Smart Fortress 2012 richtig entfernt?

cosinus · 06.04.2012, 17:45

Hmpf, dann müssen wir OTL überspringen

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C

nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

Gizmo79 · 06.04.2012, 18:11

Hallo Arne,

hier nun das LOG. Habe also die Einstellungen für den defogger nicht geändert.

Code:

ATTFilter

19:02:53.0348 5884	TDSS rootkit removing tool 2.7.26.0 Apr  4 2012 19:52:02
19:02:53.0726 5884	============================================================
19:02:53.0726 5884	Current date / time: 2012/04/06 19:02:53.0726
19:02:53.0726 5884	SystemInfo:
19:02:53.0726 5884	
19:02:53.0726 5884	OS Version: 6.0.6002 ServicePack: 2.0
19:02:53.0726 5884	Product type: Workstation
19:02:53.0727 5884	ComputerName: BRAUNERBÄR
19:02:53.0727 5884	UserName: Frank
19:02:53.0727 5884	Windows directory: C:\Windows
19:02:53.0727 5884	System windows directory: C:\Windows
19:02:53.0727 5884	Processor architecture: Intel x86
19:02:53.0727 5884	Number of processors: 2
19:02:53.0727 5884	Page size: 0x1000
19:02:53.0727 5884	Boot type: Normal boot
19:02:53.0727 5884	============================================================
19:02:54.0349 5884	Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:02:54.0351 5884	\Device\Harddisk0\DR0:
19:02:54.0352 5884	MBR used
19:02:54.0352 5884	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x129C7800
19:02:54.0352 5884	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x12CB6000, BlocksNum 0x127782B0
19:02:54.0432 5884	Initialize success
19:02:54.0432 5884	============================================================
19:04:57.0880 4816	============================================================
19:04:57.0880 4816	Scan started
19:04:57.0880 4816	Mode: Manual; SigCheck; TDLFS; 
19:04:57.0880 4816	============================================================
19:04:59.0273 4816	ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
19:04:59.0458 4816	ACPI - ok
19:04:59.0654 4816	AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:04:59.0676 4816	AdobeFlashPlayerUpdateSvc - ok
19:04:59.0821 4816	adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
19:04:59.0874 4816	adp94xx - ok
19:05:00.0018 4816	adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
19:05:00.0042 4816	adpahci - ok
19:05:00.0073 4816	adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
19:05:00.0093 4816	adpu160m - ok
19:05:00.0130 4816	adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
19:05:00.0151 4816	adpu320 - ok
19:05:00.0265 4816	AeLookupSvc     (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
19:05:00.0379 4816	AeLookupSvc - ok
19:05:00.0531 4816	AFD             (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
19:05:00.0627 4816	AFD - ok
19:05:00.0747 4816	AgereModemAudio (39e435c90c9c4f780fa0ed05ca3c3a1b) C:\Windows\system32\agrsmsvc.exe
19:05:00.0814 4816	AgereModemAudio - ok
19:05:00.0974 4816	AgereSoftModem  (ce91b158fa490cf4c4d487a4130f4660) C:\Windows\system32\DRIVERS\AGRSM.sys
19:05:01.0077 4816	AgereSoftModem - ok
19:05:01.0209 4816	agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
19:05:01.0227 4816	agp440 - ok
19:05:01.0266 4816	aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
19:05:01.0286 4816	aic78xx - ok
19:05:01.0319 4816	ALG             (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
19:05:01.0401 4816	ALG - ok
19:05:01.0511 4816	aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
19:05:01.0536 4816	aliide - ok
19:05:01.0588 4816	amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
19:05:01.0613 4816	amdagp - ok
19:05:01.0741 4816	amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
19:05:01.0765 4816	amdide - ok
19:05:01.0792 4816	AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
19:05:01.0854 4816	AmdK7 - ok
19:05:01.0967 4816	AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
19:05:02.0047 4816	AmdK8 - ok
19:05:02.0177 4816	Appinfo         (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
19:05:02.0242 4816	Appinfo - ok
19:05:02.0356 4816	Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:05:02.0379 4816	Apple Mobile Device - ok
19:05:02.0466 4816	arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
19:05:02.0492 4816	arc - ok
19:05:02.0537 4816	arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
19:05:02.0563 4816	arcsas - ok
19:05:02.0636 4816	aspnet_state    (40c145f12ff461a0220303bda134f598) C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:05:02.0659 4816	aspnet_state - ok
19:05:02.0742 4816	AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
19:05:02.0820 4816	AsyncMac - ok
19:05:02.0945 4816	atapi           (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
19:05:02.0996 4816	atapi - ok
19:05:03.0149 4816	athr            (09a644da1f4c144df1c9fe3cd75e22ed) C:\Windows\system32\DRIVERS\athr.sys
19:05:03.0278 4816	athr - ok
19:05:03.0400 4816	Ati External Event Utility (54d715af597c06e87418c50f481bdd2c) C:\Windows\system32\Ati2evxx.exe
19:05:03.0503 4816	Ati External Event Utility - ok
19:05:03.0715 4816	atikmdag        (be4d8fdc6b2598c46b2b5e6e4fbaafc5) C:\Windows\system32\DRIVERS\atikmdag.sys
19:05:03.0878 4816	atikmdag - ok
19:05:04.0039 4816	AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
19:05:04.0079 4816	AudioEndpointBuilder - ok
19:05:04.0088 4816	Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
19:05:04.0127 4816	Audiosrv - ok
19:05:04.0253 4816	AVKProxy        (4ed37a7f41891769aeb88c2408b3016f) C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe
19:05:04.0291 4816	AVKProxy - ok
19:05:04.0344 4816	AVKService      (909270c00354439bcc649a92c25d8b3f) C:\Program Files\G DATA\InternetSecurity\AVK\AVKService.exe
19:05:04.0365 4816	AVKService - ok
19:05:04.0456 4816	AVKWCtl         (690468933b8d00b66ef5db73150f96ea) C:\Program Files\G DATA\InternetSecurity\AVK\AVKWCtl.exe
19:05:04.0516 4816	AVKWCtl - ok
19:05:04.0649 4816	Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
19:05:04.0716 4816	Beep - ok
19:05:04.0852 4816	BFE             (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
19:05:04.0895 4816	BFE - ok
19:05:04.0997 4816	BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
19:05:05.0084 4816	BITS - ok
19:05:05.0146 4816	blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
19:05:05.0211 4816	blbdrive - ok
19:05:05.0337 4816	Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
19:05:05.0367 4816	Bonjour Service - ok
19:05:05.0431 4816	bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
19:05:05.0490 4816	bowser - ok
19:05:05.0610 4816	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
19:05:05.0663 4816	BrFiltLo - ok
19:05:05.0692 4816	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
19:05:05.0771 4816	BrFiltUp - ok
19:05:05.0869 4816	Browser         (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
19:05:05.0933 4816	Browser - ok
19:05:06.0069 4816	Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
19:05:06.0291 4816	Brserid - ok
19:05:06.0400 4816	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
19:05:06.0490 4816	BrSerWdm - ok
19:05:06.0516 4816	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
19:05:06.0600 4816	BrUsbMdm - ok
19:05:06.0692 4816	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
19:05:06.0772 4816	BrUsbSer - ok
19:05:06.0895 4816	BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
19:05:06.0980 4816	BTHMODEM - ok
19:05:07.0099 4816	cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
19:05:07.0183 4816	cdfs - ok
19:05:07.0312 4816	cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
19:05:07.0373 4816	cdrom - ok
19:05:07.0444 4816	CertPropSvc     (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
19:05:07.0524 4816	CertPropSvc - ok
19:05:07.0614 4816	circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
19:05:07.0659 4816	circlass - ok
19:05:07.0710 4816	CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
19:05:07.0734 4816	CLFS - ok
19:05:07.0810 4816	clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:05:07.0827 4816	clr_optimization_v2.0.50727_32 - ok
19:05:07.0926 4816	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:05:07.0958 4816	clr_optimization_v4.0.30319_32 - ok
19:05:08.0060 4816	CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
19:05:08.0110 4816	CmBatt - ok
19:05:08.0150 4816	cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
19:05:08.0175 4816	cmdide - ok
19:05:08.0262 4816	Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
19:05:08.0286 4816	Compbatt - ok
19:05:08.0297 4816	COMSysApp - ok
19:05:08.0411 4816	ConfigFree Service (d10d01b2dfcd8d2f32a32ed29e8da1c2) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
19:05:08.0432 4816	ConfigFree Service ( UnsignedFile.Multi.Generic ) - warning
19:05:08.0432 4816	ConfigFree Service - detected UnsignedFile.Multi.Generic (1)
19:05:08.0514 4816	crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
19:05:08.0538 4816	crcdisk - ok
19:05:08.0570 4816	Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
19:05:08.0647 4816	Crusoe - ok
19:05:08.0750 4816	CryptSvc        (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
19:05:08.0802 4816	CryptSvc - ok
19:05:08.0887 4816	DcomLaunch      (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
19:05:08.0978 4816	DcomLaunch - ok
19:05:09.0056 4816	DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
19:05:09.0106 4816	DfsC - ok
19:05:09.0232 4816	DFSR            (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
19:05:09.0387 4816	DFSR - ok
19:05:09.0479 4816	DgiVecp - ok
19:05:09.0543 4816	Dhcp            (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
19:05:09.0582 4816	Dhcp - ok
19:05:09.0700 4816	disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
19:05:09.0719 4816	disk - ok
19:05:09.0772 4816	Dnscache        (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
19:05:09.0830 4816	Dnscache - ok
19:05:09.0933 4816	dot3svc         (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
19:05:09.0982 4816	dot3svc - ok
19:05:10.0039 4816	DPS             (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
19:05:10.0097 4816	DPS - ok
19:05:10.0199 4816	drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
19:05:10.0279 4816	drmkaud - ok
19:05:10.0338 4816	DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
19:05:10.0379 4816	DXGKrnl - ok
19:05:10.0466 4816	E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
19:05:10.0518 4816	E1G60 - ok
19:05:10.0560 4816	EapHost         (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
19:05:10.0602 4816	EapHost - ok
19:05:10.0710 4816	Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
19:05:10.0732 4816	Ecache - ok
19:05:10.0804 4816	ehRecvr         (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
19:05:10.0838 4816	ehRecvr - ok
19:05:10.0862 4816	ehSched         (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
19:05:10.0935 4816	ehSched - ok
19:05:11.0003 4816	ehstart         (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
19:05:11.0048 4816	ehstart - ok
19:05:11.0167 4816	elxstor         (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
19:05:11.0204 4816	elxstor - ok
19:05:11.0257 4816	EMDMgmt         (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
19:05:11.0335 4816	EMDMgmt - ok
19:05:11.0417 4816	ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
19:05:11.0461 4816	ErrDev - ok
19:05:11.0561 4816	EventSystem     (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
19:05:11.0601 4816	EventSystem - ok
19:05:11.0710 4816	exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
19:05:11.0756 4816	exfat - ok
19:05:11.0816 4816	fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
19:05:11.0846 4816	fastfat - ok
19:05:11.0949 4816	fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
19:05:11.0994 4816	fdc - ok
19:05:12.0027 4816	fdPHost         (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
19:05:12.0058 4816	fdPHost - ok
19:05:12.0117 4816	FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
19:05:12.0179 4816	FDResPub - ok
19:05:12.0257 4816	FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
19:05:12.0276 4816	FileInfo - ok
19:05:12.0330 4816	Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
19:05:12.0375 4816	Filetrace - ok
19:05:12.0508 4816	FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
19:05:12.0609 4816	FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
19:05:12.0609 4816	FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
19:05:12.0735 4816	flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
19:05:12.0780 4816	flpydisk - ok
19:05:12.0826 4816	FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
19:05:12.0847 4816	FltMgr - ok
19:05:12.0910 4816	FontCache       (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
19:05:12.0983 4816	FontCache - ok
19:05:13.0065 4816	FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:05:13.0082 4816	FontCache3.0.0.0 - ok
19:05:13.0153 4816	Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
19:05:13.0195 4816	Fs_Rec - ok
19:05:13.0268 4816	FwLnk           (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys
19:05:13.0313 4816	FwLnk - ok
19:05:13.0380 4816	gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
19:05:13.0399 4816	gagp30kx - ok
19:05:13.0496 4816	GDFwSvc         (a681ea5027b9638f8cbfbd25cc5f6420) C:\Program Files\G DATA\InternetSecurity\Firewall\GDFwSvc.exe
19:05:13.0549 4816	GDFwSvc - ok
19:05:13.0699 4816	GDMnIcpt        (9a58148406e1bb4a2265b84320dedc2b) C:\Windows\system32\drivers\MiniIcpt.sys
19:05:13.0721 4816	GDMnIcpt - ok
19:05:13.0770 4816	GDPkIcpt        (192a1d4b5af4f8ecca484d2d16dbe113) C:\Windows\system32\drivers\PktIcpt.sys
19:05:13.0793 4816	GDPkIcpt - ok
19:05:13.0874 4816	gdwfpcd         (0a8dc3b53fcb10935a6098e0a761f68e) C:\Windows\system32\DRIVERS\gdwfpcd32.sys
19:05:13.0896 4816	gdwfpcd - ok
19:05:13.0944 4816	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\drivers\GEARAspiWDM.sys
19:05:13.0967 4816	GEARAspiWDM - ok
19:05:14.0022 4816	gpsvc           (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
19:05:14.0097 4816	gpsvc - ok
19:05:14.0226 4816	GRD             (4679ed6dcc111ab674cf7818dda1606f) C:\Windows\system32\drivers\GRD.sys
19:05:14.0248 4816	GRD - ok
19:05:14.0375 4816	gupdate         (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
19:05:14.0399 4816	gupdate - ok
19:05:14.0429 4816	gupdatem        (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
19:05:14.0452 4816	gupdatem - ok
19:05:14.0493 4816	gusvc           (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:05:14.0517 4816	gusvc - ok
19:05:14.0645 4816	HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
19:05:14.0705 4816	HdAudAddService - ok
19:05:14.0756 4816	HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:05:14.0841 4816	HDAudBus - ok
19:05:14.0945 4816	HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
19:05:15.0014 4816	HidBth - ok
19:05:15.0045 4816	HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
19:05:15.0099 4816	HidIr - ok
19:05:15.0200 4816	hidserv         (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
19:05:15.0234 4816	hidserv - ok
19:05:15.0277 4816	HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
19:05:15.0320 4816	HidUsb - ok
19:05:15.0419 4816	hkmsvc          (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
19:05:15.0474 4816	hkmsvc - ok
19:05:15.0517 4816	HookCentre      (becb4cd4685233b64eb89188872dd193) C:\Windows\system32\drivers\HookCentre.sys
19:05:15.0533 4816	HookCentre - ok
19:05:15.0644 4816	HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
19:05:15.0670 4816	HpCISSs - ok
19:05:15.0750 4816	HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
19:05:15.0817 4816	HTTP - ok
19:05:15.0918 4816	i2omp           (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
19:05:15.0943 4816	i2omp - ok
19:05:16.0008 4816	i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
19:05:16.0086 4816	i8042prt - ok
19:05:16.0194 4816	iaStor          (d483687eace0c065ee772481a96e05f5) C:\Windows\system32\DRIVERS\iaStor.sys
19:05:16.0228 4816	iaStor - ok
19:05:16.0294 4816	iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
19:05:16.0316 4816	iaStorV - ok
19:05:16.0435 4816	IDriverT        (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
19:05:16.0452 4816	IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:05:16.0452 4816	IDriverT - detected UnsignedFile.Multi.Generic (1)
19:05:16.0535 4816	idsvc           (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:05:16.0591 4816	idsvc - ok
19:05:16.0659 4816	igfx - ok
19:05:16.0764 4816	iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
19:05:16.0782 4816	iirsp - ok
19:05:16.0828 4816	IKEEXT          (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
19:05:16.0895 4816	IKEEXT - ok
19:05:17.0048 4816	IntcAzAudAddService (b9cbd3dea7ca02868621173bf7a2af9f) C:\Windows\system32\drivers\RTKVHDA.sys
19:05:17.0154 4816	IntcAzAudAddService - ok
19:05:17.0320 4816	intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
19:05:17.0344 4816	intelide - ok
19:05:17.0391 4816	intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
19:05:17.0447 4816	intelppm - ok
19:05:17.0534 4816	IPBusEnum       (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
19:05:17.0580 4816	IPBusEnum - ok
19:05:17.0661 4816	IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:05:17.0722 4816	IpFilterDriver - ok
19:05:17.0838 4816	iphlpsvc        (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
19:05:17.0906 4816	iphlpsvc - ok
19:05:17.0991 4816	IpInIp - ok
19:05:18.0036 4816	IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
19:05:18.0089 4816	IPMIDRV - ok
19:05:18.0113 4816	IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
19:05:18.0169 4816	IPNAT - ok
19:05:18.0270 4816	iPod Service    (49918803b661367023bf325cf602afdc) C:\Program Files\iPod\bin\iPodService.exe
19:05:18.0300 4816	iPod Service - ok
19:05:18.0380 4816	IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
19:05:18.0434 4816	IRENUM - ok
19:05:18.0493 4816	isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
19:05:18.0510 4816	isapnp - ok
19:05:18.0624 4816	iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
19:05:18.0644 4816	iScsiPrt - ok
19:05:18.0695 4816	iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
19:05:18.0713 4816	iteatapi - ok
19:05:18.0741 4816	iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
19:05:18.0759 4816	iteraid - ok
19:05:18.0844 4816	jswpsapi        (723ba0aec942e91c0a9ce146e73deceb) C:\Program Files\Jumpstart\jswpsapi.exe
19:05:18.0895 4816	jswpsapi ( UnsignedFile.Multi.Generic ) - warning
19:05:18.0895 4816	jswpsapi - detected UnsignedFile.Multi.Generic (1)
19:05:19.0012 4816	jswpslwf        (7e72514a3a1c5a9f3bff0660b3866c2b) C:\Windows\system32\DRIVERS\jswpslwf.sys
19:05:19.0086 4816	jswpslwf - ok
19:05:19.0193 4816	kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:05:19.0218 4816	kbdclass - ok
19:05:19.0263 4816	kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
19:05:19.0328 4816	kbdhid - ok
19:05:19.0401 4816	KeyIso          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:05:19.0461 4816	KeyIso - ok
19:05:19.0514 4816	KSecDD          (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
19:05:19.0556 4816	KSecDD - ok
19:05:19.0644 4816	KtmRm           (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
19:05:19.0722 4816	KtmRm - ok
19:05:19.0775 4816	LanmanServer    (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
19:05:19.0844 4816	LanmanServer - ok
19:05:19.0937 4816	LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
19:05:19.0999 4816	LanmanWorkstation - ok
19:05:20.0063 4816	lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
19:05:20.0116 4816	lltdio - ok
19:05:20.0199 4816	lltdsvc         (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
19:05:20.0248 4816	lltdsvc - ok
19:05:20.0287 4816	lmhosts         (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
19:05:20.0353 4816	lmhosts - ok
19:05:20.0403 4816	LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
19:05:20.0431 4816	LSI_FC - ok
19:05:20.0519 4816	LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
19:05:20.0546 4816	LSI_SAS - ok
19:05:20.0610 4816	LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
19:05:20.0637 4816	LSI_SCSI - ok
19:05:20.0723 4816	luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
19:05:20.0772 4816	luafv - ok
19:05:20.0811 4816	Mcx2Svc         (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
19:05:20.0846 4816	Mcx2Svc - ok
19:05:20.0979 4816	megasas         (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
19:05:20.0996 4816	megasas - ok
19:05:21.0026 4816	MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
19:05:21.0054 4816	MegaSR - ok
19:05:21.0184 4816	Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
19:05:21.0200 4816	Microsoft Office Groove Audit Service - ok
19:05:21.0282 4816	MMCSS           (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
19:05:21.0328 4816	MMCSS - ok
19:05:21.0392 4816	Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
19:05:21.0449 4816	Modem - ok
19:05:21.0508 4816	monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
19:05:21.0567 4816	monitor - ok
19:05:21.0628 4816	mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
19:05:21.0652 4816	mouclass - ok
19:05:21.0707 4816	mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
19:05:21.0761 4816	mouhid - ok
19:05:21.0827 4816	MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
19:05:21.0852 4816	MountMgr - ok
19:05:21.0934 4816	mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
19:05:21.0974 4816	mpio - ok
19:05:22.0060 4816	mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
19:05:22.0098 4816	mpsdrv - ok
19:05:22.0140 4816	MpsSvc          (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
19:05:22.0186 4816	MpsSvc - ok
19:05:22.0284 4816	Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
19:05:22.0309 4816	Mraid35x - ok
19:05:22.0366 4816	MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
19:05:22.0423 4816	MRxDAV - ok
19:05:22.0505 4816	mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:05:22.0574 4816	mrxsmb - ok
19:05:22.0635 4816	mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:05:22.0669 4816	mrxsmb10 - ok
19:05:22.0746 4816	mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:05:22.0791 4816	mrxsmb20 - ok
19:05:22.0866 4816	msahci          (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
19:05:22.0891 4816	msahci - ok
19:05:22.0985 4816	msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
19:05:23.0012 4816	msdsm - ok
19:05:23.0068 4816	MSDTC           (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
19:05:23.0115 4816	MSDTC - ok
19:05:23.0226 4816	Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
19:05:23.0282 4816	Msfs - ok
19:05:23.0347 4816	msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
19:05:23.0371 4816	msisadrv - ok
19:05:23.0480 4816	MSiSCSI         (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
19:05:23.0541 4816	MSiSCSI - ok
19:05:23.0568 4816	msiserver - ok
19:05:23.0653 4816	MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
19:05:23.0716 4816	MSKSSRV - ok
19:05:23.0766 4816	MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
19:05:23.0807 4816	MSPCLOCK - ok
19:05:23.0896 4816	MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
19:05:23.0942 4816	MSPQM - ok
19:05:23.0994 4816	MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
19:05:24.0014 4816	MsRPC - ok
19:05:24.0098 4816	mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
19:05:24.0115 4816	mssmbios - ok
19:05:24.0187 4816	MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
19:05:24.0235 4816	MSTEE - ok
19:05:24.0288 4816	Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
19:05:24.0306 4816	Mup - ok
19:05:24.0386 4816	napagent        (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
19:05:24.0416 4816	napagent - ok
19:05:24.0498 4816	NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
19:05:24.0552 4816	NativeWifiP - ok
19:05:24.0642 4816	NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
19:05:24.0680 4816	NDIS - ok
19:05:24.0739 4816	NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
19:05:24.0797 4816	NdisTapi - ok
19:05:24.0874 4816	Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
19:05:24.0941 4816	Ndisuio - ok
19:05:25.0004 4816	NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
19:05:25.0056 4816	NdisWan - ok
19:05:25.0139 4816	NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
19:05:25.0188 4816	NDProxy - ok
19:05:25.0227 4816	NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
19:05:25.0290 4816	NetBIOS - ok
19:05:25.0379 4816	netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
19:05:25.0439 4816	netbt - ok
19:05:25.0501 4816	Netlogon        (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:05:25.0531 4816	Netlogon - ok
19:05:25.0609 4816	Netman          (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
19:05:25.0680 4816	Netman - ok
19:05:25.0723 4816	netprofm        (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
19:05:25.0771 4816	netprofm - ok
19:05:25.0854 4816	NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:05:25.0880 4816	NetTcpPortSharing - ok
19:05:25.0945 4816	nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
19:05:25.0969 4816	nfrd960 - ok
19:05:26.0046 4816	NlaSvc          (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
19:05:26.0093 4816	NlaSvc - ok
19:05:26.0139 4816	Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
19:05:26.0176 4816	Npfs - ok
19:05:26.0199 4816	nsi             (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
19:05:26.0248 4816	nsi - ok
19:05:26.0329 4816	nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
19:05:26.0360 4816	nsiproxy - ok
19:05:26.0436 4816	Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
19:05:26.0493 4816	Ntfs - ok
19:05:26.0616 4816	ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
19:05:26.0697 4816	ntrigdigi - ok
19:05:26.0727 4816	Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
19:05:26.0776 4816	Null - ok
19:05:26.0891 4816	nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
19:05:26.0910 4816	nvraid - ok
19:05:26.0939 4816	nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
19:05:26.0957 4816	nvstor - ok
19:05:26.0983 4816	nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
19:05:27.0003 4816	nv_agp - ok
19:05:27.0081 4816	NwlnkFlt - ok
19:05:27.0094 4816	NwlnkFwd - ok
19:05:27.0186 4816	odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:05:27.0224 4816	odserv - ok
19:05:27.0373 4816	ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
19:05:27.0424 4816	ohci1394 - ok
19:05:27.0515 4816	ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:05:27.0538 4816	ose - ok
19:05:27.0644 4816	p2pimsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:05:27.0735 4816	p2pimsvc - ok
19:05:27.0749 4816	p2psvc          (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:05:27.0793 4816	p2psvc - ok
19:05:27.0914 4816	Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
19:05:28.0002 4816	Parport - ok
19:05:28.0041 4816	partmgr         (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
19:05:28.0068 4816	partmgr - ok
19:05:28.0175 4816	Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
19:05:28.0253 4816	Parvdm - ok
19:05:28.0290 4816	PcaSvc          (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
19:05:28.0336 4816	PcaSvc - ok
19:05:28.0450 4816	pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
19:05:28.0477 4816	pci - ok
19:05:28.0514 4816	pciide          (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\DRIVERS\pciide.sys
19:05:28.0538 4816	pciide - ok
19:05:28.0633 4816	pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
19:05:28.0661 4816	pcmcia - ok
19:05:28.0739 4816	PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
19:05:28.0863 4816	PEAUTH - ok
19:05:28.0995 4816	pla             (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
19:05:29.0084 4816	pla - ok
19:05:29.0210 4816	PlugPlay        (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
19:05:29.0291 4816	PlugPlay - ok
19:05:29.0345 4816	PNRPAutoReg     (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:05:29.0389 4816	PNRPAutoReg - ok
19:05:29.0403 4816	PNRPsvc         (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:05:29.0460 4816	PNRPsvc - ok
19:05:29.0618 4816	PolicyAgent     (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
19:05:29.0658 4816	PolicyAgent - ok
19:05:29.0723 4816	PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
19:05:29.0755 4816	PptpMiniport - ok
19:05:29.0855 4816	Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
19:05:29.0887 4816	Processor - ok
19:05:29.0927 4816	ProfSvc         (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
19:05:29.0956 4816	ProfSvc - ok
19:05:29.0990 4816	ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:05:30.0013 4816	ProtectedStorage - ok
19:05:30.0113 4816	PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
19:05:30.0161 4816	PSched - ok
19:05:30.0252 4816	ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
19:05:30.0322 4816	ql2300 - ok
19:05:30.0439 4816	ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
19:05:30.0466 4816	ql40xx - ok
19:05:30.0516 4816	QWAVE           (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
19:05:30.0573 4816	QWAVE - ok
19:05:30.0683 4816	QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
19:05:30.0734 4816	QWAVEdrv - ok
19:05:30.0764 4816	RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
19:05:30.0816 4816	RasAcd - ok
19:05:30.0915 4816	RasAuto         (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
19:05:30.0985 4816	RasAuto - ok
19:05:31.0040 4816	Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:05:31.0095 4816	Rasl2tp - ok
19:05:31.0194 4816	RasMan          (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
19:05:31.0255 4816	RasMan - ok
19:05:31.0315 4816	RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
19:05:31.0366 4816	RasPppoe - ok
19:05:31.0458 4816	RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
19:05:31.0488 4816	RasSstp - ok
19:05:31.0537 4816	rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
19:05:31.0602 4816	rdbss - ok
19:05:31.0717 4816	RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:05:31.0760 4816	RDPCDD - ok
19:05:31.0793 4816	rdpdr           (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
19:05:31.0841 4816	rdpdr - ok
19:05:31.0854 4816	RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
19:05:31.0912 4816	RDPENCDD - ok
19:05:32.0030 4816	RDPWD           (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
19:05:32.0100 4816	RDPWD - ok
19:05:32.0210 4816	RemoteAccess    (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
19:05:32.0275 4816	RemoteAccess - ok
19:05:32.0322 4816	RemoteRegistry  (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
19:05:32.0373 4816	RemoteRegistry - ok
19:05:32.0497 4816	rimmptsk        (c2ef513bbe069f0d4ee0938a76f975d3) C:\Windows\system32\DRIVERS\rimmptsk.sys
19:05:32.0555 4816	rimmptsk - ok
19:05:32.0666 4816	rimsptsk        (c398bca91216755b098679a8da8a2300) C:\Windows\system32\DRIVERS\rimsptsk.sys
19:05:32.0686 4816	rimsptsk - ok
19:05:32.0709 4816	rismxdp         (2a2554cb24506e0a0508fc395c4a1b42) C:\Windows\system32\DRIVERS\rixdptsk.sys
19:05:32.0766 4816	rismxdp - ok
19:05:32.0854 4816	RpcLocator      (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
19:05:32.0914 4816	RpcLocator - ok
19:05:32.0977 4816	RpcSs           (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
19:05:33.0013 4816	RpcSs - ok
19:05:33.0143 4816	rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
19:05:33.0208 4816	rspndr - ok
19:05:33.0333 4816	RTL8169         (2d19a7469ea19993d0c12e627f4530bc) C:\Windows\system32\DRIVERS\Rtlh86.sys
19:05:33.0362 4816	RTL8169 - ok
19:05:33.0402 4816	SamSs           (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:05:33.0431 4816	SamSs - ok
19:05:33.0466 4816	sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
19:05:33.0492 4816	sbp2port - ok
19:05:33.0611 4816	SCardSvr        (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
19:05:33.0674 4816	SCardSvr - ok
19:05:33.0729 4816	Schedule        (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
19:05:33.0816 4816	Schedule - ok
19:05:33.0923 4816	SCPolicySvc     (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
19:05:33.0950 4816	SCPolicySvc - ok
19:05:33.0991 4816	sdbus           (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
19:05:34.0035 4816	sdbus - ok
19:05:34.0130 4816	SDRSVC          (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
19:05:34.0188 4816	SDRSVC - ok
19:05:34.0235 4816	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:05:34.0299 4816	secdrv - ok
19:05:34.0395 4816	seclogon        (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
19:05:34.0427 4816	seclogon - ok
19:05:34.0447 4816	SENS            (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
19:05:34.0498 4816	SENS - ok
19:05:34.0553 4816	Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
19:05:34.0600 4816	Serenum - ok
19:05:34.0695 4816	Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
19:05:34.0745 4816	Serial - ok
19:05:34.0772 4816	sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
19:05:34.0803 4816	sermouse - ok
19:05:34.0838 4816	SessionEnv      (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
19:05:34.0872 4816	SessionEnv - ok
19:05:34.0923 4816	sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
19:05:34.0950 4816	sffdisk - ok
19:05:35.0034 4816	sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
19:05:35.0079 4816	sffp_mmc - ok
19:05:35.0121 4816	sffp_sd         (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
19:05:35.0160 4816	sffp_sd - ok
19:05:35.0251 4816	sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
19:05:35.0338 4816	sfloppy - ok
19:05:35.0385 4816	SharedAccess    (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
19:05:35.0449 4816	SharedAccess - ok
19:05:35.0561 4816	ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
19:05:35.0622 4816	ShellHWDetection - ok
19:05:35.0717 4816	sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
19:05:35.0742 4816	sisagp - ok
19:05:35.0792 4816	SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
19:05:35.0817 4816	SiSRaid2 - ok
19:05:35.0845 4816	SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
19:05:35.0872 4816	SiSRaid4 - ok
19:05:36.0027 4816	slsvc           (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
19:05:36.0157 4816	slsvc - ok
19:05:36.0284 4816	SLUINotify      (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
19:05:36.0380 4816	SLUINotify - ok
19:05:36.0488 4816	SmartFaceVWatchSrv (3566310df25ea5c3b2e9f50f5b50eac1) C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
19:05:36.0494 4816	SmartFaceVWatchSrv ( UnsignedFile.Multi.Generic ) - warning
19:05:36.0494 4816	SmartFaceVWatchSrv - detected UnsignedFile.Multi.Generic (1)
19:05:36.0605 4816	Smb             (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
19:05:36.0644 4816	Smb - ok
19:05:36.0685 4816	SNMPTRAP        (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
19:05:36.0707 4816	SNMPTRAP - ok
19:05:36.0809 4816	spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
19:05:36.0826 4816	spldr - ok
19:05:36.0863 4816	Spooler         (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
19:05:36.0890 4816	Spooler - ok
19:05:36.0992 4816	srv             (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
19:05:37.0045 4816	srv - ok
19:05:37.0085 4816	srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
19:05:37.0108 4816	srv2 - ok
19:05:37.0205 4816	srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
19:05:37.0258 4816	srvnet - ok
19:05:37.0298 4816	SSDPSRV         (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
19:05:37.0359 4816	SSDPSRV - ok
19:05:37.0466 4816	SSPORT          (ef3458337d7341a05169cefc73709264) C:\Windows\system32\Drivers\SSPORT.sys
19:05:37.0472 4816	SSPORT ( UnsignedFile.Multi.Generic ) - warning
19:05:37.0472 4816	SSPORT - detected UnsignedFile.Multi.Generic (1)
19:05:37.0536 4816	SstpSvc         (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
19:05:37.0591 4816	SstpSvc - ok
19:05:37.0669 4816	StarOpen - ok
19:05:37.0740 4816	stisvc          (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
19:05:37.0804 4816	stisvc - ok
19:05:37.0908 4816	swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
19:05:37.0926 4816	swenum - ok
19:05:37.0965 4816	swprv           (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
19:05:38.0017 4816	swprv - ok
19:05:38.0130 4816	Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
19:05:38.0147 4816	Symc8xx - ok
19:05:38.0175 4816	Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
19:05:38.0193 4816	Sym_hi - ok
19:05:38.0217 4816	Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
19:05:38.0234 4816	Sym_u3 - ok
19:05:38.0270 4816	SynTP           (70534d1e4f9ac990536d5fb5b550b3de) C:\Windows\system32\DRIVERS\SynTP.sys
19:05:38.0290 4816	SynTP - ok
19:05:38.0393 4816	SysMain         (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
19:05:38.0472 4816	SysMain - ok
19:05:38.0575 4816	TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
19:05:38.0608 4816	TabletInputService - ok
19:05:38.0657 4816	TapiSrv         (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
19:05:38.0716 4816	TapiSrv - ok
19:05:38.0829 4816	TBS             (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
19:05:38.0876 4816	TBS - ok
19:05:38.0949 4816	Tcpip           (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
19:05:39.0022 4816	Tcpip - ok
19:05:39.0159 4816	Tcpip6          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
19:05:39.0233 4816	Tcpip6 - ok
19:05:39.0352 4816	tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
19:05:39.0443 4816	tcpipreg - ok
19:05:39.0485 4816	tdcmdpst        (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys
19:05:39.0517 4816	tdcmdpst - ok
19:05:39.0616 4816	TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
19:05:39.0648 4816	TDPIPE - ok
19:05:39.0675 4816	TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
19:05:39.0707 4816	TDTCP - ok
19:05:39.0748 4816	tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
19:05:39.0790 4816	tdx - ok
19:05:39.0863 4816	TemproMonitoringService (24ea631fec13e87afe07a2b28732ef38) C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
19:05:39.0879 4816	TemproMonitoringService - ok
19:05:39.0950 4816	TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
19:05:39.0977 4816	TermDD - ok
19:05:40.0019 4816	TermService     (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
19:05:40.0125 4816	TermService - ok
19:05:40.0294 4816	Themes          (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
19:05:40.0331 4816	Themes - ok
19:05:40.0383 4816	THREADORDER     (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
19:05:40.0449 4816	THREADORDER - ok
19:05:40.0568 4816	TNaviSrv        (89f74c86523f5e334628dbce66e6d165) C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
19:05:40.0590 4816	TNaviSrv - ok
19:05:40.0649 4816	TODDSrv         (c5ac715b65b01788abc22d10749dddd8) C:\Windows\system32\TODDSrv.exe
19:05:40.0675 4816	TODDSrv - ok
19:05:40.0766 4816	TosCoSrv        (da6903958cbdc091ffcbbca70ccff34c) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
19:05:40.0817 4816	TosCoSrv - ok
19:05:40.0925 4816	TOSHIBA Bluetooth Service (8e10e654e354cf330ed75882769a0107) c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
19:05:40.0947 4816	TOSHIBA Bluetooth Service - ok
19:05:41.0002 4816	TOSHIBA SMART Log Service (22690dffc7f2a18279a7a0489aa02bac) C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
19:05:41.0011 4816	TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - warning
19:05:41.0011 4816	TOSHIBA SMART Log Service - detected UnsignedFile.Multi.Generic (1)
19:05:41.0059 4816	Tosrfcom - ok
19:05:41.0083 4816	tosrfec         (5c4103544612e5011ef46301b93d1aa6) C:\Windows\system32\DRIVERS\tosrfec.sys
19:05:41.0146 4816	tosrfec - ok
19:05:41.0193 4816	tos_sps32       (4399a9bf7d8f49991a07fd86590a1619) C:\Windows\system32\DRIVERS\tos_sps32.sys
19:05:41.0222 4816	tos_sps32 - ok
19:05:41.0297 4816	TrkWks          (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
19:05:41.0366 4816	TrkWks - ok
19:05:41.0426 4816	TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
19:05:41.0489 4816	TrustedInstaller - ok
19:05:41.0587 4816	tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:05:41.0644 4816	tssecsrv - ok
19:05:41.0706 4816	tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
19:05:41.0752 4816	tunmp - ok
19:05:41.0822 4816	tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
19:05:41.0869 4816	tunnel - ok
19:05:41.0923 4816	TVALZ           (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
19:05:41.0944 4816	TVALZ - ok
19:05:42.0031 4816	uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
19:05:42.0057 4816	uagp35 - ok
19:05:42.0107 4816	udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
19:05:42.0150 4816	udfs - ok
19:05:42.0231 4816	UI0Detect       (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
19:05:42.0291 4816	UI0Detect - ok
19:05:42.0378 4816	UleadBurningHelper (332d341d92b933600d41953b08360dfb) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
19:05:42.0398 4816	UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning
19:05:42.0398 4816	UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)
19:05:42.0498 4816	uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
19:05:42.0516 4816	uliagpkx - ok
19:05:42.0556 4816	uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
19:05:42.0578 4816	uliahci - ok
19:05:42.0604 4816	UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
19:05:42.0624 4816	UlSata - ok
19:05:42.0724 4816	ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
19:05:42.0743 4816	ulsata2 - ok
19:05:42.0774 4816	umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
19:05:42.0806 4816	umbus - ok
19:05:42.0845 4816	upnphost        (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
19:05:42.0880 4816	upnphost - ok
19:05:42.0970 4816	USBAAPL         (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
19:05:43.0034 4816	USBAAPL - ok
19:05:43.0083 4816	usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
19:05:43.0122 4816	usbccgp - ok
19:05:43.0205 4816	usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
19:05:43.0256 4816	usbcir - ok
19:05:43.0327 4816	usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
19:05:43.0354 4816	usbehci - ok
19:05:43.0443 4816	usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
19:05:43.0494 4816	usbhub - ok
19:05:43.0557 4816	usbohci         (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
19:05:43.0635 4816	usbohci - ok
19:05:43.0723 4816	usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
19:05:43.0754 4816	usbprint - ok
19:05:43.0819 4816	usbscan         (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
19:05:43.0846 4816	usbscan - ok
19:05:43.0945 4816	USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:05:43.0973 4816	USBSTOR - ok
19:05:44.0019 4816	usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
19:05:44.0046 4816	usbuhci - ok
19:05:44.0108 4816	usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
19:05:44.0157 4816	usbvideo - ok
19:05:44.0203 4816	UVCFTR          (8c5094a8ab24de7496c7c19942f2df04) C:\Windows\system32\Drivers\UVCFTR_S.SYS
19:05:44.0256 4816	UVCFTR - ok
19:05:44.0320 4816	UxSms           (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
19:05:44.0358 4816	UxSms - ok
19:05:44.0415 4816	vds             (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
19:05:44.0454 4816	vds - ok
19:05:44.0536 4816	vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
19:05:44.0586 4816	vga - ok
19:05:44.0624 4816	VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
19:05:44.0676 4816	VgaSave - ok
19:05:44.0777 4816	viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
19:05:44.0796 4816	viaagp - ok
19:05:44.0835 4816	ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
19:05:44.0868 4816	ViaC7 - ok
19:05:44.0888 4816	viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
19:05:44.0906 4816	viaide - ok
19:05:44.0975 4816	volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
19:05:44.0993 4816	volmgr - ok
19:05:45.0029 4816	volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
19:05:45.0054 4816	volmgrx - ok
19:05:45.0116 4816	volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
19:05:45.0146 4816	volsnap - ok
19:05:45.0275 4816	vsmraid         (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
19:05:45.0303 4816	vsmraid - ok
19:05:45.0381 4816	VSS             (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
19:05:45.0508 4816	VSS - ok
19:05:45.0595 4816	W32Time         (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
19:05:45.0654 4816	W32Time - ok
19:05:45.0731 4816	WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
19:05:45.0810 4816	WacomPen - ok
19:05:45.0883 4816	Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:05:45.0921 4816	Wanarp - ok
19:05:45.0925 4816	Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:05:45.0963 4816	Wanarpv6 - ok
19:05:46.0018 4816	wcncsvc         (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
19:05:46.0064 4816	wcncsvc - ok
19:05:46.0099 4816	WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
19:05:46.0140 4816	WcsPlugInService - ok
19:05:46.0221 4816	Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
19:05:46.0246 4816	Wd - ok
19:05:46.0289 4816	Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
19:05:46.0343 4816	Wdf01000 - ok
19:05:46.0411 4816	WdiServiceHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
19:05:46.0480 4816	WdiServiceHost - ok
19:05:46.0485 4816	WdiSystemHost   (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
19:05:46.0532 4816	WdiSystemHost - ok
19:05:46.0587 4816	WebClient       (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
19:05:46.0622 4816	WebClient - ok
19:05:46.0685 4816	Wecsvc          (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
19:05:46.0730 4816	Wecsvc - ok
19:05:46.0767 4816	wercplsupport   (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
19:05:46.0818 4816	wercplsupport - ok
19:05:46.0906 4816	WerSvc          (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
19:05:46.0935 4816	WerSvc - ok
19:05:47.0013 4816	WinDefend       (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
19:05:47.0033 4816	WinDefend - ok
19:05:47.0038 4816	WinHttpAutoProxySvc - ok
19:05:47.0157 4816	Winmgmt         (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
19:05:47.0184 4816	Winmgmt - ok
19:05:47.0243 4816	WinRM           (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
19:05:47.0335 4816	WinRM - ok
19:05:47.0415 4816	Wlansvc         (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
19:05:47.0479 4816	Wlansvc - ok
19:05:47.0640 4816	wlidsvc         (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:05:47.0704 4816	wlidsvc - ok
19:05:47.0785 4816	WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
19:05:47.0822 4816	WmiAcpi - ok
19:05:47.0889 4816	wmiApSrv        (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
19:05:47.0929 4816	wmiApSrv - ok
19:05:48.0031 4816	WMPNetworkSvc   (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
19:05:48.0137 4816	WMPNetworkSvc - ok
19:05:48.0239 4816	WPCSvc          (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
19:05:48.0283 4816	WPCSvc - ok
19:05:48.0328 4816	WPDBusEnum      (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
19:05:48.0379 4816	WPDBusEnum - ok
19:05:48.0496 4816	WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
19:05:48.0531 4816	WpdUsb - ok
19:05:48.0629 4816	WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:05:48.0659 4816	WPFFontCache_v0400 - ok
19:05:48.0760 4816	ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
19:05:48.0792 4816	ws2ifsl - ok
19:05:48.0826 4816	wscsvc          (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
19:05:48.0860 4816	wscsvc - ok
19:05:48.0932 4816	WSearch - ok
19:05:49.0012 4816	wuauserv        (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
19:05:49.0088 4816	wuauserv - ok
19:05:49.0194 4816	WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:05:49.0226 4816	WUDFRd - ok
19:05:49.0268 4816	wudfsvc         (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
19:05:49.0301 4816	wudfsvc - ok
19:05:49.0324 4816	MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
19:05:50.0231 4816	\Device\Harddisk0\DR0 - ok
19:05:50.0264 4816	Boot (0x1200)   (c2859787109a5e9bae88b910710c79ce) \Device\Harddisk0\DR0\Partition0
19:05:50.0267 4816	\Device\Harddisk0\DR0\Partition0 - ok
19:05:50.0293 4816	Boot (0x1200)   (93b7e984f5eaea60af775fc2801943bb) \Device\Harddisk0\DR0\Partition1
19:05:50.0295 4816	\Device\Harddisk0\DR0\Partition1 - ok
19:05:50.0296 4816	============================================================
19:05:50.0296 4816	Scan finished
19:05:50.0296 4816	============================================================
19:05:50.0320 5296	Detected object count: 8
19:05:50.0320 5296	Actual detected object count: 8
19:06:57.0831 5296	ConfigFree Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:06:57.0831 5296	ConfigFree Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:06:57.0833 5296	FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
19:06:57.0833 5296	FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:06:57.0834 5296	IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
19:06:57.0834 5296	IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:06:57.0836 5296	jswpsapi ( UnsignedFile.Multi.Generic ) - skipped by user
19:06:57.0836 5296	jswpsapi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:06:57.0838 5296	SmartFaceVWatchSrv ( UnsignedFile.Multi.Generic ) - skipped by user
19:06:57.0838 5296	SmartFaceVWatchSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:06:57.0839 5296	SSPORT ( UnsignedFile.Multi.Generic ) - skipped by user
19:06:57.0839 5296	SSPORT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:06:57.0841 5296	TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:06:57.0841 5296	TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:06:57.0843 5296	UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user
19:06:57.0843 5296	UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus · 06.04.2012, 18:39

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

Gizmo79 · 06.04.2012, 22:12

Hier nun noch das LOG von ComboFix.

Code:

ATTFilter

ComboFix 12-04-06.03 - Frank 06.04.2012  22:34:24.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3069.1803 [GMT 2:00]
ausgeführt von:: c:\users\Frank\Desktop\ComboFix.exe
AV: G DATA InternetSecurity 2009 *Disabled/Updated* {54ACC2FC-837E-E665-7A92-5352D560D5EF}
FW: G DATA Personal Firewall *Disabled* {6C9743D9-C911-E73D-51CD-FA672BB39294}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\pdfforge Toolbar\SearchSettings.dll
c:\program files\pdfforge Toolbar\WiDGitoolbarie.dll
c:\users\Frank\AppData\Roaming\Microsoft\Windows\Recent\mxfilerelatedcache.mxc2
c:\users\Frank\Favorites\mxfilerelatedcache.mxc2
c:\windows\security\Database\tmp.edb
.
c:\windows\system32\grpconv.exe fehlte 
Kopie von - c:\windows\winsxs\x86_microsoft-windows-grpconv_31bf3856ad364e35_6.0.6000.16386_none_a05162e240c2c82b\grpconv.exe wurde wiederhergestellt
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-03-06 bis 2012-04-06  ))))))))))))))))))))))))))))))
.
.
2012-04-06 20:43 . 2012-04-06 20:51	--------	d-----w-	c:\users\Frank\AppData\Local\temp
2012-04-06 20:43 . 2012-04-06 20:43	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-04-06 20:43 . 2006-11-02 09:45	16896	----a-w-	c:\windows\system32\grpconv.exe
2012-04-06 12:52 . 2012-03-14 02:15	6582328	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{FB9CC60F-4CD6-4CAC-9A63-55E6F5B51506}\mpengine.dll
2012-04-05 05:59 . 2012-04-05 05:59	--------	d-----w-	c:\program files\ESET
2012-04-02 19:30 . 2012-04-02 19:30	418464	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-04-02 16:30 . 2012-04-02 16:30	--------	d-----w-	c:\users\Frank\AppData\Roaming\Malwarebytes
2012-04-02 16:30 . 2012-04-02 16:30	--------	d-----w-	c:\programdata\Malwarebytes
2012-04-02 16:30 . 2012-04-02 16:30	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2012-04-02 16:30 . 2011-12-10 13:24	20464	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-04-02 15:49 . 2012-04-02 16:38	--------	d-----w-	c:\programdata\F4D55F170001619A005EB8AF570F1C8B
2012-03-22 19:12 . 2012-03-22 19:12	4435968	----a-w-	c:\windows\system32\GPhotos.scr
2012-03-19 06:39 . 2012-03-19 06:39	592824	----a-w-	c:\program files\Mozilla Firefox\gkmedias.dll
2012-03-19 06:39 . 2012-03-19 06:39	44472	----a-w-	c:\program files\Mozilla Firefox\mozglue.dll
2012-03-14 06:10 . 2012-02-02 15:16	2044416	----a-w-	c:\windows\system32\win32k.sys
2012-03-14 06:10 . 2012-02-14 15:45	219648	----a-w-	c:\windows\system32\d3d10_1core.dll
2012-03-14 06:10 . 2012-02-14 15:45	160768	----a-w-	c:\windows\system32\d3d10_1.dll
2012-03-14 06:10 . 2012-02-13 14:12	1172480	----a-w-	c:\windows\system32\d3d10warp.dll
2012-03-14 06:10 . 2012-02-13 13:47	683008	----a-w-	c:\windows\system32\d2d1.dll
2012-03-14 06:10 . 2012-02-13 13:44	1068544	----a-w-	c:\windows\system32\DWrite.dll
2012-03-14 06:10 . 2012-01-31 10:59	2409784	----a-w-	c:\program files\Windows Mail\OESpamFilter.dat
2012-03-14 06:10 . 2012-01-09 15:54	613376	----a-w-	c:\windows\system32\rdpencom.dll
2012-03-14 06:10 . 2012-01-09 13:58	180736	----a-w-	c:\windows\system32\drivers\rdpwd.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-02 19:30 . 2011-05-22 19:58	70304	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-23 08:18 . 2009-10-02 15:59	237072	------w-	c:\windows\system32\MpSigStub.exe
2012-02-15 09:01 . 2012-02-15 09:01	4547944	----a-w-	c:\windows\system32\usbaaplrc.dll
2012-02-15 09:01 . 2012-02-15 09:01	43520	----a-w-	c:\windows\system32\drivers\usbaapl.sys
2012-03-19 06:39 . 2011-11-09 19:14	97208	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-03 68856]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-08 6037504]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1348904]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136]
"NDSTray.exe"="NDSTray.exe" [BU]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-03-16 6158240]
"Google EULA Launcher"="c:\program files\Google\Google EULA\GoogleEULALauncher.exe" [2008-05-28 20480]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2008-04-29 417792]
"HDMICtrlMan"="c:\program files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe" [2008-04-26 716800]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 509816]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-03-19 716800]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2008-01-11 574864]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"SearchSettings"="c:\program files\pdfforge Toolbar\SearchSettings.exe" [2009-01-30 992256]
"GDFirewallTray"="c:\program files\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe" [2008-08-19 1037992]
"G DATA AntiVirus Trayapplication"="c:\program files\G DATA\InternetSecurity\AVKTray\AVKTray.exe" [2008-10-29 955976]
"Toshiba TEMPRO"="c:\program files\Toshiba TEMPRO\TemproTray.exe" [2010-10-26 1050072]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2008-08-08 524288]
"CD- und DVD-Sharing"="c:\program files\CD- und DVD-Sharing\ODSAgent.exe" [2008-02-20 619832]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"AirMac Base Station Agent"="c:\program files\AirPort\APAgent.exe" [2009-11-11 771360]
"iTunesHelper"="e:\music\iTunes\iTunesHelper.exe" [2012-01-16 421736]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-03-16 6158240]
.
c:\users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office Outlook 2007.lnk - c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe [2008-8-12 845584]
Registration DIE SIEDLER - Das Erbe der Könige.LNK - e:\programme\Support\Register\RegistrationReminder.exe [2010-4-4 864256]
TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2008-3-5 393216]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2008-3-5 393216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 253600]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2012-04-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 19:30]
.
2012-04-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 11:57]
.
2012-04-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 11:57]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.rp-online.de/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA
uInternet Settings,ProxyOverride = *.local
IE: Add to &Evernote - c:\program files\Evernote\Evernote3.5\enbar.dll/2000
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\bzxrm7o5.default\
FF - prefs.js: browser.search.selectedEngine - WEB.DE Suche
FF - prefs.js: browser.startup.homepage - hxxp://www.rp-online.de/
FF - prefs.js: keyword.URL - hxxp://go.web.de/tb2/mff_keyurl_search/?su=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-TOSCDSPD - TOSCDSPD.EXE
HKCU-Run-TotalSecure2009 - c:\program files\TS-2009\scan.exe
HKLM-Run-cfFncEnabler.exe - cfFncEnabler.exe
HKLM-Run-Toshiba TEMPO - c:\program files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
HKLM-Run-jswtrayutil - c:\program files\Jumpstart\jswtrayutil.exe
HKLM-Run-pdfSaver3 - (no file)
.
.
.
**************************************************************************
Scanne versteckte Prozesse... 
.
qN>¾Lo{P¢|ºH}] [1230916112] 0x90001000
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(1768)
c:\program files\G DATA\InternetSecurity\Shredder\Reisswlf.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Common Files\G DATA\AVKProxy\AVKProxy.exe
c:\program files\G DATA\InternetSecurity\AVK\AVKService.exe
c:\program files\G DATA\InternetSecurity\AVK\AVKWCtl.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe
c:\program files\Toshiba TEMPRO\TemproSvc.exe
c:\program files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
c:\windows\system32\TODDSrv.exe
c:\program files\Toshiba\Power Saver\TosCoSrv.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
c:\program files\G DATA\InternetSecurity\Firewall\GDFwSvc.exe
c:\windows\system32\conime.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-04-06  22:57:46 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-04-06 20:56
.
Vor Suchlauf: 8 Verzeichnis(se), 37.245.206.528 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 38.212.911.104 Bytes frei
.
- - End Of File - - 7A1C97C522415358A9420C0326F818AA

cosinus · 06.04.2012, 22:16

Combofix - Scripten

1. Starte das Notepad (Start / Ausführen / notepad[Enter])

2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein.

Code:

ATTFilter

Folder::
c:\programdata\F4D55F170001619A005EB8AF570F1C8B

3. Speichere im Notepad als CFScript.txt auf dem Desktop.

4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall.
(Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !)

5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.

6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien:
Combofix.txt

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Gizmo79 · 07.04.2012, 06:48

Guten Morgen Arne,

hier nun das neue LOG. Wobei ich mir gerade nicht sicher bin ob ich den ganzen Text der Codebox beim kopieren erwischt habe.

Kann ich das jetzt nochmal ausführen, oder irgendwo nachschauen ob es richtig war?

Gruß Frank

Code:

ATTFilter

ComboFix 12-04-06.03 - Frank 06.04.2012  23:31:37.2.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3069.1935 [GMT 2:00]
ausgeführt von:: c:\users\Frank\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Frank\Desktop\CFScript.txt
AV: G DATA InternetSecurity 2009 *Disabled/Updated* {54ACC2FC-837E-E665-7A92-5352D560D5EF}
FW: G DATA Personal Firewall *Disabled* {6C9743D9-C911-E73D-51CD-FA672BB39294}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-03-06 bis 2012-04-06  ))))))))))))))))))))))))))))))
.
.
2012-04-06 21:39 . 2012-04-06 21:39	--------	d-----w-	c:\users\Frank\AppData\Local\temp
2012-04-06 21:39 . 2012-04-06 21:39	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-04-06 20:43 . 2006-11-02 09:45	16896	----a-w-	c:\windows\system32\grpconv.exe
2012-04-06 12:52 . 2012-03-14 02:15	6582328	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{FB9CC60F-4CD6-4CAC-9A63-55E6F5B51506}\mpengine.dll
2012-04-05 05:59 . 2012-04-05 05:59	--------	d-----w-	c:\program files\ESET
2012-04-02 19:30 . 2012-04-02 19:30	418464	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-04-02 16:30 . 2012-04-02 16:30	--------	d-----w-	c:\users\Frank\AppData\Roaming\Malwarebytes
2012-04-02 16:30 . 2012-04-02 16:30	--------	d-----w-	c:\programdata\Malwarebytes
2012-04-02 16:30 . 2012-04-02 16:30	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2012-04-02 16:30 . 2011-12-10 13:24	20464	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-04-02 15:49 . 2012-04-02 16:38	--------	d-----w-	c:\programdata\F4D55F170001619A005EB8AF570F1C8B
2012-03-22 19:12 . 2012-03-22 19:12	4435968	----a-w-	c:\windows\system32\GPhotos.scr
2012-03-19 06:39 . 2012-03-19 06:39	592824	----a-w-	c:\program files\Mozilla Firefox\gkmedias.dll
2012-03-19 06:39 . 2012-03-19 06:39	44472	----a-w-	c:\program files\Mozilla Firefox\mozglue.dll
2012-03-14 06:10 . 2012-02-02 15:16	2044416	----a-w-	c:\windows\system32\win32k.sys
2012-03-14 06:10 . 2012-02-14 15:45	219648	----a-w-	c:\windows\system32\d3d10_1core.dll
2012-03-14 06:10 . 2012-02-14 15:45	160768	----a-w-	c:\windows\system32\d3d10_1.dll
2012-03-14 06:10 . 2012-02-13 14:12	1172480	----a-w-	c:\windows\system32\d3d10warp.dll
2012-03-14 06:10 . 2012-02-13 13:47	683008	----a-w-	c:\windows\system32\d2d1.dll
2012-03-14 06:10 . 2012-02-13 13:44	1068544	----a-w-	c:\windows\system32\DWrite.dll
2012-03-14 06:10 . 2012-01-31 10:59	2409784	----a-w-	c:\program files\Windows Mail\OESpamFilter.dat
2012-03-14 06:10 . 2012-01-09 15:54	613376	----a-w-	c:\windows\system32\rdpencom.dll
2012-03-14 06:10 . 2012-01-09 13:58	180736	----a-w-	c:\windows\system32\drivers\rdpwd.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-02 19:30 . 2011-05-22 19:58	70304	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-23 08:18 . 2009-10-02 15:59	237072	------w-	c:\windows\system32\MpSigStub.exe
2012-02-15 09:01 . 2012-02-15 09:01	4547944	----a-w-	c:\windows\system32\usbaaplrc.dll
2012-02-15 09:01 . 2012-02-15 09:01	43520	----a-w-	c:\windows\system32\drivers\usbaapl.sys
2012-03-19 06:39 . 2011-11-09 19:14	97208	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-03 68856]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-08 6037504]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1348904]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136]
"NDSTray.exe"="NDSTray.exe" [BU]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-03-16 6158240]
"Google EULA Launcher"="c:\program files\Google\Google EULA\GoogleEULALauncher.exe" [2008-05-28 20480]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2008-04-29 417792]
"HDMICtrlMan"="c:\program files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe" [2008-04-26 716800]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 509816]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-03-19 716800]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2008-01-11 574864]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"SearchSettings"="c:\program files\pdfforge Toolbar\SearchSettings.exe" [2009-01-30 992256]
"GDFirewallTray"="c:\program files\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe" [2008-08-19 1037992]
"G DATA AntiVirus Trayapplication"="c:\program files\G DATA\InternetSecurity\AVKTray\AVKTray.exe" [2008-10-29 955976]
"Toshiba TEMPRO"="c:\program files\Toshiba TEMPRO\TemproTray.exe" [2010-10-26 1050072]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2008-08-08 524288]
"CD- und DVD-Sharing"="c:\program files\CD- und DVD-Sharing\ODSAgent.exe" [2008-02-20 619832]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"AirMac Base Station Agent"="c:\program files\AirPort\APAgent.exe" [2009-11-11 771360]
"iTunesHelper"="e:\music\iTunes\iTunesHelper.exe" [2012-01-16 421736]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-03-16 6158240]
.
c:\users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office Outlook 2007.lnk - c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe [2008-8-12 845584]
Registration DIE SIEDLER - Das Erbe der Könige.LNK - e:\programme\Support\Register\RegistrationReminder.exe [2010-4-4 864256]
TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2008-3-5 393216]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2008-3-5 393216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 253600]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2012-04-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 19:30]
.
2012-04-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 11:57]
.
2012-04-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 11:57]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.rp-online.de/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA
uInternet Settings,ProxyOverride = *.local
IE: Add to &Evernote - c:\program files\Evernote\Evernote3.5\enbar.dll/2000
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\bzxrm7o5.default\
FF - prefs.js: browser.search.selectedEngine - WEB.DE Suche
FF - prefs.js: browser.startup.homepage - hxxp://www.rp-online.de/
FF - prefs.js: keyword.URL - hxxp://go.web.de/tb2/mff_keyurl_search/?su=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-04-06 23:39
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(2168)
c:\program files\G DATA\InternetSecurity\Shredder\Reisswlf.dll
.
Zeit der Fertigstellung: 2012-04-06  23:41:35
ComboFix-quarantined-files.txt  2012-04-06 21:41
ComboFix2.txt  2012-04-06 20:57
.
Vor Suchlauf: 12 Verzeichnis(se), 38.259.662.848 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 38.213.156.864 Bytes frei
.
- - End Of File - - FF7DAD56CCE5C6A081ACD6AD0D87AA85

cosinus · 07.04.2012, 17:45

Ich wollte damit nur einen Ordner löschen, den hier => c:\programdata\F4D55F170001619A005EB8AF570F1C8B

Du kannst ihn auch versuchen manuell zu löschen, besser ist erstmal verschieben, zB nach C:\_OTL - benenn den Ordner dann um in irgendwas anderes

Gizmo79 · 08.04.2012, 21:38

Hallo Arne,

also die Datei habe ich gefunden. Leider habe ich jedoch den Ordner C:\_OTL nicht gefunden. Könnte dies damit zusammenhängen, dass ich OTL nicht starten konnte? Achja und momentan bekomme ich immer noch von meinem Virenprogramm eine Virenmeldung. Das sieht dann so aus.

Code:

ATTFilter

Virenprüfung mit G DATA AntiVirus
Version 19.3.0.0
Virensignaturen vom 08.04.2012
Job: Festplatte
Startzeit: 08.04.2012 17:31
Virensignaturen: 
Heuristik: Ein
Archive: Ein
Systembereiche: Ein
RootKits prüfen: Ein

Prüfung der Systembereiche...
Prüfung auf RootKits...
Prüfung aller lokalen Festplatten...
Objekt: a\Msgs.class
	In Archiv: C:\Users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\762dfb04-588ab5e5
	Status: Virus gefunden
	Virus: Java:CVE-2012-0507-C [Expl]
Objekt: 762dfb04-588ab5e5
	Pfad: C:\Users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4
	Status: Virus gefunden
	Virus: Java:CVE-2012-0507-C [Expl]

Analyse vollständig durchgeführt: 08.04.2012 20:33
    221953 Dateien überprüft
    1 infizierte Dateien gefunden
    0 verdächtige Dateien gefunden

Wie sollte ich also am besten weiter machen?

Gruß
Frank

cosinus · 08.04.2012, 22:15

Warte das hauen wir eben per OTL weg

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":Files" muss mitkopiert werden!!!)

Code:

ATTFilter

:Files
C:\Users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0
c:\programdata\F4D55F170001619A005EB8AF570F1C8B
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Gizmo79 · 08.04.2012, 22:23

Tja, leider funktioniert OTL bei mir irgendwie nicht. Bekomme immer wieder die Meldung dass OTL nicht funktioniert egal ob im abgesicherten Mordus oder im nomalen.

Hier noch die Beschreibung die zur Problembehebung gesendet werden soll.

Code:

ATTFilter

  C:\Users\Frank\AppData\Local\temp\WER1FC5.tmp.version.txt
  C:\Users\Frank\AppData\Local\temp\WER323C.tmp.appcompat.txt
  C:\Users\Frank\AppData\Local\temp\WER3308.tmp.mdmp

cosinus · 08.04.2012, 22:46

Auweia, das kann doch nicht sein, weder mit CF noch mit OTL
Probieren wir nochmal CF

Combofix - Scripten

1. Starte das Notepad (Start / Ausführen / notepad[Enter])

2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein.

Code:

ATTFilter

Folder::
C:\Users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0
c:\programdata\F4D55F170001619A005EB8AF570F1C8B

3. Speichere im Notepad als CFScript.txt auf dem Desktop.

4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall.
(Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !)

5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.

6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien:
Combofix.txt

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Gizmo79 · 09.04.2012, 10:29

Hallo Arne,

keine Ahnung ob es von Interesse ist, oder aber von CF initiert wurde. Mein System hat wohl bei der Verhaltensüberwachung noch ne Änderung der Systemkonfiguration festgelstellt (Registrierungs-Editor - REGT.3XE). Hier nun das LOG.

Code:

ATTFilter

ComboFix 12-04-06.03 - Frank 09.04.2012  10:44:36.3.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3069.1833 [GMT 2:00]
ausgeführt von:: c:\users\Frank\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Frank\Desktop\CFScript.txt
AV: G DATA InternetSecurity 2009 *Disabled/Updated* {54ACC2FC-837E-E665-7A92-5352D560D5EF}
FW: G DATA Personal Firewall *Disabled* {6C9743D9-C911-E73D-51CD-FA672BB39294}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\F4D55F170001619A005EB8AF570F1C8B
c:\programdata\F4D55F170001619A005EB8AF570F1C8B\F4D55F170001619A005EB8AF570F1C8B
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\247850c0-60b7cb4e
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\247850c0-60b7cb4e.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\3021ef40-4194322e
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\3021ef40-4194322e.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\37c74300-26e95305
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\37c74300-26e95305.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\40497d40-70d0e92c
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\40497d40-70d0e92c.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\34cba8c1-2830a00d
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\34cba8c1-2830a00d.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\3c9abb41-79abbe46
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\3c9abb41-79abbe46.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\47206f41-70f544bf
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\47206f41-70f544bf.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\5d140401-45f21db5
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\5d140401-45f21db5.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\67818ec1-4b8d18cf
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\67818ec1-4b8d18cf.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\6a6bec1-66903ffc
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\6a6bec1-66903ffc.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\6a6e6801-41c45343
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\6a6e6801-41c45343.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\74f80041-540eb9b6
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\74f80041-540eb9b6.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\259935ca-1a3259bc
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\259935ca-1a3259bc.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\27bb074a-4eb02dd3
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\27bb074a-4eb02dd3.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\2dbbe40a-7deea528
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\2dbbe40a-7deea528.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\3a165a4a-71c58ffe
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\3a165a4a-71c58ffe.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\539bf1ca-4d01de36
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\539bf1ca-4d01de36.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\5a647d0a-22e462de
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\5a647d0a-22e462de.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\fea190a-313b067b
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\fea190a-313b067b.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\3239450b-3644fbdc
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\3239450b-3644fbdc.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\3f00300b-1be2218e
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\3f00300b-1be2218e.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\4607de4b-1d51bae3
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\4607de4b-1d51bae3.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\580bbbcb-6d6606b9
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\580bbbcb-6d6606b9.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\75a9fccb-34350b60
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\75a9fccb-34350b60.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\3bbf104c-2d185146
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\3bbf104c-2d185146.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\6a13f80c-7816c480
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\6a13f80c-7816c480.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\db39d4c-65a10915
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\db39d4c-65a10915.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\14752ecd-5bce4822
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\14752ecd-5bce4822.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\1ffce10d-4a56ee77
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\1ffce10d-4a56ee77.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\266353cd-4a3f8116
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\266353cd-4a3f8116.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\2cf21f8d-301cd8bb
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\2cf21f8d-301cd8bb.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\3421bfcd-20e0aa4e
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\3421bfcd-20e0aa4e.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\453dc14d-739924f8
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\453dc14d-739924f8.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\4654190d-5a32d465
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\4654190d-5a32d465.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\48ff008d-6d4da4d6
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\48ff008d-6d4da4d6.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\5439c78d-147356d5
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\5439c78d-147356d5.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\655d2f4d-24eb9b44
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\655d2f4d-24eb9b44.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\68ba514d-539ed677
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\68ba514d-539ed677.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\6cd0f44d-75f322a9
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\6cd0f44d-75f322a9.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\609fc14e-71e5fb8d
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\609fc14e-71e5fb8d.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\15a14c8f-12486c51
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\15a14c8f-12486c51.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\3256438f-7bb1484e
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\3256438f-7bb1484e.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\7969f40f-5603f984
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\7969f40f-5603f984.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\83438cf-287655da
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\83438cf-287655da.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\4efa4c90-3a2f8dc3
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\4efa4c90-3a2f8dc3.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\52990250-3c4899ac
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\52990250-3c4899ac.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\69a82110-3e7480af
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\69a82110-3e7480af.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\72e05bd0-18bfe111
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\72e05bd0-18bfe111.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-102640a7.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-1290f6de.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-167b1ac6.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-169c5f02.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-181f2fa8.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-1923d156.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-20809c82.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-27c8388b
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-27c8388b.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-2cdfdd2e.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-318e6593.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-31efc1f3.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-365bad27.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-3879098f.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-38be137a.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-402bdaf0.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-4e8b9019.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-540b1a9a.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-5506d249.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-560f1b92.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-56257205.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-562ba4d4.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-57d54536.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-57de8d71.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-5989f9ac.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-5c1fb883.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-5c4cd48d.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-5da3c520.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-6369acbf.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-6fef2a61.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-70ecf44b.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-72e27945.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-793b13e0.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-79781190.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7e519890-7c04af1f.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\c0336d0-16f74624
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\c0336d0-16f74624.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\21b2d7d1-75f9691c
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\21b2d7d1-75f9691c.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\34267051-3cca1a23
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\34267051-3cca1a23.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\52dbd151-77eea24e
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\52dbd151-77eea24e.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\63e44951-788f994c
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\63e44951-788f994c.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\6c4a2191-5d25d2fc
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\6c4a2191-5d25d2fc.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\33fdf1d2-50f09d3a
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\33fdf1d2-50f09d3a.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3bfa0c92-765f8eba
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3bfa0c92-765f8eba.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\44029d52-5b8be7b0
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\44029d52-5b8be7b0.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\57fbe2d2-24af537d
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\57fbe2d2-24af537d.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\71661752-719d8a98
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\71661752-719d8a98.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\77750ad2-522215d0
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\77750ad2-522215d0.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\1ce320d3-6e970640
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\1ce320d3-6e970640.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\52f7c193-5f8b09cd
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\52f7c193-5f8b09cd.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\61d4ba13-4ef28aa0
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\61d4ba13-4ef28aa0.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\15fa9382-693d96c7
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\15fa9382-693d96c7.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\2e46adc2-5d689790
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\2e46adc2-5d689790.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\4ed568c2-4e97b2e7
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\4ed568c2-4e97b2e7.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\68ea8382-1b24cfba
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\68ea8382-1b24cfba.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\14c5a9d4-79ac7026
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\14c5a9d4-79ac7026.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\17b23d4-293c0719
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\17b23d4-293c0719.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\30cc3d14-1a489227
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\30cc3d14-1a489227.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\40fa0e54-548666e8
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\40fa0e54-548666e8.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\5a71f694-508e9b96
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\5a71f694-508e9b96.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\28eae7d5-601b34d3
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\28eae7d5-601b34d3.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\2e314bd5-4d56e09d
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\2e314bd5-4d56e09d.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\2e737395-4420acdc
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\2e737395-4420acdc.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\39121795-5751938c
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\39121795-5751938c.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\43241ed5-2d2f0db5
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\43241ed5-2d2f0db5.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\76fd2315-2716f112
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\76fd2315-2716f112.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\7a136d95-4146b6b6
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\7a136d95-4146b6b6.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\7d45b915-42efe27e
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\7d45b915-42efe27e.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\157686d6-6dbb1b31
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\157686d6-6dbb1b31.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\185b8256-6cb05f4b
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\185b8256-6cb05f4b.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\2b141656-340a3a62
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\2b141656-340a3a62.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\373e1716-3ba489af
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\373e1716-3ba489af.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\5dd17556-5316ec4f
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\5dd17556-5316ec4f.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\5e0f5f16-7c108345
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\5e0f5f16-7c108345.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\7b0d5d96-70cc244e
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\7b0d5d96-70cc244e.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\de0ab16-228ddce1
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\de0ab16-228ddce1.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\21b15257-340d219d.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\21b15257-4fd18290.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\21b15257-7e6bdfcd
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\21b15257-7e6bdfcd.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\370b5497-64c8b5a0
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\370b5497-64c8b5a0.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\741e4197-2aaa4b4c
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\741e4197-2aaa4b4c.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\d60a517-4163c5e3
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\d60a517-4163c5e3.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\18958598-6731feb1
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\18958598-6731feb1.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\2a20e358-4985ed69.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\2a20e358-79c7dfd0.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\4166d618-6c14fe60
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\4166d618-6c14fe60.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\6e277c58-177635ed
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\6e277c58-177635ed.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\41f6d019-3ea68ede
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\41f6d019-3ea68ede.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\4460fc99-38a2558d
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\4460fc99-38a2558d.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\703eda99-29e63cba
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\703eda99-29e63cba.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\12931d1a-6654a880
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\12931d1a-6654a880.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\1d40eada-4deb3a02
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\1d40eada-4deb3a02.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\396c199a-5d0e1d2b
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\396c199a-5d0e1d2b.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\3ac8dc5a-26f5c59e
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\3ac8dc5a-26f5c59e.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\55f4951a-1e5c9ba4
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\55f4951a-1e5c9ba4.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\7574cf1a-783a1818
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\7574cf1a-783a1818.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\7b49189a-23699ac9
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\7b49189a-23699ac9.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\107a13db-4e08db2c
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\107a13db-4e08db2c.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\255a619b-1e2e225a
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\255a619b-1e2e225a.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\3894931b-42e65bf6
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\3894931b-42e65bf6.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\58f5881b-669071f7
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\58f5881b-669071f7.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\5aab8f5b-3e03f53f
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\5aab8f5b-3e03f53f.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\6ff4ccdb-43837963
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\6ff4ccdb-43837963.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\7077715b-6eefeea4
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\7077715b-6eefeea4.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\e9a2fdc-56f67661
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\e9a2fdc-56f67661.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\1aad5b9d-462197e2
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\1aad5b9d-462197e2.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\283e561d-3a691cd1
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\283e561d-3a691cd1.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\2a41b39d-636eb9ed
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\2a41b39d-636eb9ed.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\2fe096dd-46f16cfd
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\2fe096dd-46f16cfd.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\3fa03f9d-6e273386
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\3fa03f9d-6e273386.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\4c05269d-59b527a7
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\4c05269d-59b527a7.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\53cfb49d-6dcfa1f3
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\53cfb49d-6dcfa1f3.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\61fe155d-55ba27b5
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\61fe155d-55ba27b5.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\19cda2c3-5f35cb9d
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\19cda2c3-5f35cb9d.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\2c9c9ec3-26af8482
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\2c9c9ec3-26af8482.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\372a2f43-23505bcb
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\372a2f43-23505bcb.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\3e4f2243-5e172cce
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\3e4f2243-5e172cce.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\463be743-79b0d8a3
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\463be743-79b0d8a3.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\4c130903-5ea7f185
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\4c130903-5ea7f185.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\60bbb4c3-21f1523f
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\60bbb4c3-21f1523f.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\66a0d403-446652f1
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\66a0d403-446652f1.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\5394c79e-567882ee
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\5394c79e-567882ee.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\1549c75f-2f356b38
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\1549c75f-2f356b38.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\1c32ec5f-229a43dd
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\1c32ec5f-229a43dd.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\323128df-1a34389a
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\323128df-1a34389a.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\1a1af8a0-29923327
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\1a1af8a0-29923327.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\3fb165e0-23126fa6
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\3fb165e0-23126fa6.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\69886e60-67c6885b
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\69886e60-67c6885b.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\6c34baa0-2492f12e.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\6c34baa0-3b2791d1.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\6c34baa0-50c28766.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\6c34baa0-659850f1.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\6c34baa0-6acfe3a4.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\6c34baa0-75a256ec.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\6c34baa0-75b4eff9.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\6c34baa0-7aca932e.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\78c3e0e0-38ace519
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\78c3e0e0-38ace519.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\1108a961-1f9e6900.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\15c24da1-305362a8
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\15c24da1-305362a8.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\22add321-32e43064
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\22add321-32e43064.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\23ebe5a1-2b58c8a7
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\23ebe5a1-2b58c8a7.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\2c62f61-3d39ac81
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\2c62f61-3d39ac81.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\30f9f261-76877120
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\30f9f261-76877120.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\4bc529a1-33f03923
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\4bc529a1-33f03923.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\52c66d61-4c5f4de8
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\52c66d61-4c5f4de8.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\7d28d121-68cc3625
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\7d28d121-68cc3625.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\295813e2-26ce6169
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\295813e2-26ce6169.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\3041d562-34cced2c
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\3041d562-34cced2c.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\43b8f822-7507014a
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\43b8f822-7507014a.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\771d2962-50769447
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\771d2962-50769447.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\3b69af23-4573b709
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\3b69af23-4573b709.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\1885c864-383bc308
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\1885c864-383bc308.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\1b389aa4-765a98ca
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\1b389aa4-765a98ca.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\1bdd9924-31ec1bda
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\1bdd9924-31ec1bda.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\360f63e4-58c1fa0e
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\360f63e4-58c1fa0e.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\3819aaa4-15c5f5dd
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\3819aaa4-15c5f5dd.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\3e033764-3613570c
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\3e033764-3613570c.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\5383bce4-1b0670f1
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\5383bce4-1b0670f1.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\66a4c3e4-6905f78f
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\66a4c3e4-6905f78f.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\12efd465-3da1c4b0
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\12efd465-3da1c4b0.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\1f300925-2f3cec60
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\1f300925-2f3cec60.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\5dc0d525-55b3dbd1
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\5dc0d525-55b3dbd1.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\6470f665-13ff5330
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\6470f665-13ff5330.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\744cd265-40b6350f
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\744cd265-40b6350f.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\db0bae5-57fdd07c
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\db0bae5-57fdd07c.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\7b9930e6-283788df
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\7b9930e6-283788df.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\c389d66-17979b91
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\c389d66-17979b91.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\11dab1a7-2d7397aa
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\11dab1a7-2d7397aa.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\29b77627-2be403b1
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\29b77627-2be403b1.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\5e0b80a7-301689c9
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\5e0b80a7-301689c9.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\732c8667-336d349f
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\732c8667-336d349f.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\756d0727-29e24355
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\756d0727-29e24355.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\852d167-4a9bb62e
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\852d167-4a9bb62e.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\148934c4-232c6662
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\148934c4-232c6662.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\327e1bc4-68041f18
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\327e1bc4-68041f18.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\429f8284-5b141ea0
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\429f8284-5b141ea0.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\42d14004-1b9a3790
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\42d14004-1b9a3790.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\602ef9c4-1e9a2c61
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\602ef9c4-1e9a2c61.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\74e38a84-69e98140
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\74e38a84-69e98140.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\762dfb04-588ab5e5
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\762dfb04-588ab5e5.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\1d485ca8-68a495b6
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\1d485ca8-68a495b6.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\2ac72d28-58262690
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\2ac72d28-58262690.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\408aae68-73745699
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\408aae68-73745699.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\4c50c9a8-6a38321f
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\4c50c9a8-6a38321f.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\b61ee68-26802751
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\b61ee68-26802751.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\1005ffa9-4d0726df
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\1005ffa9-4d0726df.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\10d20c29-7787bdc0
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\10d20c29-7787bdc0.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\147ed029-5f7627de
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\147ed029-5f7627de.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\3014b0e9-78f05840
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\3014b0e9-78f05840.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\3856a5a9-5c7ab940
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\3856a5a9-5c7ab940.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\490311a9-4526658d
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\490311a9-4526658d.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\f9719a9-4ee99b43
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\f9719a9-4ee99b43.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\3ff5c1ea-1949f767
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\3ff5c1ea-1949f767.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\5aeff5aa-35f9ae7a
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\5aeff5aa-35f9ae7a.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\5bd9056a-3c3cdb22
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\5bd9056a-3c3cdb22.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\5dcae92a-67e86545
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\5dcae92a-67e86545.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\5fb737aa-18f9a388
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\5fb737aa-18f9a388.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\da2356a-6d8c13ee
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\da2356a-6d8c13ee.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\11d42ab-7e3d6bc2
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\11d42ab-7e3d6bc2.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\175642ab-1f837eff
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\175642ab-1f837eff.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\18784aab-4ebc9692
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\18784aab-4ebc9692.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\425d092b-7bce24cb
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\425d092b-7bce24cb.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\42948c6b-38347e46
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\42948c6b-38347e46.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\52984deb-16c5d009
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\52984deb-16c5d009.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\708ca46b-2e14dc5c
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\708ca46b-2e14dc5c.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\719a45eb-661d2ad2
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\719a45eb-661d2ad2.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\73051beb-2282332c
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\73051beb-2282332c.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\755ecc2b-146ee3ad
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\755ecc2b-146ee3ad.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\7d0e60ab-17638f5e
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\7d0e60ab-17638f5e.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\1eeffcac-470097e6
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\1eeffcac-470097e6.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\2d80cd6c-45332ecf
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\2d80cd6c-45332ecf.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\50f3f12c-1e8ddec4
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\50f3f12c-1e8ddec4.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\5185fcec-281c8bec
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\5185fcec-281c8bec.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\542cceec-3af848af
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\542cceec-3af848af.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\5d691cac-25ce885f
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\5d691cac-25ce885f.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\6aa1f3ec-4d9fd130
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\6aa1f3ec-4d9fd130.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\85b592c-4c1fdc8d
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\85b592c-4c1fdc8d.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\175f512d-61c1ed73
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\175f512d-61c1ed73.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\237b10ad-38418ed3
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\237b10ad-38418ed3.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\26d5786d-51e9ccd0
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\26d5786d-51e9ccd0.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\2de409ad-66e6ecdb
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\2de409ad-66e6ecdb.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\351c5bad-11965548
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\351c5bad-11965548.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\469b47ed-419ad525
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\469b47ed-419ad525.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\32be206e-654852aa
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\32be206e-654852aa.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\3816242e-5da28074
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\3816242e-5da28074.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\3afc2cee-280a6f76
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\3afc2cee-280a6f76.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4fdbbfae-33b976f7
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4fdbbfae-33b976f7.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\f20d9ee-549e065c
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\f20d9ee-549e065c.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\105d42f-24420323
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\105d42f-24420323.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\1b11cfef-5077c040
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\1b11cfef-5077c040.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\35b78af-2e06318f
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\35b78af-2e06318f.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\370c66ef-5d5b51e3
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\370c66ef-5d5b51e3.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\3a68b6f-73e79e32
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\3a68b6f-73e79e32.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\72714ef-26baab85
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\72714ef-26baab85.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\7f3216f-64229850
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\7f3216f-64229850.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\eabad6f-204dab14
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\eabad6f-204dab14.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\179978b0-1c2939f5
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\179978b0-1c2939f5.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\b00a0f0-1de4042f
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\b00a0f0-1de4042f.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\247ccc31-1d915513
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\247ccc31-1d915513.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\2fc8fbc5-7d2ba752
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\2fc8fbc5-7d2ba752.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\31e4af45-47149f70
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\31e4af45-47149f70.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\3cb33705-44a435f9
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\3cb33705-44a435f9.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5d4ab285-2f89e633
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5d4ab285-2f89e633.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\7ed67485-26952783
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\7ed67485-26952783.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\3c3481b2-27c5ee00
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\3c3481b2-27c5ee00.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\3ee7532-218518a8
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\3ee7532-218518a8.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\38493433-66ce79c8
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\38493433-66ce79c8.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\4b014633-769154c7
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\4b014633-769154c7.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\58d2ba73-67ef8a55
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\58d2ba73-67ef8a55.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\5b5de4f3-4fb270e5
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\5b5de4f3-4fb270e5.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\6e158a73-320e5798
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\6e158a73-320e5798.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\1038b934-44471c68
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\1038b934-44471c68.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\24a32bb4-64bccf8d
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\24a32bb4-64bccf8d.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\32b364b4-5f6a52d9
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\32b364b4-5f6a52d9.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\535973b4-758a3760
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\535973b4-758a3760.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\6629db4-291e3a18
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\6629db4-291e3a18.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\6c1681f4-61f4b767
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\6c1681f4-61f4b767.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\6c6343b4-2c552386
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\6c6343b4-2c552386.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\70c2abf4-7ddca515
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\70c2abf4-7ddca515.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\10213cf5-79f6bb29
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\10213cf5-79f6bb29.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\288217f5-2005bef0
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\288217f5-2005bef0.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\28b9bc75-1c34e066
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\28b9bc75-1c34e066.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\35c3e575-5d29955f
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\35c3e575-5d29955f.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\444180b5-464533f8
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\444180b5-464533f8.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\5f30ef5-2c1368d5
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\5f30ef5-2c1368d5.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\14e06bf6-40204876
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\14e06bf6-40204876.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\218b5776-161189b4
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\218b5776-161189b4.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\29bbe8f6-5e8e2e49
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\29bbe8f6-5e8e2e49.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\2c5f9ab6-2aea0275
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\2c5f9ab6-2aea0275.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\c1593f6-23ad4e30
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\c1593f6-23ad4e30.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\511e47f7-7495bd60
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\511e47f7-7495bd60.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\2450acb8-111596a3
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\2450acb8-111596a3.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\65333ef8-53487912
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\65333ef8-53487912.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\744c6cb8-6436faa9
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\744c6cb8-6436faa9.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\744d91f8-2506da54
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\744d91f8-2506da54.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\164c0e79-79a8c1e3
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\164c0e79-79a8c1e3.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\2a3f7b39-4bad921a
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\2a3f7b39-4bad921a.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\387d2d39-60545a34
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\387d2d39-60545a34.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\45afb2f9-5d894347
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\45afb2f9-5d894347.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\5adc43b9-13fd8362
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\5adc43b9-13fd8362.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\7379ae79-6db783ad
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\7379ae79-6db783ad.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\77ca1df9-22f0c6c7
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\77ca1df9-22f0c6c7.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\1431aa7a-2d6e7211
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\1431aa7a-2d6e7211.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\2f0866fa-70d31658
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\2f0866fa-70d31658.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\4611d7fa-62d05b48
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\4611d7fa-62d05b48.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\5c0d773a-508bb8fa
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\5c0d773a-508bb8fa.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\961c97a-1e2935b6
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\961c97a-1e2935b6.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\3088e3bb-133a3cb4
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\3088e3bb-133a3cb4.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\5126b53b-6f01a11c
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\5126b53b-6f01a11c.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\62c51fbb-673b6f1e
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\62c51fbb-673b6f1e.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\77440a7b-2cb7d7df
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\77440a7b-2cb7d7df.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\1177ae06-596ca6da
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\1177ae06-596ca6da.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\2b0f4f46-2646a1a6
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\2b0f4f46-2646a1a6.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\2c6f9286-2231223b
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\2c6f9286-2231223b.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\4bec4dc6-43ff6dd0
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\4bec4dc6-43ff6dd0.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\195d0abc-7993748b
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\195d0abc-7993748b.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\2eba7c-7d95ec54
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\2eba7c-7d95ec54.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\2f538c3c-266724ac
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\2f538c3c-266724ac.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\5d99cefc-649e7ba4
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\5d99cefc-649e7ba4.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\7b57c73c-1ff34b29
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\7b57c73c-1ff34b29.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\3070e13d-2bc02049
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\3070e13d-2bc02049.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\40fca3d-736548cc
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\40fca3d-736548cc.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\4cd35f3d-51541468
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\4cd35f3d-51541468.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\605a54bd-68ba582c
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\605a54bd-68ba582c.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\7382593d-67e206e7
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\7382593d-67e206e7.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\7725c47d-1a2cda65
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\7725c47d-1a2cda65.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\446520be-45715ae0
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\446520be-45715ae0.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\6fcfb03e-3fbcba6b
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\6fcfb03e-3fbcba6b.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\13c4417f-5aec5b30
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\13c4417f-5aec5b30.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\2061983f-5b70c665
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\2061983f-5b70c665.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\3f302e7f-5c8c52d2
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\3f302e7f-5c8c52d2.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\532251bf-676c4ed3
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\532251bf-676c4ed3.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\55fb8b3f-479eb290
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\55fb8b3f-479eb290.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\59a5227f-7ed78e48
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\59a5227f-7ed78e48.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\61a6f03f-195abee2
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\61a6f03f-195abee2.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\651b677f-751292db
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\651b677f-751292db.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\74d598ff-76ef86cf
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\74d598ff-76ef86cf.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\7d9d6cbf-25bb1bbf
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\7d9d6cbf-25bb1bbf.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\4d349047-47294f7a
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\4d349047-47294f7a.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\5a6ba907-2e2b3e6b
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\5a6ba907-2e2b3e6b.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\612a0d87-2fcc474c
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\612a0d87-2fcc474c.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\6b793bc7-7e70fa8f
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\6b793bc7-7e70fa8f.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\6d2869c7-491d03da
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\6d2869c7-491d03da.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\7e114d07-7fd17241
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\7e114d07-7fd17241.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\276e2cc8-41d74f7a
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\276e2cc8-41d74f7a.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\393ba288-457e9da8
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\393ba288-457e9da8.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\3e425848-211c7c15
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\3e425848-211c7c15.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\5a13fc48-1623cf3c
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\5a13fc48-1623cf3c.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\5d712ec8-1144ed03
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\5d712ec8-1144ed03.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\63935dc8-34457b04
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\63935dc8-34457b04.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\65206588-4497fbf5
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\65206588-4497fbf5.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\760c288-7b59a79e
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\760c288-7b59a79e.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\77b96f88-4d09a9d8
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\77b96f88-4d09a9d8.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\16c6c6c9-5768d189
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\16c6c6c9-5768d189.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\17d2e289-2ef19816
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\17d2e289-2ef19816.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\3fa2f7c9-2ad735e5
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\3fa2f7c9-2ad735e5.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\58c43509-119a77ba
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\58c43509-119a77ba.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\61832609-19e86b3c
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\61832609-19e86b3c.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\7d8ef1c9-749333e5
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\7d8ef1c9-749333e5.idx
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host\13745962-79572023.hst
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host\3b9bfca4-7d2a8016.hst
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host\4b4e01af-6d40b38e.hst
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host\5f4c3b0c-4f909c9d.hst
c:\users\Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\lastAccessed
.
Infizierte Kopie von c:\windows\system32\userinit.exe wurde gefunden und desinfiziert 
Kopie von - c:\windows\ERDNT\cache\userinit.exe wurde wiederhergestellt 
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-03-09 bis 2012-04-09  ))))))))))))))))))))))))))))))
.
.
2012-04-09 08:56 . 2012-04-09 08:56	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-04-06 20:43 . 2006-11-02 09:45	16896	----a-w-	c:\windows\system32\grpconv.exe
2012-04-06 12:52 . 2012-03-14 02:15	6582328	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{FB9CC60F-4CD6-4CAC-9A63-55E6F5B51506}\mpengine.dll
2012-04-05 05:59 . 2012-04-05 05:59	--------	d-----w-	c:\program files\ESET
2012-04-02 19:30 . 2012-04-02 19:30	418464	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-04-02 16:30 . 2012-04-02 16:30	--------	d-----w-	c:\users\Frank\AppData\Roaming\Malwarebytes
2012-04-02 16:30 . 2012-04-02 16:30	--------	d-----w-	c:\programdata\Malwarebytes
2012-04-02 16:30 . 2012-04-02 16:30	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2012-04-02 16:30 . 2011-12-10 13:24	20464	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-03-22 19:12 . 2012-03-22 19:12	4435968	----a-w-	c:\windows\system32\GPhotos.scr
2012-03-19 06:39 . 2012-03-19 06:39	592824	----a-w-	c:\program files\Mozilla Firefox\gkmedias.dll
2012-03-19 06:39 . 2012-03-19 06:39	44472	----a-w-	c:\program files\Mozilla Firefox\mozglue.dll
2012-03-14 06:10 . 2012-02-02 15:16	2044416	----a-w-	c:\windows\system32\win32k.sys
2012-03-14 06:10 . 2012-02-14 15:45	219648	----a-w-	c:\windows\system32\d3d10_1core.dll
2012-03-14 06:10 . 2012-02-14 15:45	160768	----a-w-	c:\windows\system32\d3d10_1.dll
2012-03-14 06:10 . 2012-02-13 14:12	1172480	----a-w-	c:\windows\system32\d3d10warp.dll
2012-03-14 06:10 . 2012-02-13 13:47	683008	----a-w-	c:\windows\system32\d2d1.dll
2012-03-14 06:10 . 2012-02-13 13:44	1068544	----a-w-	c:\windows\system32\DWrite.dll
2012-03-14 06:10 . 2012-01-31 10:59	2409784	----a-w-	c:\program files\Windows Mail\OESpamFilter.dat
2012-03-14 06:10 . 2012-01-09 15:54	613376	----a-w-	c:\windows\system32\rdpencom.dll
2012-03-14 06:10 . 2012-01-09 13:58	180736	----a-w-	c:\windows\system32\drivers\rdpwd.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-07 07:09 . 2010-04-29 17:16	472808	----a-w-	c:\windows\system32\deployJava1.dll
2012-04-02 19:30 . 2011-05-22 19:58	70304	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-23 08:18 . 2009-10-02 15:59	237072	------w-	c:\windows\system32\MpSigStub.exe
2012-02-15 09:01 . 2012-02-15 09:01	4547944	----a-w-	c:\windows\system32\usbaaplrc.dll
2012-02-15 09:01 . 2012-02-15 09:01	43520	----a-w-	c:\windows\system32\drivers\usbaapl.sys
2012-03-19 06:39 . 2011-11-09 19:14	97208	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-03 68856]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-08 6037504]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1348904]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136]
"NDSTray.exe"="NDSTray.exe" [BU]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-03-16 6158240]
"Google EULA Launcher"="c:\program files\Google\Google EULA\GoogleEULALauncher.exe" [2008-05-28 20480]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2008-04-29 417792]
"HDMICtrlMan"="c:\program files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe" [2008-04-26 716800]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 509816]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-03-19 716800]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2008-01-11 574864]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"SearchSettings"="c:\program files\pdfforge Toolbar\SearchSettings.exe" [2009-01-30 992256]
"GDFirewallTray"="c:\program files\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe" [2008-08-19 1037992]
"G DATA AntiVirus Trayapplication"="c:\program files\G DATA\InternetSecurity\AVKTray\AVKTray.exe" [2008-10-29 955976]
"Toshiba TEMPRO"="c:\program files\Toshiba TEMPRO\TemproTray.exe" [2010-10-26 1050072]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2008-08-08 524288]
"CD- und DVD-Sharing"="c:\program files\CD- und DVD-Sharing\ODSAgent.exe" [2008-02-20 619832]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"AirMac Base Station Agent"="c:\program files\AirPort\APAgent.exe" [2009-11-11 771360]
"iTunesHelper"="e:\music\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-03-16 6158240]
.
c:\users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office Outlook 2007.lnk - c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe [2008-8-12 845584]
Registration DIE SIEDLER - Das Erbe der Könige.LNK - e:\programme\Support\Register\RegistrationReminder.exe [2010-4-4 864256]
TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2008-3-5 393216]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2008-3-5 393216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 253600]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2012-04-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 19:30]
.
2012-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 11:57]
.
2012-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 11:57]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.rp-online.de/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA
uInternet Settings,ProxyOverride = *.local
IE: Add to &Evernote - c:\program files\Evernote\Evernote3.5\enbar.dll/2000
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\bzxrm7o5.default\
FF - prefs.js: browser.search.selectedEngine - WEB.DE Suche
FF - prefs.js: browser.startup.homepage - hxxp://www.rp-online.de/
FF - prefs.js: keyword.URL - hxxp://go.web.de/tb2/mff_keyurl_search/?su=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-04-09 11:01
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(4004)
c:\program files\G DATA\InternetSecurity\Shredder\Reisswlf.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Common Files\G DATA\AVKProxy\AVKProxy.exe
c:\program files\G DATA\InternetSecurity\AVK\AVKService.exe
c:\program files\G DATA\InternetSecurity\AVK\AVKWCtl.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe
c:\program files\Toshiba TEMPRO\TemproSvc.exe
c:\program files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
c:\windows\system32\TODDSrv.exe
c:\program files\Toshiba\Power Saver\TosCoSrv.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
c:\program files\G DATA\InternetSecurity\Firewall\GDFwSvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conime.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-04-09  11:07:05 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-04-09 09:06
ComboFix2.txt  2012-04-06 21:41
ComboFix3.txt  2012-04-06 20:57
.
Vor Suchlauf: 10 Verzeichnis(se), 38.055.227.392 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 37.815.582.720 Bytes frei
.
- - End Of File - - 5719DEE9F2189F6BDBF315F4D5981616

cosinus · 09.04.2012, 16:53

Zitat:

Infizierte Kopie von c:windowssystem32userinit.exe wurde gefunden und desinfiziert
Kopie von - c:windowsERDNTcacheuserinit.exe wurde wiederhergestellt

Da brodelte anscheinend noch ne Hintertür

CF hat aber gerichtet und eine saubere Datei zurückgeschrieben

Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

Gizmo79 · 12.04.2012, 05:07

Hallo Arne,

danke schonmal für´s schliessen der Tür.

Hier nun die LOGS

GMER

Code:

ATTFilter

GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-04-09 22:32:06
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 TOSHIBA_ rev.LV01
Running: f9muck59.exe; Driver: C:\Users\Frank\AppData\Local\Temp\pxriiuog.sys


---- Kernel code sections - GMER 1.0.15 ----

.text           C:\Windows\system32\DRIVERS\tos_sps32.sys  section is writeable [0x8BB57480, 0x3C939, 0xE8000020]
.dsrt           C:\Windows\system32\DRIVERS\tos_sps32.sys  unknown last section [0x8BB98900, 0x3CA, 0x48000040]

---- Devices - GMER 1.0.15 ----

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0    Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

OSAm

Code:

ATTFilter

Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 22:46:59 on 10.04.2012

OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit
Default Browser: Mozilla Corporation Firefox 11.0

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"cmmx01.cpl" - "combit GmbH" - C:\Windows\system32\cmmx01.cpl
"Ddbaccpl.cpl" - "DataDesign AG" - C:\Windows\system32\Ddbaccpl.cpl
"ddBACCTM.cpl" - "DataDesign AG" - C:\Windows\system32\ddBACCTM.cpl
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl
"LocalCOM.cpl" - "TOSHIBA CORPORATION" - C:\Windows\system32\LocalCOM.cpl
"TOSCDSPD.cpl" - "TOSHIBA" - C:\Windows\system32\TOSCDSPD.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLCFG32.CPL
"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"catchme" (catchme) - ? - C:\ComboFix\catchme.sys  (File not found)
"DgiVecp" (DgiVecp) - ? - C:\Windows\system32\Drivers\DgiVecp.sys  (File not found)
"G DATA Rootkit Detector Driver" (GRD) - "G DATA Software" - C:\Windows\system32\drivers\GRD.sys
"G DATA WFP CD" (gdwfpcd) - "G DATA Software AG" - C:\Windows\System32\DRIVERS\gdwfpcd32.sys
"GDMnIcpt" (GDMnIcpt) - "G DATA Software AG" - C:\Windows\system32\drivers\MiniIcpt.sys
"GDPkIcpt" (GDPkIcpt) - "G DATA Software AG" - C:\Windows\system32\drivers\PktIcpt.sys
"HookCentre" (HookCentre) - "G DATA Software AG" - C:\Windows\system32\drivers\HookCentre.sys
"igfx" (igfx) - ? - C:\Windows\System32\DRIVERS\igdkmd32.sys  (File not found)
"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)
"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)
"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)
"SSPORT" (SSPORT) - "Samsung Electronics" - C:\Windows\system32\Drivers\SSPORT.sys
"StarOpen" (StarOpen) - ? - C:\Windows\system32\drivers\StarOpen.sys  (File not found)
"Tosrfcom" (Tosrfcom) - ? - C:\Windows\system32\drivers\Tosrfcom.sys  (File not found)

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -   (File not found | COM-object registry key not found)
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - E:\Programme\7-Zip\7-zip.dll
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -   (File not found | COM-object registry key not found)
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -   (File not found | COM-object registry key not found)
{99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -   (File not found | COM-object registry key not found)
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - E:\Music\iTunes\iTunesMiniPlayer.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL
{00020d75-0000-0000-c000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - ? - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -   (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
-----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )-----
{E312764E-7706-43F1-8DAB-FCDD2B1E416D} "{E312764E-7706-43F1-8DAB-FCDD2B1E416D}" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} "Java Plug-in 1.6.0_06" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "Java Plug-in 1.6.0_07" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} "Add to Evernote" - "Evernote Corporation" - C:\Program Files\Evernote\Evernote3.5\enbar.dll
"Amazon.de" - ? - hxxp://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home  (HTTP value)
{6FE6A929-59D1-4763-91AD-29B61CFFB35B} "An Mindjet MindManager senden" - ? -   (File not found | COM-object registry key not found)
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
"eBay - Der weltweite Online Marktplatz" - ? - hxxp://rover.ebay.com/rover/1/707-44556-9400-3/4  (HTTP value)
"ICQ7.2" - "ICQ, LLC." - E:\Programme\ICQ7.2\ICQ.exe
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
{AC41D38F-B56D-40AD-94E0-B493D130C959} "Send to Mindjet MindManager" - "Mindjet" - C:\Program Files\Mindjet\MindManager 6\Mm6InternetExplorer.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
{0124123D-61B4-456f-AF86-78C53A0790C5} "G DATA WebFilter" - ? - C:\Program Files\G DATA\InternetSecurity\Webfilter\AVKWebIE.dll  (File found, but it contains no detailed information)
<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{AC41D38F-B56D-40AD-94E0-B493D130C959} "CmjBrowserHelperObject Object" - "Mindjet" - C:\Program Files\Mindjet\MindManager 6\Mm6InternetExplorer.dll
{0124123D-61B4-456f-AF86-78C53A0790C5} "G DATA WebFilter" - ? - C:\Program Files\G DATA\InternetSecurity\Webfilter\AVKWebIE.dll  (File found, but it contains no detailed information)
{AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\ssv.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{6FE6A929-59D1-4763-91AD-29B61CFFB35B} "{6FE6A929-59D1-4763-91AD-29B61CFFB35B}" - ? -   (File not found | COM-object registry key not found)

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"Microsoft Office Outlook 2007.lnk" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE  (Shortcut exists | File exists)
"TRDCReminder.lnk" - "TOSHIBA Europe" - C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe  (Shortcut exists | File exists)
"Registration DIE SIEDLER - Das Erbe der Könige.LNK" - "Blue Byte Software" - E:\Programme\Support\Register\RegistrationReminder.exe  (Shortcut exists | File exists)
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"swg" - "Google Inc." - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"00TCrdMain" - "TOSHIBA Corporation" - %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"AppleSyncNotifier" - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
"APSDaemon" - "Apple Inc." - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"Camera Assistant Software" - "Chicony" - "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
"CD- und DVD-Sharing" - "Apple Inc." - "C:\Program Files\CD- und DVD-Sharing\ODSAgent.exe"
"G DATA AntiVirus Trayapplication" - "G DATA Software AG" - C:\Program Files\G DATA\InternetSecurity\AVKTray\AVKTray.exe
"GDFirewallTray" - "G DATA Software AG" - C:\Program Files\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe
"Google EULA Launcher" - " " - c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
"GrooveMonitor" - "Microsoft Corporation" - "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"HDMICtrlMan" - "TOSHIBA Corporation." - C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
"HSON" - "TOSHIBA Corporation" - %ProgramFiles%\TOSHIBA\TBS\HSON.exe
"ITSecMng" - " TOSHIBA CORPORATION" - %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
"iTunesHelper" - "Apple Inc." - "E:\Music\iTunes\iTunesHelper.exe"
"NDSTray.exe" - ? - NDSTray.exe  (File not found)
"QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
"Samsung PanelMgr" - ? - C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
"SearchSettings" - "GreenTree Applications, Inc." - C:\Program Files\pdfforge Toolbar\SearchSettings.exe
"SmoothView" - "TOSHIBA Corporation" - %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
"StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"topi" - "TOSHIBA" - C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
"Toshiba Registration" - "Toshiba" - C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
"Toshiba TEMPRO" - "Toshiba Europe GmbH" - C:\Program Files\Toshiba TEMPRO\TemproTray.exe
"TPwrMain" - "TOSHIBA Corporation" - %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"PDFCreator" - ? - C:\Windows\system32\pdfcmnnt.dll  (File found, but it contains no detailed information)
"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll
"Toshiba Bluetooth Monitor" - "TOSHIBA CORPORATION." - C:\Windows\system32\tbtmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
"AntiVirus Wächter" (AVKWCtl) - "G DATA Software AG" - C:\Program Files\G DATA\InternetSecurity\AVK\AVKWCtl.exe
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"ConfigFree Service" (ConfigFree Service) - "TOSHIBA CORPORATION" - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe
"Firebird Server - MAGIX Instance" (FirebirdServerMAGIXInstance) - "MAGIX®" - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
"G DATA AntiVirus Proxy" (AVKProxy) - "G DATA Software AG" - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe
"G DATA Personal Firewall" (GDFwSvc) - "G DATA Software AG" - C:\Program Files\G DATA\InternetSecurity\Firewall\GDFwSvc.exe
"G DATA Scheduler" (AVKService) - "G DATA Software AG" - C:\Program Files\G DATA\InternetSecurity\AVK\AVKService.exe
"Google Software Updater" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe
"Jumpstart Wifi Protected Setup" (jswpsapi) - "Atheros Communications, Inc." - C:\Program Files\Jumpstart\jswpsapi.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
"Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
"Notebook Performance Tuning Service (TEMPRO)" (TemproMonitoringService) - "Toshiba Europe GmbH" - C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"SmartFaceVWatchSrv" (SmartFaceVWatchSrv) - "Toshiba" - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
"TOSHIBA Bluetooth Service" (TOSHIBA Bluetooth Service) - "TOSHIBA CORPORATION" - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
"TOSHIBA Navi Support Service" (TNaviSrv) - "TOSHIBA Corporation" - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
"TOSHIBA Optical Disc Drive Service" (TODDSrv) - "TOSHIBA Corporation" - C:\Windows\system32\TODDSrv.exe
"TOSHIBA Power Saver" (TosCoSrv) - "TOSHIBA Corporation" - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
"TOSHIBA SMART Log Service" (TOSHIBA SMART Log Service) - "TOSHIBA Corporation" - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
"Ulead Burning Helper" (UleadBurningHelper) - "Ulead Systems, Inc." - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

[Winlogon]
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"igfxcui" - ? - igfxdev.dll  (File not found)

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

und aswMBR

Code:

ATTFilter

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-11 19:14:05
-----------------------------
19:14:05.350    OS Version: Windows 6.0.6002 Service Pack 2
19:14:05.351    Number of processors: 2 586 0x1706
19:14:05.353    ComputerName: BRAUNERBÄR  UserName: Frank
19:14:07.654    Initialize success
19:14:15.436    AVAST engine defs: 12041002
19:14:19.933    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:14:19.935    Disk 0 Vendor: TOSHIBA_ LV01 Size: 305245MB BusType: 3
19:14:20.284    Disk 0 MBR read successfully
19:14:20.331    Disk 0 MBR scan
19:14:20.336    Disk 0 Windows VISTA default MBR code
19:14:20.417    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS         1500 MB offset 2048
19:14:20.568    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       152463 MB offset 3074048
19:14:20.642    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       151280 MB offset 315318272
19:14:20.780    Disk 0 scanning sectors +625140400
19:14:21.193    Disk 0 scanning C:\Windows\system32\drivers
19:16:07.988    Service scanning
19:16:37.893    Modules scanning
19:17:48.923    Disk 0 trace - called modules:
19:17:48.938    ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 
19:17:48.942    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87b178b0]
19:17:48.946    3 CLASSPNP.SYS[8b9118b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86928028]
19:17:49.842    AVAST engine scan C:\Windows
19:18:03.545    AVAST engine scan C:\Windows\system32
19:24:34.796    AVAST engine scan C:\Windows\system32\drivers
19:26:56.869    AVAST engine scan C:\Users\Frank
23:15:44.938    AVAST engine scan C:\ProgramData
00:34:33.790    Scan finished successfully
06:01:15.513    Disk 0 MBR has been saved successfully to "C:\Users\Frank\Desktop\MBR.dat"
06:01:15.518    The log file has been saved successfully to "C:\Users\Frank\Desktop\aswMBR.txt"

Gruß
Frank

cosinus · 12.04.2012, 09:29

Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

07.04.2012, 17:45	#22
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Smart Fortress 2012 richtig entfernt? Ich wollte damit nur einen Ordner löschen, den hier => c:\programdata\F4D55F170001619A005EB8AF570F1C8B Du kannst ihn auch versuchen manuell zu löschen, besser ist erstmal verschieben, zB nach C:\_OTL - benenn den Ordner dann um in irgendwas anderes __________________ Logfiles bitte immer in CODE-Tags posten

12.04.2012, 09:29	#30
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Smart Fortress 2012 richtig entfernt? Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! __________________ Logfiles bitte immer in CODE-Tags posten

Smart Fortress 2012 richtig entfernt?

Log-Analyse und Auswertung: Smart Fortress 2012 richtig entfernt?