| |
| |||||||
Log-Analyse und Auswertung: Bei Eingaben in Text- oder Browserfelder füllen diese sich zuerst mit 6en!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
08.01.2012, 21:22
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Bei Eingaben in Text- oder Browserfelder füllen diese sich zuerst mit 6en! Nee kann es immer noch nicht öffnen  Kannst du die OTL.txt von dir mit einem Editor öffnen? Notfalls mal alles von dieser Datei kopieren, bei nopaste.info - free nopaste script and service einfügen und hier verlinken
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
08.01.2012, 21:55
| #17 |
 | Bei Eingaben in Text- oder Browserfelder füllen diese sich zuerst mit 6en! Auch in dem Programm was Du mir vorgeschlagen hast krieg ich den Text nicht rein. ist zu gross.. Ich selbst sehe das Logfile ganz normal auch wenn ich es hier im Board öffne.
__________________Kopiere es jetzt hier in zwei hier Teilen rein: Teil 1: OTL logfile created on: 08.01.2012 02:41:53 - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Yzerman\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,87 Gb Total Physical Memory | 1,96 Gb Available Physical Memory | 50,79% Memory free 7,73 Gb Paging File | 5,73 Gb Available in Paging File | 74,07% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 1182,61 Gb Total Space | 1089,86 Gb Free Space | 92,16% Space Free | Partition Type: NTFS Drive J: | 931,51 Gb Total Space | 562,34 Gb Free Space | 60,37% Space Free | Partition Type: NTFS Computer Name: YZERMAN-PC | User Name: Yzerman | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.01.05 16:27:50 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Yzerman\Desktop\OTL.exe PRC - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.04.09 09:12:08 | 003,520,000 | ---- | M] (sw4you, Siegfried Weckmann) -- C:\Program Files (x86)\Hardcopy\hardcopy.exe PRC - [2011.03.18 08:11:51 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe PRC - [2010.05.07 17:47:32 | 000,114,008 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe PRC - [2009.10.02 13:26:12 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2009.06.09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Programme\Dell\DellDock\DockLogin.exe PRC - [2009.03.20 01:03:00 | 001,904,640 | R--- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WLanGUI.exe PRC - [2009.03.20 01:03:00 | 000,368,640 | R--- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe PRC - [2008.05.02 03:00:00 | 000,077,824 | ---- | M] () -- C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe ========== Modules (No Company Name) ========== MOD - [2011.04.09 09:11:53 | 002,920,960 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\HcDllS.dll MOD - [2011.03.18 08:11:51 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe MOD - [2010.09.30 09:14:19 | 000,055,296 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\hardcopy_03.dll MOD - [2010.04.21 10:00:35 | 000,058,368 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\HcDLL2_30_Win32.dll MOD - [2008.05.02 03:00:00 | 000,077,824 | ---- | M] () -- C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.12.21 11:16:18 | 000,075,384 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe -- (SafeBox) SRV:64bit: - [2011.12.19 20:24:38 | 001,950,448 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe -- (VSSERV) SRV:64bit: - [2011.12.13 09:29:20 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) SRV:64bit: - [2011.11.17 15:42:12 | 000,062,512 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe -- (UPDATESRV) SRV:64bit: - [2011.08.12 00:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE) SRV:64bit: - [2010.05.07 17:45:16 | 000,197,976 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64) SRV:64bit: - [2009.09.19 07:17:42 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2011.12.13 09:34:52 | 002,028,864 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2011.12.13 09:29:16 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2011.10.14 22:57:26 | 000,466,736 | ---- | M] (BitDefender) [On_Demand | Stopped] -- C:\Programme\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe -- (Update Server) SRV - [2011.08.18 16:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Disabled | Stopped] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService) SRV - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010.10.22 12:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.02.09 09:57:19 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009.10.02 13:26:12 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2009.06.26 11:19:12 | 001,124,848 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.06.09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Programme\Dell\DellDock\DockLogin.exe -- (DockLoginService) SRV - [2009.05.21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter) SRV - [2009.03.20 01:03:00 | 000,368,640 | R--- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe -- (AVM WLAN Connection Service) SRV - [2008.10.21 14:50:00 | 000,548,864 | ---- | M] (Magix AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService) SRV - [2008.05.02 01:49:54 | 000,160,272 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.11.28 17:33:46 | 000,543,528 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf) DRV:64bit: - [2011.11.25 14:00:36 | 000,258,736 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avchv.sys -- (avchv) DRV:64bit: - [2011.11.25 13:57:34 | 000,685,192 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3) DRV:64bit: - [2011.10.27 14:07:05 | 000,329,800 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\trufos.sys -- (trufos) DRV:64bit: - [2011.09.29 15:09:50 | 000,079,952 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bdsandbox.sys -- (bdsandbox) DRV:64bit: - [2011.07.26 18:49:12 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss) DRV:64bit: - [2011.05.10 07:06:14 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl) DRV:64bit: - [2011.05.10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011.03.24 14:36:22 | 000,431,176 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bdfsfltr.sys -- (bdfsfltr) DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.05.14 21:02:14 | 006,465,760 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech Webcam 500(UVC) DRV:64bit: - [2010.05.14 21:00:52 | 000,329,952 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64) DRV:64bit: - [2010.05.07 17:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon) DRV:64bit: - [2010.05.07 17:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64) DRV:64bit: - [2010.01.19 18:32:40 | 000,103,944 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bdvedisk.sys -- (BDVEDISK) DRV:64bit: - [2009.10.02 21:58:58 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009.09.26 16:42:58 | 000,233,984 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV:64bit: - [2009.09.19 09:32:38 | 006,170,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2009.09.17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R) DRV:64bit: - [2009.08.23 19:02:30 | 000,120,336 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2009.08.06 13:43:58 | 000,320,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.09 11:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GearAspiWDM) DRV:64bit: - [2009.03.20 01:03:00 | 000,460,800 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fwlanusb.sys -- (FWLANUSB) DRV:64bit: - [2009.03.20 01:03:00 | 000,014,120 | R--- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject) DRV:64bit: - [2008.02.29 02:16:52 | 000,057,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2008.02.29 02:16:44 | 000,054,800 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2006.11.01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2011.11.14 19:16:42 | 000,090,192 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- c:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys -- (BdfNdisf) DRV - [2011.11.14 19:16:38 | 000,103,504 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys -- (bdfwfpf) DRV - [2011.07.22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV) DRV - [2011.07.12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL) DRV - [2010.10.07 13:34:32 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009.06.26 10:27:28 | 000,065,520 | ---- | M] (Sonic Solutions) [File_System | System | Stopped] -- C:\Windows\SysWOW64\drivers\RxFilter.sys -- (RxFilter) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.msn.com/?ocid=ie9hp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.ksta.de/ [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.ksta.de/ [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?ocid=ie9hp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1B 45 34 05 88 C4 CC 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "www.ksta.de" FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:22.1.11061.544 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7280 FF - prefs.js..keyword.URL: "hxxp://search.hotspotshield.com/g/results.php?c=s&q=" FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2012\BDTBEXT\ [2012.01.06 14:24:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011.06.06 09:01:16 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.08.27 17:18:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2011.12.06 16:04:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext\ [2012.01.06 14:24:55 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.08.27 17:18:44 | 000,000,000 | ---D | M] [2010.04.20 18:44:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Yzerman\AppData\Roaming\mozilla\Extensions [2012.01.05 00:14:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Yzerman\AppData\Roaming\mozilla\Firefox\Profiles\cyev6dyl.default\extensions [2011.12.27 12:29:08 | 000,000,000 | ---D | M] (BitDefender QuickScan) -- C:\Users\Yzerman\AppData\Roaming\mozilla\Firefox\Profiles\cyev6dyl.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2012.01.05 00:25:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.08.16 06:24:07 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Program Files (x86)\mozilla firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad} [2011.04.04 10:20:44 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Program Files (x86)\mozilla firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE} [2011.12.06 16:04:12 | 000,000,000 | ---D | M] (Freemake Video Converter Plugin) -- C:\PROGRAM FILES (X86)\FREEMAKE\FREEMAKE VIDEO CONVERTER\BROWSERPLUGIN\FIREFOX () (No name found) -- C:\USERS\YZERMAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYEV6DYL.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google  riginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\pdf.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Users\Yzerman\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\Yzerman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\ CHR - Extension: Google-Suche = C:\Users\Yzerman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\ CHR - Extension: Freemake Video Converter = C:\Users\Yzerman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\ CHR - Extension: Ti\u00EBsto = C:\Users\Yzerman\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnmeobddjkkgkglnogihcaejaleikhdh\2_0\ CHR - Extension: Google Mail = C:\Users\Yzerman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\ O1 HOSTS File: ([2011.12.07 10:48:17 | 000,438,845 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 123fporn.info O1 - Hosts: 15092 more lines... O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Message Faces for Internet Explorer) - {E3758FC2-BB95-4B86-84BF-D91F4748EC76} - C:\Program Files (x86)\Message Faces for Internet Explorer\x64\messagefaces-ie.dll () O2:64bit: - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found. O2 - BHO: (Message Faces for Internet Explorer) - {E3758FC2-BB95-4B86-84BF-D91F4748EC75} - C:\Program Files (x86)\Message Faces for Internet Explorer\x86\messagefaces-ie.dll () O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe (Bitdefender) O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin) O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.) O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.) O4 - HKLM..\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.) O4 - HKCU..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.) O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell) O4 - HKLM..\RunOnceEx: [ContentMerger] c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe (Sonic Solutions) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {5BF3E4A3-7E64-4D53-B512-2E242E837D24} https://einfach.otto.de/ottoproj/ottomce//bin/activex/MCEControls.cab (CMCEInputCtl Object) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4626455E-71B5-4184-8F41-FA95AFDA748F}: DhcpNameServer = 10.111.81.129 10.129.32.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{81D53781-5B81-464E-AC4A-CC6804D091AC}: DhcpNameServer = 192.168.2.1 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.12.01 10:01:38 | 000,000,000 | RH-D | M] - J:\autorun -- [ NTFS ] O33 - MountPoints2\{23f2218d-4f73-11df-86eb-001f3f0c9821}\Shell - "" = AutoRun O33 - MountPoints2\{23f2218d-4f73-11df-86eb-001f3f0c9821}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a O33 - MountPoints2\{7b6d5763-efe6-11df-8c80-001f3f0c9821}\Shell - "" = AutoRun O33 - MountPoints2\{7b6d5763-efe6-11df-8c80-001f3f0c9821}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a O33 - MountPoints2\{abfe58e4-3f15-11df-87d5-002564f4a491}\Shell - "" = AutoRun O33 - MountPoints2\{abfe58e4-3f15-11df-87d5-002564f4a491}\Shell\AutoRun\command - "" = I:\pushinst.exe O34 - HKLM BootExecute: (autocheck autochk /r \??\J O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software) SafeBootMin:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com) SafeBootMin:64bit: AppMgmt - Service SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: mcmscsvc - Service SafeBootMin:64bit: MCODS - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: mcmscsvc - Service SafeBootMin: MCODS - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com) SafeBootNet:64bit: AppMgmt - Service SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: mcmscsvc - Service SafeBootNet:64bit: MCODS - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: MpfService - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: mcmscsvc - Service SafeBootNet: MCODS - Service SafeBootNet: Messenger - Service SafeBootNet: MpfService - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:64bit: {0B74300D-9D18-4656-9F79-BBF0891365AF} - Bing Bar ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4CBF8339-9F09-4213-846D-8E1C2B921451} - Desktop Icon ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9038A68F-9554-44B1-A5BA-6F60DA15E7C5} - Bing Bar ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {B8BA4AC9-AF8D-4C81-9960-6CDBC3F97CEB} - Message Faces ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{40194995-2263-49FA-93D2-0A11E13FA518} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {741B27D4-2120-D63C-DF0B-F15F4BE602DF} - Java (Sun) ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {9813E6A2-F778-E37E-9BF7-24FF812E5454} - .NET Framework ActiveX: {B314BA4C-167D-3526-0E27-91846724DD54} - .NET Framework ActiveX: {B6881912-2921-8A6C-0386-7215A10A022D} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.01.07 18:02:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012.01.06 14:24:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2012 [2012.01.06 14:23:13 | 000,431,176 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\bdfsfltr.sys [2012.01.06 14:23:13 | 000,329,800 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys [2012.01.06 08:38:02 | 000,000,000 | ---D | C] -- C:\Users\Yzerman\AppData\Roaming\SUPERAntiSpyware.com [2012.01.06 08:37:32 | 000,000,000 | ---D | C] -- C:\Users\Yzerman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2012.01.06 08:37:31 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2012.01.06 08:37:31 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2012.01.05 22:36:20 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging [2012.01.05 20:07:41 | 000,000,000 | ---D | C] -- C:\Users\Yzerman\AppData\Roaming\Malwarebytes [2012.01.05 20:07:32 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.01.05 20:07:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.01.05 20:07:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.01.05 20:07:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.01.05 16:27:50 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Yzerman\Desktop\OTL.exe [2012.01.05 14:36:43 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012.01.05 01:05:42 | 000,000,000 | ---D | C] -- C:\Users\Yzerman\AppData\Local\s.menze [2012.01.05 01:05:41 | 000,000,000 | ---D | C] -- C:\Users\Yzerman\AppData\Local\SafeBox [2012.01.04 19:33:11 | 000,000,000 | ---D | C] -- C:\Users\Yzerman\AppData\Roaming\Bitdefender [2012.01.04 19:33:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender [2012.01.04 19:29:40 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender [2012.01.04 19:28:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender [2012.01.04 19:28:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Bitdefender [2012.01.03 18:44:47 | 000,000,000 | ---D | C] -- C:\Users\Yzerman\AppData\Local\{80AD6CAD-6476-480F-BA3E-919959A9AD32} [2012.01.03 18:44:16 | 000,000,000 | ---D | C] -- C:\Users\Yzerman\AppData\Local\{37F26350-6F9E-4EF7-A366-016AE7366380} [2012.01.03 18:41:13 | 000,000,000 | ---D | C] -- C:\Users\Yzerman\AppData\Local\{4F7D3A77-431B-4392-BF04-6E56576AF114} [2011.12.29 19:46:47 | 000,000,000 | ---D | C] -- C:\ProgramData\clp [2011.12.29 19:46:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Common Toolkit Suite [2011.12.28 14:02:14 | 000,200,976 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysWow64\drivers\tmcomm.sys [2011.12.27 12:30:17 | 000,000,000 | ---D | C] -- C:\Users\Yzerman\AppData\Roaming\QuickScan [2011.12.27 12:06:01 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess [2011.12.18 01:11:22 | 000,000,000 | ---D | C] -- C:\Users\Yzerman\AppData\Roaming\ZoomBrowser EX [2011.12.18 00:28:56 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Canon MyCameraFiles [2011.12.18 00:28:43 | 000,000,000 | ---D | C] -- C:\ProgramData\ZoomBrowser [2011.12.18 00:28:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities [2011.12.18 00:28:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon [2011.12.18 00:27:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Canon [2011.12.17 20:11:34 | 000,000,000 | ---D | C] -- C:\Users\Yzerman\Documents\Canon Powershot Bedienungsanleitung [2011.12.15 01:29:04 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA% [2010.04.03 13:14:22 | 008,656,832 | ---- | C] (Dell, Inc. ) -- C:\Users\Yzerman\AppData\Roaming\DataSafeDotNet.exe [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [2 C:\Users\Yzerman\*.tmp files -> C:\Users\Yzerman\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.01.08 01:19:59 | 000,001,023 | ---- | M] () -- C:\Users\Yzerman\Desktop\SafeBox Folder.lnk [2012.01.07 17:26:35 | 000,004,704 | ---- | M] () -- C:\Users\Yzerman\Desktop\mbam-log-2012-01-06 (18-09-54).zip [2012.01.07 16:39:27 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.01.07 16:39:27 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.01.07 16:39:19 | 001,508,502 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.01.07 16:39:19 | 000,657,944 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.01.07 16:39:19 | 000,619,220 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.01.07 16:39:19 | 000,131,316 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.01.07 16:39:19 | 000,107,540 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.01.07 16:32:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.01.07 16:32:10 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs [2012.01.06 14:25:38 | 000,199,827 | ---- | M] () -- C:\ProgramData\1325856142.bdinstall.bin [2012.01.06 14:25:10 | 000,000,270 | -H-- | M] () -- C:\bdr-conf [2012.01.06 14:24:56 | 000,002,092 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Total Security 2012.lnk [2012.01.06 08:37:32 | 000,001,810 | ---- | M] () -- C:\Users\Yzerman\Desktop\SUPERAntiSpyware Free Edition.lnk [2012.01.05 20:07:32 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.01.05 16:55:13 | 000,040,246 | ---- | M] () -- C:\Users\Yzerman\Desktop\Logfiles.zip [2012.01.05 16:32:15 | 000,000,000 | ---- | M] () -- C:\Users\Yzerman\defogger_reenable [2012.01.05 16:27:50 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Yzerman\Desktop\OTL.exe [2012.01.05 16:27:23 | 000,050,477 | ---- | M] () -- C:\Users\Yzerman\Desktop\Defogger.exe [2012.01.05 13:00:28 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml [2012.01.04 19:34:23 | 000,247,636 | ---- | M] () -- C:\ProgramData\1325701732.bdinstall.bin [2012.01.04 19:33:17 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf [2012.01.04 11:26:18 | 000,512,192 | ---- | M] () -- C:\Windows\SysWow64\sig.bin [2012.01.04 11:26:18 | 000,035,585 | ---- | M] () -- C:\Windows\SysWow64\nmp.map [2012.01.02 23:33:50 | 000,000,115 | ---- | M] () -- C:\Users\Yzerman\Desktop\MSN.de.url [2011.12.28 14:07:01 | 000,182,182 | ---- | M] () -- C:\Users\Yzerman\AppData\Local\census.cache [2011.12.28 14:06:58 | 000,152,134 | ---- | M] () -- C:\Users\Yzerman\AppData\Local\ars.cache [2011.12.28 14:01:32 | 000,000,036 | ---- | M] () -- C:\Users\Yzerman\AppData\Local\housecall.guid.cache [2011.12.18 00:28:43 | 000,001,298 | ---- | M] () -- C:\Users\Public\Desktop\ZoomBrowser EX.lnk [2011.12.17 20:16:55 | 000,003,672 | ---- | M] () -- C:\Users\Yzerman\Desktop\Powershot Handbuch.lnk [2011.12.15 09:24:08 | 000,434,816 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.12.13 09:35:46 | 000,034,624 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe [2011.12.13 09:29:26 | 000,025,920 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2011.12.13 09:29:24 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll [2011.12.13 09:29:20 | 000,036,160 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll [2011.12.13 09:29:16 | 000,029,504 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll [2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [2 C:\Users\Yzerman\*.tmp files -> C:\Users\Yzerman\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.01.07 17:26:35 | 000,004,704 | ---- | C] () -- C:\Users\Yzerman\Desktop\mbam-log-2012-01-06 (18-09-54).zip [2012.01.06 14:25:38 | 000,199,827 | ---- | C] () -- C:\ProgramData\1325856142.bdinstall.bin [2012.01.06 14:25:10 | 000,000,270 | -H-- | C] () -- C:\bdr-conf [2012.01.06 14:25:09 | 036,942,680 | -H-- | C] () -- C:\bdrescue.gz [2012.01.06 14:25:09 | 002,510,608 | -H-- | C] () -- C:\bdrescue.vm [2012.01.06 14:25:09 | 000,217,769 | -H-- | C] () -- C:\bdrescue [2012.01.06 14:25:09 | 000,009,216 | -H-- | C] () -- C:\bdrescue.mbr [2012.01.06 14:24:56 | 000,002,092 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Total Security 2012.lnk [2012.01.06 08:37:32 | 000,001,810 | ---- | C] () -- C:\Users\Yzerman\Desktop\SUPERAntiSpyware Free Edition.lnk [2012.01.05 20:07:32 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.01.05 16:55:13 | 000,040,246 | ---- | C] () -- C:\Users\Yzerman\Desktop\Logfiles.zip [2012.01.05 16:32:15 | 000,000,000 | ---- | C] () -- C:\Users\Yzerman\defogger_reenable [2012.01.05 16:27:23 | 000,050,477 | ---- | C] () -- C:\Users\Yzerman\Desktop\Defogger.exe [2012.01.05 13:00:28 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml [2012.01.05 01:05:42 | 000,001,023 | ---- | C] () -- C:\Users\Yzerman\Desktop\SafeBox Folder.lnk [2012.01.04 19:34:23 | 000,247,636 | ---- | C] () -- C:\ProgramData\1325701732.bdinstall.bin [2012.01.04 19:33:17 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf [2012.01.02 23:33:50 | 000,000,115 | ---- | C] () -- C:\Users\Yzerman\Desktop\MSN.de.url [2011.12.28 14:07:01 | 000,182,182 | ---- | C] () -- C:\Users\Yzerman\AppData\Local\census.cache [2011.12.28 14:06:58 | 000,152,134 | ---- | C] () -- C:\Users\Yzerman\AppData\Local\ars.cache [2011.12.28 14:01:32 | 000,000,036 | ---- | C] () -- C:\Users\Yzerman\AppData\Local\housecall.guid.cache [2011.12.18 00:28:43 | 000,001,298 | ---- | C] () -- C:\Users\Public\Desktop\ZoomBrowser EX.lnk [2011.12.17 20:16:55 | 000,003,672 | ---- | C] () -- C:\Users\Yzerman\Desktop\Powershot Handbuch.lnk [2011.09.05 12:24:56 | 000,001,097 | ---- | C] () -- C:\Windows\wiso.ini [2011.08.27 17:41:31 | 000,251,124 | ---- | C] () -- C:\Windows\hpwins14.dat.temp [2011.08.27 17:22:08 | 000,000,411 | ---- | C] () -- C:\Windows\hpwmdl14.dat.temp [2011.08.27 17:14:30 | 000,250,436 | ---- | C] () -- C:\Windows\hpwins14.dat [2011.08.27 17:14:30 | 000,000,411 | ---- | C] () -- C:\Windows\hpwmdl14.dat [2011.08.12 08:11:02 | 001,526,060 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.05.06 07:51:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011.04.19 17:41:31 | 000,000,000 | ---- | C] () -- C:\Users\Yzerman\AppData\Local\rx_image32.Cache [2011.04.19 17:41:29 | 000,002,120 | ---- | C] () -- C:\Users\Yzerman\AppData\Local\rx_audio.Cache [2011.04.06 14:19:33 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2011.04.05 18:32:29 | 000,016,183 | ---- | C] () -- C:\Windows\SysWow64\SELF32.INI [2011.04.05 14:56:37 | 000,000,000 | ---- | C] () -- C:\Windows\buhl.ini [2011.04.05 14:55:53 | 000,182,264 | ---- | C] () -- C:\Windows\SysWow64\BpShellEx.dll [2011.04.04 10:28:30 | 000,512,192 | ---- | C] () -- C:\Windows\SysWow64\sig.bin [2010.06.28 19:34:37 | 000,000,000 | ---- | C] () -- C:\Users\Yzerman\AppData\Roaming\wklnhst.dat [2010.05.14 20:56:06 | 010,830,680 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll [2010.05.14 20:56:06 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe [2010.05.14 20:55:58 | 000,290,648 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll [2010.04.03 15:30:05 | 000,000,760 | ---- | C] () -- C:\Users\Yzerman\AppData\Roaming\setup_ldm.iss [2010.02.09 09:57:55 | 000,001,112 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini [2010.02.09 09:57:55 | 000,001,099 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini [2010.02.09 09:57:55 | 000,001,099 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini [2010.02.09 09:57:51 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2010.02.09 09:57:51 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2010.02.09 09:39:00 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat ========== LOP Check ========== [2012.01.04 19:34:51 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Bitdefender [2011.04.05 15:03:53 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Buhl Data Service [2011.04.05 15:55:44 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Buhl Data Service GmbH [2011.02.05 12:27:15 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\DesktopReminder [2011.12.29 19:46:48 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Fighters [2011.02.05 12:48:16 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\GetRightToGo [2011.12.06 10:30:27 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\GrabPro [2010.04.03 15:30:07 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Leadertech [2011.04.06 14:47:31 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\MAGIX [2011.05.11 17:30:02 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\MAPILab NNTP Accounts [2011.12.06 10:30:29 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\OpenCandy [2012.01.05 00:14:09 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Orbit [2011.12.06 10:30:33 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\ProgSense [2011.12.28 13:52:04 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\QuickScan [2010.06.28 19:34:38 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Template [2011.04.06 14:58:37 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Titanium [2010.11.06 12:33:05 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\TuneUp Software [2010.08.03 10:19:44 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Ugzyuf [2011.02.05 12:43:21 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\UK's Kalender [2011.11.17 01:13:16 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Windows Live Writer [2010.09.12 09:01:14 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Ybukwo [2012.01.06 09:41:28 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== |
|
08.01.2012, 21:58
| #18 |
| | Bei Eingaben in Text- oder Browserfelder füllen diese sich zuerst mit 6en! Teil 2:
__________________< %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2011.09.09 14:47:08 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Adobe [2011.11.26 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Apple Computer [2010.04.03 12:46:47 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\ATI [2011.04.01 18:13:55 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\AVS4YOU [2012.01.04 19:34:51 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Bitdefender [2011.04.05 15:03:53 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Buhl Data Service [2011.04.05 15:55:44 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Buhl Data Service GmbH [2010.04.03 12:52:28 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\CyberLink [2010.04.03 12:47:05 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Dell [2011.02.05 12:27:15 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\DesktopReminder [2011.12.29 19:46:48 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Fighters [2011.02.05 12:48:16 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\GetRightToGo [2011.12.06 10:30:27 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\GrabPro [2011.08.27 17:38:16 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\HP [2010.04.03 12:46:25 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Identities [2011.04.06 15:07:05 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\IDMComp [2010.04.03 15:21:50 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\InstallShield [2010.04.03 12:46:51 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Intel Corporation [2010.04.03 15:30:07 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Leadertech [2010.04.03 15:30:17 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Logitech [2010.09.12 14:07:56 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Macromedia [2011.04.06 14:47:31 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\MAGIX [2012.01.05 20:07:41 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Malwarebytes [2011.05.11 17:30:02 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\MAPILab NNTP Accounts [2009.07.14 19:18:18 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Media Center Programs [2011.11.29 10:42:32 | 000,000,000 | --SD | M] -- C:\Users\Yzerman\AppData\Roaming\Microsoft [2010.04.20 18:44:54 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Mozilla [2011.12.06 10:30:29 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\OpenCandy [2012.01.05 00:14:09 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Orbit [2011.12.06 10:30:33 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\ProgSense [2011.12.28 13:52:04 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\QuickScan [2011.04.19 17:36:31 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Roxio [2011.06.23 10:59:03 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Skype [2011.06.22 15:06:21 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\skypePM [2012.01.06 08:38:02 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\SUPERAntiSpyware.com [2010.06.28 19:34:38 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Template [2011.04.06 14:58:37 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Titanium [2010.11.06 12:33:05 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\TuneUp Software [2010.08.03 10:19:44 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Ugzyuf [2011.02.05 12:43:21 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\UK's Kalender [2011.11.17 01:13:16 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Windows Live Writer [2010.09.12 09:01:14 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\Ybukwo [2011.12.18 01:11:22 | 000,000,000 | ---D | M] -- C:\Users\Yzerman\AppData\Roaming\ZoomBrowser EX < %APPDATA%\*.exe /s > [2010.05.04 18:31:35 | 008,656,832 | ---- | M] (Dell, Inc. ) -- C:\Users\Yzerman\AppData\Roaming\DataSafeDotNet.exe [2010.04.03 15:30:06 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Yzerman\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe [2011.09.05 09:15:02 | 000,010,134 | R--- | M] () -- C:\Users\Yzerman\AppData\Roaming\Microsoft\Installer\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}\ARPPRODUCTICON.exe [2011.11.18 05:30:06 | 002,081,208 | ---- | M] (Speedchecker Limited ) -- C:\Users\Yzerman\AppData\Roaming\OpenCandy\DE5EAB164F9D4377902301B034F6871B\pcspeedup_oc.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: EVENTLOG.DLL > [2011.10.14 22:57:26 | 000,007,840 | ---- | M] () MD5=A8B15EC290C2F28AF39A6FE02F0ACF0D -- C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\lib\eventlog.dll < MD5 for: IASTOR.SYS > [2009.10.02 21:58:58 | 000,537,112 | ---- | M] (Intel Corporation) MD5=631FA8935163B01FC0C02966CB3ADB92 -- C:\Drivers\storage\R245418\iaStor.sys [2009.10.02 21:58:58 | 000,537,112 | ---- | M] (Intel Corporation) MD5=631FA8935163B01FC0C02966CB3ADB92 -- C:\Windows\SysNative\drivers\iaStor.sys [2009.10.02 21:58:58 | 000,537,112 | ---- | M] (Intel Corporation) MD5=631FA8935163B01FC0C02966CB3ADB92 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_b03f80929ac23556\iaStor.sys [2009.10.02 21:58:58 | 000,537,112 | ---- | M] (Intel Corporation) MD5=631FA8935163B01FC0C02966CB3ADB92 -- C:\Windows\SysNative\DriverStore\FileRepository\iastor.inf_amd64_neutral_093f326ff5f9285e\iaStor.sys < MD5 for: IASTORV.SYS > [2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys [2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys [2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys [2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll [2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < MD5 for: NVSTOR.SYS > [2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys [2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys [2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys [2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll [2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll [2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll [2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll [2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll [2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2011.12.24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > ========== Files - Unicode (All) ========== [2011.04.03 11:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{ca04255d-5cf9-11e0-8a85-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF싚䂪{ca04255d-5cf9-11e0-8a85-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.04.03 11:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{ca04255d-5cf9-11e0-8a85-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF싚䂪{ca04255d-5cf9-11e0-8a85-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.04.03 11:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{ca04255d-5cf9-11e0-8a85-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF싚䂪{ca04255d-5cf9-11e0-8a85-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.04.03 11:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{ca04255d-5cf9-11e0-8a85-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF싚䂪{ca04255d-5cf9-11e0-8a85-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.04.03 11:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF싚䂪 [2011.04.03 11:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF싚䂪 [2011.04.03 11:00:00 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{ca04255d-5cf9-11e0-8a85-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF싚䂪{ca04255d-5cf9-11e0-8a85-001f3f0c9821}.TM.blf [2011.04.03 11:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{ca04255d-5cf9-11e0-8a85-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF싚䂪{ca04255d-5cf9-11e0-8a85-001f3f0c9821}.TM.blf [2011.04.03 11:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF싚䂪.LOG1 [2011.04.03 11:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF싚䂪.LOG1 [2011.04.03 11:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF싚䂪.LOG2 [2011.04.03 11:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF싚䂪.LOG2 [2011.03.27 11:00:01 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{8f1a9844-5855-11e0-84c4-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF�ꤦ{8f1a9844-5855-11e0-84c4-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.03.27 11:00:01 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{8f1a9844-5855-11e0-84c4-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF�ꤦ{8f1a9844-5855-11e0-84c4-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.03.27 11:00:01 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{8f1a9844-5855-11e0-84c4-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF�ꤦ{8f1a9844-5855-11e0-84c4-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.03.27 11:00:01 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{8f1a9844-5855-11e0-84c4-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF�ꤦ{8f1a9844-5855-11e0-84c4-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.03.27 11:00:01 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF�ꤦ [2011.03.27 11:00:01 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF�ꤦ [2011.03.27 11:00:01 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{8f1a9844-5855-11e0-84c4-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF�ꤦ{8f1a9844-5855-11e0-84c4-001f3f0c9821}.TM.blf [2011.03.27 11:00:01 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{8f1a9844-5855-11e0-84c4-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF�ꤦ{8f1a9844-5855-11e0-84c4-001f3f0c9821}.TM.blf [2011.03.27 11:00:01 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF�ꤦ.LOG1 [2011.03.27 11:00:01 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF�ꤦ.LOG1 [2011.03.27 11:00:01 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF�ꤦ.LOG2 [2011.03.27 11:00:01 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF�ꤦ.LOG2 [2011.03.20 13:25:43 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{56717b7a-52ec-11e0-842a-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF둒ꧣ{56717b7a-52ec-11e0-842a-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.03.20 13:25:43 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{56717b7a-52ec-11e0-842a-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF둒ꧣ{56717b7a-52ec-11e0-842a-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.03.20 13:25:43 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{56717b7a-52ec-11e0-842a-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF둒ꧣ{56717b7a-52ec-11e0-842a-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.03.20 13:25:43 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{56717b7a-52ec-11e0-842a-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF둒ꧣ{56717b7a-52ec-11e0-842a-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.03.20 13:25:43 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{56717b7a-52ec-11e0-842a-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF둒ꧣ{56717b7a-52ec-11e0-842a-001f3f0c9821}.TM.blf [2011.03.20 13:25:43 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{56717b7a-52ec-11e0-842a-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF둒ꧣ{56717b7a-52ec-11e0-842a-001f3f0c9821}.TM.blf [2011.03.20 13:25:42 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF둒ꧣ [2011.03.20 13:25:42 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF둒ꧣ [2011.03.20 13:25:42 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF둒ꧣ.LOG1 [2011.03.20 13:25:42 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF둒ꧣ.LOG1 [2011.03.20 13:25:42 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF둒ꧣ.LOG2 [2011.03.20 13:25:42 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF둒ꧣ.LOG2 [2011.03.13 12:00:01 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{088f6aa3-4d5e-11e0-8f0b-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF赹㲱{088f6aa3-4d5e-11e0-8f0b-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.03.13 12:00:01 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{088f6aa3-4d5e-11e0-8f0b-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF赹㲱{088f6aa3-4d5e-11e0-8f0b-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.03.13 12:00:01 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{088f6aa3-4d5e-11e0-8f0b-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF赹㲱{088f6aa3-4d5e-11e0-8f0b-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.03.13 12:00:01 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{088f6aa3-4d5e-11e0-8f0b-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF赹㲱{088f6aa3-4d5e-11e0-8f0b-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.03.13 12:00:01 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF赹㲱 [2011.03.13 12:00:01 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF赹㲱 [2011.03.13 12:00:01 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{088f6aa3-4d5e-11e0-8f0b-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF赹㲱{088f6aa3-4d5e-11e0-8f0b-001f3f0c9821}.TM.blf [2011.03.13 12:00:01 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{088f6aa3-4d5e-11e0-8f0b-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF赹㲱{088f6aa3-4d5e-11e0-8f0b-001f3f0c9821}.TM.blf [2011.03.13 12:00:01 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF赹㲱.LOG1 [2011.03.13 12:00:01 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF赹㲱.LOG1 [2011.03.13 12:00:01 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF赹㲱.LOG2 [2011.03.13 12:00:01 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF赹㲱.LOG2 [2011.03.06 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{dc5b10c3-47d0-11e0-9c07-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF왪島{dc5b10c3-47d0-11e0-9c07-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.03.06 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{dc5b10c3-47d0-11e0-9c07-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF왪島{dc5b10c3-47d0-11e0-9c07-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.03.06 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{dc5b10c3-47d0-11e0-9c07-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF왪島{dc5b10c3-47d0-11e0-9c07-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.03.06 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{dc5b10c3-47d0-11e0-9c07-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF왪島{dc5b10c3-47d0-11e0-9c07-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.03.06 12:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF왪島 [2011.03.06 12:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF왪島 [2011.03.06 12:00:00 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{dc5b10c3-47d0-11e0-9c07-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF왪島{dc5b10c3-47d0-11e0-9c07-001f3f0c9821}.TM.blf [2011.03.06 12:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{dc5b10c3-47d0-11e0-9c07-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF왪島{dc5b10c3-47d0-11e0-9c07-001f3f0c9821}.TM.blf [2011.03.06 12:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF왪島.LOG1 [2011.03.06 12:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF왪島.LOG1 [2011.03.06 12:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF왪島.LOG2 [2011.03.06 12:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF왪島.LOG2 |
|
08.01.2012, 21:59
| #19 |
| | Bei Eingaben in Text- oder Browserfelder füllen diese sich zuerst mit 6en! Teil 3: [2011.02.27 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{5da44f65-4246-11e0-86a0-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF㗺䴛{5da44f65-4246-11e0-86a0-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.02.27 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{5da44f65-4246-11e0-86a0-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF㗺䴛{5da44f65-4246-11e0-86a0-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.02.27 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{5da44f65-4246-11e0-86a0-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF㗺䴛{5da44f65-4246-11e0-86a0-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.02.27 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{5da44f65-4246-11e0-86a0-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF㗺䴛{5da44f65-4246-11e0-86a0-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.02.27 12:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF㗺䴛 [2011.02.27 12:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF㗺䴛 [2011.02.27 12:00:00 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{5da44f65-4246-11e0-86a0-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF㗺䴛{5da44f65-4246-11e0-86a0-001f3f0c9821}.TM.blf [2011.02.27 12:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{5da44f65-4246-11e0-86a0-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF㗺䴛{5da44f65-4246-11e0-86a0-001f3f0c9821}.TM.blf [2011.02.27 12:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF㗺䴛.LOG1 [2011.02.27 12:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF㗺䴛.LOG1 [2011.02.27 12:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF㗺䴛.LOG2 [2011.02.27 12:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF㗺䴛.LOG2 [2011.02.20 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{b1ef8267-3cce-11e0-8699-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GFይ숕{b1ef8267-3cce-11e0-8699-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.02.20 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{b1ef8267-3cce-11e0-8699-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GFይ숕{b1ef8267-3cce-11e0-8699-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.02.20 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{b1ef8267-3cce-11e0-8699-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GFይ숕{b1ef8267-3cce-11e0-8699-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.02.20 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{b1ef8267-3cce-11e0-8699-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GFይ숕{b1ef8267-3cce-11e0-8699-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.02.20 12:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GFይ숕 [2011.02.20 12:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GFይ숕 [2011.02.20 12:00:00 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{b1ef8267-3cce-11e0-8699-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GFይ숕{b1ef8267-3cce-11e0-8699-001f3f0c9821}.TM.blf [2011.02.20 12:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{b1ef8267-3cce-11e0-8699-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GFይ숕{b1ef8267-3cce-11e0-8699-001f3f0c9821}.TM.blf [2011.02.20 12:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GFይ숕.LOG1 [2011.02.20 12:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GFይ숕.LOG1 [2011.02.20 12:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GFይ숕.LOG2 [2011.02.20 12:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GFይ숕.LOG2 [2011.02.13 12:00:07 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{99281fad-3758-11e0-8137-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF믣䃃{99281fad-3758-11e0-8137-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.02.13 12:00:07 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{99281fad-3758-11e0-8137-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF믣䃃{99281fad-3758-11e0-8137-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.02.13 12:00:07 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{99281fad-3758-11e0-8137-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF믣䃃{99281fad-3758-11e0-8137-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.02.13 12:00:07 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{99281fad-3758-11e0-8137-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF믣䃃{99281fad-3758-11e0-8137-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.02.13 12:00:07 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF믣䃃 [2011.02.13 12:00:07 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF믣䃃 [2011.02.13 12:00:07 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{99281fad-3758-11e0-8137-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF믣䃃{99281fad-3758-11e0-8137-001f3f0c9821}.TM.blf [2011.02.13 12:00:07 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{99281fad-3758-11e0-8137-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF믣䃃{99281fad-3758-11e0-8137-001f3f0c9821}.TM.blf [2011.02.13 12:00:07 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF믣䃃.LOG1 [2011.02.13 12:00:07 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF믣䃃.LOG1 [2011.02.13 12:00:07 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF믣䃃.LOG2 [2011.02.13 12:00:07 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF믣䃃.LOG2 [2011.02.06 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{e0c03e01-30f3-11e0-8634-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF녙傚{e0c03e01-30f3-11e0-8634-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.02.06 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{e0c03e01-30f3-11e0-8634-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF녙傚{e0c03e01-30f3-11e0-8634-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.02.06 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{e0c03e01-30f3-11e0-8634-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF녙傚{e0c03e01-30f3-11e0-8634-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.02.06 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{e0c03e01-30f3-11e0-8634-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF녙傚{e0c03e01-30f3-11e0-8634-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.02.06 12:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF녙傚 [2011.02.06 12:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF녙傚 [2011.02.06 12:00:00 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{e0c03e01-30f3-11e0-8634-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF녙傚{e0c03e01-30f3-11e0-8634-001f3f0c9821}.TM.blf [2011.02.06 12:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{e0c03e01-30f3-11e0-8634-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF녙傚{e0c03e01-30f3-11e0-8634-001f3f0c9821}.TM.blf [2011.02.06 12:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF녙傚.LOG1 [2011.02.06 12:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF녙傚.LOG1 [2011.02.06 12:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF녙傚.LOG2 [2011.02.06 12:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF녙傚.LOG2 [2011.01.30 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{ddd17043-2c49-11e0-9fb4-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF䥉㡂{ddd17043-2c49-11e0-9fb4-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.01.30 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{ddd17043-2c49-11e0-9fb4-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF䥉㡂{ddd17043-2c49-11e0-9fb4-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.01.30 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{ddd17043-2c49-11e0-9fb4-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF䥉㡂{ddd17043-2c49-11e0-9fb4-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.01.30 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{ddd17043-2c49-11e0-9fb4-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF䥉㡂{ddd17043-2c49-11e0-9fb4-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.01.30 12:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF䥉㡂 [2011.01.30 12:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF䥉㡂 [2011.01.30 12:00:00 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{ddd17043-2c49-11e0-9fb4-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF䥉㡂{ddd17043-2c49-11e0-9fb4-001f3f0c9821}.TM.blf [2011.01.30 12:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{ddd17043-2c49-11e0-9fb4-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF䥉㡂{ddd17043-2c49-11e0-9fb4-001f3f0c9821}.TM.blf [2011.01.30 12:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF䥉㡂.LOG1 [2011.01.30 12:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF䥉㡂.LOG1 [2011.01.30 12:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF䥉㡂.LOG2 [2011.01.30 12:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF䥉㡂.LOG2 [2011.01.23 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{e91b4565-26c8-11e0-8339-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF끲胲{e91b4565-26c8-11e0-8339-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.01.23 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{e91b4565-26c8-11e0-8339-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF끲胲{e91b4565-26c8-11e0-8339-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.01.23 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{e91b4565-26c8-11e0-8339-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF끲胲{e91b4565-26c8-11e0-8339-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.01.23 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{e91b4565-26c8-11e0-8339-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF끲胲{e91b4565-26c8-11e0-8339-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.01.23 12:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF끲胲 [2011.01.23 12:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF끲胲 [2011.01.23 12:00:00 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{e91b4565-26c8-11e0-8339-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF끲胲{e91b4565-26c8-11e0-8339-001f3f0c9821}.TM.blf [2011.01.23 12:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{e91b4565-26c8-11e0-8339-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF끲胲{e91b4565-26c8-11e0-8339-001f3f0c9821}.TM.blf [2011.01.23 12:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF끲胲.LOG1 [2011.01.23 12:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF끲胲.LOG1 [2011.01.23 12:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF끲胲.LOG2 [2011.01.23 12:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF끲胲.LOG2 [2011.01.16 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{8c08f042-2149-11e0-93dd-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF䒱氟{8c08f042-2149-11e0-93dd-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.01.16 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{8c08f042-2149-11e0-93dd-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF䒱氟{8c08f042-2149-11e0-93dd-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.01.16 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{8c08f042-2149-11e0-93dd-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF䒱氟{8c08f042-2149-11e0-93dd-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.01.16 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{8c08f042-2149-11e0-93dd-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF䒱氟{8c08f042-2149-11e0-93dd-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.01.16 12:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF䒱氟 [2011.01.16 12:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF䒱氟 [2011.01.16 12:00:00 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{8c08f042-2149-11e0-93dd-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF䒱氟{8c08f042-2149-11e0-93dd-001f3f0c9821}.TM.blf [2011.01.16 12:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{8c08f042-2149-11e0-93dd-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF䒱氟{8c08f042-2149-11e0-93dd-001f3f0c9821}.TM.blf [2011.01.16 12:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF䒱氟.LOG1 [2011.01.16 12:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF䒱氟.LOG1 [2011.01.16 12:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF䒱氟.LOG2 [2011.01.16 12:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF䒱氟.LOG2 [2011.01.09 12:00:06 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{1dbcd654-1bcc-11e0-8489-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF醖䣙{1dbcd654-1bcc-11e0-8489-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.01.09 12:00:06 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{1dbcd654-1bcc-11e0-8489-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF醖䣙{1dbcd654-1bcc-11e0-8489-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.01.09 12:00:06 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{1dbcd654-1bcc-11e0-8489-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF醖䣙{1dbcd654-1bcc-11e0-8489-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.01.09 12:00:06 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{1dbcd654-1bcc-11e0-8489-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF醖䣙{1dbcd654-1bcc-11e0-8489-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.01.09 12:00:06 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF醖䣙 [2011.01.09 12:00:06 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF醖䣙 [2011.01.09 12:00:06 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{1dbcd654-1bcc-11e0-8489-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF醖䣙{1dbcd654-1bcc-11e0-8489-001f3f0c9821}.TM.blf [2011.01.09 12:00:06 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{1dbcd654-1bcc-11e0-8489-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF醖䣙{1dbcd654-1bcc-11e0-8489-001f3f0c9821}.TM.blf [2011.01.09 12:00:06 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF醖䣙.LOG1 [2011.01.09 12:00:06 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF醖䣙.LOG1 [2011.01.09 12:00:06 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF醖䣙.LOG2 [2011.01.09 12:00:06 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF醖䣙.LOG2 [2011.01.02 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{269f04c2-165d-11e0-87a1-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF⁙菑{269f04c2-165d-11e0-87a1-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.01.02 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{269f04c2-165d-11e0-87a1-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF⁙菑{269f04c2-165d-11e0-87a1-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.01.02 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{269f04c2-165d-11e0-87a1-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF⁙菑{269f04c2-165d-11e0-87a1-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2011.01.02 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{269f04c2-165d-11e0-87a1-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF⁙菑{269f04c2-165d-11e0-87a1-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2011.01.02 12:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF⁙菑 [2011.01.02 12:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF⁙菑 [2011.01.02 12:00:00 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{269f04c2-165d-11e0-87a1-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF⁙菑{269f04c2-165d-11e0-87a1-001f3f0c9821}.TM.blf [2011.01.02 12:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{269f04c2-165d-11e0-87a1-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF⁙菑{269f04c2-165d-11e0-87a1-001f3f0c9821}.TM.blf [2011.01.02 12:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF⁙菑.LOG1 [2011.01.02 12:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF⁙菑.LOG1 [2011.01.02 12:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF⁙菑.LOG2 [2011.01.02 12:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF⁙菑.LOG2 [2010.12.26 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{4bc29404-10b9-11e0-86c1-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF폲{4bc29404-10b9-11e0-86c1-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.12.26 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{4bc29404-10b9-11e0-86c1-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF폲{4bc29404-10b9-11e0-86c1-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.12.26 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{4bc29404-10b9-11e0-86c1-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF폲{4bc29404-10b9-11e0-86c1-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.12.26 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{4bc29404-10b9-11e0-86c1-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF폲{4bc29404-10b9-11e0-86c1-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.12.26 12:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF폲 [2010.12.26 12:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF폲 [2010.12.26 12:00:00 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{4bc29404-10b9-11e0-86c1-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF폲{4bc29404-10b9-11e0-86c1-001f3f0c9821}.TM.blf [2010.12.26 12:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{4bc29404-10b9-11e0-86c1-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF폲{4bc29404-10b9-11e0-86c1-001f3f0c9821}.TM.blf [2010.12.26 12:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF폲.LOG1 [2010.12.26 12:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF폲.LOG1 [2010.12.26 12:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF폲.LOG2 [2010.12.26 12:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF폲.LOG2 [2010.12.19 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{d5b2b013-0b41-11e0-86ec-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GFﶖ쑜{d5b2b013-0b41-11e0-86ec-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.12.19 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{d5b2b013-0b41-11e0-86ec-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GFﶖ쑜{d5b2b013-0b41-11e0-86ec-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.12.19 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{d5b2b013-0b41-11e0-86ec-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GFﶖ쑜{d5b2b013-0b41-11e0-86ec-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.12.19 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{d5b2b013-0b41-11e0-86ec-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GFﶖ쑜{d5b2b013-0b41-11e0-86ec-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.12.19 12:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GFﶖ쑜 [2010.12.19 12:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GFﶖ쑜 [2010.12.19 12:00:00 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{d5b2b013-0b41-11e0-86ec-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GFﶖ쑜{d5b2b013-0b41-11e0-86ec-001f3f0c9821}.TM.blf [2010.12.19 12:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{d5b2b013-0b41-11e0-86ec-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GFﶖ쑜{d5b2b013-0b41-11e0-86ec-001f3f0c9821}.TM.blf [2010.12.19 12:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GFﶖ쑜.LOG1 [2010.12.19 12:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GFﶖ쑜.LOG1 [2010.12.19 12:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GFﶖ쑜.LOG2 [2010.12.19 12:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GFﶖ쑜.LOG2 [2010.12.12 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{016fec03-05be-11e0-8514-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF燭ᄉ{016fec03-05be-11e0-8514-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.12.12 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{016fec03-05be-11e0-8514-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF燭ᄉ{016fec03-05be-11e0-8514-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.12.12 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{016fec03-05be-11e0-8514-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF燭ᄉ{016fec03-05be-11e0-8514-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.12.12 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{016fec03-05be-11e0-8514-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF燭ᄉ{016fec03-05be-11e0-8514-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.12.12 12:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF燭ᄉ [2010.12.12 12:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF燭ᄉ [2010.12.12 12:00:00 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{016fec03-05be-11e0-8514-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF燭ᄉ{016fec03-05be-11e0-8514-001f3f0c9821}.TM.blf [2010.12.12 12:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{016fec03-05be-11e0-8514-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF燭ᄉ{016fec03-05be-11e0-8514-001f3f0c9821}.TM.blf [2010.12.12 12:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF燭ᄉ.LOG1 [2010.12.12 12:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF燭ᄉ.LOG1 [2010.12.12 12:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF燭ᄉ.LOG2 [2010.12.12 12:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF燭ᄉ.LOG2 [2010.12.05 12:00:07 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{fd39b367-0044-11e0-849a-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF웪骍{fd39b367-0044-11e0-849a-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.12.05 12:00:07 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{fd39b367-0044-11e0-849a-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF웪骍{fd39b367-0044-11e0-849a-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.12.05 12:00:07 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{fd39b367-0044-11e0-849a-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF웪骍{fd39b367-0044-11e0-849a-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.12.05 12:00:07 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{fd39b367-0044-11e0-849a-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF웪骍{fd39b367-0044-11e0-849a-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.12.05 12:00:07 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF웪骍 [2010.12.05 12:00:07 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF웪骍 [2010.12.05 12:00:07 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{fd39b367-0044-11e0-849a-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF웪骍{fd39b367-0044-11e0-849a-001f3f0c9821}.TM.blf [2010.12.05 12:00:07 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{fd39b367-0044-11e0-849a-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF웪骍{fd39b367-0044-11e0-849a-001f3f0c9821}.TM.blf [2010.12.05 12:00:07 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF웪骍.LOG1 [2010.12.05 12:00:07 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF웪骍.LOG1 [2010.12.05 12:00:07 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF웪骍.LOG2 [2010.12.05 12:00:07 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF웪骍.LOG2 [2010.11.28 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{82165163-fac8-11df-84e0-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GFꮥ褻{82165163-fac8-11df-84e0-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.11.28 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{82165163-fac8-11df-84e0-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GFꮥ褻{82165163-fac8-11df-84e0-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.11.28 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{82165163-fac8-11df-84e0-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GFꮥ褻{82165163-fac8-11df-84e0-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.11.28 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{82165163-fac8-11df-84e0-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GFꮥ褻{82165163-fac8-11df-84e0-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.11.28 12:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GFꮥ褻 [2010.11.28 12:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GFꮥ褻 [2010.11.28 12:00:00 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{82165163-fac8-11df-84e0-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GFꮥ褻{82165163-fac8-11df-84e0-001f3f0c9821}.TM.blf [2010.11.28 12:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{82165163-fac8-11df-84e0-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GFꮥ褻{82165163-fac8-11df-84e0-001f3f0c9821}.TM.blf [2010.11.28 12:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GFꮥ褻.LOG1 [2010.11.28 12:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GFꮥ褻.LOG1 [2010.11.28 12:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GFꮥ褻.LOG2 [2010.11.28 12:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GFꮥ褻.LOG2 [2010.11.21 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{ad85c308-f541-11df-84e2-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF宺옏{ad85c308-f541-11df-84e2-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.11.21 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{ad85c308-f541-11df-84e2-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF宺옏{ad85c308-f541-11df-84e2-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.11.21 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{ad85c308-f541-11df-84e2-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF宺옏{ad85c308-f541-11df-84e2-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.11.21 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{ad85c308-f541-11df-84e2-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF宺옏{ad85c308-f541-11df-84e2-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.11.21 12:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF宺옏 [2010.11.21 12:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF宺옏 [2010.11.21 12:00:00 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{ad85c308-f541-11df-84e2-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF宺옏{ad85c308-f541-11df-84e2-001f3f0c9821}.TM.blf [2010.11.21 12:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{ad85c308-f541-11df-84e2-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF宺옏{ad85c308-f541-11df-84e2-001f3f0c9821}.TM.blf [2010.11.21 12:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF宺옏.LOG1 [2010.11.21 12:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF宺옏.LOG1 [2010.11.21 12:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF宺옏.LOG2 [2010.11.21 12:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF宺옏.LOG2 [2010.11.14 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{0a6c3bb3-efc1-11df-873d-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GFꅭ㛊{0a6c3bb3-efc1-11df-873d-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.11.14 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{0a6c3bb3-efc1-11df-873d-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GFꅭ㛊{0a6c3bb3-efc1-11df-873d-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.11.14 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{0a6c3bb3-efc1-11df-873d-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GFꅭ㛊{0a6c3bb3-efc1-11df-873d-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.11.14 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{0a6c3bb3-efc1-11df-873d-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GFꅭ㛊{0a6c3bb3-efc1-11df-873d-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.11.14 12:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GFꅭ㛊 [2010.11.14 12:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GFꅭ㛊 [2010.11.14 12:00:00 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{0a6c3bb3-efc1-11df-873d-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GFꅭ㛊{0a6c3bb3-efc1-11df-873d-001f3f0c9821}.TM.blf [2010.11.14 12:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{0a6c3bb3-efc1-11df-873d-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GFꅭ㛊{0a6c3bb3-efc1-11df-873d-001f3f0c9821}.TM.blf [2010.11.14 12:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GFꅭ㛊.LOG1 [2010.11.14 12:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GFꅭ㛊.LOG1 [2010.11.14 12:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GFꅭ㛊.LOG2 [2010.11.14 12:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GFꅭ㛊.LOG2 [2010.11.07 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{054c4125-ea43-11df-870a-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GFጋ鵰{054c4125-ea43-11df-870a-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.11.07 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{054c4125-ea43-11df-870a-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GFጋ鵰{054c4125-ea43-11df-870a-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.11.07 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{054c4125-ea43-11df-870a-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GFጋ鵰{054c4125-ea43-11df-870a-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.11.07 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{054c4125-ea43-11df-870a-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GFጋ鵰{054c4125-ea43-11df-870a-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.11.07 12:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GFጋ鵰 [2010.11.07 12:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GFጋ鵰 [2010.11.07 12:00:00 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{054c4125-ea43-11df-870a-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GFጋ鵰{054c4125-ea43-11df-870a-001f3f0c9821}.TM.blf [2010.11.07 12:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{054c4125-ea43-11df-870a-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GFጋ鵰{054c4125-ea43-11df-870a-001f3f0c9821}.TM.blf [2010.11.07 12:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GFጋ鵰.LOG1 [2010.11.07 12:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GFጋ鵰.LOG1 [2010.11.07 12:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GFጋ鵰.LOG2 [2010.11.07 12:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GFጋ鵰.LOG2 [2010.10.31 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{10007e44-e4c8-11df-8336-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF븘ኹ{10007e44-e4c8-11df-8336-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.10.31 12:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{10007e44-e4c8-11df-8336-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF븘ኹ{10007e44-e4c8-11df-8336-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.10.31 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{10007e44-e4c8-11df-8336-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF븘ኹ{10007e44-e4c8-11df-8336-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.10.31 12:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{10007e44-e4c8-11df-8336-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF븘ኹ{10007e44-e4c8-11df-8336-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.10.31 12:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF븘ኹ [2010.10.31 12:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF븘ኹ [2010.10.31 12:00:00 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{10007e44-e4c8-11df-8336-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF븘ኹ{10007e44-e4c8-11df-8336-001f3f0c9821}.TM.blf [2010.10.31 12:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{10007e44-e4c8-11df-8336-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF븘ኹ{10007e44-e4c8-11df-8336-001f3f0c9821}.TM.blf [2010.10.31 12:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF븘ኹ.LOG1 [2010.10.31 12:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF븘ኹ.LOG1 [2010.10.31 12:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF븘ኹ.LOG2 [2010.10.31 12:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF븘ኹ.LOG2 [2010.10.24 11:00:01 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{f3a4325d-df53-11df-8270-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF喿䗪{f3a4325d-df53-11df-8270-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.10.24 11:00:01 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{f3a4325d-df53-11df-8270-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF喿䗪{f3a4325d-df53-11df-8270-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.10.24 11:00:01 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{f3a4325d-df53-11df-8270-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF喿䗪{f3a4325d-df53-11df-8270-001f3f0c9821}.TM.blf [2010.10.24 11:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{f3a4325d-df53-11df-8270-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF喿䗪{f3a4325d-df53-11df-8270-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.10.24 11:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{f3a4325d-df53-11df-8270-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF喿䗪{f3a4325d-df53-11df-8270-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.10.24 11:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF喿䗪 [2010.10.24 11:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF喿䗪 [2010.10.24 11:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{f3a4325d-df53-11df-8270-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF喿䗪{f3a4325d-df53-11df-8270-001f3f0c9821}.TM.blf [2010.10.24 11:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF喿䗪.LOG1 [2010.10.24 11:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF喿䗪.LOG1 [2010.10.24 11:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF喿䗪.LOG2 [2010.10.24 11:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF喿䗪.LOG2 [2010.10.17 11:00:01 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{4e6e1fa3-d9c6-11df-9bb0-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF퇶ꗨ{4e6e1fa3-d9c6-11df-9bb0-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.10.17 11:00:01 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{4e6e1fa3-d9c6-11df-9bb0-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF퇶ꗨ{4e6e1fa3-d9c6-11df-9bb0-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.10.17 11:00:01 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{4e6e1fa3-d9c6-11df-9bb0-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF퇶ꗨ{4e6e1fa3-d9c6-11df-9bb0-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.10.17 11:00:01 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{4e6e1fa3-d9c6-11df-9bb0-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF퇶ꗨ{4e6e1fa3-d9c6-11df-9bb0-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.10.17 11:00:01 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF퇶ꗨ [2010.10.17 11:00:01 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF퇶ꗨ [2010.10.17 11:00:01 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{4e6e1fa3-d9c6-11df-9bb0-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF퇶ꗨ{4e6e1fa3-d9c6-11df-9bb0-001f3f0c9821}.TM.blf [2010.10.17 11:00:01 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{4e6e1fa3-d9c6-11df-9bb0-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF퇶ꗨ{4e6e1fa3-d9c6-11df-9bb0-001f3f0c9821}.TM.blf [2010.10.17 11:00:01 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF퇶ꗨ.LOG1 [2010.10.17 11:00:01 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF퇶ꗨ.LOG1 [2010.10.17 11:00:01 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF퇶ꗨ.LOG2 [2010.10.17 11:00:01 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF퇶ꗨ.LOG2 [2010.10.10 11:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{63d29472-d43b-11df-8512-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF{63d29472-d43b-11df-8512-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.10.10 11:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{63d29472-d43b-11df-8512-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF{63d29472-d43b-11df-8512-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.10.10 11:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{63d29472-d43b-11df-8512-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF{63d29472-d43b-11df-8512-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.10.10 11:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{63d29472-d43b-11df-8512-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF{63d29472-d43b-11df-8512-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.10.10 11:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF [2010.10.10 11:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF [2010.10.10 11:00:00 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{63d29472-d43b-11df-8512-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF{63d29472-d43b-11df-8512-001f3f0c9821}.TM.blf [2010.10.10 11:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{63d29472-d43b-11df-8512-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF{63d29472-d43b-11df-8512-001f3f0c9821}.TM.blf [2010.10.10 11:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF.LOG1 [2010.10.10 11:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF.LOG1 [2010.10.10 11:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF.LOG2 [2010.10.10 11:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF.LOG2 [2010.10.03 11:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{1045472f-ceb8-11df-8a7e-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF뭽륺{1045472f-ceb8-11df-8a7e-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.10.03 11:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{1045472f-ceb8-11df-8a7e-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF뭽륺{1045472f-ceb8-11df-8a7e-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.10.03 11:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{1045472f-ceb8-11df-8a7e-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF뭽륺{1045472f-ceb8-11df-8a7e-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.10.03 11:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{1045472f-ceb8-11df-8a7e-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF뭽륺{1045472f-ceb8-11df-8a7e-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.10.03 11:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF뭽륺 [2010.10.03 11:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF뭽륺 [2010.10.03 11:00:00 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{1045472f-ceb8-11df-8a7e-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF뭽륺{1045472f-ceb8-11df-8a7e-001f3f0c9821}.TM.blf [2010.10.03 11:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{1045472f-ceb8-11df-8a7e-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF뭽륺{1045472f-ceb8-11df-8a7e-001f3f0c9821}.TM.blf [2010.10.03 11:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF뭽륺.LOG1 [2010.10.03 11:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF뭽륺.LOG1 [2010.10.03 11:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF뭽륺.LOG2 [2010.10.03 11:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF뭽륺.LOG2 [2010.09.26 11:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{6961b212-c946-11df-8220-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF九{6961b212-c946-11df-8220-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.09.26 11:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{6961b212-c946-11df-8220-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF九{6961b212-c946-11df-8220-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.09.26 11:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{6961b212-c946-11df-8220-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF九{6961b212-c946-11df-8220-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.09.26 11:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{6961b212-c946-11df-8220-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF九{6961b212-c946-11df-8220-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.09.26 11:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF九 [2010.09.26 11:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF九 [2010.09.26 11:00:00 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{6961b212-c946-11df-8220-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF九{6961b212-c946-11df-8220-001f3f0c9821}.TM.blf [2010.09.26 11:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{6961b212-c946-11df-8220-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF九{6961b212-c946-11df-8220-001f3f0c9821}.TM.blf [2010.09.26 11:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF九.LOG1 [2010.09.26 11:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF九.LOG1 [2010.09.26 11:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF九.LOG2 [2010.09.26 11:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF九.LOG2 [2010.09.19 11:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{5b9c144d-c3c1-11df-84c6-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GFओ浬{5b9c144d-c3c1-11df-84c6-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.09.19 11:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{5b9c144d-c3c1-11df-84c6-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GFओ浬{5b9c144d-c3c1-11df-84c6-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.09.19 11:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{5b9c144d-c3c1-11df-84c6-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GFओ浬{5b9c144d-c3c1-11df-84c6-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.09.19 11:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{5b9c144d-c3c1-11df-84c6-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GFओ浬{5b9c144d-c3c1-11df-84c6-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.09.19 11:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GFओ浬 [2010.09.19 11:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GFओ浬 [2010.09.19 11:00:00 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{5b9c144d-c3c1-11df-84c6-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GFओ浬{5b9c144d-c3c1-11df-84c6-001f3f0c9821}.TM.blf [2010.09.19 11:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{5b9c144d-c3c1-11df-84c6-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GFओ浬{5b9c144d-c3c1-11df-84c6-001f3f0c9821}.TM.blf [2010.09.19 11:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GFओ浬.LOG1 [2010.09.19 11:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GFओ浬.LOG1 [2010.09.19 11:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GFओ浬.LOG2 [2010.09.19 11:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GFओ浬.LOG2 [2010.09.12 11:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{e799fe22-be42-11df-86b0-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF�㻛{e799fe22-be42-11df-86b0-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.09.12 11:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{e799fe22-be42-11df-86b0-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF�㻛{e799fe22-be42-11df-86b0-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.09.12 11:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{e799fe22-be42-11df-86b0-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF�㻛{e799fe22-be42-11df-86b0-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.09.12 11:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{e799fe22-be42-11df-86b0-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF�㻛{e799fe22-be42-11df-86b0-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.09.12 11:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF�㻛 [2010.09.12 11:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF�㻛 [2010.09.12 11:00:00 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{e799fe22-be42-11df-86b0-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF�㻛{e799fe22-be42-11df-86b0-001f3f0c9821}.TM.blf [2010.09.12 11:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{e799fe22-be42-11df-86b0-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF�㻛{e799fe22-be42-11df-86b0-001f3f0c9821}.TM.blf [2010.09.12 11:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF�㻛.LOG1 [2010.09.12 11:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF�㻛.LOG1 [2010.09.12 11:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF�㻛.LOG2 [2010.09.12 11:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF�㻛.LOG2 [2010.09.05 11:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{f1152553-b8cf-11df-8843-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF䗠{f1152553-b8cf-11df-8843-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.09.05 11:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{f1152553-b8cf-11df-8843-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF䗠{f1152553-b8cf-11df-8843-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.09.05 11:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{f1152553-b8cf-11df-8843-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF䗠{f1152553-b8cf-11df-8843-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.09.05 11:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{f1152553-b8cf-11df-8843-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF䗠{f1152553-b8cf-11df-8843-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.09.05 11:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF䗠 [2010.09.05 11:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF䗠 [2010.09.05 11:00:00 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{f1152553-b8cf-11df-8843-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF䗠{f1152553-b8cf-11df-8843-001f3f0c9821}.TM.blf [2010.09.05 11:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{f1152553-b8cf-11df-8843-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF䗠{f1152553-b8cf-11df-8843-001f3f0c9821}.TM.blf [2010.09.05 11:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF䗠.LOG1 [2010.09.05 11:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF䗠.LOG1 [2010.09.05 11:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF䗠.LOG2 [2010.09.05 11:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF䗠.LOG2 [2010.08.29 11:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{a38765fd-b33e-11df-82b2-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF厼䤵{a38765fd-b33e-11df-82b2-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.08.29 11:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{a38765fd-b33e-11df-82b2-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF厼䤵{a38765fd-b33e-11df-82b2-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.08.29 11:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{a38765fd-b33e-11df-82b2-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF厼䤵{a38765fd-b33e-11df-82b2-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.08.29 11:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{a38765fd-b33e-11df-82b2-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF厼䤵{a38765fd-b33e-11df-82b2-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.08.29 11:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF厼䤵 [2010.08.29 11:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF厼䤵 [2010.08.29 11:00:00 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{a38765fd-b33e-11df-82b2-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF厼䤵{a38765fd-b33e-11df-82b2-001f3f0c9821}.TM.blf [2010.08.29 11:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{a38765fd-b33e-11df-82b2-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF厼䤵{a38765fd-b33e-11df-82b2-001f3f0c9821}.TM.blf [2010.08.29 11:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF厼䤵.LOG1 [2010.08.29 11:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF厼䤵.LOG1 [2010.08.29 11:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF厼䤵.LOG2 [2010.08.29 11:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF厼䤵.LOG2 [2010.08.22 11:17:35 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{a5e2ddf1-add5-11df-88ed-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF꾆祥{a5e2ddf1-add5-11df-88ed-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.08.22 11:17:35 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{a5e2ddf1-add5-11df-88ed-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF꾆祥{a5e2ddf1-add5-11df-88ed-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.08.22 11:17:35 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{a5e2ddf1-add5-11df-88ed-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF꾆祥{a5e2ddf1-add5-11df-88ed-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.08.22 11:17:35 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{a5e2ddf1-add5-11df-88ed-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF꾆祥{a5e2ddf1-add5-11df-88ed-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.08.22 11:17:35 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF꾆祥 [2010.08.22 11:17:35 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF꾆祥 [2010.08.22 11:17:35 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{a5e2ddf1-add5-11df-88ed-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF꾆祥{a5e2ddf1-add5-11df-88ed-001f3f0c9821}.TM.blf [2010.08.22 11:17:35 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{a5e2ddf1-add5-11df-88ed-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF꾆祥{a5e2ddf1-add5-11df-88ed-001f3f0c9821}.TM.blf [2010.08.22 11:17:35 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF꾆祥.LOG1 [2010.08.22 11:17:35 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF꾆祥.LOG1 [2010.08.22 11:17:35 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF꾆祥.LOG2 [2010.08.22 11:17:35 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF꾆祥.LOG2 [2010.08.15 11:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{20944781-a83d-11df-84ee-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF轺{20944781-a83d-11df-84ee-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.08.15 11:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{20944781-a83d-11df-84ee-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF轺{20944781-a83d-11df-84ee-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.08.15 11:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{20944781-a83d-11df-84ee-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF轺{20944781-a83d-11df-84ee-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.08.15 11:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{20944781-a83d-11df-84ee-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF轺{20944781-a83d-11df-84ee-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.08.15 11:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF轺 [2010.08.15 11:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF轺 [2010.08.15 11:00:00 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{20944781-a83d-11df-84ee-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF轺{20944781-a83d-11df-84ee-001f3f0c9821}.TM.blf [2010.08.15 11:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{20944781-a83d-11df-84ee-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF轺{20944781-a83d-11df-84ee-001f3f0c9821}.TM.blf [2010.08.15 11:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF轺.LOG1 [2010.08.15 11:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF轺.LOG1 [2010.08.15 11:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF轺.LOG2 [2010.08.15 11:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF轺.LOG2 [2010.08.08 11:30:02 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{e52c484f-a2bc-11df-9e27-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF귙쒛{e52c484f-a2bc-11df-9e27-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.08.08 11:30:02 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{e52c484f-a2bc-11df-9e27-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF귙쒛{e52c484f-a2bc-11df-9e27-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.08.08 11:30:02 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{e52c484f-a2bc-11df-9e27-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF귙쒛{e52c484f-a2bc-11df-9e27-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.08.08 11:30:02 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{e52c484f-a2bc-11df-9e27-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF귙쒛{e52c484f-a2bc-11df-9e27-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.08.08 11:30:02 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF귙쒛 [2010.08.08 11:30:02 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF귙쒛 [2010.08.08 11:30:02 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{e52c484f-a2bc-11df-9e27-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF귙쒛{e52c484f-a2bc-11df-9e27-001f3f0c9821}.TM.blf [2010.08.08 11:30:02 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{e52c484f-a2bc-11df-9e27-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF귙쒛{e52c484f-a2bc-11df-9e27-001f3f0c9821}.TM.blf [2010.08.08 11:30:02 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF귙쒛.LOG1 [2010.08.08 11:30:02 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF귙쒛.LOG1 [2010.08.08 11:30:02 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF귙쒛.LOG2 [2010.08.08 11:30:02 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF귙쒛.LOG2 [2010.08.02 06:38:18 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{566ee84d-9df7-11df-9819-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF몥갨{566ee84d-9df7-11df-9819-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.08.02 06:38:18 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{566ee84d-9df7-11df-9819-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF몥갨{566ee84d-9df7-11df-9819-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.08.02 06:38:18 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{566ee84d-9df7-11df-9819-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF몥갨{566ee84d-9df7-11df-9819-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.08.02 06:38:18 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{566ee84d-9df7-11df-9819-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF몥갨{566ee84d-9df7-11df-9819-001f3f0c9821}.TM.blf [2010.08.02 06:38:17 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{566ee84d-9df7-11df-9819-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF몥갨{566ee84d-9df7-11df-9819-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.08.02 06:38:17 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF몥갨 [2010.08.02 06:38:17 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF몥갨 [2010.08.02 06:38:17 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{566ee84d-9df7-11df-9819-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF몥갨{566ee84d-9df7-11df-9819-001f3f0c9821}.TM.blf [2010.08.02 06:38:17 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF몥갨.LOG1 [2010.08.02 06:38:17 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF몥갨.LOG1 [2010.08.02 06:38:17 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF몥갨.LOG2 [2010.08.02 06:38:17 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF몥갨.LOG2 [2010.07.18 20:19:16 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{8625ffb2-92a0-11df-84d7-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF徊{8625ffb2-92a0-11df-84d7-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.07.18 20:19:16 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{8625ffb2-92a0-11df-84d7-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF徊{8625ffb2-92a0-11df-84d7-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.07.18 20:19:16 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{8625ffb2-92a0-11df-84d7-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF徊{8625ffb2-92a0-11df-84d7-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.07.18 20:19:16 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{8625ffb2-92a0-11df-84d7-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF徊{8625ffb2-92a0-11df-84d7-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.07.18 20:19:16 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF徊 [2010.07.18 20:19:16 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF徊 [2010.07.18 20:19:16 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{8625ffb2-92a0-11df-84d7-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF徊{8625ffb2-92a0-11df-84d7-001f3f0c9821}.TM.blf [2010.07.18 20:19:16 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{8625ffb2-92a0-11df-84d7-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF徊{8625ffb2-92a0-11df-84d7-001f3f0c9821}.TM.blf [2010.07.18 20:19:16 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF徊.LOG1 [2010.07.18 20:19:16 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF徊.LOG1 [2010.07.18 20:19:16 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF徊.LOG2 [2010.07.18 20:19:16 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF徊.LOG2 [2010.07.11 11:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{6b070724-8cb5-11df-99e3-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF怽{6b070724-8cb5-11df-99e3-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.07.11 11:00:00 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{6b070724-8cb5-11df-99e3-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF怽{6b070724-8cb5-11df-99e3-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.07.11 11:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{6b070724-8cb5-11df-99e3-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF怽{6b070724-8cb5-11df-99e3-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.07.11 11:00:00 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{6b070724-8cb5-11df-99e3-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF怽{6b070724-8cb5-11df-99e3-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.07.11 11:00:00 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF怽 [2010.07.11 11:00:00 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF怽 [2010.07.11 11:00:00 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{6b070724-8cb5-11df-99e3-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF怽{6b070724-8cb5-11df-99e3-001f3f0c9821}.TM.blf [2010.07.11 11:00:00 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{6b070724-8cb5-11df-99e3-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF怽{6b070724-8cb5-11df-99e3-001f3f0c9821}.TM.blf [2010.07.11 11:00:00 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF怽.LOG1 [2010.07.11 11:00:00 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF怽.LOG1 [2010.07.11 11:00:00 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF怽.LOG2 [2010.07.11 11:00:00 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF怽.LOG2 [2010.07.04 17:48:31 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{24804ccc-878b-11df-88e6-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF䔫�{24804ccc-878b-11df-88e6-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.07.04 17:48:31 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{24804ccc-878b-11df-88e6-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF䔫�{24804ccc-878b-11df-88e6-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.07.04 17:48:31 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{24804ccc-878b-11df-88e6-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\屢GF䔫�{24804ccc-878b-11df-88e6-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.07.04 17:48:31 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{24804ccc-878b-11df-88e6-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\屢GF䔫�{24804ccc-878b-11df-88e6-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.07.04 17:48:31 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF䔫� [2010.07.04 17:48:31 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G?F??) -- C:\Windows\SysWow64\屢GF䔫� [2010.07.04 17:48:31 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??{24804ccc-878b-11df-88e6-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF䔫�{24804ccc-878b-11df-88e6-001f3f0c9821}.TM.blf [2010.07.04 17:48:31 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??{24804ccc-878b-11df-88e6-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\屢GF䔫�{24804ccc-878b-11df-88e6-001f3f0c9821}.TM.blf [2010.07.04 17:48:31 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF䔫�.LOG1 [2010.07.04 17:48:31 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG1) -- C:\Windows\SysWow64\屢GF䔫�.LOG1 [2010.07.04 17:48:31 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF䔫�.LOG2 [2010.07.04 17:48:31 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G?F??.LOG2) -- C:\Windows\SysWow64\屢GF䔫�.LOG2 [2010.07.03 13:25:15 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?F??{64fcd9cd-869d-11df-8a98-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\F㚵脏{64fcd9cd-869d-11df-8a98-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.07.03 13:25:15 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?F??{64fcd9cd-869d-11df-8a98-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\F㚵脏{64fcd9cd-869d-11df-8a98-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.07.03 13:25:15 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?F??{64fcd9cd-869d-11df-8a98-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\F㚵脏{64fcd9cd-869d-11df-8a98-001f3f0c9821}.TMContainer00000000000000000002.regtrans-ms [2010.07.03 13:25:15 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?F??{64fcd9cd-869d-11df-8a98-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\F㚵脏{64fcd9cd-869d-11df-8a98-001f3f0c9821}.TMContainer00000000000000000001.regtrans-ms [2010.07.03 13:25:15 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?F??) -- C:\Windows\SysWow64\F㚵脏 [2010.07.03 13:25:15 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?F??) -- C:\Windows\SysWow64\F㚵脏 [2010.07.03 13:25:15 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?F??{64fcd9cd-869d-11df-8a98-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\F㚵脏{64fcd9cd-869d-11df-8a98-001f3f0c9821}.TM.blf [2010.07.03 13:25:15 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?F??{64fcd9cd-869d-11df-8a98-001f3f0c9821}.TM.blf) -- C:\Windows\SysWow64\F㚵脏{64fcd9cd-869d-11df-8a98-001f3f0c9821}.TM.blf [2010.07.03 13:25:15 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?F??.LOG1) -- C:\Windows\SysWow64\F㚵脏.LOG1 [2010.07.03 13:25:15 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?F??.LOG1) -- C:\Windows\SysWow64\F㚵脏.LOG1 [2010.07.03 13:25:15 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?F??.LOG2) -- C:\Windows\SysWow64\F㚵脏.LOG2 [2010.07.03 13:25:15 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?F??.LOG2) -- C:\Windows\SysWow64\F㚵脏.LOG2 ========== Alternate Data Streams ========== @Alternate Data Stream - 16 bytes -> C:\Users\Yzerman\Desktop\OTL.exe:BDU @Alternate Data Stream - 16 bytes -> C:\Users\Yzerman\Desktop\Defogger.exe:BDU < End of report > |
|
08.01.2012, 22:18
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bei Eingaben in Text- oder Browserfelder füllen diese sich zuerst mit 6en! Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!! Code:
ATTFilter :OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://de.msn.com/?ocid=ie9hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.ksta.de/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.ksta.de/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://de.msn.com/?ocid=ie9hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1B 45 34 05 88 C4 CC 01 [binary data]
O2:64bit: - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found.
O2 - BHO: (Message Faces for Internet Explorer) - {E3758FC2-BB95-4B86-84BF-D91F4748EC75} - C:\Program Files (x86)\Message Faces for Internet Explorer\x86\messagefaces-ie.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.12.01 10:01:38 | 000,000,000 | RH-D | M] - J:\autorun -- [ NTFS ]
O33 - MountPoints2\{23f2218d-4f73-11df-86eb-001f3f0c9821}\Shell - "" = AutoRun
O33 - MountPoints2\{23f2218d-4f73-11df-86eb-001f3f0c9821}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\{7b6d5763-efe6-11df-8c80-001f3f0c9821}\Shell - "" = AutoRun
O33 - MountPoints2\{7b6d5763-efe6-11df-8c80-001f3f0c9821}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{abfe58e4-3f15-11df-87d5-002564f4a491}\Shell - "" = AutoRun
O33 - MountPoints2\{abfe58e4-3f15-11df-87d5-002564f4a491}\Shell\AutoRun\command - "" = I:\pushinst.exe
@Alternate Data Stream - 16 bytes -> C:\Users\Yzerman\Desktop\OTL.exe:BDU
@Alternate Data Stream - 16 bytes -> C:\Users\Yzerman\Desktop\Defogger.exe:BDU
:Commands
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.01.2012, 22:47
| #21 |
| | Bei Eingaben in Text- oder Browserfelder füllen diese sich zuerst mit 6en! Hier das OTL File nach Fix: Code:
ATTFilter All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchDefaultBranded| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E3758FC2-BB95-4B86-84BF-D91F4748EC75}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E3758FC2-BB95-4B86-84BF-D91F4748EC75}\ deleted successfully.
C:\Program Files (x86)\Message Faces for Internet Explorer\x86\messagefaces-ie.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{23f2218d-4f73-11df-86eb-001f3f0c9821}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{23f2218d-4f73-11df-86eb-001f3f0c9821}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{23f2218d-4f73-11df-86eb-001f3f0c9821}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{23f2218d-4f73-11df-86eb-001f3f0c9821}\ not found.
File K:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7b6d5763-efe6-11df-8c80-001f3f0c9821}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b6d5763-efe6-11df-8c80-001f3f0c9821}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7b6d5763-efe6-11df-8c80-001f3f0c9821}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b6d5763-efe6-11df-8c80-001f3f0c9821}\ not found.
File I:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{abfe58e4-3f15-11df-87d5-002564f4a491}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{abfe58e4-3f15-11df-87d5-002564f4a491}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{abfe58e4-3f15-11df-87d5-002564f4a491}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{abfe58e4-3f15-11df-87d5-002564f4a491}\ not found.
File I:\pushinst.exe not found.
ADS C:\Users\Yzerman\Desktop\OTL.exe:BDU deleted successfully.
ADS C:\Users\Yzerman\Desktop\Defogger.exe:BDU deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: Yzerman
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 50392789 bytes
->Java cache emptied: 22552283 bytes
->FireFox cache emptied: 52904648 bytes
->Google Chrome cache emptied: 98912222 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 489 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 76109 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67966 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 215,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.31.0 log created on 01082012_223848
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
|
|
09.01.2012, 09:43
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bei Eingaben in Text- oder Browserfelder füllen diese sich zuerst mit 6en! Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.01.2012, 20:58
| #23 |
| | Bei Eingaben in Text- oder Browserfelder füllen diese sich zuerst mit 6en! So hier das Kaspersky File. Hat nichts gefunden. Das springen in die Suchmaske habe ich aber immer noch. Code:
ATTFilter 20:54:26.0235 4792 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
20:54:26.0359 4792 ============================================================
20:54:26.0359 4792 Current date / time: 2012/01/09 20:54:26.0359
20:54:26.0359 4792 SystemInfo:
20:54:26.0359 4792
20:54:26.0359 4792 OS Version: 6.1.7601 ServicePack: 1.0
20:54:26.0359 4792 Product type: Workstation
20:54:26.0359 4792 ComputerName: YZERMAN-PC
20:54:26.0359 4792 UserName: Yzerman
20:54:26.0359 4792 Windows directory: C:\Windows
20:54:26.0359 4792 System windows directory: C:\Windows
20:54:26.0359 4792 Running under WOW64
20:54:26.0359 4792 Processor architecture: Intel x64
20:54:26.0359 4792 Number of processors: 4
20:54:26.0359 4792 Page size: 0x1000
20:54:26.0359 4792 Boot type: Normal boot
20:54:26.0359 4792 ============================================================
20:54:26.0703 4792 Initialize success
20:54:37.0092 1128 ============================================================
20:54:37.0092 1128 Scan started
20:54:37.0092 1128 Mode: Manual; SigCheck; TDLFS;
20:54:37.0092 1128 ============================================================
20:54:37.0342 1128 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
20:54:37.0404 1128 1394ohci - ok
20:54:37.0435 1128 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:54:37.0435 1128 ACPI - ok
20:54:37.0451 1128 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:54:37.0467 1128 AcpiPmi - ok
20:54:37.0498 1128 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
20:54:37.0513 1128 adp94xx - ok
20:54:37.0513 1128 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
20:54:37.0529 1128 adpahci - ok
20:54:37.0545 1128 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
20:54:37.0560 1128 adpu320 - ok
20:54:37.0591 1128 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
20:54:37.0607 1128 AFD - ok
20:54:37.0638 1128 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:54:37.0638 1128 agp440 - ok
20:54:37.0669 1128 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:54:37.0669 1128 aliide - ok
20:54:37.0685 1128 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:54:37.0701 1128 amdide - ok
20:54:37.0716 1128 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
20:54:37.0732 1128 AmdK8 - ok
20:54:37.0747 1128 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
20:54:37.0763 1128 AmdPPM - ok
20:54:37.0763 1128 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:54:37.0779 1128 amdsata - ok
20:54:37.0794 1128 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
20:54:37.0810 1128 amdsbs - ok
20:54:37.0810 1128 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:54:37.0825 1128 amdxata - ok
20:54:37.0857 1128 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:54:37.0888 1128 AppID - ok
20:54:37.0903 1128 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
20:54:37.0919 1128 arc - ok
20:54:37.0919 1128 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
20:54:37.0935 1128 arcsas - ok
20:54:37.0935 1128 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:54:37.0966 1128 AsyncMac - ok
20:54:37.0981 1128 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:54:37.0981 1128 atapi - ok
20:54:38.0013 1128 AtiHdmiService (506934df94e3197f4a1bbe8fbeab0ccd) C:\Windows\system32\drivers\AtiHdmi.sys
20:54:38.0044 1128 AtiHdmiService - ok
20:54:38.0169 1128 atikmdag (79ceb8d4f25cabe69f3762c90f5b06b8) C:\Windows\system32\DRIVERS\atikmdag.sys
20:54:38.0231 1128 atikmdag - ok
20:54:38.0309 1128 avc3 (e275a45da5e9e6f043c47c245a9007aa) C:\Windows\system32\DRIVERS\avc3.sys
20:54:38.0340 1128 avc3 - ok
20:54:38.0356 1128 avchv (4c6bcc638798abe1f70afca70d889c3f) C:\Windows\system32\DRIVERS\avchv.sys
20:54:38.0371 1128 avchv - ok
20:54:38.0387 1128 avckf (3c64d0e61572bfe2c5c2beb8cb850d5b) C:\Windows\system32\DRIVERS\avckf.sys
20:54:38.0403 1128 avckf - ok
20:54:38.0403 1128 AVFSFilter - ok
20:54:38.0418 1128 avmeject (1dc2f715792cf33428ad7993acbd224d) C:\Windows\system32\drivers\avmeject.sys
20:54:38.0434 1128 avmeject - ok
20:54:38.0449 1128 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
20:54:38.0465 1128 b06bdrv - ok
20:54:38.0496 1128 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:54:38.0512 1128 b57nd60a - ok
20:54:38.0590 1128 BdfNdisf (707ac68f86f97c17c30498aaf3c7e27e) c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
20:54:38.0605 1128 BdfNdisf - ok
20:54:38.0637 1128 bdfsfltr (66116e0a4da8407ff7f2aaace52b8b54) C:\Windows\system32\DRIVERS\bdfsfltr.sys
20:54:38.0668 1128 bdfsfltr - ok
20:54:38.0699 1128 bdfwfpf (4ce4b0098fc315c237fa8867f07886c4) C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
20:54:38.0715 1128 bdfwfpf - ok
20:54:38.0746 1128 bdsandbox (afda933f10d5b536b8713f119eba6912) C:\Windows\system32\drivers\bdsandbox.sys
20:54:38.0746 1128 bdsandbox - ok
20:54:38.0777 1128 BDVEDISK (b89deff4817b4cc6fc2bcd8f83b4e75d) C:\Windows\system32\DRIVERS\bdvedisk.sys
20:54:38.0793 1128 BDVEDISK - ok
20:54:38.0808 1128 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:54:38.0839 1128 Beep - ok
20:54:38.0855 1128 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:54:38.0871 1128 blbdrive - ok
20:54:38.0902 1128 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:54:38.0917 1128 bowser - ok
20:54:38.0933 1128 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:54:38.0949 1128 BrFiltLo - ok
20:54:38.0949 1128 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:54:38.0964 1128 BrFiltUp - ok
20:54:38.0980 1128 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:54:38.0995 1128 Brserid - ok
20:54:39.0011 1128 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:54:39.0027 1128 BrSerWdm - ok
20:54:39.0042 1128 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:54:39.0058 1128 BrUsbMdm - ok
20:54:39.0058 1128 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:54:39.0073 1128 BrUsbSer - ok
20:54:39.0073 1128 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
20:54:39.0089 1128 BTHMODEM - ok
20:54:39.0105 1128 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:54:39.0136 1128 cdfs - ok
20:54:39.0151 1128 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
20:54:39.0167 1128 cdrom - ok
20:54:39.0183 1128 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
20:54:39.0183 1128 circlass - ok
20:54:39.0214 1128 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:54:39.0229 1128 CLFS - ok
20:54:39.0245 1128 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
20:54:39.0261 1128 CmBatt - ok
20:54:39.0261 1128 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:54:39.0276 1128 cmdide - ok
20:54:39.0323 1128 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
20:54:39.0339 1128 CNG - ok
20:54:39.0339 1128 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
20:54:39.0354 1128 Compbatt - ok
20:54:39.0354 1128 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
20:54:39.0370 1128 CompositeBus - ok
20:54:39.0385 1128 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
20:54:39.0401 1128 crcdisk - ok
20:54:39.0432 1128 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:54:39.0463 1128 DfsC - ok
20:54:39.0479 1128 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:54:39.0510 1128 discache - ok
20:54:39.0526 1128 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
20:54:39.0526 1128 Disk - ok
20:54:39.0557 1128 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
20:54:39.0557 1128 Dot4 - ok
20:54:39.0573 1128 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:54:39.0588 1128 Dot4Print - ok
20:54:39.0588 1128 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
20:54:39.0604 1128 dot4usb - ok
20:54:39.0619 1128 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:54:39.0635 1128 drmkaud - ok
20:54:39.0682 1128 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:54:39.0697 1128 DXGKrnl - ok
20:54:39.0791 1128 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
20:54:39.0822 1128 ebdrv - ok
20:54:39.0853 1128 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
20:54:39.0869 1128 elxstor - ok
20:54:39.0885 1128 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:54:39.0885 1128 ErrDev - ok
20:54:39.0916 1128 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:54:39.0947 1128 exfat - ok
20:54:39.0963 1128 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:54:39.0994 1128 fastfat - ok
20:54:40.0009 1128 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
20:54:40.0025 1128 fdc - ok
20:54:40.0025 1128 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:54:40.0041 1128 FileInfo - ok
20:54:40.0056 1128 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:54:40.0087 1128 Filetrace - ok
20:54:40.0103 1128 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
20:54:40.0103 1128 flpydisk - ok
20:54:40.0134 1128 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:54:40.0150 1128 FltMgr - ok
20:54:40.0165 1128 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:54:40.0165 1128 FsDepends - ok
20:54:40.0165 1128 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
20:54:40.0181 1128 Fs_Rec - ok
20:54:40.0228 1128 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:54:40.0228 1128 fvevol - ok
20:54:40.0259 1128 FWLANUSB (444534cba693dd23c1cc589681e01656) C:\Windows\system32\DRIVERS\fwlanusb.sys
20:54:40.0290 1128 FWLANUSB - ok
20:54:40.0290 1128 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:54:40.0306 1128 gagp30kx - ok
20:54:40.0321 1128 GearAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\drivers\GEARAspiWDM.sys
20:54:40.0337 1128 GearAspiWDM - ok
20:54:40.0337 1128 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:54:40.0353 1128 hcw85cir - ok
20:54:40.0384 1128 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
20:54:40.0399 1128 HDAudBus - ok
20:54:40.0431 1128 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
20:54:40.0446 1128 HECIx64 - ok
20:54:40.0446 1128 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
20:54:40.0462 1128 HidBatt - ok
20:54:40.0477 1128 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
20:54:40.0493 1128 HidBth - ok
20:54:40.0509 1128 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
20:54:40.0524 1128 HidIr - ok
20:54:40.0524 1128 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
20:54:40.0540 1128 HidUsb - ok
20:54:40.0571 1128 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:54:40.0571 1128 HpSAMD - ok
20:54:40.0618 1128 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:54:40.0649 1128 HTTP - ok
20:54:40.0680 1128 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:54:40.0696 1128 hwpolicy - ok
20:54:40.0696 1128 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
20:54:40.0711 1128 i8042prt - ok
20:54:40.0727 1128 iaStor (631fa8935163b01fc0c02966cb3adb92) C:\Windows\system32\DRIVERS\iaStor.sys
20:54:40.0743 1128 iaStor - ok
20:54:40.0758 1128 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:54:40.0774 1128 iaStorV - ok
20:54:40.0789 1128 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
20:54:40.0789 1128 iirsp - ok
20:54:40.0883 1128 IntcAzAudAddService (ee64207f2f5c20bfe5f73db2566c4601) C:\Windows\system32\drivers\RTKVHD64.sys
20:54:40.0914 1128 IntcAzAudAddService - ok
20:54:40.0930 1128 IntcDAud (49072edbc5c2f964917d1b585c90ed0a) C:\Windows\system32\DRIVERS\IntcDAud.sys
20:54:40.0945 1128 IntcDAud - ok
20:54:40.0945 1128 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:54:40.0961 1128 intelide - ok
20:54:40.0961 1128 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:54:40.0977 1128 intelppm - ok
20:54:41.0008 1128 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:54:41.0039 1128 IpFilterDriver - ok
20:54:41.0055 1128 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:54:41.0070 1128 IPMIDRV - ok
20:54:41.0086 1128 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:54:41.0117 1128 IPNAT - ok
20:54:41.0133 1128 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:54:41.0148 1128 IRENUM - ok
20:54:41.0148 1128 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:54:41.0164 1128 isapnp - ok
20:54:41.0164 1128 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:54:41.0179 1128 iScsiPrt - ok
20:54:41.0195 1128 k57nd60a (d85f3f18e44f7447b5f1ba5c85baeb7c) C:\Windows\system32\DRIVERS\k57nd60a.sys
20:54:41.0211 1128 k57nd60a - ok
20:54:41.0211 1128 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
20:54:41.0226 1128 kbdclass - ok
20:54:41.0242 1128 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
20:54:41.0257 1128 kbdhid - ok
20:54:41.0304 1128 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
20:54:41.0304 1128 KSecDD - ok
20:54:41.0351 1128 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
20:54:41.0367 1128 KSecPkg - ok
20:54:41.0382 1128 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:54:41.0413 1128 ksthunk - ok
20:54:41.0429 1128 LHidFilt (aa3d903c5a7538803f2400a8391f1881) C:\Windows\system32\DRIVERS\LHidFilt.Sys
20:54:41.0445 1128 LHidFilt - ok
20:54:41.0460 1128 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:54:41.0476 1128 lltdio - ok
20:54:41.0507 1128 LMouFilt (90b4b2b0b5f05abb9fb365405a7b825b) C:\Windows\system32\DRIVERS\LMouFilt.Sys
20:54:41.0507 1128 LMouFilt - ok
20:54:41.0523 1128 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
20:54:41.0523 1128 LSI_FC - ok
20:54:41.0538 1128 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
20:54:41.0554 1128 LSI_SAS - ok
20:54:41.0554 1128 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:54:41.0569 1128 LSI_SAS2 - ok
20:54:41.0569 1128 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:54:41.0585 1128 LSI_SCSI - ok
20:54:41.0601 1128 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:54:41.0632 1128 luafv - ok
20:54:41.0647 1128 LVPr2M64 (b3944d06eb4b64d57bd7e5fe89415f58) C:\Windows\system32\DRIVERS\LVPr2M64.sys
20:54:41.0647 1128 LVPr2M64 - ok
20:54:41.0647 1128 LVPr2Mon (b3944d06eb4b64d57bd7e5fe89415f58) C:\Windows\system32\DRIVERS\LVPr2M64.sys
20:54:41.0663 1128 LVPr2Mon - ok
20:54:41.0679 1128 LVRS64 (a43a6cbea073990a784603ef065a281b) C:\Windows\system32\DRIVERS\lvrs64.sys
20:54:41.0694 1128 LVRS64 - ok
20:54:41.0819 1128 LVUVC64 (4350876ab0d0c77d0b40a1c85935c96b) C:\Windows\system32\DRIVERS\lvuvc64.sys
20:54:41.0897 1128 LVUVC64 - ok
20:54:41.0913 1128 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
20:54:41.0928 1128 megasas - ok
20:54:41.0928 1128 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
20:54:41.0944 1128 MegaSR - ok
20:54:41.0959 1128 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:54:41.0991 1128 Modem - ok
20:54:41.0991 1128 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:54:42.0006 1128 monitor - ok
20:54:42.0022 1128 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
20:54:42.0022 1128 mouclass - ok
20:54:42.0037 1128 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:54:42.0037 1128 mouhid - ok
20:54:42.0053 1128 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:54:42.0069 1128 mountmgr - ok
20:54:42.0069 1128 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:54:42.0084 1128 mpio - ok
20:54:42.0100 1128 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:54:42.0131 1128 mpsdrv - ok
20:54:42.0162 1128 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:54:42.0209 1128 MRxDAV - ok
20:54:42.0240 1128 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:54:42.0271 1128 mrxsmb - ok
20:54:42.0318 1128 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:54:42.0334 1128 mrxsmb10 - ok
20:54:42.0349 1128 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:54:42.0365 1128 mrxsmb20 - ok
20:54:42.0381 1128 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:54:42.0381 1128 msahci - ok
20:54:42.0396 1128 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:54:42.0412 1128 msdsm - ok
20:54:42.0427 1128 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:54:42.0459 1128 Msfs - ok
20:54:42.0474 1128 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:54:42.0521 1128 mshidkmdf - ok
20:54:42.0537 1128 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:54:42.0552 1128 msisadrv - ok
20:54:42.0552 1128 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:54:42.0583 1128 MSKSSRV - ok
20:54:42.0599 1128 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:54:42.0630 1128 MSPCLOCK - ok
20:54:42.0630 1128 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:54:42.0661 1128 MSPQM - ok
20:54:42.0693 1128 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:54:42.0708 1128 MsRPC - ok
20:54:42.0739 1128 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
20:54:42.0755 1128 mssmbios - ok
20:54:42.0755 1128 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:54:42.0786 1128 MSTEE - ok
20:54:42.0786 1128 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
20:54:42.0802 1128 MTConfig - ok
20:54:42.0802 1128 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:54:42.0817 1128 Mup - ok
20:54:42.0833 1128 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:54:42.0849 1128 NativeWifiP - ok
20:54:42.0895 1128 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
20:54:42.0911 1128 NDIS - ok
20:54:42.0911 1128 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:54:42.0942 1128 NdisCap - ok
20:54:42.0958 1128 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:54:42.0989 1128 NdisTapi - ok
20:54:43.0020 1128 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:54:43.0067 1128 Ndisuio - ok
20:54:43.0083 1128 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:54:43.0114 1128 NdisWan - ok
20:54:43.0145 1128 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:54:43.0207 1128 NDProxy - ok
20:54:43.0239 1128 Netaapl (6f4607e2333fe21e9e3ff8133a88b35b) C:\Windows\system32\DRIVERS\netaapl64.sys
20:54:43.0239 1128 Netaapl - ok
20:54:43.0254 1128 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:54:43.0285 1128 NetBIOS - ok
20:54:43.0317 1128 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:54:43.0363 1128 NetBT - ok
20:54:43.0379 1128 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
20:54:43.0395 1128 nfrd960 - ok
20:54:43.0395 1128 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:54:43.0426 1128 Npfs - ok
20:54:43.0441 1128 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:54:43.0473 1128 nsiproxy - ok
20:54:43.0551 1128 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
20:54:43.0582 1128 Ntfs - ok
20:54:43.0597 1128 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:54:43.0629 1128 Null - ok
20:54:43.0629 1128 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:54:43.0644 1128 nvraid - ok
20:54:43.0660 1128 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:54:43.0660 1128 nvstor - ok
20:54:43.0675 1128 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:54:43.0691 1128 nv_agp - ok
20:54:43.0722 1128 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:54:43.0738 1128 ohci1394 - ok
20:54:43.0753 1128 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
20:54:43.0769 1128 Parport - ok
20:54:43.0769 1128 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
20:54:43.0785 1128 partmgr - ok
20:54:43.0800 1128 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:54:43.0800 1128 pci - ok
20:54:43.0831 1128 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:54:43.0847 1128 pciide - ok
20:54:43.0847 1128 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
20:54:43.0863 1128 pcmcia - ok
20:54:43.0878 1128 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:54:43.0894 1128 pcw - ok
20:54:43.0909 1128 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:54:43.0941 1128 PEAUTH - ok
20:54:44.0003 1128 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:54:44.0034 1128 PptpMiniport - ok
20:54:44.0034 1128 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
20:54:44.0050 1128 Processor - ok
20:54:44.0081 1128 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:54:44.0128 1128 Psched - ok
20:54:44.0143 1128 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
20:54:44.0159 1128 PxHlpa64 - ok
20:54:44.0206 1128 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
20:54:44.0237 1128 ql2300 - ok
20:54:44.0237 1128 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
20:54:44.0253 1128 ql40xx - ok
20:54:44.0268 1128 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:54:44.0284 1128 QWAVEdrv - ok
20:54:44.0284 1128 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:54:44.0315 1128 RasAcd - ok
20:54:44.0331 1128 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:54:44.0362 1128 RasAgileVpn - ok
20:54:44.0393 1128 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:54:44.0440 1128 Rasl2tp - ok
20:54:44.0455 1128 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:54:44.0487 1128 RasPppoe - ok
20:54:44.0502 1128 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:54:44.0533 1128 RasSstp - ok
20:54:44.0549 1128 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:54:44.0580 1128 rdbss - ok
20:54:44.0611 1128 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
20:54:44.0627 1128 rdpbus - ok
20:54:44.0643 1128 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:54:44.0674 1128 RDPCDD - ok
20:54:44.0674 1128 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:54:44.0705 1128 RDPENCDD - ok
20:54:44.0721 1128 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:54:44.0752 1128 RDPREFMP - ok
20:54:44.0767 1128 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
20:54:44.0799 1128 RDPWD - ok
20:54:44.0830 1128 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:54:44.0845 1128 rdyboost - ok
20:54:44.0877 1128 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:54:44.0908 1128 rspndr - ok
20:54:44.0923 1128 RxFilter - ok
20:54:45.0001 1128 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
20:54:45.0017 1128 SASDIFSV - ok
20:54:45.0064 1128 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
20:54:45.0079 1128 SASKUTIL - ok
20:54:45.0095 1128 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:54:45.0095 1128 sbp2port - ok
20:54:45.0126 1128 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:54:45.0157 1128 scfilter - ok
20:54:45.0173 1128 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:54:45.0204 1128 secdrv - ok
20:54:45.0220 1128 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
20:54:45.0235 1128 Serenum - ok
20:54:45.0251 1128 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
20:54:45.0251 1128 Serial - ok
20:54:45.0267 1128 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
20:54:45.0267 1128 sermouse - ok
20:54:45.0282 1128 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:54:45.0298 1128 sffdisk - ok
20:54:45.0313 1128 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:54:45.0329 1128 sffp_mmc - ok
20:54:45.0329 1128 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
20:54:45.0345 1128 sffp_sd - ok
20:54:45.0345 1128 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
20:54:45.0360 1128 sfloppy - ok
20:54:45.0391 1128 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:54:45.0391 1128 SiSRaid2 - ok
20:54:45.0407 1128 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
20:54:45.0423 1128 SiSRaid4 - ok
20:54:45.0423 1128 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:54:45.0454 1128 Smb - ok
20:54:45.0469 1128 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:54:45.0485 1128 spldr - ok
20:54:45.0532 1128 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:54:45.0547 1128 srv - ok
20:54:45.0563 1128 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:54:45.0579 1128 srv2 - ok
20:54:45.0594 1128 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:54:45.0594 1128 srvnet - ok
20:54:45.0625 1128 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
20:54:45.0625 1128 stexstor - ok
20:54:45.0641 1128 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
20:54:45.0657 1128 swenum - ok
20:54:45.0672 1128 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys
20:54:45.0688 1128 taphss - ok
20:54:45.0781 1128 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
20:54:45.0828 1128 Tcpip - ok
20:54:45.0844 1128 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
20:54:45.0875 1128 TCPIP6 - ok
20:54:45.0906 1128 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
20:54:45.0937 1128 tcpipreg - ok
20:54:45.0937 1128 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:54:45.0969 1128 TDPIPE - ok
20:54:45.0984 1128 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
20:54:46.0015 1128 TDTCP - ok
20:54:46.0047 1128 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:54:46.0078 1128 tdx - ok
20:54:46.0093 1128 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
20:54:46.0109 1128 TermDD - ok
20:54:46.0171 1128 trufos (df219721ddffcbe03aa894b6b6742ba1) C:\Windows\system32\DRIVERS\trufos.sys
20:54:46.0187 1128 trufos - ok
20:54:46.0234 1128 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:54:46.0281 1128 tssecsrv - ok
20:54:46.0312 1128 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:54:46.0312 1128 TsUsbFlt - ok
20:54:46.0374 1128 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys
20:54:46.0390 1128 TuneUpUtilitiesDrv - ok
20:54:46.0421 1128 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:54:46.0468 1128 tunnel - ok
20:54:46.0468 1128 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
20:54:46.0483 1128 uagp35 - ok
20:54:46.0515 1128 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:54:46.0546 1128 udfs - ok
20:54:46.0561 1128 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:54:46.0577 1128 uliagpkx - ok
20:54:46.0577 1128 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
20:54:46.0593 1128 umbus - ok
20:54:46.0593 1128 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
20:54:46.0608 1128 UmPass - ok
20:54:46.0639 1128 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
20:54:46.0655 1128 USBAAPL64 - ok
20:54:46.0686 1128 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
20:54:46.0702 1128 usbaudio - ok
20:54:46.0702 1128 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
20:54:46.0717 1128 usbccgp - ok
20:54:46.0749 1128 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:54:46.0764 1128 usbcir - ok
20:54:46.0764 1128 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
20:54:46.0780 1128 usbehci - ok
20:54:46.0795 1128 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
20:54:46.0811 1128 usbhub - ok
20:54:46.0827 1128 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
20:54:46.0842 1128 usbohci - ok
20:54:46.0842 1128 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
20:54:46.0858 1128 usbprint - ok
20:54:46.0889 1128 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
20:54:46.0920 1128 usbscan - ok
20:54:46.0920 1128 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:54:46.0936 1128 USBSTOR - ok
20:54:46.0936 1128 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
20:54:46.0951 1128 usbuhci - ok
20:54:46.0967 1128 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:54:46.0967 1128 vdrvroot - ok
20:54:46.0983 1128 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:54:46.0998 1128 vga - ok
20:54:46.0998 1128 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:54:47.0029 1128 VgaSave - ok
20:54:47.0045 1128 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:54:47.0061 1128 vhdmp - ok
20:54:47.0061 1128 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:54:47.0076 1128 viaide - ok
20:54:47.0092 1128 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:54:47.0092 1128 volmgr - ok
20:54:47.0123 1128 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:54:47.0154 1128 volmgrx - ok
20:54:47.0170 1128 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
20:54:47.0185 1128 volsnap - ok
20:54:47.0185 1128 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
20:54:47.0201 1128 vsmraid - ok
20:54:47.0217 1128 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
20:54:47.0232 1128 vwifibus - ok
20:54:47.0263 1128 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
20:54:47.0263 1128 WacomPen - ok
20:54:47.0295 1128 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:54:47.0310 1128 WANARP - ok
20:54:47.0326 1128 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:54:47.0341 1128 Wanarpv6 - ok
20:54:47.0357 1128 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
20:54:47.0373 1128 Wd - ok
20:54:47.0388 1128 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:54:47.0404 1128 Wdf01000 - ok
20:54:47.0419 1128 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:54:47.0451 1128 WfpLwf - ok
20:54:47.0466 1128 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
20:54:47.0466 1128 WimFltr - ok
20:54:47.0482 1128 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:54:47.0482 1128 WIMMount - ok
20:54:47.0513 1128 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
20:54:47.0513 1128 WinUsb - ok
20:54:47.0560 1128 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
20:54:47.0575 1128 WmiAcpi - ok
20:54:47.0591 1128 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:54:47.0622 1128 ws2ifsl - ok
20:54:47.0653 1128 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
20:54:47.0685 1128 WudfPf - ok
20:54:47.0700 1128 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:54:47.0731 1128 WUDFRd - ok
20:54:47.0747 1128 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:54:47.0903 1128 \Device\Harddisk0\DR0 - ok
20:54:47.0903 1128 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
20:54:48.0246 1128 \Device\Harddisk1\DR1 - ok
20:54:48.0246 1128 Boot (0x1200) (42d388cd6d9a4a721afa84cc5c478650) \Device\Harddisk0\DR0\Partition0
20:54:48.0246 1128 \Device\Harddisk0\DR0\Partition0 - ok
20:54:48.0277 1128 Boot (0x1200) (1593ab372be4700b886691c512889c4e) \Device\Harddisk0\DR0\Partition1
20:54:48.0277 1128 \Device\Harddisk0\DR0\Partition1 - ok
20:54:48.0293 1128 Boot (0x1200) (4dae3a28d6a7b35dff8264b99c60e12f) \Device\Harddisk1\DR1\Partition0
20:54:48.0293 1128 \Device\Harddisk1\DR1\Partition0 - ok
20:54:48.0293 1128 ============================================================
20:54:48.0293 1128 Scan finished
20:54:48.0293 1128 ============================================================
20:54:48.0309 2996 Detected object count: 0
20:54:48.0309 2996 Actual detected object count: 0
20:55:03.0831 3408 Deinitialize success
|
|
09.01.2012, 22:09
| #24 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bei Eingaben in Text- oder Browserfelder füllen diese sich zuerst mit 6en! Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.01.2012, 20:05
| #25 |
| | Bei Eingaben in Text- oder Browserfelder füllen diese sich zuerst mit 6en! Hallo Arne, hier das Combo File Log für Dich: Combofix Logfile: Code:
ATTFilter ComboFix 12-01-10.02 - Yzerman 10.01.2012 19:49:52.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3959.2433 [GMT 1:00]
ausgeführt von:: c:\users\Yzerman\Desktop\ComboFix.exe
AV: Bitdefender Virenschutz *Disabled/Updated* {50909708-FF80-02AF-F814-B28405891E92}
FW: Bitdefender Firewall *Disabled* {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9}
SP: Bitdefender Spyware-Schutz *Disabled/Updated* {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\java.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-12-10 bis 2012-01-10 ))))))))))))))))))))))))))))))
.
.
2012-01-10 18:54 . 2012-01-10 18:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-10 09:08 . 2012-01-10 09:08 -------- d-----w- c:\users\Yzerman\AppData\Roaming\FreeHideIP
2012-01-10 09:08 . 2012-01-10 09:08 -------- d-----w- c:\programdata\FreeHideIP
2012-01-08 21:38 . 2012-01-08 21:38 -------- d-----w- C:\_OTL
2012-01-07 17:02 . 2012-01-07 17:02 -------- d-----w- c:\program files (x86)\ESET
2012-01-06 13:25 . 2012-01-06 13:25 199827 ----a-w- c:\programdata\1325856142.bdinstall.bin
2012-01-06 13:23 . 2011-10-27 13:07 329800 ----a-w- c:\windows\system32\drivers\trufos.sys
2012-01-06 13:23 . 2011-03-24 13:36 431176 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys
2012-01-06 07:38 . 2012-01-06 07:38 -------- d-----w- c:\users\Yzerman\AppData\Roaming\SUPERAntiSpyware.com
2012-01-06 07:37 . 2012-01-06 12:15 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-01-06 07:37 . 2012-01-06 07:37 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-01-05 21:36 . 2012-01-05 21:42 -------- d-----w- c:\programdata\BDLogging
2012-01-05 19:07 . 2012-01-05 19:07 -------- d-----w- c:\users\Yzerman\AppData\Roaming\Malwarebytes
2012-01-05 19:07 . 2012-01-05 19:07 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-01-05 19:07 . 2012-01-05 19:07 -------- d-----w- c:\programdata\Malwarebytes
2012-01-05 19:07 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-05 13:36 . 2012-01-05 13:36 525544 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-05 13:36 . 2012-01-05 13:36 -------- d-----w- c:\program files\Java
2012-01-05 00:05 . 2012-01-05 00:05 -------- d-----w- c:\users\Yzerman\AppData\Local\s.menze
2012-01-05 00:05 . 2012-01-05 00:05 -------- d-----w- c:\users\Yzerman\AppData\Local\SafeBox
2012-01-04 18:34 . 2012-01-04 18:34 247636 ----a-w- c:\programdata\1325701732.bdinstall.bin
2012-01-04 18:33 . 2012-01-04 18:34 -------- d-----w- c:\users\Yzerman\AppData\Roaming\Bitdefender
2012-01-04 18:33 . 2012-01-06 13:24 -------- d-----w- c:\programdata\Bitdefender
2012-01-04 18:29 . 2012-01-04 18:30 -------- d-----w- c:\program files\Bitdefender
2012-01-04 18:28 . 2012-01-04 18:29 -------- d-----w- c:\program files\Common Files\Bitdefender
2012-01-04 18:28 . 2012-01-04 18:28 -------- d-----w- c:\program files (x86)\Common Files\Bitdefender
2012-01-03 17:41 . 2012-01-03 17:41 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\fde1205b1ccca3e01\MeshBetaRemover.exe
2012-01-03 07:58 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5F63B1FE-F3CD-4BFB-89D9-719A1FD463E1}\mpengine.dll
2011-12-29 18:46 . 2012-01-04 17:23 -------- d-----w- c:\programdata\clp
2011-12-29 18:46 . 2011-12-29 18:46 -------- d-----w- c:\programdata\Common Toolkit Suite
2011-12-28 13:02 . 2011-06-21 04:09 200976 ----a-w- c:\windows\SysWow64\drivers\tmcomm.sys
2011-12-27 11:30 . 2011-12-28 12:52 -------- d-----w- c:\users\Yzerman\AppData\Roaming\QuickScan
2011-12-27 11:06 . 2011-12-27 11:06 -------- d-----w- c:\programdata\boost_interprocess
2011-12-18 00:11 . 2011-12-18 00:11 -------- d-----w- c:\users\Yzerman\AppData\Roaming\ZoomBrowser EX
2011-12-17 23:28 . 2011-12-17 23:28 -------- d-----w- c:\programdata\ZoomBrowser
2011-12-17 23:28 . 2011-12-17 23:29 -------- d-----w- c:\program files (x86)\Canon
2011-12-17 23:27 . 2011-12-17 23:27 -------- d-----w- c:\program files (x86)\Common Files\Canon
2011-12-14 17:37 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-14 17:37 . 2011-11-24 04:52 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-12-14 17:37 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2011-12-14 17:37 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-12-14 17:37 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-14 17:37 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-03 11:35 . 2010-04-03 16:15 2300696 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-01-03 11:34 . 2010-05-19 19:18 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-01-03 11:34 . 2010-05-09 16:16 1248080 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-12-14 10:12 . 2010-04-03 16:15 1248080 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-12-13 08:35 . 2010-11-01 13:07 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2011-12-13 08:29 . 2010-11-01 13:07 25920 ----a-w- c:\windows\system32\authuitu.dll
2011-12-13 08:29 . 2010-11-01 13:07 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-12-13 08:29 . 2010-11-01 13:07 36160 ----a-w- c:\windows\system32\uxtuneup.dll
2011-12-13 08:29 . 2010-11-01 13:07 29504 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2011-12-01 08:29 . 2011-05-20 05:49 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-28 16:33 . 2011-11-28 16:33 543528 ----a-w- c:\windows\system32\drivers\avckf.sys
2011-11-25 13:00 . 2011-11-25 13:00 258736 ----a-w- c:\windows\system32\drivers\avchv.sys
2011-11-25 12:57 . 2011-11-25 12:57 685192 ----a-w- c:\windows\system32\drivers\avc3.sys
2011-11-23 16:48 . 2011-04-05 13:55 182264 ----a-w- c:\windows\SysWow64\BpShellEx.dll
2011-11-14 18:16 . 2011-11-14 18:16 90192 ----a-w- c:\windows\system32\drivers\BdfNdisf6.sys
2011-11-13 14:03 . 2011-03-28 17:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-11-04 08:51 . 2010-04-03 12:32 50552 ----a-w- c:\windows\system32\drivers\GDBehave.sys
2011-11-04 08:51 . 2010-04-03 12:12 111992 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys
2011-11-04 08:51 . 2010-04-03 12:11 65912 ----a-w- c:\windows\system32\drivers\gdwfpcd64.sys
2011-10-24 13:29 . 2011-10-24 13:29 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"="c:\program files (x86)\Logitech\Vid HD\Vid.exe" [2011-01-13 6129496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ShwiconXP9106"="c:\program files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe" [2009-07-17 237568]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-24 140520]
"DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2009-03-20 1904640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-08 559616]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Hardcopy.LNK - c:\program files (x86)\Hardcopy\hardcopy.exe [2011-4-12 3520000]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-23 270336]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-4-3 1196048]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\J:\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"UpdReg"=c:\windows\UpdReg.EXE
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"PDFPrint"=c:\program files (x86)\PDF24\pdf24.exe
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
"IAStorIcon"=c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
"LWS"=c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SessionLauncher;SessionLauncher;c:\users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [x]
R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [x]
R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys [x]
R3 bdsandbox;bdsandbox;c:\windows\system32\drivers\bdsandbox.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [2011-10-14 466736]
R3 UPnPService;UPnPService;c:\program files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2008-10-21 548864]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R4 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-26 1124848]
R4 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2011-11-14 90192]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-11-14 103504]
S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 197976]
S2 SafeBox;SafeBox;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [2011-12-21 75384]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-12-13 2028864]
S2 UPDATESRV;BitDefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2012\updatesrv.exe [2011-11-17 62512]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [x]
S3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech Webcam 500(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-10-07 11856]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E3758FC2-BB95-4B86-84BF-D91F4748EC76}]
2011-03-17 15:41 75024 ----a-w- c:\program files (x86)\Message Faces for Internet Explorer\x64\messagefaces-ie.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1]
@="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}"
[HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}]
2011-12-21 10:16 264344 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2]
@="{342DAA0B-D796-460D-8566-901E08A1CCAD}"
[HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}]
2011-12-21 10:16 264344 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3]
@="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}"
[HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}]
2011-12-21 10:16 264344 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4]
@="{33816773-98AE-4723-ADE0-EBE54C8B5A67}"
[HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}]
2011-12-21 10:16 264344 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 242192]
"BDAgent"="c:\program files\Bitdefender\Bitdefender 2012\bdagent.exe" [2011-12-21 1063136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.ksta.de/
mLocal Page =
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
DPF: {5BF3E4A3-7E64-4D53-B512-2E242E837D24} - hxxps://einfach.otto.de/ottoproj/ottomce//bin/activex/MCEControls.cab
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-mcmscsvc
SafeBoot-MCODS
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\avmwlanstick\WlanNetService.exe
c:\program files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe
c:\program files\Logitech\SetPoint\x86\SetPoint32.exe
c:\program files (x86)\Hardcopy\hcdll2_ex_Win32.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-01-10 19:59:05 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-01-10 18:59
.
Vor Suchlauf: 14 Verzeichnis(se), 1.167.661.363.200 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 1.167.093.407.744 Bytes frei
.
- - End Of File - - 5F867991769B69761A7311AE5D8B2E9F
|
|
10.01.2012, 21:23
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bei Eingaben in Text- oder Browserfelder füllen diese sich zuerst mit 6en! Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.01.2012, 21:41
| #27 |
| | Bei Eingaben in Text- oder Browserfelder füllen diese sich zuerst mit 6en! Hallo Arne, hier das File. Gruss Stephan. es wird wieder schlimmer... springt dauernd in dei suchmaske... Code:
ATTFilter aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
Run date: 2012-01-10 21:36:19
-----------------------------
21:36:19.828 OS Version: Windows x64 6.1.7601 Service Pack 1
21:36:19.828 Number of processors: 4 586 0x2502
21:36:19.828 ComputerName: YZERMAN-PC UserName: Yzerman
21:36:21.341 Initialize success
21:36:51.162 AVAST engine download error: 0
21:37:11.317 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:37:11.317 Disk 0 Vendor: Intel___ 1.0. Size: 1220956MB BusType: 8
21:37:11.333 Disk 0 MBR read successfully
21:37:11.333 Disk 0 MBR scan
21:37:11.333 Disk 0 Windows 7 default MBR code
21:37:11.333 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 117 MB offset 63
21:37:11.349 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 9842 MB offset 241664
21:37:11.364 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 1210995 MB offset 20398080
21:37:11.364 Service scanning
21:37:12.207 Modules scanning
21:37:12.207 Disk 0 trace - called modules:
21:37:12.207 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
21:37:12.222 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c47060]
21:37:12.222 3 CLASSPNP.SYS[fffff88001a5143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800493b050]
21:37:12.238 Scan finished successfully
21:37:51.300 Disk 0 MBR has been saved successfully to "C:\Users\Yzerman\Desktop\MBR.dat"
21:37:51.316 The log file has been saved successfully to "C:\Users\Yzerman\Desktop\aswMBR.txt"
|
|
10.01.2012, 22:11
| #28 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bei Eingaben in Text- oder Browserfelder füllen diese sich zuerst mit 6en!Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.01.2012, 22:14
| #29 |
| | Bei Eingaben in Text- oder Browserfelder füllen diese sich zuerst mit 6en! Hallo Arne, möchte ich Eingaben in Textfenstern wie auch hier z.B. im Board tätigen springt der Cursor teilweise immer oben in die Suchleiste des Browsers. Das meinte ich. Auch bei Eingaben in Suchmaschinen oder in der Browserleiste habe ich diese Problem Übrigens habe ich bei dem Avast Scan keinen Fix Button gedrückt, hatte ich noch vergessen zu sagen. Gruss Stephan |
|
10.01.2012, 22:27
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bei Eingaben in Text- oder Browserfelder füllen diese sich zuerst mit 6en! Sieht soweit ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Bei Eingaben in Text- oder Browserfelder füllen diese sich zuerst mit 6en! |
| bitdefender, defender, firefox, firewall, frage, gdata, harddisk, hijack, hijackthis, keine viren, langsam, lizenz, logfiles, malware, neue, online banking, onlineshop, problem, programme, ratlos, scan ausgeführt, schutz, security, starten, suchmaschine, taskleiste, virenschutz, öffnet |
Linear-Darstellung
