Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Zirkumflex und Akzent doppelt (Keylogger?)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 18.02.2012, 20:58   #1
MERTiFY
 
Zirkumflex und Akzent doppelt (Keylogger?) - Standard

Zirkumflex und Akzent doppelt (Keylogger?)



Servus,

ich hab seid heute gerade eben irgendwie das Problem, das mein Zirkumflex doppelt erscheint.
Laut Google soll es ein Trojaner und/oder Keylogger sein.

Hier mein Hijackthis-Log:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:40:21, on 18.02.2012
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16930)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe
C:\Program Files (x86)\ICQ7.5\ICQ.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Users\Mert\AppData\Roaming\Nuaww\vooduk.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Mert\Desktop\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 127.94.0.1 client.openvpn.net
O1 - Hosts: 127.94.0.2 openvpn-client.us.shieldexchange.com
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [ESL Wire] "C:\Program Files\EslWire\wire.exe" --tray
O4 - HKCU\..\Run: [{02FB9F1A-4B0E-2F4F-52E7-C6837AF433CB}] C:\Users\Mert\AppData\Roaming\Nuaww\vooduk.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O4 - Global Startup: UltraMon.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\flyvpn\flyvpnbind.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\flyvpn\flyvpnbind.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\flyvpn\flyvpnbind.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: OpenVPN Access Client (OpenVPNAccessClient) - Unknown owner - C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WireHelpSvc - Unknown owner - C:\Program Files\Common Files\WireHelpSvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12757 bytes
         

OTL-LOG:

Code:
ATTFilter
OTL logfile created on: 18.02.2012 21:52:42 - Run 1
OTL by OldTimer - Version 3.2.33.0     Folder = C:\Users\Mert\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 4,28 Gb Available Physical Memory | 53,63% Memory free
15,96 Gb Paging File | 11,49 Gb Available in Paging File | 71,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456,71 Gb Total Space | 291,63 Gb Free Space | 63,86% Space Free | Partition Type: NTFS
Drive D: | 456,71 Gb Total Space | 340,33 Gb Free Space | 74,52% Space Free | Partition Type: NTFS
Drive F: | 931,51 Gb Total Space | 138,76 Gb Free Space | 14,90% Space Free | Partition Type: NTFS
Drive M: | 7,52 Gb Total Space | 1,78 Gb Free Space | 23,67% Space Free | Partition Type: FAT32
Drive N: | 7,42 Gb Total Space | 7,34 Gb Free Space | 98,94% Space Free | Partition Type: NTFS
 
Computer Name: MERT-PC | User Name: Mert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.02.18 21:52:26 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Mert\Desktop\OTL.exe
PRC - [2012.02.18 21:17:31 | 000,280,904 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2012.02.12 11:54:44 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.01.12 00:29:00 | 028,201,096 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe
PRC - [2012.01.03 22:36:25 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.09.07 19:15:46 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2011.09.03 03:29:50 | 000,287,576 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
PRC - [2011.08.25 19:35:02 | 000,055,296 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe
PRC - [2011.08.25 19:35:02 | 000,024,064 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe
PRC - [2011.08.22 12:34:38 | 000,484,008 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
PRC - [2011.08.22 12:34:38 | 000,400,040 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
PRC - [2011.08.22 12:34:38 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.08.01 09:28:16 | 000,124,480 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ7.5\ICQ.exe
PRC - [2011.07.14 13:21:10 | 000,108,032 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
PRC - [2011.06.01 13:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.05.27 00:14:40 | 000,329,544 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
PRC - [2011.05.27 00:14:36 | 000,363,336 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
PRC - [2011.04.21 06:52:51 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.04.21 06:52:36 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.10.05 14:08:46 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.10.05 14:08:42 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.09.14 02:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.09.14 02:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.08.04 13:40:12 | 000,611,872 | ---- | M] () -- C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
PRC - [2010.03.04 22:38:00 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe
PRC - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe
PRC - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
PRC - [2009.12.21 08:00:50 | 000,081,920 | ---- | M] (Realtime Soft Ltd) -- C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
PRC - [2009.01.26 14:31:12 | 005,365,592 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.02.16 14:46:23 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\8c3a30271ff59d68e8bb09a5e049de95\IAStorUtil.ni.dll
MOD - [2012.02.15 22:13:21 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0a894f77b9aa64acbd3ce791916357d8\System.Runtime.Remoting.ni.dll
MOD - [2012.02.15 22:13:03 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ff30db6905f8ec024fc808ed8779c0f3\System.Windows.Forms.ni.dll
MOD - [2012.02.15 22:12:59 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\a09ee392fa90849f2e9313a1ebbe0279\System.Drawing.ni.dll
MOD - [2012.02.15 22:12:52 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\585ac5899ab444221c8b41df13b194bc\WindowsBase.ni.dll
MOD - [2012.02.15 22:12:49 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll
MOD - [2012.02.15 22:12:47 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll
MOD - [2012.02.15 22:12:46 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll
MOD - [2012.02.14 13:16:21 | 014,415,144 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012.02.14 13:16:19 | 000,857,896 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012.02.14 13:16:17 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll
MOD - [2012.02.14 13:16:15 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll
MOD - [2012.02.14 13:16:13 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll
MOD - [2012.02.12 11:54:43 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.12.18 13:06:58 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\2abaab1dfbdf0db8f4bf0378d8599c98\IAStorCommon.ni.dll
MOD - [2011.12.18 13:06:41 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2011.12.02 19:01:24 | 016,827,392 | R--- | M] () -- C:\Program Files (x86)\Origin\QtWebKit4.dll
MOD - [2011.12.02 18:59:12 | 000,312,320 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qtiff4.dll
MOD - [2011.12.02 18:59:12 | 000,264,192 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qmng4.dll
MOD - [2011.12.02 18:59:12 | 000,211,456 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qjpeg4.dll
MOD - [2011.12.02 18:59:12 | 000,032,256 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qico4.dll
MOD - [2011.12.02 18:59:12 | 000,028,672 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qgif4.dll
MOD - [2011.12.02 18:59:10 | 000,172,544 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qjpcodecs4.dll
MOD - [2011.12.02 18:59:10 | 000,158,208 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qtwcodecs4.dll
MOD - [2011.12.02 18:59:10 | 000,143,872 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qcncodecs4.dll
MOD - [2011.12.02 18:59:10 | 000,079,872 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qkrcodecs4.dll
MOD - [2011.12.02 18:58:06 | 000,327,680 | R--- | M] () -- C:\Program Files (x86)\Origin\phonon4.dll
MOD - [2011.12.02 18:58:04 | 000,413,184 | R--- | M] () -- C:\Program Files (x86)\Origin\QtXml4.dll
MOD - [2011.12.02 18:58:02 | 001,152,512 | R--- | M] () -- C:\Program Files (x86)\Origin\QtNetwork4.dll
MOD - [2011.12.02 18:58:00 | 009,440,256 | R--- | M] () -- C:\Program Files (x86)\Origin\QtGui4.dll
MOD - [2011.12.02 18:57:58 | 002,694,144 | R--- | M] () -- C:\Program Files (x86)\Origin\QtCore4.dll
MOD - [2011.11.12 23:58:03 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011.11.01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.11.01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.10.10 20:52:14 | 000,070,424 | ---- | M] () -- C:\Programme\TortoiseSVN\bin\libsasl32.dll
MOD - [2011.08.25 19:35:02 | 000,055,296 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe
MOD - [2011.08.25 19:34:06 | 000,039,424 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.SSL.pyd
MOD - [2011.08.25 19:34:06 | 000,006,656 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\pyovpnc.pyd
MOD - [2011.08.25 19:34:00 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.rand.pyd
MOD - [2011.08.25 19:33:58 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.crypto.pyd
MOD - [2011.08.25 19:33:38 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\twisted.protocols._c_urlarg.pyd
MOD - [2011.08.25 19:32:48 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\zope.interface._zope_interface_coptimizations.pyd
MOD - [2011.08.19 01:44:10 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.dll
MOD - [2011.08.06 18:32:27 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\Java\jre6\bin\jp2native.dll
MOD - [2011.07.14 13:21:22 | 001,712,128 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libvorbis_plugin.dll
MOD - [2011.07.14 13:21:22 | 001,137,664 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libxml_plugin.dll
MOD - [2011.07.14 13:21:22 | 001,108,992 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libtaglib_plugin.dll
MOD - [2011.07.14 13:21:22 | 000,368,640 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libtheora_plugin.dll
MOD - [2011.07.14 13:21:22 | 000,078,848 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libzip_plugin.dll
MOD - [2011.07.14 13:21:22 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libwaveout_plugin.dll
MOD - [2011.07.14 13:21:22 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libsvcdsub_plugin.dll
MOD - [2011.07.14 13:21:22 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libugly_resampler_plugin.dll
MOD - [2011.07.14 13:21:20 | 011,496,448 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libqt4_plugin.dll
MOD - [2011.07.14 13:21:20 | 002,169,856 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libskins2_plugin.dll
MOD - [2011.07.14 13:21:20 | 001,013,248 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libschroedinger_plugin.dll
MOD - [2011.07.14 13:21:20 | 000,130,048 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libspeex_plugin.dll
MOD - [2011.07.14 13:21:20 | 000,080,896 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libsap_plugin.dll
MOD - [2011.07.14 13:21:20 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libspudec_plugin.dll
MOD - [2011.07.14 13:21:20 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libscaletempo_plugin.dll
MOD - [2011.07.14 13:21:20 | 000,034,304 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_filter_rar_plugin.dll
MOD - [2011.07.14 13:21:20 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libsimple_channel_mixer_plugin.dll
MOD - [2011.07.14 13:21:20 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\librawvideo_plugin.dll
MOD - [2011.07.14 13:21:20 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_filter_record_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,237,568 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpng_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,194,048 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmp4_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,128,000 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmpgatofixed32_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,108,032 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libplaylist_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,081,408 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_h264_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_mpeg4audio_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_dirac_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_vc1_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,040,448 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_mpegvideo_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,039,424 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_mpeg4video_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,039,424 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_flac_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_mlp_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmono_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,037,888 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpodcast_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,037,888 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmpeg_audio_plugin.dll
MOD - [2011.07.14 13:21:16 | 001,776,128 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liblibass_plugin.dll
MOD - [2011.07.14 13:21:16 | 000,338,432 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liblua_plugin.dll
MOD - [2011.07.14 13:21:16 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libhotkeys_plugin.dll
MOD - [2011.07.14 13:21:16 | 000,035,840 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmediadirs_plugin.dll
MOD - [2011.07.14 13:21:16 | 000,035,840 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liblpcm_plugin.dll
MOD - [2011.07.14 13:21:16 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmemcpymmxext_plugin.dll
MOD - [2011.07.14 13:21:16 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libglobalhotkeys_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,309,760 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfaad_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,265,216 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libflac_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,258,048 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfluidsynth_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,231,424 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdvdnav_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,210,944 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdshow_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,178,176 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdtstofloat32_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdirectx_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,041,984 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libflacsys_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,041,472 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libes_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,039,424 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfilesystem_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,039,424 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdts_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,037,376 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfake_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libcvdsub_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdtstospdif_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdolby_surround_decoder_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfloat32_mixer_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfolder_plugin.dll
MOD - [2011.07.14 13:21:12 | 008,248,320 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libavcodec_plugin.dll
MOD - [2011.07.14 13:21:12 | 000,088,064 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libavi_plugin.dll
MOD - [2011.07.14 13:21:12 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libasf_plugin.dll
MOD - [2011.07.14 13:21:12 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaout_directx_plugin.dll
MOD - [2011.07.14 13:21:12 | 000,045,568 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaraw_plugin.dll
MOD - [2011.07.14 13:21:12 | 000,041,472 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaudio_format_plugin.dll
MOD - [2011.07.14 13:21:12 | 000,034,304 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libcdg_plugin.dll
MOD - [2011.07.14 13:21:12 | 000,033,280 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaes3_plugin.dll
MOD - [2011.07.14 13:21:12 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libconverter_fixed_plugin.dll
MOD - [2011.07.14 13:21:10 | 002,263,552 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
MOD - [2011.07.14 13:21:10 | 000,108,032 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
MOD - [2011.07.14 13:21:10 | 000,101,376 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
MOD - [2011.07.14 13:21:10 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaccess_bd_plugin.dll
MOD - [2011.07.14 13:21:10 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liba52tofloat32_plugin.dll
MOD - [2011.07.14 13:21:10 | 000,036,352 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liba52_plugin.dll
MOD - [2011.07.14 13:21:10 | 000,030,720 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liba52tospdif_plugin.dll
MOD - [2011.02.27 10:12:56 | 000,110,080 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\pywintypes26.dll
MOD - [2011.02.26 11:33:20 | 000,167,424 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32gui.pyd
MOD - [2011.02.26 11:33:14 | 000,096,768 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32api.pyd
MOD - [2011.02.26 11:32:28 | 000,035,840 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32process.pyd
MOD - [2011.02.26 11:31:48 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32event.pyd
MOD - [2010.12.14 19:55:09 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.12.14 19:55:05 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.08.24 18:48:54 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\select.pyd
MOD - [2010.08.24 18:48:52 | 000,286,208 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_hashlib.pyd
MOD - [2010.08.24 18:48:48 | 000,153,088 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\pyexpat.pyd
MOD - [2010.08.24 18:48:16 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_ctypes.pyd
MOD - [2010.08.24 18:48:02 | 000,720,896 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_ssl.pyd
MOD - [2010.08.24 18:47:50 | 000,040,448 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_socket.pyd
MOD - [2010.08.04 13:40:12 | 000,611,872 | ---- | M] () -- C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
MOD - [2010.08.04 10:47:32 | 000,144,896 | ---- | M] () -- C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyHook.dll
MOD - [2008.06.19 16:35:36 | 000,333,288 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\sqlite3.dll
MOD - [2008.03.05 08:34:32 | 000,795,520 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Fennel.dll
MOD - [2008.03.04 13:52:00 | 000,790,392 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Chai.dll
MOD - [2008.02.26 10:04:40 | 000,717,176 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Mate.dll
MOD - [2007.12.24 00:05:00 | 000,121,344 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\TCPIPAddress.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.09.24 02:58:30 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2012.02.18 21:17:31 | 000,280,904 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2012.01.31 15:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.03 22:36:25 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.11.28 13:21:00 | 000,168,864 | ---- | M] () [Auto | Running] -- C:\Programme\Common Files\WireHelpSvc.exe -- (WireHelpSvc)
SRV - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.09.03 03:32:12 | 000,077,520 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HSSTrayService.exe -- (HssTrayService)
SRV - [2011.09.03 03:29:50 | 000,287,576 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2011.08.25 19:35:02 | 000,024,064 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe -- (OpenVPNAccessClient)
SRV - [2011.08.22 12:34:38 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.01 13:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.05.27 00:14:40 | 000,329,544 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2011.05.27 00:14:36 | 000,363,336 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2011.04.21 06:52:51 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.12.30 23:28:03 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.11.08 22:04:26 | 000,036,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2010.10.05 14:08:46 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010.10.05 14:08:42 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.09.14 02:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010.01.15 22:08:38 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009.09.20 10:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.11.28 13:20:48 | 000,147,472 | ---- | M] (<Turtle Entertainment>) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ESLWireACD.sys -- (ESLWireAC)
DRV:64bit: - [2011.10.01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.09.24 03:58:12 | 010,207,232 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.09.24 02:19:14 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.09.09 15:49:23 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.08.22 12:34:38 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.08.22 12:34:38 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.08.19 01:46:06 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tapoas.sys -- (tapoas)
DRV:64bit: - [2011.08.03 09:58:40 | 000,025,528 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ESLvnic.sys -- (ESLvnic1)
DRV:64bit: - [2011.07.26 18:49:12 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2011.05.10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.03.11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.28 22:36:54 | 000,056,832 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HssDrv.sys -- (HssDrv)
DRV:64bit: - [2011.01.15 17:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010.12.16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.11.08 22:04:26 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2010.09.21 07:34:18 | 000,313,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) Intel(R)
DRV:64bit: - [2010.09.21 02:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.09.14 02:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.11.12 13:48:56 | 000,007,168 | ---- | M] () [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\StarOpen.sys -- (StarOpen)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.29 17:00:50 | 000,132,608 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.04.09 12:38:24 | 000,116,864 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2011.03.18 17:08:56 | 000,029,592 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2009.11.12 13:48:56 | 000,005,504 | ---- | M] () [File_System | Auto | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008.11.14 02:11:42 | 000,020,512 | ---- | M] (Realtime Soft Ltd) [Kernel | Auto | Running] -- C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys -- (UltraMonUtility)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "t-online.de"
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.09.18 18:56:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.18 23:58:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.18 23:58:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.09.18 18:56:05 | 000,000,000 | ---D | M]
 
[2011.08.06 18:00:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mert\AppData\Roaming\mozilla\Extensions
[2012.02.13 18:31:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mert\AppData\Roaming\mozilla\Firefox\Profiles\savn4bdz.default\extensions
[2011.11.10 13:41:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.09.29 15:42:09 | 000,000,000 | ---D | M] (afurladvisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
[2012.02.12 11:54:44 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.08.18 20:54:27 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.08.18 20:54:27 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.08.18 20:54:27 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.08.18 20:54:27 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.08.18 20:54:27 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.08.18 20:54:27 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.11.08 23:54:39 | 000,000,994 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.94.0.1	client.openvpn.net
O1 - Hosts: 127.94.0.2	openvpn-client.us.shieldexchange.com
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [{02FB9F1A-4B0E-2F4F-52E7-C6837AF433CB}] C:\Users\Mert\AppData\Roaming\Nuaww\vooduk.exe ()
O4 - HKCU..\Run: [ESL Wire] C:\Program Files\EslWire\wire.exe (Turtle Entertainment GmbH)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\FlyVPN\FlyVPNBind.dll (www.flyvpn.com)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\FlyVPN\FlyVPNBind.dll (www.flyvpn.com)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\FlyVPN\FlyVPNBind.dll (www.flyvpn.com)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5D66314D-CC1A-4638-B8A7-13A8A44F9016}: DhcpNameServer = 139.7.30.126 139.7.30.125
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{695F12FB-254F-4B60-85B6-14ABDFACA6B0}: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ABBACCCE-0E50-4BFA-9731-6C5BF2CEC6F6}: DhcpNameServer = 10.93.8.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EC551D30-6EAB-4261-82AF-410F9902D3ED}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.09.19 19:52:08 | 000,000,000 | ---D | M] - M:\AutoHotKey -- [ FAT32 ]
O33 - MountPoints2\{082e1ea4-d60a-11e0-bfa7-00ff01000001}\Shell - "" = AutoRun
O33 - MountPoints2\{082e1ea4-d60a-11e0-bfa7-00ff01000001}\Shell\AutoRun\command - "" = M:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{082e1eac-d60a-11e0-bfa7-00ff01000001}\Shell - "" = AutoRun
O33 - MountPoints2\{082e1eac-d60a-11e0-bfa7-00ff01000001}\Shell\AutoRun\command - "" = M:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{530bc02c-f199-11e0-99f6-00ff01000001}\Shell - "" = AutoRun
O33 - MountPoints2\{530bc02c-f199-11e0-99f6-00ff01000001}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL M:\index.html
O33 - MountPoints2\{e3f500b1-c0dd-11e0-826d-f80f41028d81}\Shell - "" = AutoRun
O33 - MountPoints2\{e3f500b1-c0dd-11e0-826d-f80f41028d81}\Shell\AutoRun\command - "" = K:\SETUP.EXE
O33 - MountPoints2\M\Shell - "" = AutoRun
O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.18 21:52:07 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Users\Mert\Desktop\OTL(1).exe
[2012.02.18 21:52:06 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Users\Mert\Desktop\OTL.exe
[2012.02.18 21:39:59 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Mert\Desktop\HiJackThis204.exe
[2012.02.18 19:51:33 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Roaming\Nuaww
[2012.02.18 19:51:33 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Roaming\Koaqyd
[2012.02.18 15:05:43 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Roaming\Malwarebytes
[2012.02.18 15:05:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.18 15:05:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.02.18 15:05:34 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.02.18 15:05:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.02.17 16:56:26 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs
[2012.02.17 14:35:54 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012.02.15 23:40:35 | 000,000,000 | ---D | C] -- C:\Users\Mert\Documents\REFS
[2012.02.15 15:29:48 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012.02.15 15:29:39 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012.02.15 15:29:39 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012.02.15 15:28:01 | 000,634,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012.02.15 15:27:51 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.02.15 15:27:51 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.02.15 15:27:51 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.02.15 15:27:51 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.02.15 15:27:51 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.02.15 15:27:51 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.02.15 15:27:51 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.02.15 15:27:51 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.02.15 15:27:51 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.02.15 15:27:51 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.02.15 15:27:50 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.02.15 15:27:50 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.02.15 15:27:50 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.02.15 15:27:50 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.02.15 15:27:50 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.02.12 18:55:38 | 000,000,000 | ---D | C] -- C:\Users\Mert\Documents\Steckbriefe CHEMIE
[2012.02.10 22:12:29 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Roaming\Skype
[2012.02.10 22:12:17 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.02.10 22:12:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.02.10 22:12:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.02.05 14:52:19 | 000,000,000 | ---D | C] -- C:\Users\Mert\Documents\Electronic Arts
[2012.02.04 00:16:25 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Local\libimobiledevice
[2012.02.03 23:16:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.02.03 23:16:05 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.02.03 23:16:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.02.03 23:16:05 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.02.03 23:14:38 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012.02.03 23:14:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012.02.01 15:32:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries
[2012.02.01 15:32:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SteelSeries
[2012.02.01 15:27:38 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Local\ElevatedDiagnostics
[2012.01.31 15:23:19 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Roaming\TeamViewer
[2012.01.30 22:13:06 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Roaming\Rainmeter
[2012.01.30 22:12:53 | 000,000,000 | ---D | C] -- C:\Users\Mert\Documents\Rainmeter
[2012.01.30 22:10:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter
[2012.01.30 22:10:41 | 000,000,000 | ---D | C] -- C:\Program Files\Rainmeter
[2012.01.30 21:38:23 | 000,000,000 | ---D | C] -- C:\Users\Mert\Desktop\Programme
[2012.01.30 15:19:07 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WBFS Manager
[2012.01.30 15:19:06 | 000,000,000 | ---D | C] -- C:\Users\Mert\Documents\WBFS Manager Covers
[2012.01.30 15:17:38 | 000,000,000 | ---D | C] -- C:\Program Files\WBFS
[2012.01.30 15:05:35 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Local\WBFSManager
[2012.01.29 15:28:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WBFS
[2012.01.28 21:44:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
[2012.01.28 21:44:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SplitMediaLabs
[2012.01.28 20:21:23 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Local\Diagnostics
[2012.01.25 21:52:28 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.01.25 21:52:28 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012.01.25 21:52:28 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012.01.25 21:52:28 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012.01.25 21:52:28 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012.01.25 21:52:28 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.01.22 13:32:00 | 000,000,000 | ---D | C] -- C:\Users\Mert\Desktop\AutoHotKey
[2012.01.22 13:30:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
[2012.01.22 13:30:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoHotkey
[2012.01.21 13:14:01 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Local\Realtime Soft
[2012.01.21 13:13:11 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Roaming\Realtime Soft
[2012.01.21 13:13:09 | 000,000,000 | ---D | C] -- C:\Program Files\UltraMon
[2012.01.21 13:13:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Realtime Soft
[2012.01.21 13:13:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Realtime Soft
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.18 21:52:26 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Mert\Desktop\OTL.exe
[2012.02.18 21:52:26 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Mert\Desktop\OTL(1).exe
[2012.02.18 21:40:00 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Mert\Desktop\HiJackThis204.exe
[2012.02.18 21:17:31 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.02.18 21:17:31 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.02.18 21:16:28 | 003,870,904 | ---- | M] () -- C:\Users\Mert\Desktop\battlelog-web-plugins-1.110.0-retail-prod.exe
[2012.02.18 21:13:42 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.02.18 15:39:59 | 000,992,927 | ---- | M] () -- C:\Users\Mert\Desktop\Unbenannt.jpg
[2012.02.18 15:07:53 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.18 15:07:53 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.18 15:00:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.18 14:59:55 | 2133,766,143 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.18 13:05:07 | 000,113,154 | ---- | M] () -- C:\Users\Mert\Desktop\vivi.jpg
[2012.02.15 23:48:41 | 001,614,892 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.02.15 23:48:41 | 000,697,284 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.02.15 23:48:41 | 000,652,602 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.02.15 23:48:41 | 000,148,322 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.02.15 23:48:41 | 000,121,276 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.02.15 22:11:57 | 000,311,920 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.02.15 17:02:04 | 001,641,574 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.02.13 14:31:06 | 000,013,139 | ---- | M] () -- C:\Users\Mert\Documents\Lebenslauf.odt
[2012.02.10 17:00:33 | 000,283,894 | ---- | M] () -- C:\Users\Mert\Documents\ts3_clientui-win64-1327056547-2012-02-10 17_00_33.045188.dmp
[2012.02.04 00:20:06 | 001,290,907 | ---- | M] () -- C:\s630.4
[2012.02.04 00:20:06 | 000,698,449 | ---- | M] () -- C:\s630.5
[2012.01.30 22:10:42 | 000,001,723 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
[2012.01.21 13:13:09 | 000,002,585 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.02.18 21:16:23 | 003,870,904 | ---- | C] () -- C:\Users\Mert\Desktop\battlelog-web-plugins-1.110.0-retail-prod.exe
[2012.02.18 15:39:59 | 000,992,927 | ---- | C] () -- C:\Users\Mert\Desktop\Unbenannt.jpg
[2012.02.18 13:00:18 | 000,113,154 | ---- | C] () -- C:\Users\Mert\Desktop\vivi.jpg
[2012.02.10 17:00:33 | 000,283,894 | ---- | C] () -- C:\Users\Mert\Documents\ts3_clientui-win64-1327056547-2012-02-10 17_00_33.045188.dmp
[2012.02.04 00:20:06 | 001,290,907 | ---- | C] () -- C:\s630.4
[2012.02.04 00:20:06 | 000,698,449 | ---- | C] () -- C:\s630.5
[2012.01.30 22:10:42 | 000,001,723 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
[2012.01.21 13:13:09 | 000,002,585 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk
[2012.01.21 13:13:09 | 000,002,535 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraMon.lnk
[2011.10.15 10:25:57 | 000,000,618 | ---- | C] () -- C:\Windows\eReg.dat
[2011.09.23 21:15:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.09.18 18:53:42 | 000,245,253 | ---- | C] () -- C:\Windows\hpoins19.dat
[2011.09.18 18:53:42 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2011.09.09 15:48:59 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.09.06 12:47:33 | 000,000,600 | ---- | C] () -- C:\Users\Mert\AppData\Local\PUTTY.RND
[2011.09.01 15:37:42 | 001,641,574 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.08.28 12:47:46 | 000,000,286 | ---- | C] () -- C:\Windows\game.ini
[2011.08.19 14:56:44 | 000,000,233 | ---- | C] () -- C:\Windows\wininit.ini
[2011.08.18 13:41:39 | 000,168,864 | ---- | C] () -- C:\Program Files\Common Files\WireHelpSvc.exe
[2011.08.12 14:07:41 | 000,005,504 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2011.08.11 12:24:59 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.08.11 12:24:58 | 002,580,552 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.08.11 12:24:58 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.08.07 16:14:59 | 000,007,597 | ---- | C] () -- C:\Users\Mert\AppData\Local\Resmon.ResmonCfg
[2011.08.06 18:00:44 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.07.17 22:54:02 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2010.12.30 23:24:02 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2010.12.30 23:15:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2007.04.14 11:24:26 | 000,103,552 | ---- | C] () -- C:\Program Files (x86)\gtaweap3.ttf
 
========== LOP Check ==========
 
[2012.02.18 23:58:51 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\.minecraft
[2011.08.12 14:40:50 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Canneverbe Limited
[2011.11.09 13:23:56 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Dropbox
[2012.02.18 15:29:43 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\FileZilla
[2012.01.05 15:29:13 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\GetRightToGo
[2011.10.17 14:46:09 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\HLSW
[2012.02.18 15:05:22 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\ICQ
[2012.02.18 21:30:46 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Koaqyd
[2011.09.08 21:07:03 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\LolClient
[2012.02.18 23:58:53 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Notepad++
[2012.02.18 19:51:33 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Nuaww
[2011.08.06 17:43:37 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\OEM
[2011.09.01 21:05:35 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\OpenOffice.org
[2011.10.19 23:05:09 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Origin
[2011.10.30 14:51:40 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\pdfforge
[2012.02.18 23:58:53 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Rainmeter
[2012.02.12 19:21:34 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\SoftGrid Client
[2011.11.12 23:54:16 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\SplitMediaLabs
[2011.10.16 21:32:49 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Subversion
[2012.01.31 15:23:19 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\TeamViewer
[2011.09.01 15:38:10 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\TP
[2012.02.18 23:58:53 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\TS3Client
[2011.09.03 14:09:51 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Vodafone
[2012.01.05 13:27:37 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         

Mit freundlichen Grüßen

Alt 18.02.2012, 20:59   #2
MERTiFY
 
Zirkumflex und Akzent doppelt (Keylogger?) - Standard

Zirkumflex und Akzent doppelt (Keylogger?)



Hier der Extras-Log,
Hat in den oberigen Post nicht reingepasst.

Code:
ATTFilter
OTL Extras logfile created on: 18.02.2012 21:52:43 - Run 1
OTL by OldTimer - Version 3.2.33.0     Folder = C:\Users\Mert\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 4,28 Gb Available Physical Memory | 53,63% Memory free
15,96 Gb Paging File | 11,49 Gb Available in Paging File | 71,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456,71 Gb Total Space | 291,63 Gb Free Space | 63,86% Space Free | Partition Type: NTFS
Drive D: | 456,71 Gb Total Space | 340,33 Gb Free Space | 74,52% Space Free | Partition Type: NTFS
Drive F: | 931,51 Gb Total Space | 138,76 Gb Free Space | 14,90% Space Free | Partition Type: NTFS
Drive M: | 7,52 Gb Total Space | 1,78 Gb Free Space | 23,67% Space Free | Partition Type: FAT32
Drive N: | 7,42 Gb Total Space | 7,34 Gb Free Space | 98,94% Space Free | Partition Type: NTFS
 
Computer Name: MERT-PC | User Name: Mert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417001FF}" = Java(TM) 7 Update 1 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{537056B7-32A4-4408-9B54-0341963C7C9C}" = UltraMon
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{69B9EA74-CEF1-3AE9-FE26-3BB5601E29A6}" = ccc-utility64
"{6DC8FF97-A9CF-02F2-8FC1-F5E1B69A34E3}" = AMD AVIVO64 Codecs
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A125C1EA-3D24-D4CC-318A-CCBC62663E1B}" = AMD Drag and Drop Transcoding
"{A134DC03-2C81-C8D2-5476-D7D9AD3F43CC}" = AMD Catalyst Install Manager
"{A4FE25A0-9262-487A-9002-893FCBF16B18}" = TortoiseSVN 1.7.0.22068 (64 bit)
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FB2DC25C-BF52-CA8A-9957-52FBAD4E955C}" = AMD Media Foundation Decoders
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"ESL Wire_is1" = ESL Wire 1.11.1
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Shop for HP Supplies" = Shop for HP Supplies
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{09F25F86-F957-4051-8AB2-0E0D948BBB5D}" = 1310
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{17BD95E5-2A54-0A2B-82D4-AC782217B3F8}" = CCC Help Thai
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1C78514A-5E5A-E653-1271-DAC1744206E3}" = HydraVision
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{203FB0BF-C26B-A69C-E603-E3FB448EFB9B}" = CCC Help Greek
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3000829F-3C20-16B9-EBF0-9665BD349DF1}" = Catalyst Control Center Graphics Previews Common
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{354D756E-C1C4-7ABF-CC12-8DBA3A782625}" = CCC Help Norwegian
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3D2AD820-0C15-C863-F056-5501091E9B85}" = CCC Help Spanish
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F101706-5B5F-99A7-59EE-1CF037FC2A10}" = CCC Help Czech
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{45C8D17D-B5E0-4e93-8370-4329AB16D2A0}" = Battlefield 3™ Open Beta
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{54054F2E-03B7-2907-3452-3DB1EB85E973}" = CCC Help Dutch
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5928359F-BF46-4646-BF19-B64E55171EB5}_is1" = FILSHtray Version 0.7
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5D237863-D917-17B9-1645-713A41FB8CC0}" = CCC Help Turkish
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D4553DF-2095-4D10-92C0-17934733B51D}" = 1310_Help
"{6D7E031C-4C05-4265-854A-FE9FDEA9984D}" = 1310Trb
"{6F95709A-B60B-B099-AF6E-32FB078B0DFA}" = CCC Help French
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{733C5FC0-F0C4-405B-A983-61C24CC60E39}_is1" = Photo Frame
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{762F16BC-88B5-9689-4191-353FD630DA98}" = CCC Help Japanese
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7799BE29-0992-5FD9-5C44-17843E39A7AB}" = Catalyst Control Center Localization All
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{81E6A0C5-53BA-91C4-E381-BAD1A3F1B04B}" = CCC Help English
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{85030773-2A43-8ACE-F6FD-29958AE19924}" = CCC Help Italian
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F0F75F-A226-0399-053D-61448AA4E6F8}" = CCC Help Portuguese
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99F1ADE8-AF52-58B6-9F72-0D88ED512616}" = CCC Help Russian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C684A01-7F9C-40E7-AF94-BFE24BC89C97}" = XSplit
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A03E4302-F387-47F3-8136-6D9D9286CD3B}" = SteelSeries Kinzu Optical Mouse
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8DBF55D-73C0-4E37-A10E-365BFBB14119}" = Battlefield 2
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4164865-081E-5539-FE40-FA24A909AB30}" = CCC Help Danish
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5C57B21-E40C-4091-84AD-25D0A9E28587}" = OpenVPN Connect
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF112B8F-D0B5-3421-BDF1-76CC3A8504A5}" = CCC Help German
"{E089C847-6667-BDA0-A9A3-42C79748E291}" = CCC Help Polish
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{E8E5C24D-C43D-32F9-9F10-A7113F5D16F8}" = CCC Help Korean
"{E9876984-35CE-4D31-2408-86154AD2AB91}" = CCC Help Swedish
"{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}" = FIFA 12
"{eaae683d-4274-4537-875b-36cd7b95d402}" = Nero 9 Essentials
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EBC5D379-7166-D9C6-1FB7-CB1658E125D1}" = CCC Help Chinese Traditional
"{ED082826-CCAC-1F22-67B3-40E6149AB56C}" = CCC Help Finnish
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F11ADC64-C89E-47F4-A0B3-3665FF859397}" = WORLD IN CONFLICT
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F31B5936-E765-BF72-EB28-AF4E71966842}" = CCC Help Chinese Standard
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F5DB4726-E7D3-2400-13F9-C470A3C9FD1F}" = Catalyst Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FC384AF3-A370-2EE7-3F65-965C3819780B}" = Catalyst Control Center InstallProxy
"{FCBEFF93-3A91-F55E-4CB6-DD6E30B84964}" = CCC Help Hungarian
"1489-3350-5074-6281" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"AutoHotkey" = AutoHotkey 1.0.48.05
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"ESN Sonar-0.70.4" = ESN Sonar
"FileZilla Client" = FileZilla Client 3.5.0
"FlyVPN" = FlyVPN
"HLSW_is1" = HLSW v1.3.3.7b
"Hotkey Utility" = Hotkey Utility
"HotspotShield" = Hotspot Shield 2.07
"Identity Card" = Identity Card
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"LOLReplay" = LOLReplay
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Mozilla Firefox 10.0.1 (x86 de)" = Mozilla Firefox 10.0.1 (x86 de)
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"OpenVPN" = OpenVPN 2.1.4
"Origin" = Origin
"Packard Bell InfoCentre" = Packard Bell InfoCentre
"Packard Bell Registration" = Packard Bell Registration
"Packard Bell Screensaver" = Packard Bell ScreenSaver
"Packard Bell Software Suite SE" = Packard Bell Software Suite SE
"Packard Bell Welcome Center" = Welcome Center
"Postal 2 Share The Pain" = Postal 2 Share The Pain
"Project Reality: BF2 (pr)_is1" = Project Reality: BF2
"PunkBusterSvc" = PunkBuster Services
"Rainmeter" = Rainmeter
"SpeedFan" = SpeedFan (remove only)
"Steam App 10" = Counter-Strike
"Steam App 4000" = Garry's Mod
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 550" = Left 4 Dead 2
"TeamViewer 6" = TeamViewer 6
"VideoGet_is1" = Nuclear Coffee - VideoGet
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.11
"WBFS Manager 3.0" = WBFS Manager 3.0
"WildTangent packardbell Master Uninstall" = Packard Bell Games
"WinLiveSuite" = Windows Live Essentials
"WT088283" = Plants vs. Zombies
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 05.02.2012 07:52:47 | Computer Name = Mert-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
 0x4ea78f27  Name des fehlerhaften Moduls: filesystem_steam.dll_unloaded, Version:
 0.0.0.0, Zeitstempel: 0x4ee862ad  Ausnahmecode: 0xc0000005  Fehleroffset: 0x5feff119
ID
 des fehlerhaften Prozesses: 0xd88  Startzeit der fehlerhaften Anwendung: 0x01cce3fa80e4e159
Pfad
 der fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\dafishburne\counter-strike
 source\hl2.exe  Pfad des fehlerhaften Moduls: filesystem_steam.dll  Berichtskennung:
 eb42d2be-4fef-11e1-8bba-b5d4120d9aa2
 
Error - 05.02.2012 09:40:47 | Computer Name = Mert-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: java.exe, Version: 6.0.260.3, Zeitstempel:
 0x4dc11607  Name des fehlerhaften Moduls: java.dll, Version: 6.0.260.3, Zeitstempel:
 0x4dc14bf1  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00004e2f  ID des fehlerhaften Prozesses:
 0x10dc  Startzeit der fehlerhaften Anwendung: 0x01cce40bc20ec688  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Java\jre6\bin\java.exe  Pfad des fehlerhaften Moduls:
 C:\Program Files (x86)\Java\jre6\bin\java.dll  Berichtskennung: 019d95a1-4fff-11e1-8bba-b5d4120d9aa2
 
Error - 06.02.2012 10:29:50 | Computer Name = Mert-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 06.02.2012 10:30:59 | Computer Name = Mert-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8.  Der
 Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 06.02.2012 17:02:11 | Computer Name = Mert-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
 0x4ea78f27  Name des fehlerhaften Moduls: filesystem_steam.dll_unloaded, Version:
 0.0.0.0, Zeitstempel: 0x4ee862ad  Ausnahmecode: 0xc0000005  Fehleroffset: 0x62b6f119
ID
 des fehlerhaften Prozesses: 0x135c  Startzeit der fehlerhaften Anwendung: 0x01cce50cf034a455
Pfad
 der fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\dafishburne\counter-strike
 source\hl2.exe  Pfad des fehlerhaften Moduls: filesystem_steam.dll  Berichtskennung:
 d5c79edd-5105-11e1-94d2-82e2616115d4
 
Error - 07.02.2012 12:20:45 | Computer Name = Mert-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
 0x4ea78f27  Name des fehlerhaften Moduls: filesystem_steam.dll_unloaded, Version:
 0.0.0.0, Zeitstempel: 0x4ee862ad  Ausnahmecode: 0xc0000005  Fehleroffset: 0x6116f119
ID
 des fehlerhaften Prozesses: 0x1514  Startzeit der fehlerhaften Anwendung: 0x01cce5a94640dc95
Pfad
 der fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\dafishburne\counter-strike
 source\hl2.exe  Pfad des fehlerhaften Moduls: filesystem_steam.dll  Berichtskennung:
 af623f32-51a7-11e1-b1e9-9e63525640a5
 
Error - 07.02.2012 17:03:47 | Computer Name = Mert-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
 0x4ea78f27  Name des fehlerhaften Moduls: filesystem_steam.dll_unloaded, Version:
 0.0.0.0, Zeitstempel: 0x4ee862ad  Ausnahmecode: 0xc0000005  Fehleroffset: 0x62bdf119
ID
 des fehlerhaften Prozesses: 0x8ac  Startzeit der fehlerhaften Anwendung: 0x01cce5d4c5fa6afc
Pfad
 der fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\dafishburne\counter-strike
 source\hl2.exe  Pfad des fehlerhaften Moduls: filesystem_steam.dll  Berichtskennung:
 397919ba-51cf-11e1-ab3e-e0924cc1d4a4
 
Error - 08.02.2012 18:00:14 | Computer Name = Mert-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
 0x4ea78f27  Name des fehlerhaften Moduls: filesystem_steam.dll_unloaded, Version:
 0.0.0.0, Zeitstempel: 0x4ee862ad  Ausnahmecode: 0xc0000005  Fehleroffset: 0x62bff119
ID
 des fehlerhaften Prozesses: 0x1b74  Startzeit der fehlerhaften Anwendung: 0x01cce6ac0b8c0124
Pfad
 der fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\dafishburne\counter-strike
 source\hl2.exe  Pfad des fehlerhaften Moduls: filesystem_steam.dll  Berichtskennung:
 46c1e6bb-52a0-11e1-891c-93343de406a2
 
Error - 09.02.2012 10:36:05 | Computer Name = Mert-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
 0x4ea78f27  Name des fehlerhaften Moduls: filesystem_steam.dll_unloaded, Version:
 0.0.0.0, Zeitstempel: 0x4ee862ad  Ausnahmecode: 0xc0000005  Fehleroffset: 0x635df119
ID
 des fehlerhaften Prozesses: 0xe0  Startzeit der fehlerhaften Anwendung: 0x01cce73447b9a479
Pfad
 der fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\dafishburne\counter-strike
 source\hl2.exe  Pfad des fehlerhaften Moduls: filesystem_steam.dll  Berichtskennung:
 6515bb19-532b-11e1-942f-dde2dd7a27a5
 
Error - 09.02.2012 18:24:47 | Computer Name = Mert-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
 0x4ea78f27  Name des fehlerhaften Moduls: filesystem_steam.dll_unloaded, Version:
 0.0.0.0, Zeitstempel: 0x4f28cccc  Ausnahmecode: 0xc0000005  Fehleroffset: 0x6345f1c9
ID
 des fehlerhaften Prozesses: 0x8a4  Startzeit der fehlerhaften Anwendung: 0x01cce772c8acc5f9
Pfad
 der fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\dafishburne\counter-strike
 source\hl2.exe  Pfad des fehlerhaften Moduls: filesystem_steam.dll  Berichtskennung:
 df227b1b-536c-11e1-9950-b571ff864aa2
 
[ System Events ]
Error - 18.02.2012 09:45:38 | Computer Name = Mert-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Hotspot Shield Service" ist vom Dienst "DHCP-Client" abhängig,
 der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 18.02.2012 09:45:38 | Computer Name = Mert-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "IP-Hilfsdienst" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 18.02.2012 09:45:38 | Computer Name = Mert-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "SMB-Miniredirector-Wrapper und -Modul" ist vom Dienst 
"Umgeleitetes Puffersubsystem" abhängig, der aufgrund folgenden Fehlers nicht gestartet
 wurde:   %%31
 
Error - 18.02.2012 09:45:38 | Computer Name = Mert-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "SMB 1.x-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper
 und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 18.02.2012 09:45:38 | Computer Name = Mert-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "SMB 2.0-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper
 und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 18.02.2012 09:45:38 | Computer Name = Mert-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "NLA (Network Location Awareness)" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 18.02.2012 09:45:38 | Computer Name = Mert-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Client Virtualization Handler" ist vom Dienst "Application
 Virtualization Client" abhängig, der aufgrund folgenden Fehlers nicht gestartet
 wurde:   %%1068
 
Error - 18.02.2012 09:45:38 | Computer Name = Mert-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   AFD  avipbb  DfsC  discache  ElbyCDIO  NetBIOS  NetBT  nsiproxy  Psched  rdbss  spldr  tdx  Wanarpv6  WfpLwf
 
Error - 18.02.2012 09:53:52 | Computer Name = Mert-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "StarOpen" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%577
 
Error - 18.02.2012 10:00:25 | Computer Name = Mert-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "StarOpen" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%577
 
 
< End of report >
         
__________________


Antwort

Themen zu Zirkumflex und Akzent doppelt (Keylogger?)
antivir, antivir guard, autorun, avira, bho, bonjour, cdburnerxp, desktop, error, firefox, format, google, hijack, home, hotspot, hotspot shield, internet, internet explorer, logfile, mozilla, notification, origin, packard bell, pando media booster, problem, realtek, registry, rundll, safer networking, security, software, trojaner, version=1.0, windows



Ähnliche Themen: Zirkumflex und Akzent doppelt (Keylogger?)


  1. Windows7 / Seiten hängen/ Dialoge im TV doppelt /Reklame doppelt gesendet
    Plagegeister aller Art und deren Bekämpfung - 04.01.2015 (16)
  2. "Selbstinstallation" von Winrar und Keylogger "The best Keylogger" möglich?
    Plagegeister aller Art und deren Bekämpfung - 26.06.2014 (19)
  3. Euro-Zeichen € erscheint bei Anschlag doppelt: Keylogger?
    Log-Analyse und Auswertung - 30.09.2013 (3)
  4. Zirkumflex ^ direkt doppelte Ausgabe, kein Trojaner Fund mit MBAM, trotzdem präventiver Scan + Logauswertung
    Log-Analyse und Auswertung - 20.01.2013 (11)
  5. Doppelt
    Mülltonne - 25.09.2012 (0)
  6. doppelt bka
    Mülltonne - 04.09.2011 (1)
  7. Doppeltes Zirkumflex-Zeichen, verlangsamter PC
    Plagegeister aller Art und deren Bekämpfung - 26.08.2011 (8)
  8. Mein Netbook macht seit ein paar Tagen Sonderzeichen immer doppelt. --> keylogger?
    Plagegeister aller Art und deren Bekämpfung - 18.08.2011 (4)
  9. doppelt!
    Mülltonne - 10.08.2011 (1)
  10. Keylogger Trojan-Spy.Win32.KeyLogger.cqd in Windows32
    Plagegeister aller Art und deren Bekämpfung - 05.08.2010 (1)
  11. WoW Keylogger: Keylogger : TR\FakeAV.C[Trojan]
    Log-Analyse und Auswertung - 20.01.2010 (11)
  12. doppelt..
    Mülltonne - 21.06.2009 (2)
  13. Akzent-Tasten spinnen . . .
    Alles rund um Windows - 04.12.2008 (2)
  14. AW: Akzent-Tasten spinnen . . .
    Mülltonne - 02.12.2008 (0)
  15. Doppelt
    Mülltonne - 25.08.2008 (0)
  16. xp advanced keylogger Commercial KeyLogger
    Plagegeister aller Art und deren Bekämpfung - 03.08.2007 (4)
  17. family keylogger Commercial KeyLogger
    Plagegeister aller Art und deren Bekämpfung - 29.03.2006 (17)

Zum Thema Zirkumflex und Akzent doppelt (Keylogger?) - Servus, ich hab seid heute gerade eben irgendwie das Problem, das mein Zirkumflex doppelt erscheint. Laut Google soll es ein Trojaner und/oder Keylogger sein. Hier mein Hijackthis-Log: Code: Alles auswählen - Zirkumflex und Akzent doppelt (Keylogger?)...
Archiv
Du betrachtest: Zirkumflex und Akzent doppelt (Keylogger?) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.