Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Abnow-Trojaner

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 04.03.2012, 14:53   #1
das_yunchen
 
Abnow-Trojaner - Standard

Abnow-Trojaner



Hallo zusammen,

ich habe mir offenbar auch den Abnow-Trojaner eingefangen. Avira findet im Minutentakt eine Datei mit Namen "TR/Sirefef.BP.1".
Da ich mir selbst überhaupt nicht zu helfen weiß, wollte ich - wie in euren Threas empfohlen - erstmal einen Scan mit OTL machen, um euch die Log-Daten zur Verfügung zu stellen. Hoffe, ihr könnt was damit anfangenOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 04.03.2012 14:30:28 - Run 1
OTL by OldTimer - Version 3.2.35.0     Folder = C:\Users\ASUS\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,90 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 50,41% Memory free
6,01 Gb Paging File | 4,65 Gb Available in Paging File | 77,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116,44 Gb Total Space | 22,42 Gb Free Space | 19,25% Space Free | Partition Type: NTFS
Drive D: | 109,60 Gb Total Space | 99,38 Gb Free Space | 90,67% Space Free | Partition Type: NTFS
 
Computer Name: ASUS-PC | User Name: ASUS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\ASUS\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\Avira\AntiVir Desktop\avscan.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avcenter.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Windows\ASScrPro.exe ()
PRC - C:\Program Files\P4G\BatteryLife.exe (ATK)
PRC - C:\Program Files\ATK Hotkey\HControl.exe (ATK0100)
PRC - C:\Program Files\ATK Hotkey\WDC.exe ()
PRC - C:\Program Files\ATK Hotkey\KBFiltr.exe ()
PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
PRC - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()
PRC - C:\Program Files\P4P\P4P.exe ()
PRC - C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe ()
PRC - C:\Program Files\ATK Hotkey\AsLdrSrv.exe ()
PRC - C:\Program Files\ATKOSD2\ATKOSD2.exe ()
PRC - C:\Program Files\Wireless Console 2\wcourier.exe ()
PRC - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
PRC - C:\Program Files\Apoint2K\Apvfb.exe (ALPS)
PRC - C:\Program Files\Apoint2K\hidfind.exe (Alps Electric Co., Ltd.)
PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\bcb66dbad2b45d05235b37a02f737eb5\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll ()
MOD - C:\Program Files\Mozilla Firefox\js3250.dll ()
MOD - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll ()
MOD - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll ()
MOD - C:\Program Files\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll ()
MOD - \\?\globalroot\systemroot\system32\mswsock.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\ASScrPro.exe ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2819.40561__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2819.40767__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2819.40521__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2819.40573__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2819.40760__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2819.40553__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2819.40662__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2819.40540__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2819.40794__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2819.40720__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2819.40801__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2819.40534__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2819.40671__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2819.40747__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2819.40728__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2819.40733__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2819.40727__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2819.40788__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2819.40761__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2819.40585__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2819.40664__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2819.40541__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2819.40709__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2819.40657__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2819.40591__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2819.40579__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2819.40690__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2819.40670__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2819.40662__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2819.40590__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2819.40670__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2819.40689__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2819.40708__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2756.30551__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2756.30547__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2756.30563__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2756.30557__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2756.30563__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2756.30548__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2756.30538__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2756.30568__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2756.30564__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2756.30593__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2756.30535__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2756.30635__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2756.30560__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2756.30541__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2756.30592__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2756.30565__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2756.30590__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2756.30556__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2756.30550__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2756.30543__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2756.30559__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2756.30554__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2756.30578__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2756.30588__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2756.30552__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2756.30559__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2756.30577__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2756.30568__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2756.30564__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2756.30590__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2756.30567__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2756.30558__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2756.30562__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2756.30558__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2756.30555__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2756.30551__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2756.30537__90ba9c70f846762e\AEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2819.40823__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2819.40513__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2819.40548__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2819.40781__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2819.40514__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2819.40779__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2756.30545__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2756.30555__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2756.30543__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2756.30589__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2756.30556__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2819.40529__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2819.40514__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2819.40512__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2756.30554__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2819.40780__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2756.30556__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2756.30578__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2819.40513__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
MOD - C:\Program Files\ASUS\ASUS Data Security Manager\AdsmendecExt.dll ()
MOD - C:\Program Files\P4P\P4P.exe ()
MOD - C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll ()
MOD - C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll ()
MOD - C:\Program Files\Motorola\SMSERIAL\sm56ita.dll ()
MOD - C:\Program Files\Motorola\SMSERIAL\sm56esp.dll ()
MOD - C:\Program Files\Motorola\SMSERIAL\sm56brz.dll ()
MOD - C:\Program Files\Motorola\SMSERIAL\sm56kor.dll ()
MOD - C:\Program Files\Motorola\SMSERIAL\sm56ger.dll ()
MOD - C:\Program Files\Motorola\SMSERIAL\sm56fra.dll ()
MOD - C:\Program Files\Motorola\SMSERIAL\sm56dnk.dll ()
MOD - C:\Program Files\Motorola\SMSERIAL\sm56jpn.dll ()
MOD - C:\Program Files\Motorola\SMSERIAL\sm56cht.dll ()
MOD - C:\Program Files\Motorola\SMSERIAL\sm56chs.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (wdelmgr20) -- C:\Windows\System32\sskbfd.dll ()
SRV - (W700mgmt) -- C:\Windows\System32\sit_prt.dll ()
SRV - (SRTSP) -- C:\Windows\System32\s116mgmt.dll ()
SRV - (sisperf) -- C:\Windows\System32\cmdagent.dll ()
SRV - (se2Dunic) -- C:\Windows\System32\sscdmdm.dll ()
SRV - (se26unic) -- C:\Windows\System32\mpservice.dll ()
SRV - (qbposdbextservices) -- C:\Windows\System32\SiS300i.dll ()
SRV - (prism_a02) -- C:\Windows\System32\vwd.dll ()
SRV - (picturetaker) -- C:\Windows\System32\tsscoreservice.dll ()
SRV - (mwlsvc) -- C:\Windows\System32\StillCam.dll ()
SRV - (MSIRCOMM) -- C:\Windows\System32\Sk9920nt.dll ()
SRV - (mi-raysat_3dsmax9_32) -- C:\Windows\System32\prepdrvr.dll ()
SRV - (lxda_device) -- C:\Windows\System32\wandrv.dll ()
SRV - (lvselsus) -- C:\Windows\System32\usrbridg.dll ()
SRV - (IWCA) -- C:\Windows\System32\advantage.dll ()
SRV - (issuser) -- C:\Windows\System32\lvcomser.dll ()
SRV - (ikfileflt) -- C:\Windows\System32\CVirtA.dll ()
SRV - (hcwPVRP2) -- C:\Windows\System32\PolarUSB.dll ()
SRV - (giveio) -- C:\Windows\System32\cxusb.dll ()
SRV - (ctdvda2k) -- C:\Windows\System32\se58unic.dll ()
SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (spmgr) -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()
SRV - (ADSMService) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe ()
SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) --  File not found
DRV - (NwlnkFlt) --  File not found
DRV - (motmodem) --  File not found
DRV - (MotDev) --  File not found
DRV - (motccgpfl) --  File not found
DRV - (motccgp) --  File not found
DRV - (IpInIp) --  File not found
DRV - (hwusbdev) --  File not found
DRV - (hwdatacard) --  File not found
DRV - (FsUsbExDisk) --  File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (DfsC) -- C:\Windows\System32\drivers\dfsc.sys ()
DRV - (ssadmdm) -- C:\Windows\System32\drivers\ssadmdm.sys (MCCI Corporation)
DRV - (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\ssadbus.sys (MCCI Corporation)
DRV - (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM) -- C:\Windows\System32\drivers\ssadserd.sys (MCCI Corporation)
DRV - (ssadmdfl) SAMSUNG Android USB Modem (Filter) -- C:\Windows\System32\drivers\ssadmdfl.sys (MCCI Corporation)
DRV - (androidusb) -- C:\Windows\System32\drivers\ssadadb.sys (Google Inc)
DRV - (BVRPMPR5) -- C:\Windows\System32\drivers\BVRPMPR5.SYS (Avanquest Software)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (AsDsm) -- C:\Windows\System32\drivers\AsDsm.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (ghaio) -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys ()
DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys ()
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (JRAID) -- C:\Windows\system32\DRIVERS\jraid.sys (JMicron Technology Corp.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (JGOGO) -- C:\Windows\system32\DRIVERS\JGOGO.sys (JMicron )
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://mystart.incredibar.com/mb106?a=6R8hyxkQWz&i=26
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb106/?search={searchTerms}&loc=IB_DS&a=6R8hyxkQWz&i=26
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "foxsearch"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch"
FF - prefs.js..browser.search.order.1: "foxsearch"
FF - prefs.js..browser.search.selectedEngine: "foxsearch"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.3.55472
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.8
FF - prefs.js..extensions.enabledItems: {FBF6D7FB-F305-4445-BB3D-FEF66579A033}:5.0.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442
FF - prefs.js..extensions.enabledItems: bug489729@alice0775:1.3
FF - prefs.js..extensions.enabledItems: 2020Player_IKEA@2020Technologies.com:5.0.7.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: greenwebplayer@greentube.com:0.9.8
FF - prefs.js..extensions.enabledItems: toolbar@web.de:1.7.1
FF - prefs.js..extensions.enabledItems: ffxtlbr@incredibar.com:1.5.0
FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF - user.js..browser.search.selectedEngine: "foxsearch"
FF - user.js..browser.search.order.1: "foxsearch"
FF - user.js..browser.search.defaultenginename: "foxsearch"
FF - user.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.07.13 15:13:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.07.24 15:50:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.10.24 18:54:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.13 18:25:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.07.13 15:13:00 | 000,000,000 | ---D | M]
 
[2010.06.24 17:37:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\Extensions
[2012.03.03 22:31:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\6a7bwg7a.Katze\extensions
[2012.01.29 21:24:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\6a7bwg7a.Katze\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.01.29 21:31:26 | 000,000,000 | ---D | M] (Multirow Bookmarks Toolbar) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\6a7bwg7a.Katze\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
[2012.01.26 18:57:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\7hqwswef.default\extensions
[2011.12.29 18:02:04 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\7hqwswef.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.11.05 23:04:42 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\7hqwswef.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.05.03 08:29:44 | 000,000,000 | ---D | M] (Multirow Bookmarks Toolbar) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\7hqwswef.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
[2011.09.16 17:57:17 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\7hqwswef.default\extensions\2020Player_IKEA@2020Technologies.com
[2011.07.22 11:16:47 | 000,000,000 | ---D | M] ("bug489729") -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\7hqwswef.default\extensions\bug489729@alice0775
[2012.01.21 23:38:20 | 000,000,000 | ---D | M] (Incredibar Toolbar) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\7hqwswef.default\extensions\ffxtlbr@incredibar.com
[2011.12.09 21:13:41 | 000,000,000 | ---D | M] ("GreenWebPlayer") -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\7hqwswef.default\extensions\greenwebplayer@greentube.com
[2011.03.20 21:22:47 | 000,000,000 | ---D | M] (Personas) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\7hqwswef.default\extensions\personas@christopher.beard
[2011.12.29 18:01:42 | 000,000,000 | ---D | M] (Cooliris) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\7hqwswef.default\extensions\piclens@cooliris.com
[2011.12.29 18:01:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\7hqwswef.default\extensions\piclens@cooliris.com-trash
[2011.12.29 18:02:01 | 000,000,000 | ---D | M] (WEB.DE Toolbar) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\7hqwswef.default\extensions\toolbar@web.de
[2012.01.21 23:38:14 | 000,002,203 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\7hqwswef.default\searchplugins\MyStart Search.xml
[2012.01.23 00:26:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.12.04 20:04:42 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010.08.01 17:09:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.11.26 18:04:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.03.25 18:56:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.06.17 14:36:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.10.23 11:09:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2010.07.24 15:50:24 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2010.06.27 09:19:28 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.10.03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.03.19 08:23:30 | 000,686,592 | ---- | M] (Synatix GmbH) -- C:\Program Files\mozilla firefox\plugins\npmieze.dll
[2010.06.12 02:24:05 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.06.24 19:02:02 | 000,002,191 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2010.06.12 02:24:05 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.07.05 20:33:32 | 000,000,143 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\foxsearch.src
[2010.06.12 02:24:05 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.06.12 02:24:05 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.06.12 02:24:05 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Users\ASUS\AppData\Roaming\Gutscheinmieze\toolbar.dll (Synatix GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Users\ASUS\AppData\Roaming\Gutscheinmieze\toolbar.dll (Synatix GmbH)
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe ()
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [PowerForPhone] C:\Program Files\P4P\P4P.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe File not found
O4 - Startup: C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O8 - Extra context menu item: add to &BOM - C:\\PROGRA~1\\BIET-O~1\\\\AddToBOM.hta ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - %SystemRoot%\system32\wshbth.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{163B5AB9-0C1E-4030-8CF3-EDB7BADFD08E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{67FAC825-ECA3-4CCD-943A-5339B2C48E98}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\ASUS\Desktop\Bilder\69alg49x.jpg
O24 - Desktop BackupWallPaper: C:\Users\ASUS\Desktop\Bilder\69alg49x.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{f5bbd599-320a-11e0-bf1b-001fc6536295}\Shell - "" = AutoRun
O33 - MountPoints2\{f5bbd599-320a-11e0-bf1b-001fc6536295}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f5bbd5d3-320a-11e0-bf1b-001fc6536295}\Shell - "" = AutoRun
O33 - MountPoints2\{f5bbd5d3-320a-11e0-bf1b-001fc6536295}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f5bbd5dd-320a-11e0-bf1b-001fc6536295}\Shell - "" = AutoRun
O33 - MountPoints2\{f5bbd5dd-320a-11e0-bf1b-001fc6536295}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f5d2ec0e-7fab-11df-8787-001fc6536295}\Shell - "" = AutoRun
O33 - MountPoints2\{f5d2ec0e-7fab-11df-8787-001fc6536295}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f5d2ec1c-7fab-11df-8787-001fc6536295}\Shell - "" = AutoRun
O33 - MountPoints2\{f5d2ec1c-7fab-11df-8787-001fc6536295}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.03.04 14:22:45 | 000,585,216 | ---- | C] (OldTimer Tools) -- C:\Users\ASUS\Desktop\OTL.exe
[2012.03.04 10:47:29 | 000,000,000 | -HSD | C] -- C:\Users\ASUS\AppData\Local\e71a9f09
[2012.02.26 22:50:47 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\Quecksilber
[2012.02.26 22:43:46 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\Oomph!
[2012.02.26 22:43:31 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\Oomph
[2012.02.26 22:43:25 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\DANN HABE ICH UMSONST GELEBT
[2012.02.26 22:43:15 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\10 Jahre
[2012.02.22 03:06:57 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012.02.22 03:06:56 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.02.22 03:06:55 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012.02.22 03:06:54 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012.02.22 03:06:54 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012.02.22 03:06:53 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012.02.22 03:06:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.02.22 03:06:52 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.02.22 03:06:49 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.02.22 03:06:48 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012.02.22 03:06:48 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.02.22 03:06:48 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012.02.22 03:06:48 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012.02.22 03:06:47 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.02.22 03:06:47 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.02.22 03:06:47 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.02.22 03:06:47 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.02.22 03:06:47 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.02.22 03:06:46 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.02.22 03:06:46 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.02.22 03:06:45 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.02.22 03:06:45 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012.02.22 03:06:45 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012.02.22 03:06:45 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012.02.22 03:06:43 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.02.22 03:06:43 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.02.22 03:06:43 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012.02.22 03:06:42 | 001,798,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.02.22 03:06:42 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012.02.22 03:06:42 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012.02.22 03:06:42 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012.02.22 03:06:41 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.02.22 03:06:41 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012.02.22 03:06:40 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.02.22 03:06:40 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.02.22 03:06:39 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012.02.22 03:06:39 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012.02.22 03:05:17 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2012.02.22 03:05:17 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2012.02.22 03:05:16 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012.02.22 03:05:16 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2012.02.22 03:05:16 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2012.02.22 03:05:16 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2012.02.22 03:05:15 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2012.02.22 03:05:08 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2012.02.22 03:05:08 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012.02.22 03:05:07 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012.02.22 03:05:06 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012.02.22 03:05:05 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012.02.22 03:05:05 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2012.02.22 03:05:04 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2012.02.22 03:05:04 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2012.02.22 03:05:04 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012.02.22 03:05:04 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2012.02.22 03:05:04 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012.02.22 03:05:03 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2012.02.22 03:05:03 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2012.02.22 03:05:03 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2012.02.22 03:05:02 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2012.02.22 03:05:02 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2012.02.22 03:05:01 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2012.02.22 03:02:19 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2012.02.22 03:02:19 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2012.02.22 03:02:19 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2012.02.22 03:02:18 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2012.02.22 03:02:17 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2012.02.22 03:02:17 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2012.02.15 23:51:36 | 002,044,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.02.06 23:55:54 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\Adobe
[2012.02.06 23:52:47 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Adobe
[5 C:\Users\ASUS\Desktop\*.tmp files -> C:\Users\ASUS\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.03.04 14:22:49 | 000,585,216 | ---- | M] (OldTimer Tools) -- C:\Users\ASUS\Desktop\OTL.exe
[2012.03.04 14:14:30 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.03.04 14:10:05 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.03.04 13:27:50 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.04 13:27:50 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.04 13:27:32 | 000,000,000 | -HS- | M] () -- C:\Windows\System32\dds_log_trash.cmd
[2012.03.04 13:27:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.04 13:27:25 | 3119,734,784 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.04 13:26:32 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.03.04 10:06:01 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2012.02.28 22:39:54 | 000,128,400 | ---- | M] () -- C:\Users\ASUS\Desktop\Groupon-8FA55E9113.pdf
[2012.02.26 22:42:59 | 000,618,442 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.02.26 22:42:59 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.02.26 22:42:59 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.02.26 22:42:58 | 000,122,842 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.02.22 03:07:22 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2012.02.22 03:07:22 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2012.02.22 03:06:57 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012.02.22 03:06:56 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.02.22 03:06:55 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012.02.22 03:06:54 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012.02.22 03:06:54 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012.02.22 03:06:53 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012.02.22 03:06:52 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.02.22 03:06:52 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.02.22 03:06:49 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.02.22 03:06:48 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012.02.22 03:06:48 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.02.22 03:06:48 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012.02.22 03:06:48 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012.02.22 03:06:47 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.02.22 03:06:47 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.02.22 03:06:47 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.02.22 03:06:47 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.02.22 03:06:47 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012.02.22 03:06:47 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.02.22 03:06:46 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.02.22 03:06:46 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.02.22 03:06:45 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.02.22 03:06:45 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012.02.22 03:06:45 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012.02.22 03:06:45 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012.02.22 03:06:43 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.02.22 03:06:43 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.02.22 03:06:43 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012.02.22 03:06:42 | 001,798,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.02.22 03:06:42 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012.02.22 03:06:42 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012.02.22 03:06:42 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012.02.22 03:06:41 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.02.22 03:06:41 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012.02.22 03:06:40 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.02.22 03:06:40 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.02.22 03:06:39 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012.02.22 03:06:39 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012.02.22 03:05:17 | 000,979,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2012.02.22 03:05:17 | 000,357,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2012.02.22 03:05:16 | 002,873,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012.02.22 03:05:16 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2012.02.22 03:05:16 | 000,261,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2012.02.22 03:05:16 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2012.02.22 03:05:15 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2012.02.22 03:05:08 | 000,288,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2012.02.22 03:05:08 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012.02.22 03:05:07 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012.02.22 03:05:06 | 001,068,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012.02.22 03:05:05 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012.02.22 03:05:05 | 000,486,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2012.02.22 03:05:04 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2012.02.22 03:05:04 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2012.02.22 03:05:04 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012.02.22 03:05:04 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2012.02.22 03:05:04 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012.02.22 03:05:03 | 000,667,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2012.02.22 03:05:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2012.02.22 03:05:03 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2012.02.22 03:05:02 | 001,554,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2012.02.22 03:05:02 | 000,847,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2012.02.22 03:05:01 | 000,876,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2012.02.22 03:02:21 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\dxgkrnl.sys.mui
[2012.02.22 03:02:19 | 000,369,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2012.02.22 03:02:19 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2012.02.22 03:02:19 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2012.02.22 03:02:18 | 000,519,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2012.02.22 03:02:17 | 000,321,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2012.02.22 03:02:17 | 000,189,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2012.02.20 14:57:10 | 000,000,680 | ---- | M] () -- C:\Users\ASUS\AppData\Local\d3d9caps.dat
[2012.02.16 03:23:44 | 000,290,432 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.02.06 14:35:52 | 000,091,648 | ---- | M] () -- C:\Users\ASUS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[5 C:\Users\ASUS\Desktop\*.tmp files -> C:\Users\ASUS\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.03.04 10:47:57 | 000,000,000 | -HS- | C] () -- C:\Windows\System32\dds_log_trash.cmd
[2012.02.28 22:39:54 | 000,128,400 | ---- | C] () -- C:\Users\ASUS\Desktop\Groupon-8FA55E9113.pdf
[2012.02.22 03:06:47 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.06.17 12:41:34 | 000,075,264 | ---- | C] () -- C:\Windows\System32\drivers\dfsc.sys
[2011.01.16 16:14:52 | 000,015,873 | ---- | C] () -- C:\Windows\System32\Inetde.dll
[2011.01.04 15:10:56 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.01.04 15:10:56 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.01.04 15:10:56 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.01.04 15:10:56 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2010.07.13 23:01:34 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2010.07.13 23:01:34 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2010.07.13 15:12:09 | 000,023,685 | ---- | C] () -- C:\Windows\hpqins15.dat
[2010.07.06 08:11:20 | 000,181,708 | ---- | C] () -- C:\Windows\hpoins44.dat
[2010.06.28 19:15:32 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010.06.28 19:15:31 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.06.28 19:14:53 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010.06.26 09:14:55 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.06.25 01:39:23 | 000,091,648 | ---- | C] () -- C:\Users\ASUS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.25 00:31:08 | 000,000,680 | ---- | C] () -- C:\Users\ASUS\AppData\Local\d3d9caps.dat
[2010.06.25 00:28:59 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
 
========== LOP Check ==========
 
[2012.02.03 00:11:11 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Amazon
[2012.03.03 23:34:44 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\BitTorrent
[2011.01.16 17:53:14 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\BOM
[2011.02.27 22:06:28 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Foxit Software
[2010.07.05 20:33:32 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Gutscheinmieze
[2011.08.15 21:02:35 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\IrfanView
[2011.01.30 23:08:21 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Jumping Bytes
[2010.06.25 00:54:35 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\OpenOffice.org
[2011.07.02 21:05:35 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\SaalDesignSoftware
[2011.06.15 13:38:26 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Samsung
[2011.01.16 21:14:34 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Sony
[2012.03.04 14:13:24 | 000,032,614 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
--- --- ---

Geändert von das_yunchen (04.03.2012 um 15:06 Uhr)

Alt 04.03.2012, 14:54   #2
das_yunchen
 
Abnow-Trojaner - Standard

Abnow-Trojaner



OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 04.03.2012 14:30:28 - Run 1
OTL by OldTimer - Version 3.2.35.0     Folder = C:\Users\ASUS\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,90 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 50,41% Memory free
6,01 Gb Paging File | 4,65 Gb Available in Paging File | 77,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116,44 Gb Total Space | 22,42 Gb Free Space | 19,25% Space Free | Partition Type: NTFS
Drive D: | 109,60 Gb Total Space | 99,38 Gb Free Space | 90,67% Space Free | Partition Type: NTFS
 
Computer Name: ASUS-PC | User Name: ASUS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13DC354E-F233-4C9D-B45E-6C46D98A7131}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1A2223E6-E9F9-4B05-AABD-992D143719B1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | 
"{2198E3FB-ABA3-49F6-9C44-34BDCA1A452D}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe | 
"{22E28A27-92B6-4355-A607-C53C986E3068}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{2848C8D9-2065-404F-8BF5-998904DA0674}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{3536753E-7BEA-48E6-8CAA-34485F907401}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | 
"{3612232E-0442-4203-9D77-9B8995319273}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | 
"{39DC63A0-79E0-48FD-8C87-7D7067E76B5C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{3C7FA110-281E-42D3-8A79-1BA902BD2B61}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | 
"{4763E5BC-A333-4BBC-9DD6-CF4C198D44F7}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | 
"{49486E58-7FBE-4676-82E9-45AD77F8CBA2}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{4F029C43-BCA1-46FB-A118-F9D2454885E6}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | 
"{506DDAB8-A154-40D6-8C00-DE0DEDC66EAD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe | 
"{5DE16391-A730-4F94-8AB0-D53D2CB84C38}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | 
"{684B75DD-0BF1-42AA-8F2F-A6D86D38CFC9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe | 
"{72CE5C9E-1862-413F-86CA-0CCDDB76DC52}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe | 
"{7F085F0E-AB0F-4B8B-8F9C-40AD988A1056}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | 
"{7F240661-EBD8-4AF3-8AB1-D8D2B4A4CAD0}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe | 
"{8668F746-4E10-4647-A3BB-7FAF41E929C2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe | 
"{AF11C29F-1CA2-4110-B8FF-199074C0905C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe | 
"{D817138F-5533-4693-91A0-863E8C871B88}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe | 
"{EDF3EC4F-B33C-461A-A398-C05239FCB15A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | 
"{F8E7EFAD-E6D2-4C26-AD9E-65FB0560DBF8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | 
"{FC747ABD-39C7-427D-AA9D-A97D74B9455B}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe | 
"TCP Query User{142CB052-D4E6-4079-8185-5C0C0F2DF337}C:\program files\ibm\spss\statistics\19\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\ibm\spss\statistics\19\jre\bin\javaw.exe | 
"TCP Query User{1DBCE326-C695-4273-9C04-D2E97C77EE4B}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{4BCC5E75-8319-4DAD-A802-D86886120D90}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{52EA5807-2EA2-44F7-9D51-CD580C9941C0}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"TCP Query User{6368EEF6-996A-41E0-AD59-902725CDCB74}C:\program files\motorola\software update\msu.exe" = protocol=6 | dir=in | app=c:\program files\motorola\software update\msu.exe | 
"TCP Query User{689CA9FD-3CBA-4F68-AFCD-E1C3CE5FCB2A}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{7CA717DC-135B-4517-AF0A-A693591E927E}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | 
"TCP Query User{A1DBEBF1-431F-4CCE-BD7A-6FFCCBAA69AF}C:\program files\ibm\spss\statistics\19\stats.exe" = protocol=6 | dir=in | app=c:\program files\ibm\spss\statistics\19\stats.exe | 
"UDP Query User{01A5E723-4586-455A-8F84-89296CF90950}C:\program files\ibm\spss\statistics\19\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\ibm\spss\statistics\19\jre\bin\javaw.exe | 
"UDP Query User{1F40A2E3-A7D5-4FD5-AB1F-23F45C653D9F}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{31488D3F-C252-4E11-973E-B157AC33DCB6}C:\program files\motorola\software update\msu.exe" = protocol=17 | dir=in | app=c:\program files\motorola\software update\msu.exe | 
"UDP Query User{34F7EF42-006F-4E7A-AA75-20F93837AF7C}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"UDP Query User{C03D20BA-4084-4018-9E75-5E0E35AD996D}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{E6DF2A59-4B94-4231-AC5E-522A00F2E065}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{EB64FA43-2583-45FB-8EC1-26B84C97AF35}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | 
"UDP Query User{F07E2E31-2A5D-4ED0-9837-7B9A5CAD56FC}C:\program files\ibm\spss\statistics\19\stats.exe" = protocol=17 | dir=in | app=c:\program files\ibm\spss\statistics\19\stats.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0317EE62-BB72-232C-21AD-28AD56705B43}" = Catalyst Control Center Localization Norwegian
"{0471535C-AB62-0568-D530-FE2240E4FEBE}" = Catalyst Control Center Localization Finnish
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{06C43FAA-7226-41EF-A05E-9AE0AA849FFE}" = IBM SPSS Statistics 19
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0D2FA6AB-6A5C-009F-AEB0-A8FC4D3F2713}" = Catalyst Control Center Localization Dutch
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{0F895695-33CC-4203-9C47-25EF2AC9441C}" = Media Go
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series" = Canon MG5200 series MP Drivers
"{167A35BE-B061-C93E-D25A-A3AE1BEA87DE}" = CCC Help Norwegian
"{188AEDDC-400C-3D92-FCDA-A7BCE8E3E346}" = Catalyst Control Center Localization Hungarian
"{19409577-D40F-71B0-0805-E5535F52C0B4}" = CCC Help Turkish
"{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 29
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{288CE5A4-1D84-0102-7981-7325F2405CE0}" = Catalyst Control Center Localization Portuguese
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2C1B4D83-DB44-7017-D2D1-22C8474D4274}" = Catalyst Control Center Localization Chinese Traditional
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{30D45C2F-B1BB-2B20-1BBD-A0C6E9498882}" = CCC Help German
"{30D55644-D123-01FF-1B00-967D705EBACD}" = Catalyst Control Center Core Implementation
"{3111B0D5-109A-8434-814F-BA6EA9E2EE9D}" = Catalyst Control Center Localization French
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMB36X Raid Configurer
"{3C6E91D5-52A3-64F2-C6E1-3B85D2CEF6D5}" = Catalyst Control Center Localization Chinese Standard
"{41EE1EEA-2144-74CD-16AD-C4CE79A6F145}" = CCC Help Finnish
"{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{47DDE8F1-BC0A-68E4-919D-1D876D94868E}" = CCC Help Thai
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4BA9EE54-F5F7-F03B-826A-A975FDB85B13}" = Catalyst Control Center Graphics Light
"{4EFACC63-4679-DCEB-C9D4-84CB84E37BA4}" = CCC Help Portuguese
"{50B0E292-BA9F-76E9-CEBA-B9A243919B43}" = CCC Help Czech
"{5273AD85-0ABC-D6CC-DF9C-CF608988D525}" = Catalyst Control Center Localization Greek
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{58BA5A62-C800-9CF7-82F9-A0EC416491FC}" = Catalyst Control Center Localization German
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5B88B61C-1840-34F1-4510-4424B762F9C4}" = Skins
"{5BAA4A86-1629-BD54-6FF4-BBD8940881FE}" = Catalyst Control Center Localization Czech
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{6176162F-9A93-64D0-B884-6BD73BEAD01A}" = CCC Help Swedish
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{639673E9-D53F-44F4-A046-485C8A6ADA15}" = Paint.NET v3.5.6
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69D3FAB8-DE45-A23F-656F-1B74A578A33F}" = CCC Help Dutch
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6C8D1A16-C340-C37F-B487-25EB92844998}" = Catalyst Control Center Localization Turkish
"{6D35A9E3-A223-860E-D62A-FB3618A5797D}" = ccc-utility
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7395CEA8-47BD-8AEF-7053-F64AE288E0B2}" = Catalyst Control Center Graphics Full New
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7870EF7D-9695-5411-11BA-6D6D8D3B38A3}" = CCC Help Hungarian
"{7B956313-AF5A-4D04-4198-20DA101C2F32}" = CCC Help Chinese Traditional
"{7D62ABA3-35EC-623E-2C5F-1B3332CB705B}" = Media Go Video Playback Engine 1.64.106.02280
"{7D906A46-4D3E-37C9-97A6-D62366B2CB38}" = Catalyst Control Center Localization Russian
"{8153891A-832D-8D6E-EF3A-4BDCCCC359C3}" = CCC Help Spanish
"{81890CC2-F808-144F-D14A-34915917E6CE}" = ccc-core-static
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8CFEBE9C-F29F-4C49-80E0-7106970F8734}" = Power4Gear eXtreme
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90BB7429-B79F-2D27-C0C8-0415372AC151}" = Catalyst Control Center Graphics Full Existing
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{930D34E5-EAB5-2C22-CBA7-71203B5AC7E0}" = Catalyst Control Center Localization Korean
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93B37CB8-DFB4-F06D-6C7C-63C9D96314F6}" = CCC Help English
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{98CFA620-07DD-A35E-78C0-4C69885F73CE}" = Catalyst Control Center Localization Polish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.0 - Deutsch
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{AD768873-F28E-07F5-EC31-658D90F9D086}" = ATI Catalyst Install Manager
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B1DAFD11-6727-0499-D375-68B11B8F835B}" = Catalyst Control Center Localization Spanish
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BF35698F-0CB2-72C9-DA2B-DC8361C3DBD7}" = Saal Design Software
"{C0FC1C14-4824-4A73-87A6-9E888C9C3102}" = ASUS Splendid Video Enhancement Technology
"{C25215FC-5900-48B0-B93C-8D3379027312}" = PASW Statistics 18
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C6ED91E3-EF73-920D-6EA1-D522B739DB07}" = Catalyst Control Center Localization Italian
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C8127B93-4D1C-5B2E-AAF7-6028A025441A}" = CCC Help Korean
"{CAA8D2E9-7B18-2F42-7054-355ECA9B543E}" = CCC Help Italian
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CBC8BACE-DBF8-139B-238F-69FEAFDE4914}" = CCC Help Japanese
"{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
"{CDCB2F53-B8B4-4F62-FB2A-31B1834922CF}" = CCC Help Polish
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF8D7842-09A8-2B4B-6E0D-4BD6DB0905EF}" = CCC Help Russian
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D2CCF748-D260-9CF2-177F-53FA6B852CF5}" = CCC Help Danish
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D529A8B0-3B7E-36D7-EC8C-252CA37089FB}" = Catalyst Control Center Localization Japanese
"{D57CDF88-E5D6-F364-E32C-6FD84F19043C}" = Catalyst Control Center Localization Thai
"{D7E04009-B191-4E9D-9D2D-1BBE57BD8A42}" = VistaFeaturePack
"{D8282D1A-9A6C-C43D-3F48-761D589DD5E2}" = CCC Help Greek
"{DB435DBD-3D4D-8DB0-CC76-6BA9EC8BC453}" = Catalyst Control Center Localization Danish
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DE08355A-D247-5AFF-131C-8B067FF5D626}" = CCC Help Chinese Standard
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EF11795E-0F98-30BB-0C43-32B6B3596060}" = Catalyst Control Center Graphics Previews Vista
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3D078CD-456C-D48C-3298-209FED4734E3}" = CCC Help French
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F652496E-155C-4D5D-EBA5-5378D78DDA44}" = Catalyst Control Center Localization Swedish
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FC3D290D-79BE-44B7-ABF9-FDD110925930}" = P4P
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Biet-O-Matic v2.14.8" = Biet-O-Matic v2.14.8
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"Digsby" = Digsby
"DivX Setup" = DivX-Setup
"Foxit Reader" = Foxit Reader
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"hp deskjet 3320 series_Driver" = hp deskjet 3320 series
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"InstallShield_{D7E04009-B191-4E9D-9D2D-1BBE57BD8A42}" = VistaFeaturePack
"LastFM_is1" = Last.fm 1.5.4.27091
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.11)" = Mozilla Firefox (3.6.11)
"PDF Blender" = PDF Blender
"RealPlayer 12.0" = RealPlayer
"SaalDesignSoftware" = Saal Design Software
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010)
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"VLC classic" = VLC classic
"VLC media player" = VLC media player 1.1.9
"WinRAR archiver" = WinRAR
"Zattoo4" = Zattoo4 4.0.5
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 24.02.2012 12:42:32 | Computer Name = ASUS-PC | Source = System Restore | ID = 8193
Description = 
 
Error - 28.02.2012 13:21:18 | Computer Name = ASUS-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 28.02.2012 13:27:23 | Computer Name = ASUS-PC | Source = System Restore | ID = 8193
Description = 
 
Error - 02.03.2012 05:06:58 | Computer Name = ASUS-PC | Source = System Restore | ID = 8193
Description = 
 
Error - 03.03.2012 22:00:29 | Computer Name = ASUS-PC | Source = System Restore | ID = 8193
Description = 
 
Error - 03.03.2012 22:07:37 | Computer Name = ASUS-PC | Source = Windows Search Service | ID = 3006
Description = 
 
Error - 03.03.2012 22:07:38 | Computer Name = ASUS-PC | Source = Windows Search Service | ID = 3007
Description = 
 
Error - 03.03.2012 22:26:29 | Computer Name = ASUS-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 03.03.2012 23:01:47 | Computer Name = ASUS-PC | Source = System Restore | ID = 8193
Description = 
 
Error - 04.03.2012 05:11:25 | Computer Name = ASUS-PC | Source = WinMgmt | ID = 10
Description = 
 
[ OSession Events ]
Error - 21.06.2011 10:31:35 | Computer Name = ASUS-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 67
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 06.07.2011 17:06:45 | Computer Name = ASUS-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 115
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 14.12.2011 16:15:42 | Computer Name = ASUS-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 
Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session 
lasted 18307 seconds with 840 seconds of active time.  This session ended with a
 crash.
 
[ System Events ]
Error - 04.03.2012 09:39:28 | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7023
Description = 
 
Error - 04.03.2012 09:40:28 | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7023
Description = 
 
Error - 04.03.2012 09:41:27 | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7023
Description = 
 
Error - 04.03.2012 09:42:31 | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7023
Description = 
 
Error - 04.03.2012 09:43:28 | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7023
Description = 
 
Error - 04.03.2012 09:44:30 | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7023
Description = 
 
Error - 04.03.2012 09:45:29 | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7023
Description = 
 
Error - 04.03.2012 09:46:28 | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7023
Description = 
 
Error - 04.03.2012 09:47:28 | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7023
Description = 
 
Error - 04.03.2012 09:48:27 | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7023
Description = 
 
 
< End of report >
         
--- --- ---




Der 2. Teil.
__________________


Alt 04.03.2012, 17:07   #3
markusg
/// Malware-holic
 
Abnow-Trojaner - Standard

Abnow-Trojaner



hi
nutzt du den pc für onlinebanking einkäufe, sonstige zahlungsabwicklungen, oder ähnlich wichtiges, wie berufliches?
__________________
__________________

Alt 04.03.2012, 18:02   #4
das_yunchen
 
Abnow-Trojaner - Standard

Abnow-Trojaner



Hallo,

ja Onlinebanking nutze ich ab und zu. Für berufliches nicht wirklich - ich bin Studentin.

Mittlerweile kann ich übrigens die google-Suche wieder problemlos nutzen, gibt es dafür irgendeine Erklärung?

Alt 04.03.2012, 20:16   #5
markusg
/// Malware-holic
 
Abnow-Trojaner - Standard

Abnow-Trojaner



bitte die bank anrufen, onlinebanking wegen zero access rootkit sperren lassen.
der pc muss neu aufgesetzt und dann abgesichert werden
1. Datenrettung:2. Formatieren, Windows neuinstallieren:3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.
6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Abnow-Trojaner
adblock, antivir, application/pdf, application/pdf:, asus, autorun, avira, bho, device driver, error, explorer, firefox, format, gfnexsrv.exe, google, google earth, home, hook, hotkey, incredibar toolbar, logfile, microsoft, mozilla, plug-in, port, realtek, registry, scan, searchscopes, security, security scan, software, vista, wallpaper, winlogon



Ähnliche Themen: Abnow-Trojaner


  1. abnow-Weiterleitung und Gema Trojaner -> Katastrophe
    Plagegeister aller Art und deren Bekämpfung - 02.04.2012 (11)
  2. Abnow Virus
    Plagegeister aller Art und deren Bekämpfung - 31.03.2012 (7)
  3. abnow.com Trojaner Entfernung?
    Plagegeister aller Art und deren Bekämpfung - 24.03.2012 (9)
  4. abnow entfernen
    Plagegeister aller Art und deren Bekämpfung - 22.03.2012 (3)
  5. Abnow Trojaner (und vielleicht noch anderes) Logs im Anhang
    Plagegeister aller Art und deren Bekämpfung - 17.03.2012 (5)
  6. GEMA Trojaner - abnow.com
    Plagegeister aller Art und deren Bekämpfung - 15.03.2012 (1)
  7. Abnow-Virus
    Plagegeister aller Art und deren Bekämpfung - 14.03.2012 (35)
  8. abnow-trojaner auf meinem laptop
    Plagegeister aller Art und deren Bekämpfung - 14.03.2012 (4)
  9. Weiterleitung zu abnow.com
    Plagegeister aller Art und deren Bekämpfung - 12.03.2012 (1)
  10. Abnow Trojaner löschen nicht möglich
    Plagegeister aller Art und deren Bekämpfung - 10.03.2012 (15)
  11. ABNOW Trojaner
    Plagegeister aller Art und deren Bekämpfung - 08.03.2012 (7)
  12. abnow trojaner entfernen?
    Plagegeister aller Art und deren Bekämpfung - 06.03.2012 (3)
  13. abnow Virus
    Log-Analyse und Auswertung - 05.03.2012 (1)
  14. Befallen von AbNow.
    Plagegeister aller Art und deren Bekämpfung - 29.02.2012 (7)
  15. Abnow.com Trojaner entfernen?
    Log-Analyse und Auswertung - 27.02.2012 (3)
  16. Abnow.com entfernen
    Log-Analyse und Auswertung - 27.02.2012 (1)
  17. Abnow und systemwiederherstellung
    Plagegeister aller Art und deren Bekämpfung - 24.02.2012 (8)

Zum Thema Abnow-Trojaner - Hallo zusammen, ich habe mir offenbar auch den Abnow-Trojaner eingefangen. Avira findet im Minutentakt eine Datei mit Namen "TR/Sirefef.BP.1". Da ich mir selbst überhaupt nicht zu helfen weiß, wollte ich - Abnow-Trojaner...
Archiv
Du betrachtest: Abnow-Trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.