Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Zirkumflex und Akzent doppelt (Keylogger?)

Zirkumflex und Akzent doppelt (Keylogger?)


Plagegeister aller Art und deren Bekämpfung: Zirkumflex und Akzent doppelt (Keylogger?)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 18.02.2012, 21:58   #1
MERTiFY
 
Zirkumflex und Akzent doppelt (Keylogger?) - Standard

Zirkumflex und Akzent doppelt (Keylogger?)


Servus,

ich hab seid heute gerade eben irgendwie das Problem, das mein Zirkumflex doppelt erscheint.
Laut Google soll es ein Trojaner und/oder Keylogger sein.

Hier mein Hijackthis-Log:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:40:21, on 18.02.2012
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16930)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe
C:\Program Files (x86)\ICQ7.5\ICQ.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Users\Mert\AppData\Roaming\Nuaww\vooduk.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Mert\Desktop\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 127.94.0.1 client.openvpn.net
O1 - Hosts: 127.94.0.2 openvpn-client.us.shieldexchange.com
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [ESL Wire] "C:\Program Files\EslWire\wire.exe" --tray
O4 - HKCU\..\Run: [{02FB9F1A-4B0E-2F4F-52E7-C6837AF433CB}] C:\Users\Mert\AppData\Roaming\Nuaww\vooduk.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O4 - Global Startup: UltraMon.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\flyvpn\flyvpnbind.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\flyvpn\flyvpnbind.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\flyvpn\flyvpnbind.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: OpenVPN Access Client (OpenVPNAccessClient) - Unknown owner - C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WireHelpSvc - Unknown owner - C:\Program Files\Common Files\WireHelpSvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12757 bytes

OTL-LOG:

Code:
ATTFilter
OTL logfile created on: 18.02.2012 21:52:42 - Run 1
OTL by OldTimer - Version 3.2.33.0     Folder = C:\Users\Mert\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 4,28 Gb Available Physical Memory | 53,63% Memory free
15,96 Gb Paging File | 11,49 Gb Available in Paging File | 71,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456,71 Gb Total Space | 291,63 Gb Free Space | 63,86% Space Free | Partition Type: NTFS
Drive D: | 456,71 Gb Total Space | 340,33 Gb Free Space | 74,52% Space Free | Partition Type: NTFS
Drive F: | 931,51 Gb Total Space | 138,76 Gb Free Space | 14,90% Space Free | Partition Type: NTFS
Drive M: | 7,52 Gb Total Space | 1,78 Gb Free Space | 23,67% Space Free | Partition Type: FAT32
Drive N: | 7,42 Gb Total Space | 7,34 Gb Free Space | 98,94% Space Free | Partition Type: NTFS
 
Computer Name: MERT-PC | User Name: Mert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.02.18 21:52:26 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Mert\Desktop\OTL.exe
PRC - [2012.02.18 21:17:31 | 000,280,904 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2012.02.12 11:54:44 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.01.12 00:29:00 | 028,201,096 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe
PRC - [2012.01.03 22:36:25 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.09.07 19:15:46 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2011.09.03 03:29:50 | 000,287,576 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
PRC - [2011.08.25 19:35:02 | 000,055,296 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe
PRC - [2011.08.25 19:35:02 | 000,024,064 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe
PRC - [2011.08.22 12:34:38 | 000,484,008 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
PRC - [2011.08.22 12:34:38 | 000,400,040 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
PRC - [2011.08.22 12:34:38 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.08.01 09:28:16 | 000,124,480 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ7.5\ICQ.exe
PRC - [2011.07.14 13:21:10 | 000,108,032 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
PRC - [2011.06.01 13:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.05.27 00:14:40 | 000,329,544 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
PRC - [2011.05.27 00:14:36 | 000,363,336 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
PRC - [2011.04.21 06:52:51 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.04.21 06:52:36 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.10.05 14:08:46 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.10.05 14:08:42 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.09.14 02:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.09.14 02:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.08.04 13:40:12 | 000,611,872 | ---- | M] () -- C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
PRC - [2010.03.04 22:38:00 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe
PRC - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe
PRC - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
PRC - [2009.12.21 08:00:50 | 000,081,920 | ---- | M] (Realtime Soft Ltd) -- C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
PRC - [2009.01.26 14:31:12 | 005,365,592 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.02.16 14:46:23 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\8c3a30271ff59d68e8bb09a5e049de95\IAStorUtil.ni.dll
MOD - [2012.02.15 22:13:21 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0a894f77b9aa64acbd3ce791916357d8\System.Runtime.Remoting.ni.dll
MOD - [2012.02.15 22:13:03 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ff30db6905f8ec024fc808ed8779c0f3\System.Windows.Forms.ni.dll
MOD - [2012.02.15 22:12:59 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\a09ee392fa90849f2e9313a1ebbe0279\System.Drawing.ni.dll
MOD - [2012.02.15 22:12:52 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\585ac5899ab444221c8b41df13b194bc\WindowsBase.ni.dll
MOD - [2012.02.15 22:12:49 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll
MOD - [2012.02.15 22:12:47 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll
MOD - [2012.02.15 22:12:46 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll
MOD - [2012.02.14 13:16:21 | 014,415,144 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012.02.14 13:16:19 | 000,857,896 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012.02.14 13:16:17 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll
MOD - [2012.02.14 13:16:15 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll
MOD - [2012.02.14 13:16:13 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll
MOD - [2012.02.12 11:54:43 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.12.18 13:06:58 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\2abaab1dfbdf0db8f4bf0378d8599c98\IAStorCommon.ni.dll
MOD - [2011.12.18 13:06:41 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2011.12.02 19:01:24 | 016,827,392 | R--- | M] () -- C:\Program Files (x86)\Origin\QtWebKit4.dll
MOD - [2011.12.02 18:59:12 | 000,312,320 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qtiff4.dll
MOD - [2011.12.02 18:59:12 | 000,264,192 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qmng4.dll
MOD - [2011.12.02 18:59:12 | 000,211,456 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qjpeg4.dll
MOD - [2011.12.02 18:59:12 | 000,032,256 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qico4.dll
MOD - [2011.12.02 18:59:12 | 000,028,672 | R--- | M] () -- C:\Program Files (x86)\Origin\imageformats\qgif4.dll
MOD - [2011.12.02 18:59:10 | 000,172,544 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qjpcodecs4.dll
MOD - [2011.12.02 18:59:10 | 000,158,208 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qtwcodecs4.dll
MOD - [2011.12.02 18:59:10 | 000,143,872 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qcncodecs4.dll
MOD - [2011.12.02 18:59:10 | 000,079,872 | R--- | M] () -- C:\Program Files (x86)\Origin\codecs\qkrcodecs4.dll
MOD - [2011.12.02 18:58:06 | 000,327,680 | R--- | M] () -- C:\Program Files (x86)\Origin\phonon4.dll
MOD - [2011.12.02 18:58:04 | 000,413,184 | R--- | M] () -- C:\Program Files (x86)\Origin\QtXml4.dll
MOD - [2011.12.02 18:58:02 | 001,152,512 | R--- | M] () -- C:\Program Files (x86)\Origin\QtNetwork4.dll
MOD - [2011.12.02 18:58:00 | 009,440,256 | R--- | M] () -- C:\Program Files (x86)\Origin\QtGui4.dll
MOD - [2011.12.02 18:57:58 | 002,694,144 | R--- | M] () -- C:\Program Files (x86)\Origin\QtCore4.dll
MOD - [2011.11.12 23:58:03 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011.11.01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.11.01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.10.10 20:52:14 | 000,070,424 | ---- | M] () -- C:\Programme\TortoiseSVN\bin\libsasl32.dll
MOD - [2011.08.25 19:35:02 | 000,055,296 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe
MOD - [2011.08.25 19:34:06 | 000,039,424 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.SSL.pyd
MOD - [2011.08.25 19:34:06 | 000,006,656 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\pyovpnc.pyd
MOD - [2011.08.25 19:34:00 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.rand.pyd
MOD - [2011.08.25 19:33:58 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.crypto.pyd
MOD - [2011.08.25 19:33:38 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\twisted.protocols._c_urlarg.pyd
MOD - [2011.08.25 19:32:48 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\zope.interface._zope_interface_coptimizations.pyd
MOD - [2011.08.19 01:44:10 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.dll
MOD - [2011.08.06 18:32:27 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\Java\jre6\bin\jp2native.dll
MOD - [2011.07.14 13:21:22 | 001,712,128 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libvorbis_plugin.dll
MOD - [2011.07.14 13:21:22 | 001,137,664 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libxml_plugin.dll
MOD - [2011.07.14 13:21:22 | 001,108,992 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libtaglib_plugin.dll
MOD - [2011.07.14 13:21:22 | 000,368,640 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libtheora_plugin.dll
MOD - [2011.07.14 13:21:22 | 000,078,848 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libzip_plugin.dll
MOD - [2011.07.14 13:21:22 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libwaveout_plugin.dll
MOD - [2011.07.14 13:21:22 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libsvcdsub_plugin.dll
MOD - [2011.07.14 13:21:22 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libugly_resampler_plugin.dll
MOD - [2011.07.14 13:21:20 | 011,496,448 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libqt4_plugin.dll
MOD - [2011.07.14 13:21:20 | 002,169,856 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libskins2_plugin.dll
MOD - [2011.07.14 13:21:20 | 001,013,248 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libschroedinger_plugin.dll
MOD - [2011.07.14 13:21:20 | 000,130,048 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libspeex_plugin.dll
MOD - [2011.07.14 13:21:20 | 000,080,896 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libsap_plugin.dll
MOD - [2011.07.14 13:21:20 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libspudec_plugin.dll
MOD - [2011.07.14 13:21:20 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libscaletempo_plugin.dll
MOD - [2011.07.14 13:21:20 | 000,034,304 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_filter_rar_plugin.dll
MOD - [2011.07.14 13:21:20 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libsimple_channel_mixer_plugin.dll
MOD - [2011.07.14 13:21:20 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\librawvideo_plugin.dll
MOD - [2011.07.14 13:21:20 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_filter_record_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,237,568 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpng_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,194,048 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmp4_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,128,000 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmpgatofixed32_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,108,032 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libplaylist_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,081,408 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_h264_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_mpeg4audio_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_dirac_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_vc1_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,040,448 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_mpegvideo_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,039,424 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_mpeg4video_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,039,424 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_flac_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_mlp_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmono_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,037,888 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpodcast_plugin.dll
MOD - [2011.07.14 13:21:18 | 000,037,888 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmpeg_audio_plugin.dll
MOD - [2011.07.14 13:21:16 | 001,776,128 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liblibass_plugin.dll
MOD - [2011.07.14 13:21:16 | 000,338,432 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liblua_plugin.dll
MOD - [2011.07.14 13:21:16 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libhotkeys_plugin.dll
MOD - [2011.07.14 13:21:16 | 000,035,840 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmediadirs_plugin.dll
MOD - [2011.07.14 13:21:16 | 000,035,840 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liblpcm_plugin.dll
MOD - [2011.07.14 13:21:16 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmemcpymmxext_plugin.dll
MOD - [2011.07.14 13:21:16 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libglobalhotkeys_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,309,760 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfaad_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,265,216 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libflac_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,258,048 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfluidsynth_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,231,424 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdvdnav_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,210,944 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdshow_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,178,176 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdtstofloat32_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdirectx_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,041,984 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libflacsys_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,041,472 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libes_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,039,424 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfilesystem_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,039,424 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdts_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,037,376 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfake_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libcvdsub_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdtstospdif_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdolby_surround_decoder_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfloat32_mixer_plugin.dll
MOD - [2011.07.14 13:21:14 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfolder_plugin.dll
MOD - [2011.07.14 13:21:12 | 008,248,320 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libavcodec_plugin.dll
MOD - [2011.07.14 13:21:12 | 000,088,064 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libavi_plugin.dll
MOD - [2011.07.14 13:21:12 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libasf_plugin.dll
MOD - [2011.07.14 13:21:12 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaout_directx_plugin.dll
MOD - [2011.07.14 13:21:12 | 000,045,568 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaraw_plugin.dll
MOD - [2011.07.14 13:21:12 | 000,041,472 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaudio_format_plugin.dll
MOD - [2011.07.14 13:21:12 | 000,034,304 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libcdg_plugin.dll
MOD - [2011.07.14 13:21:12 | 000,033,280 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaes3_plugin.dll
MOD - [2011.07.14 13:21:12 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libconverter_fixed_plugin.dll
MOD - [2011.07.14 13:21:10 | 002,263,552 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
MOD - [2011.07.14 13:21:10 | 000,108,032 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
MOD - [2011.07.14 13:21:10 | 000,101,376 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
MOD - [2011.07.14 13:21:10 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaccess_bd_plugin.dll
MOD - [2011.07.14 13:21:10 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liba52tofloat32_plugin.dll
MOD - [2011.07.14 13:21:10 | 000,036,352 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liba52_plugin.dll
MOD - [2011.07.14 13:21:10 | 000,030,720 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liba52tospdif_plugin.dll
MOD - [2011.02.27 10:12:56 | 000,110,080 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\pywintypes26.dll
MOD - [2011.02.26 11:33:20 | 000,167,424 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32gui.pyd
MOD - [2011.02.26 11:33:14 | 000,096,768 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32api.pyd
MOD - [2011.02.26 11:32:28 | 000,035,840 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32process.pyd
MOD - [2011.02.26 11:31:48 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32event.pyd
MOD - [2010.12.14 19:55:09 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.12.14 19:55:05 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.08.24 18:48:54 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\select.pyd
MOD - [2010.08.24 18:48:52 | 000,286,208 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_hashlib.pyd
MOD - [2010.08.24 18:48:48 | 000,153,088 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\pyexpat.pyd
MOD - [2010.08.24 18:48:16 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_ctypes.pyd
MOD - [2010.08.24 18:48:02 | 000,720,896 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_ssl.pyd
MOD - [2010.08.24 18:47:50 | 000,040,448 | ---- | M] () -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_socket.pyd
MOD - [2010.08.04 13:40:12 | 000,611,872 | ---- | M] () -- C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
MOD - [2010.08.04 10:47:32 | 000,144,896 | ---- | M] () -- C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyHook.dll
MOD - [2008.06.19 16:35:36 | 000,333,288 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\sqlite3.dll
MOD - [2008.03.05 08:34:32 | 000,795,520 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Fennel.dll
MOD - [2008.03.04 13:52:00 | 000,790,392 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Chai.dll
MOD - [2008.02.26 10:04:40 | 000,717,176 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Mate.dll
MOD - [2007.12.24 00:05:00 | 000,121,344 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\TCPIPAddress.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.09.24 02:58:30 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2012.02.18 21:17:31 | 000,280,904 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2012.01.31 15:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.03 22:36:25 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.11.28 13:21:00 | 000,168,864 | ---- | M] () [Auto | Running] -- C:\Programme\Common Files\WireHelpSvc.exe -- (WireHelpSvc)
SRV - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.09.03 03:32:12 | 000,077,520 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HSSTrayService.exe -- (HssTrayService)
SRV - [2011.09.03 03:29:50 | 000,287,576 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2011.08.25 19:35:02 | 000,024,064 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe -- (OpenVPNAccessClient)
SRV - [2011.08.22 12:34:38 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.01 13:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.05.27 00:14:40 | 000,329,544 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2011.05.27 00:14:36 | 000,363,336 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2011.04.21 06:52:51 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.12.30 23:28:03 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.11.08 22:04:26 | 000,036,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2010.10.05 14:08:46 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010.10.05 14:08:42 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.09.14 02:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010.01.15 22:08:38 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009.09.20 10:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.11.28 13:20:48 | 000,147,472 | ---- | M] (<Turtle Entertainment>) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ESLWireACD.sys -- (ESLWireAC)
DRV:64bit: - [2011.10.01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.09.24 03:58:12 | 010,207,232 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.09.24 02:19:14 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.09.09 15:49:23 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.08.22 12:34:38 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.08.22 12:34:38 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.08.19 01:46:06 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tapoas.sys -- (tapoas)
DRV:64bit: - [2011.08.03 09:58:40 | 000,025,528 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ESLvnic.sys -- (ESLvnic1)
DRV:64bit: - [2011.07.26 18:49:12 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2011.05.10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.03.11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.28 22:36:54 | 000,056,832 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HssDrv.sys -- (HssDrv)
DRV:64bit: - [2011.01.15 17:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010.12.16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.11.08 22:04:26 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2010.09.21 07:34:18 | 000,313,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) Intel(R)
DRV:64bit: - [2010.09.21 02:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.09.14 02:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.11.12 13:48:56 | 000,007,168 | ---- | M] () [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\StarOpen.sys -- (StarOpen)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.29 17:00:50 | 000,132,608 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.04.09 12:38:24 | 000,116,864 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2011.03.18 17:08:56 | 000,029,592 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2009.11.12 13:48:56 | 000,005,504 | ---- | M] () [File_System | Auto | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008.11.14 02:11:42 | 000,020,512 | ---- | M] (Realtime Soft Ltd) [Kernel | Auto | Running] -- C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys -- (UltraMonUtility)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "t-online.de"
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.09.18 18:56:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.18 23:58:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.18 23:58:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.09.18 18:56:05 | 000,000,000 | ---D | M]
 
[2011.08.06 18:00:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mert\AppData\Roaming\mozilla\Extensions
[2012.02.13 18:31:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mert\AppData\Roaming\mozilla\Firefox\Profiles\savn4bdz.default\extensions
[2011.11.10 13:41:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.09.29 15:42:09 | 000,000,000 | ---D | M] (afurladvisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
[2012.02.12 11:54:44 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.08.18 20:54:27 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.08.18 20:54:27 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.08.18 20:54:27 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.08.18 20:54:27 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.08.18 20:54:27 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.08.18 20:54:27 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.11.08 23:54:39 | 000,000,994 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.94.0.1	client.openvpn.net
O1 - Hosts: 127.94.0.2	openvpn-client.us.shieldexchange.com
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [{02FB9F1A-4B0E-2F4F-52E7-C6837AF433CB}] C:\Users\Mert\AppData\Roaming\Nuaww\vooduk.exe ()
O4 - HKCU..\Run: [ESL Wire] C:\Program Files\EslWire\wire.exe (Turtle Entertainment GmbH)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\FlyVPN\FlyVPNBind.dll (www.flyvpn.com)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\FlyVPN\FlyVPNBind.dll (www.flyvpn.com)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\FlyVPN\FlyVPNBind.dll (www.flyvpn.com)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5D66314D-CC1A-4638-B8A7-13A8A44F9016}: DhcpNameServer = 139.7.30.126 139.7.30.125
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{695F12FB-254F-4B60-85B6-14ABDFACA6B0}: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ABBACCCE-0E50-4BFA-9731-6C5BF2CEC6F6}: DhcpNameServer = 10.93.8.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EC551D30-6EAB-4261-82AF-410F9902D3ED}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.09.19 19:52:08 | 000,000,000 | ---D | M] - M:\AutoHotKey -- [ FAT32 ]
O33 - MountPoints2\{082e1ea4-d60a-11e0-bfa7-00ff01000001}\Shell - "" = AutoRun
O33 - MountPoints2\{082e1ea4-d60a-11e0-bfa7-00ff01000001}\Shell\AutoRun\command - "" = M:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{082e1eac-d60a-11e0-bfa7-00ff01000001}\Shell - "" = AutoRun
O33 - MountPoints2\{082e1eac-d60a-11e0-bfa7-00ff01000001}\Shell\AutoRun\command - "" = M:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{530bc02c-f199-11e0-99f6-00ff01000001}\Shell - "" = AutoRun
O33 - MountPoints2\{530bc02c-f199-11e0-99f6-00ff01000001}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL M:\index.html
O33 - MountPoints2\{e3f500b1-c0dd-11e0-826d-f80f41028d81}\Shell - "" = AutoRun
O33 - MountPoints2\{e3f500b1-c0dd-11e0-826d-f80f41028d81}\Shell\AutoRun\command - "" = K:\SETUP.EXE
O33 - MountPoints2\M\Shell - "" = AutoRun
O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.18 21:52:07 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Users\Mert\Desktop\OTL(1).exe
[2012.02.18 21:52:06 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Users\Mert\Desktop\OTL.exe
[2012.02.18 21:39:59 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Mert\Desktop\HiJackThis204.exe
[2012.02.18 19:51:33 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Roaming\Nuaww
[2012.02.18 19:51:33 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Roaming\Koaqyd
[2012.02.18 15:05:43 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Roaming\Malwarebytes
[2012.02.18 15:05:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.18 15:05:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.02.18 15:05:34 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.02.18 15:05:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.02.17 16:56:26 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs
[2012.02.17 14:35:54 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012.02.15 23:40:35 | 000,000,000 | ---D | C] -- C:\Users\Mert\Documents\REFS
[2012.02.15 15:29:48 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012.02.15 15:29:39 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012.02.15 15:29:39 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012.02.15 15:28:01 | 000,634,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012.02.15 15:27:51 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.02.15 15:27:51 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.02.15 15:27:51 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.02.15 15:27:51 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.02.15 15:27:51 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.02.15 15:27:51 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.02.15 15:27:51 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.02.15 15:27:51 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.02.15 15:27:51 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.02.15 15:27:51 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.02.15 15:27:50 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.02.15 15:27:50 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.02.15 15:27:50 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.02.15 15:27:50 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.02.15 15:27:50 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.02.12 18:55:38 | 000,000,000 | ---D | C] -- C:\Users\Mert\Documents\Steckbriefe CHEMIE
[2012.02.10 22:12:29 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Roaming\Skype
[2012.02.10 22:12:17 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.02.10 22:12:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.02.10 22:12:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.02.05 14:52:19 | 000,000,000 | ---D | C] -- C:\Users\Mert\Documents\Electronic Arts
[2012.02.04 00:16:25 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Local\libimobiledevice
[2012.02.03 23:16:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.02.03 23:16:05 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.02.03 23:16:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.02.03 23:16:05 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.02.03 23:14:38 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012.02.03 23:14:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012.02.01 15:32:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries
[2012.02.01 15:32:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SteelSeries
[2012.02.01 15:27:38 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Local\ElevatedDiagnostics
[2012.01.31 15:23:19 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Roaming\TeamViewer
[2012.01.30 22:13:06 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Roaming\Rainmeter
[2012.01.30 22:12:53 | 000,000,000 | ---D | C] -- C:\Users\Mert\Documents\Rainmeter
[2012.01.30 22:10:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter
[2012.01.30 22:10:41 | 000,000,000 | ---D | C] -- C:\Program Files\Rainmeter
[2012.01.30 21:38:23 | 000,000,000 | ---D | C] -- C:\Users\Mert\Desktop\Programme
[2012.01.30 15:19:07 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WBFS Manager
[2012.01.30 15:19:06 | 000,000,000 | ---D | C] -- C:\Users\Mert\Documents\WBFS Manager Covers
[2012.01.30 15:17:38 | 000,000,000 | ---D | C] -- C:\Program Files\WBFS
[2012.01.30 15:05:35 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Local\WBFSManager
[2012.01.29 15:28:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WBFS
[2012.01.28 21:44:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
[2012.01.28 21:44:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SplitMediaLabs
[2012.01.28 20:21:23 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Local\Diagnostics
[2012.01.25 21:52:28 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.01.25 21:52:28 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012.01.25 21:52:28 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012.01.25 21:52:28 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012.01.25 21:52:28 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012.01.25 21:52:28 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.01.22 13:32:00 | 000,000,000 | ---D | C] -- C:\Users\Mert\Desktop\AutoHotKey
[2012.01.22 13:30:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
[2012.01.22 13:30:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoHotkey
[2012.01.21 13:14:01 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Local\Realtime Soft
[2012.01.21 13:13:11 | 000,000,000 | ---D | C] -- C:\Users\Mert\AppData\Roaming\Realtime Soft
[2012.01.21 13:13:09 | 000,000,000 | ---D | C] -- C:\Program Files\UltraMon
[2012.01.21 13:13:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Realtime Soft
[2012.01.21 13:13:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Realtime Soft
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.18 21:52:26 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Mert\Desktop\OTL.exe
[2012.02.18 21:52:26 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Mert\Desktop\OTL(1).exe
[2012.02.18 21:40:00 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Mert\Desktop\HiJackThis204.exe
[2012.02.18 21:17:31 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.02.18 21:17:31 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.02.18 21:16:28 | 003,870,904 | ---- | M] () -- C:\Users\Mert\Desktop\battlelog-web-plugins-1.110.0-retail-prod.exe
[2012.02.18 21:13:42 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.02.18 15:39:59 | 000,992,927 | ---- | M] () -- C:\Users\Mert\Desktop\Unbenannt.jpg
[2012.02.18 15:07:53 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.18 15:07:53 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.18 15:00:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.18 14:59:55 | 2133,766,143 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.18 13:05:07 | 000,113,154 | ---- | M] () -- C:\Users\Mert\Desktop\vivi.jpg
[2012.02.15 23:48:41 | 001,614,892 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.02.15 23:48:41 | 000,697,284 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.02.15 23:48:41 | 000,652,602 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.02.15 23:48:41 | 000,148,322 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.02.15 23:48:41 | 000,121,276 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.02.15 22:11:57 | 000,311,920 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.02.15 17:02:04 | 001,641,574 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.02.13 14:31:06 | 000,013,139 | ---- | M] () -- C:\Users\Mert\Documents\Lebenslauf.odt
[2012.02.10 17:00:33 | 000,283,894 | ---- | M] () -- C:\Users\Mert\Documents\ts3_clientui-win64-1327056547-2012-02-10 17_00_33.045188.dmp
[2012.02.04 00:20:06 | 001,290,907 | ---- | M] () -- C:\s630.4
[2012.02.04 00:20:06 | 000,698,449 | ---- | M] () -- C:\s630.5
[2012.01.30 22:10:42 | 000,001,723 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
[2012.01.21 13:13:09 | 000,002,585 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.02.18 21:16:23 | 003,870,904 | ---- | C] () -- C:\Users\Mert\Desktop\battlelog-web-plugins-1.110.0-retail-prod.exe
[2012.02.18 15:39:59 | 000,992,927 | ---- | C] () -- C:\Users\Mert\Desktop\Unbenannt.jpg
[2012.02.18 13:00:18 | 000,113,154 | ---- | C] () -- C:\Users\Mert\Desktop\vivi.jpg
[2012.02.10 17:00:33 | 000,283,894 | ---- | C] () -- C:\Users\Mert\Documents\ts3_clientui-win64-1327056547-2012-02-10 17_00_33.045188.dmp
[2012.02.04 00:20:06 | 001,290,907 | ---- | C] () -- C:\s630.4
[2012.02.04 00:20:06 | 000,698,449 | ---- | C] () -- C:\s630.5
[2012.01.30 22:10:42 | 000,001,723 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
[2012.01.21 13:13:09 | 000,002,585 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk
[2012.01.21 13:13:09 | 000,002,535 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraMon.lnk
[2011.10.15 10:25:57 | 000,000,618 | ---- | C] () -- C:\Windows\eReg.dat
[2011.09.23 21:15:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.09.18 18:53:42 | 000,245,253 | ---- | C] () -- C:\Windows\hpoins19.dat
[2011.09.18 18:53:42 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2011.09.09 15:48:59 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.09.06 12:47:33 | 000,000,600 | ---- | C] () -- C:\Users\Mert\AppData\Local\PUTTY.RND
[2011.09.01 15:37:42 | 001,641,574 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.08.28 12:47:46 | 000,000,286 | ---- | C] () -- C:\Windows\game.ini
[2011.08.19 14:56:44 | 000,000,233 | ---- | C] () -- C:\Windows\wininit.ini
[2011.08.18 13:41:39 | 000,168,864 | ---- | C] () -- C:\Program Files\Common Files\WireHelpSvc.exe
[2011.08.12 14:07:41 | 000,005,504 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2011.08.11 12:24:59 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.08.11 12:24:58 | 002,580,552 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.08.11 12:24:58 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.08.07 16:14:59 | 000,007,597 | ---- | C] () -- C:\Users\Mert\AppData\Local\Resmon.ResmonCfg
[2011.08.06 18:00:44 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.07.17 22:54:02 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2010.12.30 23:24:02 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2010.12.30 23:15:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2007.04.14 11:24:26 | 000,103,552 | ---- | C] () -- C:\Program Files (x86)\gtaweap3.ttf
 
========== LOP Check ==========
 
[2012.02.18 23:58:51 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\.minecraft
[2011.08.12 14:40:50 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Canneverbe Limited
[2011.11.09 13:23:56 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Dropbox
[2012.02.18 15:29:43 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\FileZilla
[2012.01.05 15:29:13 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\GetRightToGo
[2011.10.17 14:46:09 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\HLSW
[2012.02.18 15:05:22 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\ICQ
[2012.02.18 21:30:46 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Koaqyd
[2011.09.08 21:07:03 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\LolClient
[2012.02.18 23:58:53 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Notepad++
[2012.02.18 19:51:33 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Nuaww
[2011.08.06 17:43:37 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\OEM
[2011.09.01 21:05:35 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\OpenOffice.org
[2011.10.19 23:05:09 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Origin
[2011.10.30 14:51:40 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\pdfforge
[2012.02.18 23:58:53 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Rainmeter
[2012.02.12 19:21:34 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\SoftGrid Client
[2011.11.12 23:54:16 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\SplitMediaLabs
[2011.10.16 21:32:49 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Subversion
[2012.01.31 15:23:19 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\TeamViewer
[2011.09.01 15:38:10 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\TP
[2012.02.18 23:58:53 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\TS3Client
[2011.09.03 14:09:51 | 000,000,000 | ---D | M] -- C:\Users\Mert\AppData\Roaming\Vodafone
[2012.01.05 13:27:37 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

Mit freundlichen Grüßen

 

Themen zu Zirkumflex und Akzent doppelt (Keylogger?)
antivir, antivir guard, autorun, avira, bho, bonjour, cdburnerxp, desktop, error, firefox, format, google, hijack, home, hotspot, hotspot shield, internet, internet explorer, logfile, mozilla, notification, origin, packard bell, pando media booster, plug-in, problem, realtek, registry, rundll, safer networking, security, software, trojaner, version=1.0, windows


« Undelivered Mail Returned to Sender - Virus? | 50€ Zahlen Virus »


Ähnliche Themen: Zirkumflex und Akzent doppelt (Keylogger?)


  1. Windows7 / Seiten hängen/ Dialoge im TV doppelt /Reklame doppelt gesendet
    Plagegeister aller Art und deren Bekämpfung - 04.01.2015 (16)
  2. "Selbstinstallation" von Winrar und Keylogger "The best Keylogger" möglich?
    Plagegeister aller Art und deren Bekämpfung - 26.06.2014 (19)
  3. Euro-Zeichen € erscheint bei Anschlag doppelt: Keylogger?
    Log-Analyse und Auswertung - 30.09.2013 (3)
  4. Zirkumflex ^ direkt doppelte Ausgabe, kein Trojaner Fund mit MBAM, trotzdem präventiver Scan + Logauswertung
    Log-Analyse und Auswertung - 20.01.2013 (11)
  5. Doppelt
    Mülltonne - 25.09.2012 (0)
  6. doppelt bka
    Mülltonne - 04.09.2011 (1)
  7. Doppeltes Zirkumflex-Zeichen, verlangsamter PC
    Plagegeister aller Art und deren Bekämpfung - 26.08.2011 (8)
  8. Mein Netbook macht seit ein paar Tagen Sonderzeichen immer doppelt. --> keylogger?
    Plagegeister aller Art und deren Bekämpfung - 18.08.2011 (4)
  9. doppelt!
    Mülltonne - 10.08.2011 (1)
  10. Keylogger Trojan-Spy.Win32.KeyLogger.cqd in Windows32
    Plagegeister aller Art und deren Bekämpfung - 05.08.2010 (1)
  11. WoW Keylogger: Keylogger : TR\FakeAV.C[Trojan]
    Log-Analyse und Auswertung - 20.01.2010 (11)
  12. doppelt..
    Mülltonne - 21.06.2009 (2)
  13. Akzent-Tasten spinnen . . .
    Alles rund um Windows - 04.12.2008 (2)
  14. AW: Akzent-Tasten spinnen . . .
    Mülltonne - 02.12.2008 (0)
  15. Doppelt
    Mülltonne - 25.08.2008 (0)
  16. xp advanced keylogger Commercial KeyLogger
    Plagegeister aller Art und deren Bekämpfung - 03.08.2007 (4)
  17. family keylogger Commercial KeyLogger
    Plagegeister aller Art und deren Bekämpfung - 29.03.2006 (17)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Zirkumflex und Akzent doppelt (Keylogger?) - Servus, ich hab seid heute gerade eben irgendwie das Problem, das mein Zirkumflex doppelt erscheint. Laut Google soll es ein Trojaner und/oder Keylogger sein. Hier mein Hijackthis-Log: Code: Alles auswählen - Zirkumflex und Akzent doppelt (Keylogger?)...
Archiv
Du betrachtest: Zirkumflex und Akzent doppelt (Keylogger?) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19