc3_DE --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\170f337942c410233f577de5778810a6 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\170f337942c410233f577de5778810a6_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\1bcf5a8f2429c4942ad539ef2c5df336 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\1bcf5a8f2429c4942ad539ef2c5df336_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\231785d024a11371bfc94ffff0a4b741_DE --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\24779e9d2de93d13d7e07b527a1684d4 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\24779e9d2de93d13d7e07b527a1684d4_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\24babf55cc829f44cc93a9b1f6d91998 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\24babf55cc829f44cc93a9b1f6d91998_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\a6d4447986c4e442d92ed00b149c14f3_DE --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\a7e0abb80dabcdbb6dbaec920aa126a0 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\a7e0abb80dabcdbb6dbaec920aa126a0_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\a95092a9bd34f5cfc98f78ca74502f36_DE --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\aa36bceec49c832079e270icmc219ats --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\adf275b6644b3fcac86a14ffe551dede --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\adf275b6644b3fcac86a14ffe551dede_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\b5080fd498f4580cd85cbf8ff41766c5_DE --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\bc8dad417f8f0fb33406e79ccd806c7f --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\bc8dad417f8f0fb33406e79ccd806c7f_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\bf73732e1f0b76bac435293ba3880579 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\bf73732e1f0b76bac435293ba3880579_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\c6d8337e4b016a68fdbb60b29e7d254d --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\c6d8337e4b016a68fdbb60b29e7d254d_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\5f4ce27504a73ff97d1936c597c769e5 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\5f4ce27504a73ff97d1936c597c769e5_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\5fa7175bc2ca31ede84e2c1c8d75f3a5 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\5fa7175bc2ca31ede84e2c1c8d75f3a5_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\61e2ae11ba3d1cbe8887ea80f192e299 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\61e2ae11ba3d1cbe8887ea80f192e299_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\eeab68dd74d26245087956fb3caf6937_DE --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\f518ab7a831164d6929797f9240a99c0 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\f518ab7a831164d6929797f9240a99c0_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\2a86ac4f3322238b4f27d14a09839275 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\2a86ac4f3322238b4f27d14a09839275_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\2e0dda2d2281da01c330dc3e12b45a9d_DE --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\2e0dda2d2281da01c330dc3e12b45a9d_unknown --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\38207d71d9cc86fb6daebc118ce6286c_DE --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\3b6b74d5a92c729ce36a9d055d3db8e9 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\3b6b74d5a92c729ce36a9d055d3db8e9_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\4713e82e27fb9719d76577d1585acb00_DE --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\4713e82e27fb9719d76577d1585acb00_unknown --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\477f5134e73f0099219c494cb23f6657_DE --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\6496a43cad388e4b78f1ecce8fcffc27_DE --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\8fd0e5f2c42f56c41599ca329ef70350_DE --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\cbb647c72e5b13b52d1392c603dcfde6 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\ece71b71690fad200cbed95871ef4bb2_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\8ffbb13aa6f702b0cafab391f90d1db7 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\8ffbb13aa6f702b0cafab391f90d1db7_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\91ed24cba47f3cabaaaf7bdb0e620066 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\91ed24cba47f3cabaaaf7bdb0e620066_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\97ebd54590023fc7011e49d332abb7d1 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\97ebd54590023fc7011e49d332abb7d1_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\9c2afdb0a6d9bf59b300144154b58c67_DE --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\9c86b973456448ae01f1cbc0d6cf607a_DE --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\9c86b973456448ae01f1cbc0d6cf607a_unknown --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\a227f4517bd7937e697182f46906a6b4_DE --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\a38dbdd1af07f4236d43e8fd995f57a6 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\a38dbdd1af07f4236d43e8fd995f57a6_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\a4cc6ab573e4a5fee2a418e22d3c14dc --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\a4cc6ab573e4a5fee2a418e22d3c14dc_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\cbb647c72e5b13b52d1392c603dcfde6_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\d5747e13728fd7df356bc13545143ea6_DE --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\d6418e300158fb16d8396d122d4b423b_DE --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\d6418e300158fb16d8396d122d4b423b_unknown --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\d89bfd841403290d610bcf662008b443 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\d89bfd841403290d610bcf662008b443_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\e7d8325da90d91d3c4e7720f0e629e17 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\e7d8325da90d91d3c4e7720f0e629e17_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\e7d8325da90d91d3c4e7720f0e629e17_version --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\e9e14a99847657c53e1cc29cc55ab7af_DE --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\eb04bdda55e3827d8df8b5e1afac83a2 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\eb04bdda55e3827d8df8b5e1afac83a2_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\ece71b71690fad200cbed95871ef4bb2 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\6496a43cad388e4b78f1ecce8fcffc27_unknown --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\6d091eb0bf44b762a039ee138e6b165c_DE --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\6ff6ea009817b27df633b37777d528cd --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\6ff6ea009817b27df633b37777d528cd_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\72891ec935a3d247f2da6562ef29a005 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\72891ec935a3d247f2da6562ef29a005_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\86c0ad88ecc21918c1ababa536b80de9 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\86c0ad88ecc21918c1ababa536b80de9_expire --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\8a8dc36effa0a0300d6fb1a383936a49 --> [PUP.Blabbers] Infected: c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\8a8dc36effa0a0300d6fb1a383936a49_expire --> [PUP.Blabbers] Done! Scan finished Creating System Restore point... Scheduling clean up... <<<2>>> Device number: 0, partition: 2 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Removal scheduling successful. System shutdown needed. System shutdown occurred ======================================= --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.01.0.1022 (c) Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 9.0.8112.16421 Java version: 1.6.0_35 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, G:\ DRIVE_FIXED, Q:\ DRIVE_FIXED CPU speed: 2.394000 GHz Memory total: 4079665152, free: 3034337280 Removal queue found; removal started Removing c:\Program Files (x86)\BrowserCompanion\jsloader.dll... Removing c:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll... Removing c:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll... Removing c:\Users\Alice\Downloads\DownloadAcceleratorSetup.exe... Removing c:\Program Files (x86)\BrowserCompanion\blabbers-ff-full.xpi... Removing c:\Program Files (x86)\BrowserCompanion... Removing c:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx... Removing c:\Program Files (x86)\BrowserCompanion\logo.ico... Removing c:\Program Files (x86)\BrowserCompanion\terms.lnk.url... Removing c:\Program Files (x86)\BrowserCompanion\toolbar.dll... Removing c:\Program Files (x86)\BrowserCompanion\uninstall.exe... Removing c:\Program Files (x86)\BrowserCompanion\updater.ini... Removing c:\Program Files (x86)\BrowserCompanion\widgetserv.exe... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\BCHelper.exe... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cmpguid.js... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\fix2.js... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\fix3.js... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\fix4.js... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\fixJQ1_71.js... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\fixJQ1_71_2.js... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\fixJQ1_83.js... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\icon.png... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\jquery4toolbar.js... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\jquery4toolbar183.js... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\lock.js... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\witapi.js... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\witmain.js... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\wittoolbar.js... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\witwidgetapi.js... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\1048fa0383ec8c1a4365d4bd4fed1de5... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\1048fa0383ec8c1a4365d4bd4fed1de5_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\150b7566b7871fb6e0ef44753d0c6dc3_DE... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\170f337942c410233f577de5778810a6... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\170f337942c410233f577de5778810a6_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\1bcf5a8f2429c4942ad539ef2c5df336... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\1bcf5a8f2429c4942ad539ef2c5df336_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\231785d024a11371bfc94ffff0a4b741_DE... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\24779e9d2de93d13d7e07b527a1684d4... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\24779e9d2de93d13d7e07b527a1684d4_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\24babf55cc829f44cc93a9b1f6d91998... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\24babf55cc829f44cc93a9b1f6d91998_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\a6d4447986c4e442d92ed00b149c14f3_DE... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\a7e0abb80dabcdbb6dbaec920aa126a0... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\a7e0abb80dabcdbb6dbaec920aa126a0_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\a95092a9bd34f5cfc98f78ca74502f36_DE... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\aa36bceec49c832079e270icmc219ats... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\adf275b6644b3fcac86a14ffe551dede... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\adf275b6644b3fcac86a14ffe551dede_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\b5080fd498f4580cd85cbf8ff41766c5_DE... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\bc8dad417f8f0fb33406e79ccd806c7f... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\bc8dad417f8f0fb33406e79ccd806c7f_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\bf73732e1f0b76bac435293ba3880579... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\bf73732e1f0b76bac435293ba3880579_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\c6d8337e4b016a68fdbb60b29e7d254d... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\c6d8337e4b016a68fdbb60b29e7d254d_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\5f4ce27504a73ff97d1936c597c769e5... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\5f4ce27504a73ff97d1936c597c769e5_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\5fa7175bc2ca31ede84e2c1c8d75f3a5... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\5fa7175bc2ca31ede84e2c1c8d75f3a5_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\61e2ae11ba3d1cbe8887ea80f192e299... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\61e2ae11ba3d1cbe8887ea80f192e299_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\eeab68dd74d26245087956fb3caf6937_DE... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\f518ab7a831164d6929797f9240a99c0... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\f518ab7a831164d6929797f9240a99c0_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\2a86ac4f3322238b4f27d14a09839275... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\2a86ac4f3322238b4f27d14a09839275_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\2e0dda2d2281da01c330dc3e12b45a9d_DE... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\2e0dda2d2281da01c330dc3e12b45a9d_unknown... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\38207d71d9cc86fb6daebc118ce6286c_DE... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\3b6b74d5a92c729ce36a9d055d3db8e9... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\3b6b74d5a92c729ce36a9d055d3db8e9_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\4713e82e27fb9719d76577d1585acb00_DE... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\4713e82e27fb9719d76577d1585acb00_unknown... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\477f5134e73f0099219c494cb23f6657_DE... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\6496a43cad388e4b78f1ecce8fcffc27_DE... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\8fd0e5f2c42f56c41599ca329ef70350_DE... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\cbb647c72e5b13b52d1392c603dcfde6... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\ece71b71690fad200cbed95871ef4bb2_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\8ffbb13aa6f702b0cafab391f90d1db7... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\8ffbb13aa6f702b0cafab391f90d1db7_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\91ed24cba47f3cabaaaf7bdb0e620066... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\91ed24cba47f3cabaaaf7bdb0e620066_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\97ebd54590023fc7011e49d332abb7d1... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\97ebd54590023fc7011e49d332abb7d1_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\9c2afdb0a6d9bf59b300144154b58c67_DE... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\9c86b973456448ae01f1cbc0d6cf607a_DE... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\9c86b973456448ae01f1cbc0d6cf607a_unknown... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\a227f4517bd7937e697182f46906a6b4_DE... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\a38dbdd1af07f4236d43e8fd995f57a6... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\a38dbdd1af07f4236d43e8fd995f57a6_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\a4cc6ab573e4a5fee2a418e22d3c14dc... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\a4cc6ab573e4a5fee2a418e22d3c14dc_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\cbb647c72e5b13b52d1392c603dcfde6_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\d5747e13728fd7df356bc13545143ea6_DE... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\d6418e300158fb16d8396d122d4b423b_DE... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\d6418e300158fb16d8396d122d4b423b_unknown... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\d89bfd841403290d610bcf662008b443... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\d89bfd841403290d610bcf662008b443_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\e7d8325da90d91d3c4e7720f0e629e17... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\e7d8325da90d91d3c4e7720f0e629e17_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\e7d8325da90d91d3c4e7720f0e629e17_version... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\e9e14a99847657c53e1cc29cc55ab7af_DE... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\eb04bdda55e3827d8df8b5e1afac83a2... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\eb04bdda55e3827d8df8b5e1afac83a2_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\ece71b71690fad200cbed95871ef4bb2... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\6496a43cad388e4b78f1ecce8fcffc27_unknown... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\6d091eb0bf44b762a039ee138e6b165c_DE... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\6ff6ea009817b27df633b37777d528cd... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\6ff6ea009817b27df633b37777d528cd_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\72891ec935a3d247f2da6562ef29a005... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\72891ec935a3d247f2da6562ef29a005_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\86c0ad88ecc21918c1ababa536b80de9... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\86c0ad88ecc21918c1ababa536b80de9_expire... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\8a8dc36effa0a0300d6fb1a383936a49... Removing c:\Users\Alice\AppData\LocalLow\bbrs_002.tb\content\cache\8a8dc36effa0a0300d6fb1a383936a49_expire... Removal finished ======================================= --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.01.0.1022 (c) Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 9.0.8112.16421 Java version: 1.6.0_35 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, G:\ DRIVE_FIXED, Q:\ DRIVE_FIXED CPU speed: 2.394000 GHz Memory total: 4079665152, free: 2667356160 ------------ Kernel report ------------ 03/31/2013 23:22:47 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kdcom.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\system32\PSHED.dll \SystemRoot\system32\CLFS.SYS \SystemRoot\system32\CI.dll \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\ACPI.sys \SystemRoot\system32\drivers\WMILIB.SYS \SystemRoot\system32\drivers\msisadrv.sys \SystemRoot\system32\drivers\pci.sys \SystemRoot\system32\drivers\vdrvroot.sys \SystemRoot\system32\DRIVERS\LPCFilter.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\system32\drivers\compbatt.sys \SystemRoot\system32\drivers\BATTC.SYS \SystemRoot\system32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\system32\DRIVERS\pciide.sys \SystemRoot\system32\DRIVERS\PCIIDEX.SYS \SystemRoot\system32\DRIVERS\iaStor.sys \SystemRoot\system32\drivers\atapi.sys \SystemRoot\system32\drivers\ataport.SYS \SystemRoot\system32\drivers\msahci.sys \SystemRoot\system32\drivers\amdxata.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\system32\drivers\fileinfo.sys \SystemRoot\system32\DRIVERS\MpFilter.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\msrpc.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\drivers\volsnap.sys \SystemRoot\system32\DRIVERS\TVALZ_O.SYS \SystemRoot\System32\Drivers\spldr.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\hwpolicy.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\system32\drivers\disk.sys \SystemRoot\system32\drivers\CLASSPNP.SYS \SystemRoot\system32\DRIVERS\cdrom.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\drivers\VIDEOPRT.SYS \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\system32\drivers\rdpencdd.sys \SystemRoot\system32\drivers\rdprefmp.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\DRIVERS\wfplwf.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\drivers\termdd.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\system32\drivers\mssmbios.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\drivers\blbdrive.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\DRIVERS\igdkmd64.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\system32\DRIVERS\HECIx64.sys \SystemRoot\system32\DRIVERS\usbehci.sys \SystemRoot\system32\DRIVERS\USBPORT.SYS \SystemRoot\system32\drivers\HDAudBus.sys \SystemRoot\system32\DRIVERS\Rt64win7.sys \SystemRoot\system32\DRIVERS\rtl8192Ce.sys \SystemRoot\system32\DRIVERS\vwifibus.sys \SystemRoot\system32\drivers\CmBatt.sys \SystemRoot\system32\DRIVERS\i8042prt.sys \SystemRoot\system32\DRIVERS\CeKbFilter.sys \SystemRoot\system32\DRIVERS\kbdclass.sys \SystemRoot\system32\DRIVERS\SynTP.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\drivers\mouclass.sys \SystemRoot\system32\DRIVERS\tdcmdpst.sys \SystemRoot\system32\DRIVERS\Impcd.sys \SystemRoot\system32\DRIVERS\intelppm.sys \SystemRoot\system32\drivers\CompositeBus.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\DRIVERS\tap0901.sys \SystemRoot\system32\drivers\swenum.sys \SystemRoot\system32\drivers\ks.sys \SystemRoot\system32\DRIVERS\umbus.sys \SystemRoot\system32\drivers\usbhub.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\drivers\RTKVHD64.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\DRIVERS\usbccgp.sys \SystemRoot\System32\Drivers\usbvideo.sys \SystemRoot\system32\DRIVERS\pgeffect.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\system32\DRIVERS\USBSTOR.SYS \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\Drivers\dump_iaStor.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\system32\DRIVERS\monitor.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\system32\drivers\luafv.sys \SystemRoot\system32\DRIVERS\Sftvollh.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\System32\Drivers\fastfat.SYS \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\system32\DRIVERS\vwifimp.sys \SystemRoot\system32\DRIVERS\NisDrvWFP.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\system32\DRIVERS\Sftfslh.sys \SystemRoot\system32\DRIVERS\Sftplaylh.sys \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\system32\DRIVERS\Sftredirlh.sys \SystemRoot\system32\drivers\WudfPf.sys \SystemRoot\system32\DRIVERS\WUDFRd.sys \SystemRoot\system32\drivers\spsys.sys \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\mbamswissarmy.sys \Windows\System32\ntdll.dll \Windows\System32\smss.exe \Windows\System32\apisetschema.dll \Windows\System32\autochk.exe ----------- End ----------- <<<1>>> Upper Device Name: \Device\Harddisk2\DR2 Upper Device Object: 0xfffffa8007162790 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\00000072\ Lower Device Object: 0xfffffa8007cefb60 Lower Device Driver Name: \Driver\USBSTOR\ Driver name found: USBSTOR Initialization returned 0x0 Load Function returned 0x0 <<<1>>> Upper Device Name: \Device\Harddisk1\DR1 Upper Device Object: 0xfffffa8007042790 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\00000070\ Lower Device Object: 0xfffffa8007cabb60 Lower Device Driver Name: \Driver\USBSTOR\ Driver name found: USBSTOR <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa8004c9a060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IAAStorageDevice-1\ Lower Device Object: 0xfffffa8004a13050 Lower Device Driver Name: \Driver\iaStor\ Driver name found: iaStor Initialization returned 0x0 Load Function returned 0x0 Initializing... Done! <<<2>>> Device number: 0, partition: 2 Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa8004c9a060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8004c9ab90, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8004c9a060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa8004a13050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0xfffff8a00caed970, 0xfffffa8004c9a060, 0xfffffa80040c1790 Lower DeviceData: 0xfffff8a00c1c76c0, 0xfffffa8004a13050, 0xfffffa80040bf890 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning directory: C:\Windows\system32\drivers... <<<2>>> Device number: 0, partition: 2 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 90B4D6F9 Partition information: Partition 0 type is Other (0x27) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 819200 Partition file system is NTFS Partition is bootable Partition 1 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 821248 Numsec = 488386560 Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 489207808 Numsec = 487565312 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 500107862016 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)... Physical Sector Size: 512 Drive: 1, DevicePointer: 0xfffffa8007042790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8003b6e800, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8007042790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa8007cabb60, DeviceName: \Device\00000070\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ Upper DeviceData: 0xfffff8a00b635f20, 0xfffffa8007042790, 0xfffffa80040b25e0 Lower DeviceData: 0xfffff8a00b979e70, 0xfffffa8007cabb60, 0xfffffa800405d890 Drive 1 Scanning MBR on drive 1... Inspecting partition table: MBR Signature: 55AA Disk Signature: C3072E18 Partition information: Partition 0 type is Other (0xc) Partition is ACTIVE. Partition starts at LBA: 10680 Numsec = 15939912 Partition file system is FAT32 Partition is not bootable Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 8166703104 bytes Sector size: 512 bytes Physical Sector Size: 512 Drive: 2, DevicePointer: 0xfffffa8007162790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8007ce1b90, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8007162790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa8007cefb60, DeviceName: \Device\00000072\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\ Upper DeviceData: 0xfffff8a00c1e4300, 0xfffffa8007162790, 0xfffffa80040cc790 Lower DeviceData: 0xfffff8a00bf3c580, 0xfffffa8007cefb60, 0xfffffa80040bea60 Drive 2 Scanning MBR on drive 2... Inspecting partition table: MBR Signature: 55AA Disk Signature: 1B661B Partition information: Partition 0 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 2930270208 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 1500299395072 bytes Sector size: 512 bytes Done! Performing system, memory and registry scan... Done! Scan finished ---------------------------------------------- Kann mir jemand sagen, wie ich weiter vorgehen soll? Danke im Voraus! Viele Grüße |
| Themen zu clicktocontinue by coupondopdown |
| anleitung, appdata, c:\windows, clean, clicktocontinue, coupondopdown, crypt, device driver, explorer, forum, free, harddisk, helper, install.exe, jquery, log-datei, malwarebytes, microsoft, not, object, registry, scan, shell, shutdown, software, system, system32, total, uninstall.exe, windows, windows 7 |
Baum-Darstellung