Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: BKA Virus - Ukash 100€

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 07.11.2011, 23:34   #1
Tussiontour
 
BKA Virus - Ukash 100€ - Standard

BKA Virus - Ukash 100€



Hallo,
ich habe seit gestern den Bundespolizei Virus auf meinem Laptop, kam erst
nicht an meinen Desktop dran, habe es aber durch Neustarten und dem Task Manager geschafft Malwarebytes zu öffnen und erst einen Quick Scan und danach noch einen Vollständigen Scan zu machen. Der Virus ist bisher nicht wieder aufgetaucht, aber ich mache mir dennoch sorgen das er noch auf dem Laptop sein könnte.

Hier schon mal die Log-Datei vom Quick Scan:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 8106

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

07.11.2011 14:43:10
mbam-log-2011-11-07 (14-43-10).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 196336
Laufzeit: 12 Minute(n), 55 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 3
Infizierte Dateien: 9

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileHunter (PUP.FileHunter) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\avupdate (Trojan.Agent) -> Value: avupdate -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\FileHunter Check for updates (PUP.FileHunter) -> Value: FileHunter Check for updates -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\Users\Lisa\AppData\Roaming\filehunter (PUP.FileHunter) -> Quarantined and deleted successfully.
c:\Users\Lisa\AppData\Roaming\filehunter\downloads (PUP.FileHunter) -> Quarantined and deleted successfully.
c:\Users\Lisa\AppData\Roaming\filehunter\metafiles (PUP.FileHunter) -> Quarantined and deleted successfully.

Infizierte Dateien:
c:\Users\Lisa\AppData\Roaming\mahmud.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lisa\AppData\Local\Temp\FH\extension.exe (Adware.Soge) -> Quarantined and deleted successfully.
c:\Users\Lisa\AppData\Roaming\filehunter\pumpa.state (PUP.FileHunter) -> Quarantined and deleted successfully.
c:\Users\Lisa\AppData\Roaming\filehunter\filehunter.exe (PUP.FileHunter) -> Quarantined and deleted successfully.
c:\Users\Lisa\AppData\Roaming\filehunter\pumpa.exe (PUP.FileHunter) -> Quarantined and deleted successfully.
c:\Users\Lisa\AppData\Roaming\filehunter\uninstall.exe (PUP.FileHunter) -> Quarantined and deleted successfully.
c:\Users\Lisa\AppData\Roaming\filehunter\update.exe (PUP.FileHunter) -> Quarantined and deleted successfully.
c:\Users\Lisa\AppData\Roaming\filehunter\version (PUP.FileHunter) -> Quarantined and deleted successfully.
c:\Users\Lisa\AppData\Local\Temp\FH\filehunter-win32.exe (PUP.FileHunter) -> Quarantined and deleted successfully.





Und hier die Log-Datei vom Vollständigen Scan:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 8106

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

07.11.2011 18:01:53
mbam-log-2011-11-07 (18-01-53).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 434509
Laufzeit: 3 Stunde(n), 8 Minute(n), 48 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 2

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\Lisa\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\CMAA5O08\calc[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Lisa\AppData\LocalLow\Sun\Java\deployment\cache\6.0\49\4b9bc331-20eadc54 (Trojan.Agent) -> Quarantined and deleted successfully.

Alt 08.11.2011, 10:10   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BKA Virus - Ukash 100€ - Standard

BKA Virus - Ukash 100€



Führ bitte auch ESET aus, danach sehen wir weiter:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________

__________________

Alt 09.11.2011, 19:13   #3
Tussiontour
 
BKA Virus - Ukash 100€ - Standard

BKA Virus - Ukash 100€



Ich hab es gestern versucht, Eset auszuführen, aber seit dem ich alles deaktiviert hatte konnte ich bis eben nicht mehr auf Windows zugreifen wegen dem Virus. Ich habe Angst das es nochmal passiert.
__________________

Alt 10.11.2011, 09:44   #4
Tussiontour
 
BKA Virus - Ukash 100€ - Standard

BKA Virus - Ukash 100€



Habe es jetzt nochmal versucht, habe allerdings diesmal die firewall angelassen.
Der Log hierzu ist der hier :

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK

Alt 10.11.2011, 15:00   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BKA Virus - Ukash 100€ - Standard

BKA Virus - Ukash 100€



Du hast offesichtlich den Hinweis ignoriert => Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt so öffnen: per Rechtsklick => als Administrator ausführen

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 14.11.2011, 11:41   #6
Tussiontour
 
BKA Virus - Ukash 100€ - Standard

BKA Virus - Ukash 100€



Okay, habe es jetzt hinbekommen.

Hier der log :

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=97fa8863c81a994d99cd9d174276790a
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-14 12:53:37
# local_time=2011-11-14 01:53:37 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5121 16776637 100 96 109672068 135939885 0 0
# compatibility_mode=5892 16776574 100 100 353314 158747511 0 0
# compatibility_mode=8192 67108863 100 0 459794 459794 0 0
# scanned=271722
# found=20
# cleaned=0
# scan_time=17234
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll Win32/Adware.Agent.NJT application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lisa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7QMD9AWU\346440e85627a14e09047ce5896be528[1].htm HTML/Iframe.B.Gen virus (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lisa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NFN48CE8\main[1] Win32/LockScreen.AHO trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lisa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R2KO38PF\b583367afa4befa58ef711c865ef5ea1[1].htm HTML/Iframe.B.Gen virus (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lisa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R2KO38PF\cc172[1].pdf JS/Exploit.Pdfka.PFS.Gen trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lisa\AppData\Local\Mozilla\Firefox\Profiles\dntk5kcx.default\Cache\A\87\4A04Fd01 JS/TrojanClicker.Agent.NCQ trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lisa\AppData\Local\Mozilla\Firefox\Profiles\dntk5kcx.default\Cache\C\49\FF4C7d01 HTML/ScrInject.B.Gen virus (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\8c1f310-2f629ab3 multiple threats (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\7059ff11-2e97e862 multiple threats (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\405e179f-5c369b50 Java/Agent.DW trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\113eb22f-5b948351 Java/Agent.DW trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\29bc6372-2a12a659 a variant of Java/Agent.DW trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\5df207f6-5e1a03de Java/Agent.DW trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\25ad543a-4087ac2f a variant of Java/Agent.DW trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\4bda146-6c35a8b7 Java/Agent.DW trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lisa\Documents\Desktop\Programme\FreeYouTubeDownload.exe Win32/Adware.ADON application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lisa\Downloads\Facemoods.exe a variant of Win32/SweetIM.B application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lisa\Downloads\SoftonicDownloader_fuer_outlook-on-the-desktop (1).exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lisa\Downloads\SoftonicDownloader_fuer_outlook-on-the-desktop.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Lisa\Programme\MsgPlusLive-460.exe a variant of Win32/Adware.CiDHelp application (unable to clean) 00000000000000000000000000000000 I

Alt 14.11.2011, 12:24   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BKA Virus - Ukash 100€ - Standard

BKA Virus - Ukash 100€



CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet
Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 14.11.2011, 17:05   #8
Tussiontour
 
BKA Virus - Ukash 100€ - Standard

BKA Virus - Ukash 100€



Hier der OTL log :OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 14.11.2011 17:00:28 - Run 2
OTL by OldTimer - Version 3.2.22.3     Folder = D:\
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 51,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 14,06 Gb Free Space | 9,76% Space Free | Partition Type: NTFS
Drive D: | 140,50 Gb Total Space | 51,06 Gb Free Space | 36,34% Space Free | Partition Type: NTFS
 
Computer Name: LISAS-LAPPY | User Name: Lisa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
PRC - C:\Programme\Tobit Radio.fx\Server\rfx-server.exe ()
PRC - C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Users\Lisa\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - D:\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Programme\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
PRC - C:\Programme\Acer\Acer Bio Protection\CompPtcVUI.exe (Arachnoid Biometrics Identification Group Corp.)
PRC - C:\Programme\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
PRC - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
PRC - C:\Programme\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
PRC - C:\Windows\System32\vfsFPService.exe (Validity Sensors, Inc.)
PRC - c:\Programme\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
PRC - C:\Programme\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\ACER\Mobility Center\MobilityService.exe ()
PRC - C:\Programme\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\MSK\msksrver.exe (McAfee, Inc.)
PRC - c:\Programme\McAfee\MSC\mcuimgr.exe (McAfee, Inc.)
PRC - C:\Windows\PLFSetI.exe ()
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - c:\Programme\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
PRC - c:\Programme\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\MPF\MpfSrv.exe (McAfee, Inc.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
 
 
========== Modules (SafeList) ==========
 
MOD - c:\Programme\McAfee\SiteAdvisor\sahook.dll (McAfee, Inc.)
MOD - D:\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (MBAMService) -- D:\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (Radio.fx) -- C:\Programme\Tobit Radio.fx\Server\rfx-server.exe ()
SRV - (NisSrv) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (Sony Ericsson PCCompanion) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software)
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (ETService) -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (vfsFPService) -- C:\Windows\System32\vfsFPService.exe (Validity Sensors, Inc.)
SRV - (McNASvc) -- c:\Programme\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (RS_Service) -- C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
SRV - (mcmscsvc) -- C:\Programme\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()
SRV - (McSysmon) -- C:\Programme\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
SRV - (MSK80Service) -- C:\Program Files\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (McProxy) -- c:\Programme\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
SRV - (McShield) -- C:\Programme\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
SRV - (MpfService) -- C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (MpKsl77d4cb73) -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{31070667-A90D-4240-A5B6-0C3D2513DE10}\MpKsl77d4cb73.sys (Microsoft Corporation)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Programme\Acer Arcade Deluxe\PlayMovie\000.fcl (CyberLink Corp.)
DRV - (L1E) -- C:\Windows\System32\drivers\L1E60x86.sys (Atheros Communications, Inc.)
DRV - (WinUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (AlfaFF) -- C:\Windows\system32\Drivers\AlfaFF.sys (Alfa Corporation)
DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corp.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (vfs101x) -- C:\Windows\System32\drivers\vfs101x.sys (Validity Sensors, Inc.)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (NETw4v32) Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (itecir) -- C:\Windows\System32\drivers\itecir.sys (ITE Tech. Inc. )
DRV - (mfesmfk) -- C:\Windows\System32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\Windows\System32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (MPFP) -- C:\Windows\System32\drivers\Mpfp.sys (McAfee, Inc.)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys ()
DRV - (DritekPortIO) -- C:\Programme\Launch Manager\DPortIO.sys (Dritek System Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! Deutschland
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Deutschland
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Acer.com Worldwide - Select your local country or region [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Welcome to Facebook - Log In, Sign Up or Learn More
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 5F 87 2A EA 85 CC 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.live.com/results.aspx?FORM=IEFM1&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://de-de.facebook.com/"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.0.14
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=DVSV5&o=15012&locale=de_DE&apn_uid=E81A7DDD-D39E-4122-997B-C4374F9E921D&apn_ptnrs=U9&apn_sauid=&apn_dtid=&&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q="
 
FF - user.js..browser.search.selectedEngine: "Search the web"
FF - user.js..browser.search.order.1: "Search the web"
FF - user.js..browser.search.defaultenginename: "Search the web"
FF - user.js..keyword.URL: "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2011.11.10 18:55:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.10.22 16:34:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.10.22 16:34:18 | 000,000,000 | ---D | M]
 
[2009.02.14 20:56:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lisa\AppData\Roaming\mozilla\Extensions
[2009.02.14 20:56:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lisa\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2011.11.04 17:33:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions
[2010.06.06 13:01:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.10.15 18:06:33 | 000,000,000 | ---D | M] (Winload Community Toolbar) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}
[2011.10.15 18:06:48 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.10.15 18:06:53 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.08.17 22:54:10 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.05.13 13:31:11 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\engine@conduit.com
[2011.10.04 18:05:54 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com
[2011.11.04 17:33:26 | 000,000,000 | ---D | M] (toolplugin) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\welcome@toolmin.com
[2011.04.29 13:19:18 | 000,002,342 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icq-search.xml
[2011.04.26 13:01:18 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-1.xml
[2010.12.03 13:22:29 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-10.xml
[2011.01.21 14:17:08 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-11.xml
[2011.03.25 17:59:54 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-12.xml
[2011.03.30 10:32:14 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-13.xml
[2011.05.06 14:07:51 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-14.xml
[2011.06.09 12:48:49 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-15.xml
[2011.06.29 13:37:40 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-16.xml
[2011.08.18 14:41:17 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-17.xml
[2011.08.30 16:21:14 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-18.xml
[2011.10.15 18:07:06 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-19.xml
[2009.05.16 16:58:32 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-2.xml
[2009.07.15 16:01:25 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-3.xml
[2009.10.01 17:06:21 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-4.xml
[2009.10.01 21:47:25 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-5.xml
[2009.10.04 12:36:04 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-6.xml
[2009.10.30 12:24:27 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-7.xml
[2009.12.25 14:52:55 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-8.xml
[2010.07.25 16:38:37 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-9.xml
[2011.09.25 16:27:46 | 000,000,168 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin.gif
[2011.09.25 16:27:46 | 000,000,618 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin.src
[2010.05.12 16:40:48 | 000,001,042 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin.xml
[2009.03.25 16:43:15 | 000,001,632 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\live-search.xml
[2008.05.23 23:54:47 | 000,002,386 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\siteadvisor.xml
[2009.05.03 11:59:33 | 000,003,915 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\sweetim.xml
[2011.04.21 12:50:19 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.01.22 00:56:03 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.04.21 12:50:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2008.09.15 15:35:02 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\talkback@mozilla.org
File not found (No name found) -- 
[2011.11.10 18:55:18 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2011.05.10 18:27:59 | 000,000,000 | ---D | M] (Mein Gutscheincode Finder) -- C:\PROGRAM FILES\MEIN GUTSCHEINCODE FINDER\FIREFOX
() (No name found) -- C:\USERS\LISA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DNTK5KCX.DEFAULT\EXTENSIONS\FFXTLBR@FACEMOODS.COM.XPI
[2011.08.30 16:13:59 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll
[2011.02.02 20:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2011.05.10 13:20:49 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011.05.10 13:20:49 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml
[2011.05.10 13:20:49 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2011.05.10 13:20:49 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2011.11.04 17:33:26 | 000,000,158 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\Search the web.src
[2011.05.10 13:20:49 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2011.05.10 13:20:49 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.04.29 10:24:55 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können.) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Programme\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll (Conversion One GmbH)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (McAfee Phishing Filter) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\Programme\McAfee\MSK\mcapbho.dll ()
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Burn4Free Toolbar Helper) - {D187A56B-A33F-4CBE-9D77-459FC0BAE012} - C:\Programme\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll ()
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Burn4Free Toolbar) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Programme\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (toolplugin) - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - C:\Users\Lisa\AppData\Roaming\toolplugin\toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Burn4Free Toolbar) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Programme\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] D:\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Programme\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [Netlog Music Tool]  File not found
O4 - HKCU..\Run: [Picasa Media Detector]  File not found
O4 - HKCU..\Run: [rfxsrvtray] C:\Program Files\Tobit Radio.fx\Client\rfx-tray.exe (Tobit.Software)
O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson)
O4 - HKCU..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [MessengerPlusLiveUninstall] C:\Users\Lisa\AppData\Local\Temp\MsgPlusUninstall.exe (Yuna Software)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10v_ActiveX.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Lisa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.microsoft.com/OAS/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://static.pe.schuelervz.net/photouploader/ImageUploader5.cab?nocache=1222890201 (Image Uploader Control)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1229609271616 (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} hxxp://static.pe.schuelervz.net/photouploader/ImageUploader5.cab?nocache=1212080657 (Image Uploader Control)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} hxxp://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab (IPSUploader4 Control)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll - C:\Programme\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O24 - Desktop WallPaper: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a5ba3033-3e10-11e0-bc1f-c5ffb2b569e8}\Shell - "" = AutoRun
O33 - MountPoints2\{a5ba3033-3e10-11e0-bc1f-c5ffb2b569e8}\Shell\AutoRun\command - "" = G:\Startme.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - C:\Programme\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SafeBootMin: MCODS - C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootMin: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: mcmscsvc - C:\Programme\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SafeBootNet: MCODS - C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootNet: Messenger - Service
SafeBootNet: MpfService - C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SafeBootNet: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {61E3FE32-07B9-4563-A3E0-2DE2D620FE10} - C:\Program Files\PixiePack Codec Pack\InstallerHelper.exe
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codec - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.11.11 00:45:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011.11.08 14:23:09 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2011.11.04 17:33:21 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\toolplugin
[2011.11.02 14:02:24 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\Internet kram
[2011.11.02 14:02:23 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\Bewerbungen
[2011.11.02 14:02:21 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\Bewerbung Anlauf Lisa
[2011.10.22 16:50:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.10.22 16:47:54 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2011.10.22 16:33:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011.10.22 16:32:57 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2011.10.22 16:29:30 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[1 C:\Users\Lisa\AppData\Roaming\*.tmp files -> C:\Users\Lisa\AppData\Roaming\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.11.14 17:03:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011.11.14 16:22:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.11.14 15:39:21 | 000,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.14 15:39:21 | 000,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.14 13:16:42 | 000,000,226 | ---- | M] () -- C:\Windows\wininit.ini
[2011.11.14 12:29:54 | 000,002,299 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\acervcmtmp.ini
[2011.11.14 12:28:21 | 000,082,531 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2011.11.14 12:28:09 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.11.14 12:27:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.11.14 03:23:14 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2011.11.14 03:22:05 | 3219,578,880 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.14 03:21:04 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.11.11 00:47:07 | 000,103,424 | ---- | M] () -- C:\Users\Lisa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.11 00:45:28 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011.11.11 00:38:13 | 000,630,842 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.11.11 00:38:13 | 000,598,096 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.11.11 00:38:13 | 000,127,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.11.11 00:38:13 | 000,105,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.11.10 16:49:10 | 370,490,423 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.11.08 23:10:08 | 000,041,888 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.11.08 23:06:35 | 000,041,888 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.11.06 22:57:59 | 000,000,574 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.02 10:47:04 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\McQcTask.job
[2011.10.31 15:46:10 | 000,045,832 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\UserTile.png
[2011.10.26 19:23:19 | 000,270,063 | ---- | M] () -- C:\Users\Lisa\Documents\Ausschreibung Azubi HB 2012.pdf
[2011.10.26 19:17:49 | 000,001,245 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2011.10.22 16:50:16 | 000,001,668 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.10.20 15:04:01 | 000,032,639 | ---- | M] () -- C:\Users\Lisa\Documents\einzelverbindung oktober.pdf
[2011.10.20 15:03:41 | 000,071,130 | ---- | M] () -- C:\Users\Lisa\Documents\Rechnung Oktober.pdf
[2011.10.20 15:03:17 | 000,031,914 | ---- | M] () -- C:\Users\Lisa\Documents\einzelverbindung september.pdf
[2011.10.20 15:02:55 | 000,061,776 | ---- | M] () -- C:\Users\Lisa\Documents\Rechnung September.pdf
[2011.10.20 15:02:29 | 000,037,777 | ---- | M] () -- C:\Users\Lisa\Documents\einzelverbindung august.pdf
[2011.10.20 15:02:09 | 000,057,357 | ---- | M] () -- C:\Users\Lisa\Documents\RechnungAugust.pdf
[2011.10.20 15:01:48 | 000,029,665 | ---- | M] () -- C:\Users\Lisa\Documents\einzelverbindung juli.pdf
[2011.10.20 15:01:20 | 000,054,823 | ---- | M] () -- C:\Users\Lisa\Documents\Rechnung Juli.pdf
[2011.10.20 15:00:33 | 000,029,207 | ---- | M] () -- C:\Users\Lisa\Documents\einzelverbindung juni.pdf
[2011.10.20 15:00:15 | 000,056,637 | ---- | M] () -- C:\Users\Lisa\Documents\Rechnung Juni.pdf
[2011.10.20 14:59:52 | 000,031,145 | ---- | M] () -- C:\Users\Lisa\Documents\einzelverbindung mai.pdf
[2011.10.20 14:59:27 | 000,054,578 | ---- | M] () -- C:\Users\Lisa\Documents\Rechnung Mai.pdf
[2011.10.20 14:58:45 | 000,106,807 | ---- | M] () -- C:\Users\Lisa\Documents\Rechnung April.pdf
[2011.10.20 14:58:15 | 000,106,203 | ---- | M] () -- C:\Users\Lisa\Documents\Rechnung März.pdf
[1 C:\Users\Lisa\AppData\Roaming\*.tmp files -> C:\Users\Lisa\AppData\Roaming\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.11.11 00:45:28 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011.11.06 22:29:48 | 3219,578,880 | -HS- | C] () -- C:\hiberfil.sys
[2011.11.02 14:02:26 | 001,020,370 | ---- | C] () -- C:\Users\Lisa\Documents\Projekt Zeugniss.jpg
[2011.11.02 14:02:26 | 000,701,766 | ---- | C] () -- C:\Users\Lisa\Documents\Zeugnisse.jpg
[2011.11.02 14:02:26 | 000,232,263 | ---- | C] () -- C:\Users\Lisa\Documents\LisaAnlauf.jpg
[2011.11.02 14:02:26 | 000,013,727 | ---- | C] () -- C:\Users\Lisa\Documents\Kurzbewerbung.rtf
[2011.11.02 14:02:26 | 000,012,408 | ---- | C] () -- C:\Users\Lisa\Documents\MusterAnschreiben.rtf
[2011.11.02 14:02:25 | 001,501,247 | ---- | C] () -- C:\Users\Lisa\Documents\Bewerbungsunterlagen März.pdf
[2011.11.02 14:02:25 | 001,058,639 | ---- | C] () -- C:\Users\Lisa\Documents\Bewerbungsunterlagen.pdf
[2011.11.02 14:02:25 | 000,006,956 | ---- | C] () -- C:\Users\Lisa\Documents\AirBerlin.pdf
[2011.10.26 19:23:10 | 000,270,063 | ---- | C] () -- C:\Users\Lisa\Documents\Ausschreibung Azubi HB 2012.pdf
[2011.10.22 16:50:16 | 000,001,668 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.10.20 15:04:00 | 000,032,639 | ---- | C] () -- C:\Users\Lisa\Documents\einzelverbindung oktober.pdf
[2011.10.20 15:03:40 | 000,071,130 | ---- | C] () -- C:\Users\Lisa\Documents\Rechnung Oktober.pdf
[2011.10.20 15:03:16 | 000,031,914 | ---- | C] () -- C:\Users\Lisa\Documents\einzelverbindung september.pdf
[2011.10.20 15:02:55 | 000,061,776 | ---- | C] () -- C:\Users\Lisa\Documents\Rechnung September.pdf
[2011.10.20 15:02:29 | 000,037,777 | ---- | C] () -- C:\Users\Lisa\Documents\einzelverbindung august.pdf
[2011.10.20 15:02:08 | 000,057,357 | ---- | C] () -- C:\Users\Lisa\Documents\RechnungAugust.pdf
[2011.10.20 15:01:47 | 000,029,665 | ---- | C] () -- C:\Users\Lisa\Documents\einzelverbindung juli.pdf
[2011.10.20 15:01:19 | 000,054,823 | ---- | C] () -- C:\Users\Lisa\Documents\Rechnung Juli.pdf
[2011.10.20 15:00:33 | 000,029,207 | ---- | C] () -- C:\Users\Lisa\Documents\einzelverbindung juni.pdf
[2011.10.20 15:00:14 | 000,056,637 | ---- | C] () -- C:\Users\Lisa\Documents\Rechnung Juni.pdf
[2011.10.20 14:59:51 | 000,031,145 | ---- | C] () -- C:\Users\Lisa\Documents\einzelverbindung mai.pdf
[2011.10.20 14:59:22 | 000,054,578 | ---- | C] () -- C:\Users\Lisa\Documents\Rechnung Mai.pdf
[2011.10.20 14:58:43 | 000,106,807 | ---- | C] () -- C:\Users\Lisa\Documents\Rechnung April.pdf
[2011.10.20 14:58:14 | 000,106,203 | ---- | C] () -- C:\Users\Lisa\Documents\Rechnung März.pdf
[2011.05.20 18:47:40 | 000,021,504 | ---- | C] () -- C:\Windows\jestertb.dll
[2010.10.25 14:53:26 | 000,045,832 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\UserTile.png
[2009.09.17 20:46:04 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.17 20:46:04 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.09.12 22:41:02 | 000,554,496 | ---- | C] () -- C:\Windows\System32\dvmsg.dll
[2009.08.03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.08.03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009.05.19 22:14:04 | 000,000,226 | ---- | C] () -- C:\Windows\wininit.ini
[2009.03.24 19:25:10 | 000,002,299 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\acervcmtmp.ini
[2008.09.14 12:53:24 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.07.19 20:49:52 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2008.07.05 13:39:45 | 000,005,944 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\wklnhst.dat
[2008.06.11 01:07:20 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008.05.25 17:24:40 | 000,000,538 | ---- | C] () -- C:\Windows\mozver.dat
[2008.05.25 17:20:12 | 000,018,944 | ---- | C] () -- C:\Windows\System32\wk32.dll
[2008.05.25 17:20:12 | 000,003,584 | ---- | C] () -- C:\Windows\System32\ic32.dll
[2008.05.25 01:18:11 | 000,000,680 | ---- | C] () -- C:\Users\Lisa\AppData\Local\d3d9caps.dat
[2008.05.23 17:27:34 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008.05.23 15:22:58 | 000,000,010 | ---- | C] () -- C:\Windows\popcinfo.dat
[2008.05.23 00:57:22 | 000,103,424 | ---- | C] () -- C:\Users\Lisa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.05.22 23:18:54 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008.05.22 17:03:50 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008.05.21 20:27:41 | 000,041,888 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008.05.21 20:25:20 | 000,041,888 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008.05.19 11:27:46 | 000,000,022 | ---- | C] () -- C:\ProgramData\60a7806a-0eea-424c-a464-20f4730cd631
[2008.05.07 02:30:46 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2008.05.07 02:30:46 | 000,000,057 | ---- | C] () -- C:\Windows\PidList.ini
[2008.05.07 02:26:43 | 001,548,099 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll
[2008.03.28 20:22:04 | 000,001,024 | R--- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008.03.28 20:22:04 | 000,001,024 | R--- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008.03.28 19:29:19 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll
[2008.03.28 19:25:31 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008.03.28 19:21:05 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008.03.28 19:21:05 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2008.03.28 19:19:46 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\RtkHDAud.dat
[2008.03.28 11:58:20 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.02.29 05:14:04 | 000,223,744 | ---- | C] () -- C:\Windows\System32\b4fm.dll
[2008.01.21 08:15:58 | 000,630,842 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 08:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 08:15:58 | 000,127,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 08:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007.11.14 14:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll
[2007.08.23 17:30:00 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2007.04.24 17:32:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2007.01.26 07:32:18 | 000,069,632 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,341,720 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,598,096 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,105,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.11.14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
 
========== LOP Check ==========
 
[2008.05.23 15:24:10 | 000,000,000 | -HSD | M] -- C:\Users\Lisa\AppData\Roaming\.#
[2008.05.22 23:30:33 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Acer
[2008.03.28 19:43:38 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Acer GameZone Console
[2008.09.15 16:04:02 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Ashampoo
[2011.08.17 22:57:25 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\DVDVideoSoft
[2011.08.17 22:54:06 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.10.15 15:41:59 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\ICQ
[2008.05.22 23:48:13 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\ICQ Toolbar
[2009.08.11 16:14:31 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\LimeWire
[2008.07.06 21:39:00 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Lionhead Studios
[2011.05.10 18:29:42 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Philipp Winterberg
[2010.04.17 11:05:06 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\PowerCinema
[2008.07.18 21:19:43 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\RTPlayer
[2008.07.05 13:40:16 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Template
[2010.05.02 12:49:39 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Tobit
[2011.11.04 17:33:26 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\toolplugin
[2008.05.22 16:17:56 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Validity
[2011.07.15 13:42:37 | 000,000,372 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2011.11.02 10:47:04 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
[2011.11.14 03:21:04 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2008.05.23 15:24:10 | 000,000,000 | -HSD | M] -- C:\Users\Lisa\AppData\Roaming\.#
[2008.05.22 23:30:33 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Acer
[2008.03.28 19:43:38 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Acer GameZone Console
[2008.05.22 19:35:01 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Adobe
[2011.10.31 09:03:23 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Apple Computer
[2008.09.15 16:04:02 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Ashampoo
[2008.05.22 16:21:33 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\CyberLink
[2008.08.02 13:28:17 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\DivX
[2010.04.17 11:29:59 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\dvdcss
[2011.08.17 22:57:25 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\DVDVideoSoft
[2011.08.17 22:54:06 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.09.19 02:03:09 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Google
[2011.10.15 15:41:59 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\ICQ
[2008.05.22 23:48:13 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\ICQ Toolbar
[2008.05.22 16:17:12 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Identities
[2008.05.22 20:08:30 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\InstallShield
[2011.10.08 20:20:13 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Intel
[2009.08.11 16:14:31 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\LimeWire
[2008.07.06 21:39:00 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Lionhead Studios
[2008.05.22 16:18:10 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Macromedia
[2011.04.28 02:54:15 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Malwarebytes
[2006.11.02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Media Center Programs
[2011.08.25 15:43:24 | 000,000,000 | --SD | M] -- C:\Users\Lisa\AppData\Roaming\Microsoft
[2009.05.19 22:13:59 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Move Networks
[2008.09.15 15:35:05 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Mozilla
[2011.05.10 18:29:42 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Philipp Winterberg
[2010.04.17 11:05:06 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\PowerCinema
[2008.07.18 21:19:43 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\RTPlayer
[2009.10.13 17:46:20 | 000,000,000 | R--D | M] -- C:\Users\Lisa\AppData\Roaming\SecuROM
[2008.07.05 13:40:16 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Template
[2010.05.02 12:49:39 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Tobit
[2011.11.04 17:33:26 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\toolplugin
[2011.09.14 23:38:12 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\U3
[2008.05.22 16:17:56 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Validity
[2008.09.24 19:14:13 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\vlc
[2008.05.22 23:48:11 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Yahoo!
 
< %APPDATA%\*.exe /s >
[2009.02.14 20:56:35 | 000,163,840 | ---- | M] (Mozilla Foundation) -- C:\Users\Lisa\AppData\Roaming\LimeWire\browser\xulrunner\crashreporter.exe
[2009.02.14 20:56:37 | 000,196,608 | ---- | M] (Mozilla Foundation) -- C:\Users\Lisa\AppData\Roaming\LimeWire\browser\xulrunner\updater.exe
[2009.02.14 20:56:37 | 000,014,848 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\LimeWire\browser\xulrunner\xpcshell.exe
[2009.02.14 20:56:37 | 000,077,824 | ---- | M] (Mozilla Foundation) -- C:\Users\Lisa\AppData\Roaming\LimeWire\browser\xulrunner\xpicleanup.exe
[2009.02.14 20:56:37 | 000,266,240 | ---- | M] (Mozilla Foundation) -- C:\Users\Lisa\AppData\Roaming\LimeWire\browser\xulrunner\xpidl.exe
[2009.02.14 20:56:37 | 000,018,432 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\LimeWire\browser\xulrunner\xpt_dump.exe
[2009.02.14 20:56:37 | 000,014,336 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\LimeWire\browser\xulrunner\xpt_link.exe
[2009.02.14 20:56:37 | 000,073,728 | ---- | M] (Mozilla Foundation) -- C:\Users\Lisa\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner-stub.exe
[2009.02.14 20:56:37 | 000,102,400 | ---- | M] (Mozilla Foundation) -- C:\Users\Lisa\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner.exe
[2009.02.12 19:37:34 | 000,097,144 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Move Networks\ie_bin\MovePlayerUpgrade.exe
[2009.05.19 22:13:59 | 000,034,062 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Move Networks\ie_bin\Uninst.exe
[2011.06.10 14:52:27 | 003,486,088 | ---- | M] (Ask) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
[2008.05.04 16:02:26 | 004,603,904 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\U3\1738910A2252731E\LaunchPad.exe
[2007.10.23 09:27:20 | 000,110,592 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\U3\temp\cleanup.exe
[2008.05.02 10:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Users\Lisa\AppData\Roaming\U3\temp\Launchpad Removal.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2007.01.12 22:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Programme\Cyberlink\PowerDirector\EventLog.dll
 
< MD5 for: IASTOR.SYS  >
[2007.09.29 21:03:32 | 000,384,024 | ---- | M] (Intel Corporation) MD5=16A4671255CFB842225F0FDB6DBDB414 -- C:\Programme\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2007.09.29 21:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Programme\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2007.09.29 21:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\drivers\iaStor.sys
[2007.09.29 21:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7baf6192\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011.04.18 12:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\drivers\MpNWMon.sys
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2011.08.16 22:57:11 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2011.08.16 22:57:11 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2009.04.11 07:28:25 | 000,443,392 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\win32spl.dll
 
<           >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:FEBEC560
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:FC420CE6
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:B623B5B8
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:8173A019
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:4F636E25
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:10D98D98

< End of report >
         
--- --- ---

Alt 14.11.2011, 19:11   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BKA Virus - Ukash 100€ - Standard

BKA Virus - Ukash 100€



Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! Deutschland
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Deutschland
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Acer.com Worldwide - Select your local country or region [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Welcome to Facebook - Log In, Sign Up or Learn More
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 5F 87 2A EA 85 CC 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "http://search.live.com/results.aspx?FORM=IEFM1&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://de-de.facebook.com/"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=DVSV5&o=15012&locale=de_DE&apn_uid=E81A7DDD-D39E-4122-997B-C4374F9E921D&apn_ptnrs=U9&apn_sauid=&apn_dtid=&&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="
FF - user.js..browser.search.selectedEngine: "Search the web"
FF - user.js..browser.search.order.1: "Search the web"
FF - user.js..browser.search.defaultenginename: "Search the web"
FF - user.js..keyword.URL: "http://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
[2011.10.15 18:06:33 | 000,000,000 | ---D | M] (Winload Community Toolbar) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}
[2011.10.15 18:06:48 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.10.15 18:06:53 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.08.17 22:54:10 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.05.13 13:31:11 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\engine@conduit.com
[2011.10.04 18:05:54 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com
[2011.11.04 17:33:26 | 000,000,000 | ---D | M] (toolplugin) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\welcome@toolmin.com
[2011.04.29 13:19:18 | 000,002,342 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icq-search.xml
[2011.04.26 13:01:18 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-1.xml
[2010.12.03 13:22:29 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-10.xml
[2011.01.21 14:17:08 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-11.xml
[2011.03.25 17:59:54 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-12.xml
[2011.03.30 10:32:14 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-13.xml
[2011.05.06 14:07:51 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-14.xml
[2011.06.09 12:48:49 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-15.xml
[2011.06.29 13:37:40 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-16.xml
[2011.08.18 14:41:17 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-17.xml
[2011.08.30 16:21:14 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-18.xml
[2011.10.15 18:07:06 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-19.xml
[2009.05.16 16:58:32 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-2.xml
[2009.07.15 16:01:25 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-3.xml
[2009.10.01 17:06:21 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-4.xml
[2009.10.01 21:47:25 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-5.xml
[2009.10.04 12:36:04 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-6.xml
[2009.10.30 12:24:27 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-7.xml
[2009.12.25 14:52:55 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-8.xml
[2010.07.25 16:38:37 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-9.xml
[2011.09.25 16:27:46 | 000,000,168 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin.gif
[2011.09.25 16:27:46 | 000,000,618 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin.src
[2010.05.12 16:40:48 | 000,001,042 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin.xml
[2009.03.25 16:43:15 | 000,001,632 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\live-search.xml
[2008.05.23 23:54:47 | 000,002,386 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\siteadvisor.xml
[2009.05.03 11:59:33 | 000,003,915 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\sweetim.xml
[2011.04.21 12:50:19 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.01.22 00:56:03 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.05.10 18:27:59 | 000,000,000 | ---D | M] (Mein Gutscheincode Finder) -- C:\PROGRAM FILES\MEIN GUTSCHEINCODE FINDER\FIREFOX
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können.) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Programme\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll (Conversion One GmbH)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Burn4Free Toolbar Helper) - {D187A56B-A33F-4CBE-9D77-459FC0BAE012} - C:\Programme\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll ()
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Burn4Free Toolbar) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Programme\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (toolplugin) - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - C:\Users\Lisa\AppData\Roaming\toolplugin\toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Burn4Free Toolbar) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Programme\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a5ba3033-3e10-11e0-bc1f-c5ffb2b569e8}\Shell - "" = AutoRun
O33 - MountPoints2\{a5ba3033-3e10-11e0-bc1f-c5ffb2b569e8}\Shell\AutoRun\command - "" = G:\Startme.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
[2008.05.23 15:24:10 | 000,000,000 | -HSD | M] -- C:\Users\Lisa\AppData\Roaming\.#
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:FEBEC560
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:FC420CE6
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:B623B5B8
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:8173A019
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:4F636E25
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:10D98D98

:Commands
[emptytemp]
[resethosts]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 14.11.2011, 22:25   #10
Tussiontour
 
BKA Virus - Ukash 100€ - Standard

BKA Virus - Ukash 100€



Hier der log :

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{40c3cc16-7269-4b32-9531-17f2950fb06f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ deleted successfully.
C:\Programme\Winload\prxtbWinl.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\StartPageCache| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}\ deleted successfully.
c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll moved successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{40c3cc16-7269-4b32-9531-17f2950fb06f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found.
File C:\Programme\Winload\prxtbWinl.dll not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "hxxp://search.live.com/results.aspx?FORM=IEFM1&q=" removed from browser.search.defaulturl
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "Ask.com" removed from browser.search.selectedEngine
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "hxxp://de-de.facebook.com/" removed from browser.startup.homepage
Prefs.js: toolbar@ask.com:3.11.3.15590 removed from extensions.enabledItems
Prefs.js: ffxtlbr@Facemoods.com:1.2.1 removed from extensions.enabledItems
Prefs.js: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=DVSV5&o=15012&locale=de_DE&apn_uid=E81A7DDD-D39E-4122-997B-C4374F9E921D&apn_ptnrs=U9&apn_sauid=&apn_dtid=&&q=" removed from keyword.URL
Prefs.js: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=" removed from sweetim.toolbar.previous.keyword.URL
C:\Users\Lisa\AppData\Roaming\Mozilla\FireFox\Profiles\dntk5kcx.default\user.js moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}\searchplugin folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}\modules folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}\META-INF folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}\defaults folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}\components folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}\chrome folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f} folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\chrome folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\chrome folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\engine@conduit.com folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\logs folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\datastore folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-18-Aug-2010-20-17-26-GMT folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-14-Sep-2011-18-09-45-GMT folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-29-Mar-2011-19-31-56-GMT folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-15-Mar-2011-17-00-07-GMT folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-29-Oct-2009-13-16-23-GMT folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-09-Jun-2011-11-49-00-GMT folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-25-Jul-2010-15-38-28-GMT folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-15-Oct-2011-13-02-40-GMT folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-31-Jan-2011-15-35-23-GMT folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-29-Apr-2011-09-21-59-GMT folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-21-Jan-2011-13-16-57-GMT folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-14-May-2010-13-57-37-GMT folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-13-May-2011-12-31-27-GMT folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-03-Dec-2010-12-22-31-GMT folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\temp folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\toolbar@ask.com folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\welcome@toolmin.com\chrome\content folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\welcome@toolmin.com\chrome folder moved successfully.
C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\dntk5kcx.default\extensions\welcome@toolmin.com folder moved successfully.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icq-search.xml moved successfully.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-15.xml moved successfully.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-16.xml moved successfully.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-17.xml moved successfully.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-18.xml moved successfully.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-19.xml moved successfully.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin.gif moved successfully.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin.src moved successfully.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\icqplugin.xml moved successfully.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\live-search.xml moved successfully.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\siteadvisor.xml moved successfully.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\dntk5kcx.default\searchplugins\sweetim.xml moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\talkback@mozilla.org\components folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\talkback@mozilla.org folder moved successfully.
C:\Programme\Mozilla Firefox\extensions folder moved successfully.
Folder C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\ not found.
C:\PROGRAM FILES\MEIN GUTSCHEINCODE FINDER\FIREFOX\chrome\skin folder moved successfully.
C:\PROGRAM FILES\MEIN GUTSCHEINCODE FINDER\FIREFOX\chrome\locale\en-US folder moved successfully.
C:\PROGRAM FILES\MEIN GUTSCHEINCODE FINDER\FIREFOX\chrome\locale folder moved successfully.
C:\PROGRAM FILES\MEIN GUTSCHEINCODE FINDER\FIREFOX\chrome\content folder moved successfully.
C:\PROGRAM FILES\MEIN GUTSCHEINCODE FINDER\FIREFOX\chrome folder moved successfully.
C:\PROGRAM FILES\MEIN GUTSCHEINCODE FINDER\FIREFOX folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}\ deleted successfully.
C:\Programme\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
C:\Programme\ConduitEngine\prxConduitEngine.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found.
File C:\Programme\Winload\prxtbWinl.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}\ deleted successfully.
C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}\ deleted successfully.
C:\Programme\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Programme\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Programme\ConduitEngine\prxConduitEngine.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{40c3cc16-7269-4b32-9531-17f2950fb06f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found.
File C:\Programme\Winload\prxtbWinl.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}\ deleted successfully.
File C:\Programme\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5CBE3B7C-1E47-477e-A7DD-396DB0476E29}\ deleted successfully.
C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DFEFCDEE-CF1A-4FC8-89AF-189327213627} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-89AF-189327213627}\ deleted successfully.
C:\Users\Lisa\AppData\Roaming\toolplugin\toolbar.dll moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}\ not found.
File C:\Programme\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
C:\Programme\Ask.com\Updater\Updater.exe moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a5ba3033-3e10-11e0-bc1f-c5ffb2b569e8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a5ba3033-3e10-11e0-bc1f-c5ffb2b569e8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a5ba3033-3e10-11e0-bc1f-c5ffb2b569e8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a5ba3033-3e10-11e0-bc1f-c5ffb2b569e8}\ not found.
File G:\Startme.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
File E:\LaunchU3.exe -a not found.
C:\Users\Lisa\AppData\Roaming\.# folder moved successfully.
ADS C:\ProgramData\TEMP:FEBEC560 deleted successfully.
ADS C:\ProgramData\TEMP:FC420CE6 deleted successfully.
ADS C:\ProgramData\TEMP:B623B5B8 deleted successfully.
ADS C:\ProgramData\TEMP:8173A019 deleted successfully.
ADS C:\ProgramData\TEMP:4F636E25 deleted successfully.
ADS C:\ProgramData\TEMP:10D98D98 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Lisa
->Temp folder emptied: 759237466 bytes
->Temporary Internet Files folder emptied: 144630555 bytes
->Java cache emptied: 127816 bytes
->FireFox cache emptied: 317043684 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 11700 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 239915258 bytes
RecycleBin emptied: 9641870 bytes

Total Files Cleaned = 1.402,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.22.3 log created on 11142011_231002

Files\Folders moved on Reboot...
File\Folder C:\Windows\temp\mcafee_2j5gNyNZkfd45wo not found!
File\Folder C:\Windows\temp\mcmsc_cFXdpGZg3sgql4I not found!
File\Folder C:\Windows\temp\mcmsc_chhnls7THSDdSUs not found!
C:\Windows\temp\sqlite_HDc31GHUhqpYn5g moved successfully.
C:\Windows\temp\sqlite_pGNrWp3oNxnOc0z moved successfully.

Registry entries deleted on Reboot...

Alt 15.11.2011, 08:11   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BKA Virus - Ukash 100€ - Standard

BKA Virus - Ukash 100€



Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!




Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 15.11.2011, 16:44   #12
Tussiontour
 
BKA Virus - Ukash 100€ - Standard

BKA Virus - Ukash 100€



Hier nun der log:

17:41:26.0240 5224 TDSS rootkit removing tool 2.6.18.0 Nov 11 2011 15:47:15
17:41:27.0363 5224 ============================================================
17:41:27.0363 5224 Current date / time: 2011/11/15 17:41:27.0363
17:41:27.0363 5224 SystemInfo:
17:41:27.0363 5224
17:41:27.0363 5224 OS Version: 6.0.6002 ServicePack: 2.0
17:41:27.0363 5224 Product type: Workstation
17:41:27.0363 5224 ComputerName: LISAS-LAPPY
17:41:27.0363 5224 UserName: Lisa
17:41:27.0363 5224 Windows directory: C:\Windows
17:41:27.0363 5224 System windows directory: C:\Windows
17:41:27.0363 5224 Processor architecture: Intel x86
17:41:27.0363 5224 Number of processors: 2
17:41:27.0363 5224 Page size: 0x1000
17:41:27.0363 5224 Boot type: Normal boot
17:41:27.0363 5224 ============================================================
17:41:28.0486 5224 Initialize success
17:41:45.0443 8152 ============================================================
17:41:45.0443 8152 Scan started
17:41:45.0443 8152 Mode: Manual; SigCheck; TDLFS;
17:41:45.0443 8152 ============================================================
17:41:46.0301 8152 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
17:41:46.0613 8152 ACPI - ok
17:41:46.0722 8152 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
17:41:46.0910 8152 adp94xx - ok
17:41:46.0956 8152 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
17:41:47.0128 8152 adpahci - ok
17:41:47.0175 8152 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
17:41:47.0331 8152 adpu160m - ok
17:41:47.0362 8152 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
17:41:47.0518 8152 adpu320 - ok
17:41:47.0612 8152 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
17:41:47.0877 8152 AFD - ok
17:41:47.0955 8152 AgereSoftModem (38325c6aa8eae011897d61ce48ec6435) C:\Windows\system32\DRIVERS\AGRSM.sys
17:41:48.0314 8152 AgereSoftModem - ok
17:41:48.0438 8152 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
17:41:48.0579 8152 agp440 - ok
17:41:48.0704 8152 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
17:41:48.0922 8152 aic78xx - ok
17:41:49.0094 8152 AlfaFF (8d59617a9c3dbf4650aa44f4e9215744) C:\Windows\system32\Drivers\AlfaFF.sys
17:41:49.0250 8152 AlfaFF - ok
17:41:49.0296 8152 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
17:41:49.0437 8152 aliide - ok
17:41:49.0484 8152 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
17:41:49.0577 8152 amdagp - ok
17:41:49.0624 8152 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
17:41:49.0764 8152 amdide - ok
17:41:49.0796 8152 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
17:41:49.0936 8152 AmdK7 - ok
17:41:49.0983 8152 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
17:41:50.0139 8152 AmdK8 - ok
17:41:50.0264 8152 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
17:41:50.0420 8152 arc - ok
17:41:50.0451 8152 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
17:41:50.0607 8152 arcsas - ok
17:41:50.0654 8152 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
17:41:50.0856 8152 AsyncMac - ok
17:41:50.0903 8152 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
17:41:50.0950 8152 atapi - ok
17:41:51.0012 8152 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
17:41:51.0184 8152 Beep - ok
17:41:51.0246 8152 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
17:41:51.0418 8152 blbdrive - ok
17:41:51.0527 8152 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
17:41:51.0621 8152 bowser - ok
17:41:51.0652 8152 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
17:41:51.0902 8152 BrFiltLo - ok
17:41:51.0933 8152 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
17:41:52.0136 8152 BrFiltUp - ok
17:41:52.0182 8152 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
17:41:52.0510 8152 Brserid - ok
17:41:52.0541 8152 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
17:41:52.0791 8152 BrSerWdm - ok
17:41:52.0822 8152 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
17:41:53.0056 8152 BrUsbMdm - ok
17:41:53.0103 8152 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
17:41:53.0321 8152 BrUsbSer - ok
17:41:53.0399 8152 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
17:41:53.0586 8152 BthEnum - ok
17:41:53.0649 8152 BTHMODEM (9a966a8e86d1771911ae34a20d11bff3) C:\Windows\system32\DRIVERS\bthmodem.sys
17:41:53.0774 8152 BTHMODEM - ok
17:41:53.0820 8152 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
17:41:54.0008 8152 BthPan - ok
17:41:54.0086 8152 BthPort (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys
17:41:54.0273 8152 BthPort - ok
17:41:54.0320 8152 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys
17:41:54.0507 8152 BTHUSB - ok
17:41:54.0585 8152 btwaudio (636f45a8500c1438cfa7dee15fc5c184) C:\Windows\system32\drivers\btwaudio.sys
17:41:54.0678 8152 btwaudio - ok
17:41:54.0725 8152 btwavdt (bf9256ff01b093a5d90bb7a35ec90410) C:\Windows\system32\drivers\btwavdt.sys
17:41:54.0881 8152 btwavdt - ok
17:41:54.0912 8152 btwrchid (0ab8c1ac177afb27309e1072faf34a37) C:\Windows\system32\DRIVERS\btwrchid.sys
17:41:55.0068 8152 btwrchid - ok
17:41:55.0131 8152 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
17:41:55.0224 8152 cdfs - ok
17:41:55.0287 8152 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
17:41:55.0458 8152 cdrom - ok
17:41:55.0490 8152 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
17:41:55.0630 8152 circlass - ok
17:41:55.0692 8152 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
17:41:55.0755 8152 CLFS - ok
17:41:55.0833 8152 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
17:41:55.0958 8152 CmBatt - ok
17:41:55.0989 8152 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
17:41:56.0129 8152 cmdide - ok
17:41:56.0192 8152 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
17:41:56.0223 8152 Compbatt - ok
17:41:56.0254 8152 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
17:41:56.0301 8152 crcdisk - ok
17:41:56.0332 8152 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
17:41:56.0488 8152 Crusoe - ok
17:41:56.0582 8152 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
17:41:56.0675 8152 DfsC - ok
17:41:56.0753 8152 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
17:41:56.0816 8152 disk - ok
17:41:56.0878 8152 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
17:41:56.0972 8152 DKbFltr - ok
17:41:57.0065 8152 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys
17:41:57.0190 8152 DritekPortIO - ok
17:41:57.0237 8152 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
17:41:57.0408 8152 drmkaud - ok
17:41:57.0471 8152 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
17:41:57.0564 8152 DXGKrnl - ok
17:41:57.0611 8152 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
17:41:57.0814 8152 E1G60 - ok
17:41:57.0908 8152 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
17:41:57.0970 8152 Ecache - ok
17:41:58.0048 8152 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
17:41:58.0251 8152 elxstor - ok
17:41:58.0298 8152 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
17:41:58.0422 8152 ErrDev - ok
17:41:58.0563 8152 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
17:41:58.0734 8152 exfat - ok
17:41:58.0797 8152 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
17:41:58.0937 8152 fastfat - ok
17:41:58.0984 8152 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
17:41:59.0109 8152 fdc - ok
17:41:59.0171 8152 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
17:41:59.0234 8152 FileInfo - ok
17:41:59.0265 8152 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
17:41:59.0436 8152 Filetrace - ok
17:41:59.0468 8152 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
17:41:59.0608 8152 flpydisk - ok
17:41:59.0670 8152 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
17:41:59.0733 8152 FltMgr - ok
17:41:59.0826 8152 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\Windows\system32\DRIVERS\fssfltr.sys
17:41:59.0982 8152 fssfltr - ok
17:42:00.0092 8152 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
17:42:00.0201 8152 Fs_Rec - ok
17:42:00.0248 8152 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
17:42:00.0357 8152 gagp30kx - ok
17:42:00.0404 8152 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:42:00.0513 8152 GEARAspiWDM - ok
17:42:00.0606 8152 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
17:42:00.0794 8152 HdAudAddService - ok
17:42:00.0856 8152 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:42:00.0996 8152 HDAudBus - ok
17:42:01.0028 8152 HidBth (fcb3f4be408f72c1bd81bcaba87fc22f) C:\Windows\system32\DRIVERS\hidbth.sys
17:42:01.0199 8152 HidBth - ok
17:42:01.0246 8152 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys
17:42:01.0355 8152 HidIr - ok
17:42:01.0418 8152 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
17:42:01.0589 8152 HidUsb - ok
17:42:01.0636 8152 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
17:42:01.0776 8152 HpCISSs - ok
17:42:01.0823 8152 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
17:42:02.0042 8152 HTTP - ok
17:42:02.0088 8152 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
17:42:02.0229 8152 i2omp - ok
17:42:02.0291 8152 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
17:42:02.0463 8152 i8042prt - ok
17:42:02.0541 8152 iaStor (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys
17:42:02.0603 8152 iaStor - ok
17:42:02.0650 8152 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
17:42:02.0837 8152 iaStorV - ok
17:42:02.0868 8152 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
17:42:03.0024 8152 iirsp - ok
17:42:03.0087 8152 int15 (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\Windows\system32\drivers\int15.sys
17:42:03.0165 8152 int15 ( UnsignedFile.Multi.Generic ) - warning
17:42:03.0165 8152 int15 - detected UnsignedFile.Multi.Generic (1)
17:42:03.0258 8152 IntcAzAudAddService (92bcc487f16892cda495dbd8160272d9) C:\Windows\system32\drivers\RTKVHDA.sys
17:42:03.0508 8152 IntcAzAudAddService - ok
17:42:03.0539 8152 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
17:42:03.0570 8152 intelide - ok
17:42:03.0617 8152 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
17:42:03.0758 8152 intelppm - ok
17:42:03.0804 8152 IpInIp - ok
17:42:03.0851 8152 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
17:42:03.0992 8152 IPMIDRV - ok
17:42:04.0038 8152 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
17:42:04.0163 8152 IPNAT - ok
17:42:04.0210 8152 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
17:42:04.0350 8152 IRENUM - ok
17:42:04.0382 8152 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
17:42:04.0491 8152 isapnp - ok
17:42:04.0553 8152 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
17:42:04.0616 8152 iScsiPrt - ok
17:42:04.0647 8152 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
17:42:04.0787 8152 iteatapi - ok
17:42:04.0834 8152 itecir (8bcd857c7932ad005d5f9c89329da2e1) C:\Windows\system32\DRIVERS\itecir.sys
17:42:04.0959 8152 itecir - ok
17:42:04.0990 8152 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
17:42:05.0146 8152 iteraid - ok
17:42:05.0208 8152 JMCR (8123f605779db22ffc67fa84b8381803) C:\Windows\system32\DRIVERS\jmcr.sys
17:42:05.0411 8152 JMCR - ok
17:42:05.0458 8152 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
17:42:05.0598 8152 kbdclass - ok
17:42:05.0645 8152 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
17:42:05.0770 8152 kbdhid - ok
17:42:05.0832 8152 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
17:42:05.0910 8152 KSecDD - ok
17:42:06.0004 8152 L1E (24abddeb766c8459f9d562eb083b6cb8) C:\Windows\system32\DRIVERS\L1E60x86.sys
17:42:06.0160 8152 L1E - ok
17:42:06.0254 8152 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
17:42:06.0394 8152 lltdio - ok
17:42:06.0456 8152 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
17:42:06.0612 8152 LSI_FC - ok
17:42:06.0644 8152 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
17:42:06.0800 8152 LSI_SAS - ok
17:42:06.0846 8152 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
17:42:07.0002 8152 LSI_SCSI - ok
17:42:07.0034 8152 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
17:42:07.0127 8152 luafv - ok
17:42:07.0143 8152 MBAMProtector - ok
17:42:07.0190 8152 MBAMSwissArmy - ok
17:42:07.0330 8152 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
17:42:07.0470 8152 megasas - ok
17:42:07.0533 8152 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
17:42:07.0751 8152 MegaSR - ok
17:42:07.0814 8152 mfeavfk (c97cbfd71c1c215150a3b3e55f77a7a3) C:\Windows\system32\drivers\mfeavfk.sys
17:42:08.0282 8152 mfeavfk - ok
17:42:08.0344 8152 mfebopk (5447338b83a1a2354fb2fea7604387fd) C:\Windows\system32\drivers\mfebopk.sys
17:42:08.0765 8152 mfebopk - ok
17:42:08.0843 8152 mfehidk (6c9a6ed60b8fc3baf72fe1b1d096445b) C:\Windows\system32\drivers\mfehidk.sys
17:42:09.0530 8152 mfehidk - ok
17:42:09.0561 8152 mferkdk (a551154b51d6a93fccf70fc4e8eaf4bd) C:\Windows\system32\drivers\mferkdk.sys
17:42:10.0029 8152 mferkdk - ok
17:42:10.0122 8152 mfesmfk (299a86b780c9627aaa24e74292363ed2) C:\Windows\system32\drivers\mfesmfk.sys
17:42:10.0653 8152 mfesmfk - ok
17:42:10.0731 8152 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
17:42:10.0824 8152 Modem - ok
17:42:10.0856 8152 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
17:42:10.0934 8152 monitor - ok
17:42:10.0965 8152 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
17:42:11.0121 8152 mouclass - ok
17:42:11.0230 8152 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
17:42:11.0355 8152 mouhid - ok
17:42:11.0386 8152 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
17:42:11.0433 8152 MountMgr - ok
17:42:11.0495 8152 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
17:42:11.0682 8152 MpFilter - ok
17:42:11.0714 8152 MPFP (96cf5286bc370b558735a7b891232d92) C:\Windows\system32\Drivers\Mpfp.sys
17:42:11.0760 8152 MPFP - ok
17:42:11.0807 8152 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
17:42:11.0979 8152 mpio - ok
17:42:12.0057 8152 MpKsl3cc6378f (5f53edfead46fa7adb78eee9ecce8fdf) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CE3CB8A6-43EE-4F9D-B3A0-2619A860C8BA}\MpKsl3cc6378f.sys
17:42:12.0119 8152 MpKsl3cc6378f - ok
17:42:12.0228 8152 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
17:42:12.0338 8152 MpNWMon - ok
17:42:12.0384 8152 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
17:42:12.0572 8152 mpsdrv - ok
17:42:12.0618 8152 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
17:42:12.0759 8152 Mraid35x - ok
17:42:12.0821 8152 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
17:42:12.0915 8152 MRxDAV - ok
17:42:12.0977 8152 mrxsmb (5fe5cf325f5b02ebc60832d3440cb414) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:42:13.0086 8152 mrxsmb - ok
17:42:13.0118 8152 mrxsmb10 (30b9c769446af379a2afb72b0392604d) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:42:13.0211 8152 mrxsmb10 - ok
17:42:13.0242 8152 mrxsmb20 (fea239b3ec4877e2b7e23204af589ddf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:42:13.0289 8152 mrxsmb20 - ok
17:42:13.0336 8152 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
17:42:13.0383 8152 msahci - ok
17:42:13.0430 8152 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
17:42:13.0586 8152 msdsm - ok
17:42:13.0632 8152 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
17:42:13.0726 8152 Msfs - ok
17:42:13.0773 8152 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
17:42:13.0820 8152 msisadrv - ok
17:42:13.0882 8152 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
17:42:14.0022 8152 MSKSSRV - ok
17:42:14.0100 8152 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
17:42:14.0225 8152 MSPCLOCK - ok
17:42:14.0256 8152 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
17:42:14.0381 8152 MSPQM - ok
17:42:14.0444 8152 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
17:42:14.0490 8152 MsRPC - ok
17:42:14.0522 8152 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
17:42:14.0568 8152 mssmbios - ok
17:42:14.0615 8152 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
17:42:14.0740 8152 MSTEE - ok
17:42:14.0771 8152 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
17:42:14.0834 8152 Mup - ok
17:42:14.0896 8152 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
17:42:15.0083 8152 NativeWifiP - ok
17:42:15.0177 8152 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
17:42:15.0270 8152 NDIS - ok
17:42:15.0317 8152 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
17:42:15.0458 8152 NdisTapi - ok
17:42:15.0489 8152 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
17:42:15.0614 8152 Ndisuio - ok
17:42:15.0692 8152 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
17:42:15.0863 8152 NdisWan - ok
17:42:15.0894 8152 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
17:42:16.0035 8152 NDProxy - ok
17:42:16.0066 8152 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
17:42:16.0160 8152 NetBIOS - ok
17:42:16.0206 8152 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
17:42:16.0440 8152 netbt - ok
17:42:16.0612 8152 NETw4v32 (caaea35dae7f4c19db05481dac22c2ba) C:\Windows\system32\DRIVERS\NETw4v32.sys
17:42:16.0986 8152 NETw4v32 - ok
17:42:17.0205 8152 NETw5v32 (8de67bd902095a13329fd82c85a1fa09) C:\Windows\system32\DRIVERS\NETw5v32.sys
17:42:17.0626 8152 NETw5v32 - ok
17:42:17.0751 8152 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
17:42:17.0907 8152 nfrd960 - ok
17:42:18.0032 8152 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:42:18.0203 8152 NisDrv - ok
17:42:18.0266 8152 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
17:42:18.0359 8152 Npfs - ok
17:42:18.0422 8152 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
17:42:18.0578 8152 nsiproxy - ok
17:42:18.0671 8152 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
17:42:18.0936 8152 Ntfs - ok
17:42:19.0014 8152 NTIDrvr (2757d2ba59aee155209e24942ab127c9) C:\Windows\system32\DRIVERS\NTIDrvr.sys
17:42:19.0155 8152 NTIDrvr - ok
17:42:19.0202 8152 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
17:42:19.0436 8152 ntrigdigi - ok
17:42:19.0451 8152 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
17:42:19.0592 8152 Null - ok
17:42:19.0872 8152 nvlddmkm (87a335a444551a432226720d18337ad9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:42:20.0996 8152 nvlddmkm - ok
17:42:21.0136 8152 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
17:42:21.0292 8152 nvraid - ok
17:42:21.0354 8152 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
17:42:21.0510 8152 nvstor - ok
17:42:21.0542 8152 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
17:42:21.0666 8152 nv_agp - ok
17:42:21.0682 8152 NwlnkFlt - ok
17:42:21.0713 8152 NwlnkFwd - ok
17:42:21.0776 8152 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
17:42:21.0994 8152 ohci1394 - ok
17:42:22.0072 8152 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
17:42:22.0306 8152 Parport - ok
17:42:22.0353 8152 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
17:42:22.0415 8152 partmgr - ok
17:42:22.0446 8152 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
17:42:22.0618 8152 Parvdm - ok
17:42:22.0665 8152 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
17:42:22.0712 8152 pci - ok
17:42:22.0758 8152 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
17:42:22.0899 8152 pciide - ok
17:42:22.0930 8152 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
17:42:23.0055 8152 pcmcia - ok
17:42:23.0133 8152 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
17:42:23.0382 8152 PEAUTH - ok
17:42:23.0507 8152 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
17:42:23.0694 8152 PptpMiniport - ok
17:42:23.0726 8152 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
17:42:23.0850 8152 Processor - ok
17:42:23.0944 8152 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
17:42:24.0022 8152 PSched - ok
17:42:24.0069 8152 PSDFilter (ab94285ff6c6bc5433407d8d182a4bb4) C:\Windows\system32\DRIVERS\psdfilter.sys
17:42:24.0116 8152 PSDFilter - ok
17:42:24.0162 8152 PSDNServ (2aaf9a5d7a63d26bfaea853c5f2292bc) C:\Windows\system32\DRIVERS\PSDNServ.sys
17:42:24.0240 8152 PSDNServ - ok
17:42:24.0287 8152 psdvdisk (0eb8cec99855beae5b0d02c2302619ef) C:\Windows\system32\DRIVERS\PSDVdisk.sys
17:42:24.0396 8152 psdvdisk - ok
17:42:24.0459 8152 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
17:42:24.0521 8152 PxHelp20 - ok
17:42:24.0615 8152 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
17:42:24.0833 8152 ql2300 - ok
17:42:24.0864 8152 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
17:42:25.0036 8152 ql40xx - ok
17:42:25.0083 8152 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
17:42:25.0317 8152 QWAVEdrv - ok
17:42:25.0379 8152 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
17:42:25.0582 8152 RasAcd - ok
17:42:25.0629 8152 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:42:25.0816 8152 Rasl2tp - ok
17:42:25.0878 8152 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
17:42:26.0066 8152 RasPppoe - ok
17:42:26.0128 8152 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
17:42:26.0268 8152 RasSstp - ok
17:42:26.0331 8152 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
17:42:26.0456 8152 rdbss - ok
17:42:26.0487 8152 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:42:26.0627 8152 RDPCDD - ok
17:42:26.0674 8152 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
17:42:26.0814 8152 rdpdr - ok
17:42:26.0830 8152 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
17:42:26.0986 8152 RDPENCDD - ok
17:42:27.0048 8152 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
17:42:27.0251 8152 RDPWD - ok
17:42:27.0360 8152 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
17:42:27.0548 8152 RFCOMM - ok
17:42:27.0641 8152 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
17:42:27.0766 8152 rspndr - ok
17:42:27.0828 8152 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
17:42:27.0969 8152 sbp2port - ok
17:42:28.0140 8152 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
17:42:28.0374 8152 secdrv - ok
17:42:28.0437 8152 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
17:42:28.0608 8152 Serenum - ok
17:42:28.0952 8152 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
17:42:29.0154 8152 Serial - ok
17:42:29.0232 8152 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
17:42:29.0373 8152 sermouse - ok
17:42:29.0435 8152 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
17:42:29.0544 8152 sffdisk - ok
17:42:29.0591 8152 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
17:42:29.0716 8152 sffp_mmc - ok
17:42:29.0763 8152 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
17:42:29.0888 8152 sffp_sd - ok
17:42:29.0919 8152 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
17:42:30.0137 8152 sfloppy - ok
17:42:30.0200 8152 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
17:42:30.0309 8152 sisagp - ok
17:42:30.0356 8152 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
17:42:30.0512 8152 SiSRaid2 - ok
17:42:30.0574 8152 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
17:42:30.0731 8152 SiSRaid4 - ok
17:42:30.0809 8152 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
17:42:30.0996 8152 Smb - ok
17:42:31.0105 8152 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
17:42:31.0152 8152 spldr - ok
17:42:31.0230 8152 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
17:42:31.0339 8152 srv - ok
17:42:31.0386 8152 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
17:42:31.0480 8152 srv2 - ok
17:42:31.0527 8152 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
17:42:31.0620 8152 srvnet - ok
17:42:31.0698 8152 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
17:42:31.0807 8152 swenum - ok
17:42:31.0854 8152 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
17:42:31.0995 8152 Symc8xx - ok
17:42:32.0041 8152 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
17:42:32.0182 8152 Sym_hi - ok
17:42:32.0229 8152 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
17:42:32.0369 8152 Sym_u3 - ok
17:42:32.0431 8152 SynTP (bf7aa84d5af0faa0978c840e63b17dbf) C:\Windows\system32\DRIVERS\SynTP.sys
17:42:32.0541 8152 SynTP - ok
17:42:32.0665 8152 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
17:42:32.0977 8152 Tcpip - ok
17:42:33.0040 8152 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
17:42:33.0149 8152 Tcpip6 - ok
17:42:33.0196 8152 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
17:42:33.0399 8152 tcpipreg - ok
17:42:33.0445 8152 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
17:42:33.0633 8152 TDPIPE - ok
17:42:33.0679 8152 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
17:42:33.0851 8152 TDTCP - ok
17:42:33.0913 8152 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
17:42:34.0085 8152 tdx - ok
17:42:34.0147 8152 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
17:42:34.0257 8152 TermDD - ok
17:42:34.0366 8152 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:42:34.0553 8152 tssecsrv - ok
17:42:34.0584 8152 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
17:42:34.0757 8152 tunmp - ok
17:42:34.0804 8152 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
17:42:34.0975 8152 tunnel - ok
17:42:35.0006 8152 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
17:42:35.0131 8152 uagp35 - ok
17:42:35.0178 8152 UBHelper (f763e070843ee2803de1395002b42938) C:\Windows\system32\drivers\UBHelper.sys
17:42:35.0225 8152 UBHelper - ok
17:42:35.0287 8152 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
17:42:35.0428 8152 udfs - ok
17:42:35.0490 8152 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
17:42:35.0615 8152 uliagpkx - ok
17:42:35.0662 8152 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
17:42:35.0818 8152 uliahci - ok
17:42:35.0864 8152 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
17:42:36.0036 8152 UlSata - ok
17:42:36.0083 8152 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
17:42:36.0239 8152 ulsata2 - ok
17:42:36.0286 8152 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
17:42:36.0426 8152 umbus - ok
17:42:36.0488 8152 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
17:42:36.0644 8152 USBAAPL - ok
17:42:36.0722 8152 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
17:42:36.0863 8152 usbccgp - ok
17:42:36.0910 8152 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
17:42:37.0097 8152 usbcir - ok
17:42:37.0144 8152 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
17:42:37.0315 8152 usbehci - ok
17:42:37.0362 8152 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
17:42:37.0565 8152 usbhub - ok
17:42:37.0612 8152 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
17:42:37.0814 8152 usbohci - ok
17:42:37.0846 8152 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
17:42:38.0064 8152 usbprint - ok
17:42:38.0095 8152 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:42:38.0267 8152 USBSTOR - ok
17:42:38.0314 8152 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
17:42:38.0485 8152 usbuhci - ok
17:42:38.0548 8152 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
17:42:38.0766 8152 usbvideo - ok
17:42:38.0828 8152 vfs101x (4d45a93a7dd638ca2db0a86fbfbf42d1) C:\Windows\system32\drivers\vfs101x.sys
17:42:38.0984 8152 vfs101x - ok
17:42:39.0047 8152 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
17:42:39.0187 8152 vga - ok
17:42:39.0218 8152 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
17:42:39.0359 8152 VgaSave - ok
17:42:39.0390 8152 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
17:42:39.0499 8152 viaagp - ok
17:42:39.0530 8152 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
17:42:39.0671 8152 ViaC7 - ok
17:42:39.0718 8152 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
17:42:39.0858 8152 viaide - ok
17:42:39.0905 8152 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
17:42:39.0952 8152 volmgr - ok
17:42:40.0030 8152 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
17:42:40.0108 8152 volmgrx - ok
17:42:40.0170 8152 volsnap (e269bb33062f9a6b4115c86781d767aa) C:\Windows\system32\drivers\volsnap.sys
17:42:40.0170 8152 Suspicious file (Forged): C:\Windows\system32\drivers\volsnap.sys. Real md5: e269bb33062f9a6b4115c86781d767aa, Fake md5: 147281c01fcb1df9252de2a10d5e7093
17:42:40.0170 8152 volsnap ( Rootkit.Win32.TDSS.tdl3 ) - infected
17:42:40.0170 8152 volsnap - detected Rootkit.Win32.TDSS.tdl3 (0)
17:42:40.0217 8152 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
17:42:40.0388 8152 vsmraid - ok
17:42:40.0529 8152 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
17:42:40.0778 8152 WacomPen - ok
17:42:40.0825 8152 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
17:42:40.0997 8152 Wanarp - ok
17:42:41.0028 8152 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
17:42:41.0122 8152 Wanarpv6 - ok
17:42:41.0184 8152 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
17:42:41.0324 8152 Wd - ok
17:42:41.0387 8152 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
17:42:41.0480 8152 Wdf01000 - ok
17:42:41.0699 8152 WinUSB (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\WinUSB.sys
17:42:41.0855 8152 WinUSB - ok
17:42:41.0933 8152 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:42:41.0995 8152 WmiAcpi - ok
17:42:42.0151 8152 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
17:42:42.0323 8152 WpdUsb - ok
17:42:42.0385 8152 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
17:42:42.0510 8152 ws2ifsl - ok
17:42:42.0557 8152 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys
17:42:42.0728 8152 WSDPrintDevice - ok
17:42:42.0791 8152 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:42:43.0009 8152 WUDFRd - ok
17:42:43.0228 8152 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (74ec37b9eaf9fca015b933a526825c7a) C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl
17:42:43.0696 8152 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
17:42:43.0789 8152 MBR (0x1B8) (bb9d3a6a13c5010348da7c900bb6af50) \Device\Harddisk0\DR0
17:42:44.0226 8152 \Device\Harddisk0\DR0 - ok
17:42:44.0273 8152 Boot (0x1200) (3102618fff443b5f7bc0eb71d9c4dbd4) \Device\Harddisk0\DR0\Partition0
17:42:44.0273 8152 \Device\Harddisk0\DR0\Partition0 - ok
17:42:44.0288 8152 Boot (0x1200) (09bb6984a517e4a0b571e6da0d0e33cb) \Device\Harddisk0\DR0\Partition1
17:42:44.0288 8152 \Device\Harddisk0\DR0\Partition1 - ok
17:42:44.0288 8152 ============================================================
17:42:44.0288 8152 Scan finished
17:42:44.0288 8152 ============================================================
17:42:44.0320 6176 Detected object count: 2
17:42:44.0320 6176 Actual detected object count: 2
17:42:59.0251 6176 int15 ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:59.0251 6176 int15 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:42:59.0251 6176 volsnap ( Rootkit.Win32.TDSS.tdl3 ) - skipped by user
17:42:59.0251 6176 volsnap ( Rootkit.Win32.TDSS.tdl3 ) - User select action: Skip

Alt 15.11.2011, 19:13   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BKA Virus - Ukash 100€ - Standard

BKA Virus - Ukash 100€



Zitat:
17:42:59.0251 6176 volsnap ( Rootkit.Win32.TDSS.tdl3 ) - skipped by user
17:42:59.0251 6176 volsnap ( Rootkit.Win32.TDSS.tdl3 ) - User select action: Skip
TDSS/TDL3 bitte mit dem TDSS-Killer entfernen.
Starte Windows danach neu und mach ein neues Log mit dem TDSS-Killer.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 15.11.2011, 23:05   #14
Tussiontour
 
BKA Virus - Ukash 100€ - Standard

BKA Virus - Ukash 100€



Neues log :

00:00:30.0624 3088 TDSS rootkit removing tool 2.6.18.0 Nov 11 2011 15:47:15
00:00:31.0779 3088 ============================================================
00:00:31.0779 3088 Current date / time: 2011/11/16 00:00:31.0779
00:00:31.0779 3088 SystemInfo:
00:00:31.0779 3088
00:00:31.0779 3088 OS Version: 6.0.6002 ServicePack: 2.0
00:00:31.0779 3088 Product type: Workstation
00:00:31.0779 3088 ComputerName: LISAS-LAPPY
00:00:31.0779 3088 UserName: Lisa
00:00:31.0779 3088 Windows directory: C:\Windows
00:00:31.0779 3088 System windows directory: C:\Windows
00:00:31.0779 3088 Processor architecture: Intel x86
00:00:31.0779 3088 Number of processors: 2
00:00:31.0779 3088 Page size: 0x1000
00:00:31.0779 3088 Boot type: Normal boot
00:00:31.0779 3088 ============================================================
00:00:32.0746 3088 Initialize success
00:00:38.0705 2512 ============================================================
00:00:38.0705 2512 Scan started
00:00:38.0705 2512 Mode: Manual; SigCheck; TDLFS;
00:00:38.0705 2512 ============================================================
00:00:39.0236 2512 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
00:00:39.0548 2512 ACPI - ok
00:00:39.0610 2512 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
00:00:39.0828 2512 adp94xx - ok
00:00:39.0906 2512 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
00:00:40.0078 2512 adpahci - ok
00:00:40.0140 2512 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
00:00:40.0296 2512 adpu160m - ok
00:00:40.0328 2512 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
00:00:40.0484 2512 adpu320 - ok
00:00:40.0562 2512 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
00:00:40.0749 2512 AFD - ok
00:00:40.0827 2512 AgereSoftModem (38325c6aa8eae011897d61ce48ec6435) C:\Windows\system32\DRIVERS\AGRSM.sys
00:00:41.0045 2512 AgereSoftModem - ok
00:00:41.0108 2512 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
00:00:41.0201 2512 agp440 - ok
00:00:41.0232 2512 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
00:00:41.0388 2512 aic78xx - ok
00:00:41.0451 2512 AlfaFF (8d59617a9c3dbf4650aa44f4e9215744) C:\Windows\system32\Drivers\AlfaFF.sys
00:00:41.0732 2512 AlfaFF - ok
00:00:41.0763 2512 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
00:00:41.0919 2512 aliide - ok
00:00:41.0981 2512 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
00:00:42.0075 2512 amdagp - ok
00:00:42.0106 2512 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
00:00:42.0246 2512 amdide - ok
00:00:42.0278 2512 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
00:00:42.0402 2512 AmdK7 - ok
00:00:42.0434 2512 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
00:00:42.0558 2512 AmdK8 - ok
00:00:42.0621 2512 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
00:00:42.0777 2512 arc - ok
00:00:42.0808 2512 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
00:00:42.0964 2512 arcsas - ok
00:00:42.0995 2512 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
00:00:43.0167 2512 AsyncMac - ok
00:00:43.0214 2512 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
00:00:43.0354 2512 atapi - ok
00:00:43.0401 2512 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
00:00:43.0588 2512 Beep - ok
00:00:43.0635 2512 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
00:00:43.0806 2512 blbdrive - ok
00:00:43.0916 2512 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
00:00:44.0040 2512 bowser - ok
00:00:44.0087 2512 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
00:00:44.0259 2512 BrFiltLo - ok
00:00:44.0306 2512 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
00:00:44.0462 2512 BrFiltUp - ok
00:00:44.0508 2512 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
00:00:44.0711 2512 Brserid - ok
00:00:44.0742 2512 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
00:00:44.0992 2512 BrSerWdm - ok
00:00:45.0054 2512 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
00:00:45.0257 2512 BrUsbMdm - ok
00:00:45.0288 2512 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
00:00:45.0491 2512 BrUsbSer - ok
00:00:45.0554 2512 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
00:00:45.0725 2512 BthEnum - ok
00:00:45.0788 2512 BTHMODEM (9a966a8e86d1771911ae34a20d11bff3) C:\Windows\system32\DRIVERS\bthmodem.sys
00:00:45.0912 2512 BTHMODEM - ok
00:00:45.0944 2512 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
00:00:46.0131 2512 BthPan - ok
00:00:46.0193 2512 BthPort (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys
00:00:46.0334 2512 BthPort - ok
00:00:46.0380 2512 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys
00:00:46.0521 2512 BTHUSB - ok
00:00:46.0568 2512 btwaudio (636f45a8500c1438cfa7dee15fc5c184) C:\Windows\system32\drivers\btwaudio.sys
00:00:46.0661 2512 btwaudio - ok
00:00:46.0708 2512 btwavdt (bf9256ff01b093a5d90bb7a35ec90410) C:\Windows\system32\drivers\btwavdt.sys
00:00:46.0864 2512 btwavdt - ok
00:00:46.0880 2512 btwrchid (0ab8c1ac177afb27309e1072faf34a37) C:\Windows\system32\DRIVERS\btwrchid.sys
00:00:47.0051 2512 btwrchid - ok
00:00:47.0114 2512 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
00:00:47.0192 2512 cdfs - ok
00:00:47.0238 2512 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
00:00:47.0410 2512 cdrom - ok
00:00:47.0441 2512 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
00:00:47.0566 2512 circlass - ok
00:00:47.0613 2512 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
00:00:47.0738 2512 CLFS - ok
00:00:47.0800 2512 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
00:00:47.0956 2512 CmBatt - ok
00:00:47.0987 2512 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
00:00:48.0128 2512 cmdide - ok
00:00:48.0159 2512 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
00:00:48.0268 2512 Compbatt - ok
00:00:48.0299 2512 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
00:00:48.0393 2512 crcdisk - ok
00:00:48.0580 2512 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
00:00:48.0705 2512 Crusoe - ok
00:00:48.0954 2512 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
00:00:49.0079 2512 DfsC - ok
00:00:49.0376 2512 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
00:00:49.0532 2512 disk - ok
00:00:49.0719 2512 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
00:00:49.0812 2512 DKbFltr - ok
00:00:49.0906 2512 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys
00:00:50.0031 2512 DritekPortIO - ok
00:00:50.0171 2512 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
00:00:50.0327 2512 drmkaud - ok
00:00:50.0436 2512 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
00:00:50.0514 2512 DXGKrnl - ok
00:00:50.0561 2512 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
00:00:50.0764 2512 E1G60 - ok
00:00:50.0998 2512 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
00:00:51.0201 2512 Ecache - ok
00:00:51.0404 2512 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
00:00:51.0575 2512 elxstor - ok
00:00:51.0794 2512 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
00:00:51.0918 2512 ErrDev - ok
00:00:52.0340 2512 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
00:00:52.0496 2512 exfat - ok
00:00:52.0761 2512 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
00:00:52.0870 2512 fastfat - ok
00:00:53.0042 2512 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
00:00:53.0166 2512 fdc - ok
00:00:53.0291 2512 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
00:00:53.0463 2512 FileInfo - ok
00:00:53.0510 2512 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
00:00:53.0681 2512 Filetrace - ok
00:00:53.0697 2512 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
00:00:53.0822 2512 flpydisk - ok
00:00:53.0900 2512 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
00:00:54.0024 2512 FltMgr - ok
00:00:54.0118 2512 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\Windows\system32\DRIVERS\fssfltr.sys
00:00:54.0290 2512 fssfltr - ok
00:00:54.0368 2512 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
00:00:54.0477 2512 Fs_Rec - ok
00:00:54.0539 2512 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
00:00:54.0664 2512 gagp30kx - ok
00:00:54.0742 2512 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:00:54.0851 2512 GEARAspiWDM - ok
00:00:54.0960 2512 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
00:00:55.0148 2512 HdAudAddService - ok
00:00:55.0210 2512 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
00:00:55.0319 2512 HDAudBus - ok
00:00:55.0350 2512 HidBth (fcb3f4be408f72c1bd81bcaba87fc22f) C:\Windows\system32\DRIVERS\hidbth.sys
00:00:55.0538 2512 HidBth - ok
00:00:55.0569 2512 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys
00:00:55.0694 2512 HidIr - ok
00:00:55.0756 2512 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
00:00:55.0928 2512 HidUsb - ok
00:00:56.0177 2512 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
00:00:56.0349 2512 HpCISSs - ok
00:00:56.0598 2512 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
00:00:56.0786 2512 HTTP - ok
00:00:56.0879 2512 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
00:00:57.0035 2512 i2omp - ok
00:00:57.0098 2512 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
00:00:57.0285 2512 i8042prt - ok
00:00:57.0363 2512 iaStor (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys
00:00:57.0566 2512 iaStor - ok
00:00:57.0675 2512 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
00:00:57.0862 2512 iaStorV - ok
00:00:57.0893 2512 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
00:00:58.0065 2512 iirsp - ok
00:00:58.0112 2512 int15 (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\Windows\system32\drivers\int15.sys
00:00:58.0190 2512 int15 ( UnsignedFile.Multi.Generic ) - warning
00:00:58.0190 2512 int15 - detected UnsignedFile.Multi.Generic (1)
00:00:58.0283 2512 IntcAzAudAddService (92bcc487f16892cda495dbd8160272d9) C:\Windows\system32\drivers\RTKVHDA.sys
00:00:58.0533 2512 IntcAzAudAddService - ok
00:00:58.0548 2512 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
00:00:58.0704 2512 intelide - ok
00:00:58.0751 2512 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
00:00:58.0876 2512 intelppm - ok
00:00:58.0938 2512 IpInIp - ok
00:00:58.0970 2512 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
00:00:59.0110 2512 IPMIDRV - ok
00:00:59.0141 2512 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
00:00:59.0282 2512 IPNAT - ok
00:00:59.0313 2512 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
00:00:59.0438 2512 IRENUM - ok
00:00:59.0484 2512 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
00:00:59.0594 2512 isapnp - ok
00:00:59.0640 2512 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
00:00:59.0703 2512 iScsiPrt - ok
00:00:59.0750 2512 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
00:00:59.0890 2512 iteatapi - ok
00:00:59.0921 2512 itecir (8bcd857c7932ad005d5f9c89329da2e1) C:\Windows\system32\DRIVERS\itecir.sys
00:01:00.0046 2512 itecir - ok
00:01:00.0062 2512 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
00:01:00.0218 2512 iteraid - ok
00:01:00.0280 2512 JMCR (8123f605779db22ffc67fa84b8381803) C:\Windows\system32\DRIVERS\jmcr.sys
00:01:00.0436 2512 JMCR - ok
00:01:00.0467 2512 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
00:01:00.0623 2512 kbdclass - ok
00:01:00.0670 2512 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
00:01:00.0779 2512 kbdhid - ok
00:01:00.0842 2512 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
00:01:01.0014 2512 KSecDD - ok
00:01:01.0092 2512 L1E (24abddeb766c8459f9d562eb083b6cb8) C:\Windows\system32\DRIVERS\L1E60x86.sys
00:01:01.0264 2512 L1E - ok
00:01:01.0326 2512 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
00:01:01.0451 2512 lltdio - ok
00:01:01.0498 2512 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
00:01:01.0654 2512 LSI_FC - ok
00:01:01.0685 2512 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
00:01:01.0841 2512 LSI_SAS - ok
00:01:01.0888 2512 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
00:01:02.0044 2512 LSI_SCSI - ok
00:01:02.0075 2512 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
00:01:02.0215 2512 luafv - ok
00:01:02.0231 2512 MBAMProtector - ok
00:01:02.0278 2512 MBAMSwissArmy - ok
00:01:02.0403 2512 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
00:01:02.0543 2512 megasas - ok
00:01:02.0605 2512 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
00:01:02.0793 2512 MegaSR - ok
00:01:02.0839 2512 mfeavfk (c97cbfd71c1c215150a3b3e55f77a7a3) C:\Windows\system32\drivers\mfeavfk.sys
00:01:03.0370 2512 mfeavfk - ok
00:01:03.0385 2512 mfebopk (5447338b83a1a2354fb2fea7604387fd) C:\Windows\system32\drivers\mfebopk.sys
00:01:03.0885 2512 mfebopk - ok
00:01:03.0916 2512 mfehidk (6c9a6ed60b8fc3baf72fe1b1d096445b) C:\Windows\system32\drivers\mfehidk.sys
00:01:04.0665 2512 mfehidk - ok
00:01:04.0696 2512 mferkdk (a551154b51d6a93fccf70fc4e8eaf4bd) C:\Windows\system32\drivers\mferkdk.sys
00:01:05.0242 2512 mferkdk - ok
00:01:05.0320 2512 mfesmfk (299a86b780c9627aaa24e74292363ed2) C:\Windows\system32\drivers\mfesmfk.sys
00:01:05.0772 2512 mfesmfk - ok
00:01:05.0850 2512 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
00:01:05.0913 2512 Modem - ok
00:01:05.0944 2512 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
00:01:06.0022 2512 monitor - ok
00:01:06.0053 2512 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
00:01:06.0209 2512 mouclass - ok
00:01:06.0240 2512 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
00:01:06.0365 2512 mouhid - ok
00:01:06.0381 2512 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
00:01:06.0490 2512 MountMgr - ok
00:01:06.0537 2512 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
00:01:06.0739 2512 MpFilter - ok
00:01:06.0771 2512 MPFP (96cf5286bc370b558735a7b891232d92) C:\Windows\system32\Drivers\Mpfp.sys
00:01:06.0911 2512 MPFP - ok
00:01:06.0958 2512 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
00:01:07.0114 2512 mpio - ok
00:01:07.0207 2512 MpKsl390fd072 (5f53edfead46fa7adb78eee9ecce8fdf) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CE3CB8A6-43EE-4F9D-B3A0-2619A860C8BA}\MpKsl390fd072.sys
00:01:07.0270 2512 MpKsl390fd072 - ok
00:01:07.0379 2512 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
00:01:07.0488 2512 MpNWMon - ok
00:01:07.0551 2512 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
00:01:07.0707 2512 mpsdrv - ok
00:01:07.0753 2512 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
00:01:07.0894 2512 Mraid35x - ok
00:01:07.0956 2512 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
00:01:08.0143 2512 MRxDAV - ok
00:01:08.0206 2512 mrxsmb (5fe5cf325f5b02ebc60832d3440cb414) C:\Windows\system32\DRIVERS\mrxsmb.sys
00:01:08.0377 2512 mrxsmb - ok
00:01:08.0440 2512 mrxsmb10 (30b9c769446af379a2afb72b0392604d) C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:01:08.0611 2512 mrxsmb10 - ok
00:01:08.0643 2512 mrxsmb20 (fea239b3ec4877e2b7e23204af589ddf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:01:08.0799 2512 mrxsmb20 - ok
00:01:08.0845 2512 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
00:01:08.0986 2512 msahci - ok
00:01:09.0017 2512 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
00:01:09.0173 2512 msdsm - ok
00:01:09.0235 2512 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
00:01:09.0345 2512 Msfs - ok
00:01:09.0391 2512 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
00:01:09.0485 2512 msisadrv - ok
00:01:09.0563 2512 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
00:01:09.0688 2512 MSKSSRV - ok
00:01:09.0766 2512 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
00:01:09.0875 2512 MSPCLOCK - ok
00:01:09.0906 2512 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
00:01:10.0015 2512 MSPQM - ok
00:01:10.0078 2512 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
00:01:10.0156 2512 MsRPC - ok
00:01:10.0203 2512 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
00:01:10.0249 2512 mssmbios - ok
00:01:10.0281 2512 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
00:01:10.0405 2512 MSTEE - ok
00:01:10.0437 2512 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
00:01:10.0546 2512 Mup - ok
00:01:10.0639 2512 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
00:01:10.0795 2512 NativeWifiP - ok
00:01:10.0873 2512 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
00:01:10.0951 2512 NDIS - ok
00:01:10.0998 2512 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
00:01:11.0107 2512 NdisTapi - ok
00:01:11.0139 2512 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
00:01:11.0263 2512 Ndisuio - ok
00:01:11.0326 2512 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
00:01:11.0497 2512 NdisWan - ok
00:01:11.0529 2512 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
00:01:11.0653 2512 NDProxy - ok
00:01:11.0685 2512 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
00:01:11.0809 2512 NetBIOS - ok
00:01:11.0872 2512 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
00:01:12.0075 2512 netbt - ok
00:01:12.0309 2512 NETw4v32 (caaea35dae7f4c19db05481dac22c2ba) C:\Windows\system32\DRIVERS\NETw4v32.sys
00:01:12.0558 2512 NETw4v32 - ok
00:01:12.0730 2512 NETw5v32 (8de67bd902095a13329fd82c85a1fa09) C:\Windows\system32\DRIVERS\NETw5v32.sys
00:01:13.0026 2512 NETw5v32 - ok
00:01:13.0073 2512 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
00:01:13.0229 2512 nfrd960 - ok
00:01:13.0276 2512 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
00:01:13.0447 2512 NisDrv - ok
00:01:13.0510 2512 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
00:01:13.0635 2512 Npfs - ok
00:01:13.0666 2512 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
00:01:13.0837 2512 nsiproxy - ok
00:01:13.0931 2512 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
00:01:14.0243 2512 Ntfs - ok
00:01:14.0305 2512 NTIDrvr (2757d2ba59aee155209e24942ab127c9) C:\Windows\system32\DRIVERS\NTIDrvr.sys
00:01:14.0461 2512 NTIDrvr - ok
00:01:14.0508 2512 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
00:01:14.0727 2512 ntrigdigi - ok
00:01:14.0758 2512 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
00:01:14.0883 2512 Null - ok
00:01:15.0195 2512 nvlddmkm (87a335a444551a432226720d18337ad9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:01:16.0209 2512 nvlddmkm - ok
00:01:16.0365 2512 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
00:01:16.0521 2512 nvraid - ok
00:01:16.0583 2512 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
00:01:16.0739 2512 nvstor - ok
00:01:16.0786 2512 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
00:01:16.0911 2512 nv_agp - ok
00:01:16.0926 2512 NwlnkFlt - ok
00:01:16.0942 2512 NwlnkFwd - ok
00:01:17.0004 2512 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
00:01:17.0191 2512 ohci1394 - ok
00:01:17.0379 2512 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
00:01:17.0597 2512 Parport - ok
00:01:17.0706 2512 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
00:01:17.0862 2512 partmgr - ok
00:01:17.0909 2512 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
00:01:18.0065 2512 Parvdm - ok
00:01:18.0112 2512 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
00:01:18.0221 2512 pci - ok
00:01:18.0268 2512 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
00:01:18.0408 2512 pciide - ok
00:01:18.0439 2512 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
00:01:18.0549 2512 pcmcia - ok
00:01:18.0611 2512 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
00:01:18.0845 2512 PEAUTH - ok
00:01:18.0970 2512 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
00:01:19.0141 2512 PptpMiniport - ok
00:01:19.0188 2512 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
00:01:19.0313 2512 Processor - ok
00:01:19.0407 2512 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
00:01:19.0469 2512 PSched - ok
00:01:19.0500 2512 PSDFilter (ab94285ff6c6bc5433407d8d182a4bb4) C:\Windows\system32\DRIVERS\psdfilter.sys
00:01:19.0609 2512 PSDFilter - ok
00:01:19.0656 2512 PSDNServ (2aaf9a5d7a63d26bfaea853c5f2292bc) C:\Windows\system32\DRIVERS\PSDNServ.sys
00:01:19.0750 2512 PSDNServ - ok
00:01:19.0781 2512 psdvdisk (0eb8cec99855beae5b0d02c2302619ef) C:\Windows\system32\DRIVERS\PSDVdisk.sys
00:01:19.0890 2512 psdvdisk - ok
00:01:19.0953 2512 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
00:01:20.0077 2512 PxHelp20 - ok
00:01:20.0202 2512 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
00:01:20.0405 2512 ql2300 - ok
00:01:20.0530 2512 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
00:01:20.0733 2512 ql40xx - ok
00:01:20.0795 2512 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
00:01:20.0951 2512 QWAVEdrv - ok
00:01:21.0294 2512 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
00:01:21.0481 2512 RasAcd - ok
00:01:21.0731 2512 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
00:01:21.0918 2512 Rasl2tp - ok
00:01:22.0168 2512 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
00:01:22.0355 2512 RasPppoe - ok
00:01:22.0573 2512 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
00:01:22.0729 2512 RasSstp - ok
00:01:22.0885 2512 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
00:01:23.0104 2512 rdbss - ok
00:01:23.0275 2512 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
00:01:23.0400 2512 RDPCDD - ok
00:01:23.0494 2512 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
00:01:23.0665 2512 rdpdr - ok
00:01:23.0681 2512 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
00:01:23.0806 2512 RDPENCDD - ok
00:01:23.0899 2512 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
00:01:24.0087 2512 RDPWD - ok
00:01:24.0227 2512 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
00:01:24.0399 2512 RFCOMM - ok
00:01:24.0539 2512 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
00:01:24.0664 2512 rspndr - ok
00:01:24.0711 2512 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
00:01:24.0867 2512 sbp2port - ok
00:01:24.0945 2512 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
00:01:25.0163 2512 secdrv - ok
00:01:25.0225 2512 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
00:01:25.0381 2512 Serenum - ok
00:01:25.0413 2512 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
00:01:25.0615 2512 Serial - ok
00:01:25.0647 2512 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
00:01:25.0771 2512 sermouse - ok
00:01:25.0849 2512 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
00:01:25.0959 2512 sffdisk - ok
00:01:26.0005 2512 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
00:01:26.0115 2512 sffp_mmc - ok
00:01:26.0146 2512 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
00:01:26.0271 2512 sffp_sd - ok
00:01:26.0302 2512 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
00:01:26.0505 2512 sfloppy - ok
00:01:26.0567 2512 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
00:01:26.0676 2512 sisagp - ok
00:01:26.0707 2512 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
00:01:26.0848 2512 SiSRaid2 - ok
00:01:26.0879 2512 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
00:01:27.0035 2512 SiSRaid4 - ok
00:01:27.0113 2512 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
00:01:27.0285 2512 Smb - ok
00:01:27.0363 2512 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
00:01:27.0456 2512 spldr - ok
00:01:27.0534 2512 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
00:01:27.0721 2512 srv - ok
00:01:27.0768 2512 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
00:01:27.0955 2512 srv2 - ok
00:01:28.0002 2512 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
00:01:28.0111 2512 srvnet - ok
00:01:28.0205 2512 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
00:01:28.0299 2512 swenum - ok
00:01:28.0345 2512 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
00:01:28.0486 2512 Symc8xx - ok
00:01:28.0533 2512 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
00:01:28.0689 2512 Sym_hi - ok
00:01:28.0720 2512 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
00:01:28.0860 2512 Sym_u3 - ok
00:01:28.0923 2512 SynTP (bf7aa84d5af0faa0978c840e63b17dbf) C:\Windows\system32\DRIVERS\SynTP.sys
00:01:29.0047 2512 SynTP - ok
00:01:29.0188 2512 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
00:01:29.0391 2512 Tcpip - ok
00:01:29.0515 2512 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
00:01:29.0625 2512 Tcpip6 - ok
00:01:29.0656 2512 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
00:01:29.0734 2512 tcpipreg - ok
00:01:29.0781 2512 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
00:01:29.0952 2512 TDPIPE - ok
00:01:29.0983 2512 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
00:01:30.0155 2512 TDTCP - ok
00:01:30.0217 2512 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
00:01:30.0373 2512 tdx - ok
00:01:30.0436 2512 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
00:01:30.0545 2512 TermDD - ok
00:01:30.0639 2512 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
00:01:30.0810 2512 tssecsrv - ok
00:01:30.0841 2512 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
00:01:30.0997 2512 tunmp - ok
00:01:31.0044 2512 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
00:01:31.0185 2512 tunnel - ok
00:01:31.0216 2512 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
00:01:31.0341 2512 uagp35 - ok
00:01:31.0387 2512 UBHelper (f763e070843ee2803de1395002b42938) C:\Windows\system32\drivers\UBHelper.sys
00:01:31.0481 2512 UBHelper - ok
00:01:31.0528 2512 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
00:01:31.0653 2512 udfs - ok
00:01:31.0731 2512 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
00:01:31.0840 2512 uliagpkx - ok
00:01:31.0871 2512 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
00:01:32.0043 2512 uliahci - ok
00:01:32.0074 2512 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
00:01:32.0245 2512 UlSata - ok
00:01:32.0277 2512 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
00:01:32.0433 2512 ulsata2 - ok
00:01:32.0479 2512 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
00:01:32.0589 2512 umbus - ok
00:01:32.0682 2512 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
00:01:32.0838 2512 USBAAPL - ok
00:01:32.0869 2512 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
00:01:32.0994 2512 usbccgp - ok
00:01:33.0041 2512 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
00:01:33.0197 2512 usbcir - ok
00:01:33.0244 2512 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
00:01:33.0400 2512 usbehci - ok
00:01:33.0462 2512 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
00:01:33.0649 2512 usbhub - ok
00:01:33.0696 2512 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
00:01:33.0899 2512 usbohci - ok
00:01:33.0930 2512 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
00:01:34.0149 2512 usbprint - ok
00:01:34.0180 2512 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:01:34.0351 2512 USBSTOR - ok
00:01:34.0383 2512 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
00:01:34.0554 2512 usbuhci - ok
00:01:34.0617 2512 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
00:01:34.0819 2512 usbvideo - ok
00:01:34.0960 2512 vfs101x (4d45a93a7dd638ca2db0a86fbfbf42d1) C:\Windows\system32\drivers\vfs101x.sys
00:01:35.0116 2512 vfs101x - ok
00:01:35.0163 2512 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
00:01:35.0287 2512 vga - ok
00:01:35.0334 2512 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
00:01:35.0459 2512 VgaSave - ok
00:01:35.0506 2512 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
00:01:35.0615 2512 viaagp - ok
00:01:35.0646 2512 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
00:01:35.0771 2512 ViaC7 - ok
00:01:35.0802 2512 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
00:01:35.0958 2512 viaide - ok
00:01:36.0005 2512 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
00:01:36.0114 2512 volmgr - ok
00:01:36.0177 2512 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
00:01:36.0348 2512 volmgrx - ok
00:01:36.0411 2512 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
00:01:36.0551 2512 volsnap - ok
00:01:36.0598 2512 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
00:01:36.0769 2512 vsmraid - ok
00:01:36.0847 2512 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
00:01:37.0066 2512 WacomPen - ok
00:01:37.0113 2512 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
00:01:37.0284 2512 Wanarp - ok
00:01:37.0300 2512 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
00:01:37.0378 2512 Wanarpv6 - ok
00:01:37.0440 2512 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
00:01:37.0581 2512 Wd - ok
00:01:37.0627 2512 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
00:01:37.0830 2512 Wdf01000 - ok
00:01:38.0189 2512 WinUSB (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\WinUSB.sys
00:01:38.0329 2512 WinUSB - ok
00:01:38.0407 2512 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
00:01:38.0485 2512 WmiAcpi - ok
00:01:38.0626 2512 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
00:01:38.0813 2512 WpdUsb - ok
00:01:38.0922 2512 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
00:01:39.0063 2512 ws2ifsl - ok
00:01:39.0141 2512 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys
00:01:39.0312 2512 WSDPrintDevice - ok
00:01:39.0406 2512 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
00:01:39.0671 2512 WUDFRd - ok
00:01:39.0858 2512 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (74ec37b9eaf9fca015b933a526825c7a) C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl
00:01:40.0357 2512 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
00:01:40.0482 2512 MBR (0x1B8) (bb9d3a6a13c5010348da7c900bb6af50) \Device\Harddisk0\DR0
00:01:40.0935 2512 \Device\Harddisk0\DR0 - ok
00:01:40.0981 2512 Boot (0x1200) (3102618fff443b5f7bc0eb71d9c4dbd4) \Device\Harddisk0\DR0\Partition0
00:01:40.0981 2512 \Device\Harddisk0\DR0\Partition0 - ok
00:01:40.0997 2512 Boot (0x1200) (09bb6984a517e4a0b571e6da0d0e33cb) \Device\Harddisk0\DR0\Partition1
00:01:40.0997 2512 \Device\Harddisk0\DR0\Partition1 - ok
00:01:40.0997 2512 ============================================================
00:01:40.0997 2512 Scan finished
00:01:40.0997 2512 ============================================================
00:01:41.0028 2524 Detected object count: 1
00:01:41.0028 2524 Actual detected object count: 1
00:03:18.0749 2524 int15 ( UnsignedFile.Multi.Generic ) - skipped by user
00:03:18.0749 2524 int15 ( UnsignedFile.Multi.Generic ) - User select action: Skip

Alt 16.11.2011, 08:41   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BKA Virus - Ukash 100€ - Standard

BKA Virus - Ukash 100€



Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu BKA Virus - Ukash 100€
anti-malware, appdata, bka virus, cache, check, dateien, desktop, explorer, install, install.exe, java, laptop, log-datei, malwarebytes, microsoft, neustarten, pup.filehunter, roaming, scan, software, task manager, temp, trojan.agent, trojaner bundespolizei bundeskriminalamt, ukash 100€, uninstall.exe, update.exe, updates, version, virus, öffnen



Ähnliche Themen: BKA Virus - Ukash 100€


  1. BKA/UKASH Virus
    Plagegeister aller Art und deren Bekämpfung - 01.07.2013 (8)
  2. Ukash Virus eingefangen
    Plagegeister aller Art und deren Bekämpfung - 30.04.2013 (2)
  3. Ukash - Virus
    Plagegeister aller Art und deren Bekämpfung - 16.01.2013 (15)
  4. Ukash-Virus
    Log-Analyse und Auswertung - 11.01.2013 (7)
  5. Ukash Virus
    Plagegeister aller Art und deren Bekämpfung - 17.10.2012 (15)
  6. UKash Virus
    Plagegeister aller Art und deren Bekämpfung - 29.09.2012 (2)
  7. BKA/Ukash Virus
    Plagegeister aller Art und deren Bekämpfung - 29.09.2012 (28)
  8. Ukash Virus?
    Plagegeister aller Art und deren Bekämpfung - 30.08.2012 (23)
  9. Ukash Virus
    Plagegeister aller Art und deren Bekämpfung - 22.05.2012 (3)
  10. Virus blockiert PC! Gema Bundestrojaner Virus - 50 euro Ukash?
    Plagegeister aller Art und deren Bekämpfung - 06.05.2012 (4)
  11. Ukash Virus wie entfernen?
    Plagegeister aller Art und deren Bekämpfung - 15.03.2012 (1)
  12. 50 € Ukash/Paysafe Virus :(
    Log-Analyse und Auswertung - 21.01.2012 (1)
  13. ukash/BKA - Virus
    Log-Analyse und Auswertung - 14.12.2011 (36)
  14. GEMA ukash virus
    Log-Analyse und Auswertung - 11.12.2011 (54)
  15. Bundespolizei/ukash virus
    Log-Analyse und Auswertung - 05.06.2011 (1)
  16. BKA-Ukash-virus
    Log-Analyse und Auswertung - 21.05.2011 (83)
  17. BKA-Ukash Virus
    Mülltonne - 27.04.2011 (3)

Zum Thema BKA Virus - Ukash 100€ - Hallo, ich habe seit gestern den Bundespolizei Virus auf meinem Laptop, kam erst nicht an meinen Desktop dran, habe es aber durch Neustarten und dem Task Manager geschafft Malwarebytes zu - BKA Virus - Ukash 100€...
Archiv
Du betrachtest: BKA Virus - Ukash 100€ auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.