Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Ich kann die Internetseite von Kabel Deutschland nicht öffnen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 30.09.2012, 11:18   #16
schrauber
/// the machine
/// TB-Ausbilder
 

Ich kann die Internetseite von Kabel Deutschland nicht öffnen - Standard

Ich kann die Internetseite von Kabel Deutschland nicht öffnen



war ja klar

dann gibts jetzt eben was mit der groben kelle für den knecht


Bitte downloade dir LSPFix
  • Speichere die Datei auf dem Desktop.
  • Starte die LSPFix.exe.
  • Markiere die Box "I know what I'm doing"
  • In der Keep Box solltest eine oder mehrer dieser nspyysym.dll Dateien finden.
  • Wähle jede einzelne vorhandene nspyysym.dll und verschiebe diese in die Remove Box indem du den >> Button drückst.
  • Wenn alle Dateien verschoben wurden klicke Finish>>.




Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:
ATTFilter
:OTL
SRV:64bit: - [2012.06.03 11:05:37 | 000,354,304 | ---- | M] (Parental Solutions Inc.) [Auto | Running] -- C:\Windows\SysNative\poua1evnd.dll -- (Dnscache)
SRV - [2011.12.07 09:18:44 | 000,114,000 | ---- | M] (Joosoft.com GmbH) [Auto | Running] -- C:\Windows\SysWOW64\UpdSvc.dll -- (Update-Service)
IE - HKCU\..\SearchScopes\{BFC736F1-E305-4392-A2FB-A23FBFF20201}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=ABA15893-9C35-426D-B1FC-06F4DC054B90&apn_sauid=3FB4B93A-2295-499A-92A7-5B148B6C5EBF
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
@Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:1CE11B51

:Files
C:\Windows\SysNative\poua1evnd.dll
C:\Windows\SysWOW64\UpdSvc.dll

:Reg
[-HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\Update-Service-Installer-Service]
[-HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\Update-Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
  00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
  64,00,6e,00,73,00,72,00,73,00,6c,00,76,00,72,00,2e,00,64,00,6c,00,6c,00,00,\
  00

:Commands
[emptytemp]
         
  • und füge es hier ein:
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Klick auf .
  • OTL verlangt einen Neustart. Bitte zulassen.
  • Nach dem Neustart findest Du ein Textdokument.

Poste das Fix-Log sowie danach einen neuen Scan mit OTL mit dem Script.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Geändert von schrauber (30.09.2012 um 11:47 Uhr)

Alt 30.09.2012, 12:07   #17
astralie
 
Ich kann die Internetseite von Kabel Deutschland nicht öffnen - Standard

Ich kann die Internetseite von Kabel Deutschland nicht öffnen



Hallo Schrauber,
die grobe Kelle hat funktioniert
Hier die Log-Files:

Fix-Log:
All processes killed
========== OTL ==========
Error: No service named Dnscache was found to stop!
Service\Driver key Dnscache not found.
File C:\Windows\SysNative\poua1evnd.dll not found.
Error: No service named Update-Service was found to stop!
Service\Driver key Update-Service not found.
File C:\Windows\SysWOW64\UpdSvc.dll not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFC736F1-E305-4392-A2FB-A23FBFF20201}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFC736F1-E305-4392-A2FB-A23FBFF20201}\ not found.
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "Ask.com" removed from browser.search.selectedEngine
Unable to delete ADS C:\ProgramData\Temp:1CE11B51 .
========== FILES ==========
File\Folder C:\Windows\SysNative\poua1evnd.dll not found.
File\Folder C:\Windows\SysWOW64\UpdSvc.dll not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\Update-Service-Installer-Service\ not found.
Registry key HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\Update-Service\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters\\"ServiceDll"|hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f ,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,6e,00,73,00,72,00,73,00,6c,00,76,00,72,00,2e,00,64,00,6c,00,6c,00,00 ,00 /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: ***
->Temp folder emptied: 181577 bytes
->Temporary Internet Files folder emptied: 364839959 bytes
->Java cache emptied: 2495057 bytes
->FireFox cache emptied: 96378714 bytes
->Google Chrome cache emptied: 383974044 bytes
->Apple Safari cache emptied: 16384 bytes
->Flash cache emptied: 57051 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 39386586 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 66885 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes
RecycleBin emptied: 23059 bytes

Total Files Cleaned = 846,00 mb


OTL by OldTimer - Version 3.2.68.0 log created on 09302012_124119

Files\Folders moved on Reboot...
C:\Users\***\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
C:\Windows\temp\CLDigitalHome\PCMMediaServer.log moved successfully.
File\Folder C:\Windows\temp\JET5FCB.tmp not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

OTL Log:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 30.09.2012 12:49:57 - Run 4
OTL by OldTimer - Version 3.2.68.0     Folder = C:\Users\***\Desktop\Trojaner Board\1. Mail
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,99 Gb Total Physical Memory | 4,34 Gb Available Physical Memory | 72,50% Memory free
11,98 Gb Paging File | 10,04 Gb Available in Paging File | 83,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457,96 Gb Total Space | 369,13 Gb Free Space | 80,60% Space Free | Partition Type: NTFS
Drive H: | 457,93 Gb Total Space | 351,73 Gb Free Space | 76,81% Space Free | Partition Type: NTFS
Drive J: | 298,09 Gb Total Space | 50,66 Gb Free Space | 16,99% Space Free | Partition Type: NTFS
 
Computer Name: PC-BÜRO | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.26 17:30:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\Trojaner Board\1. Mail\OTL.exe
PRC - [2012.09.10 10:17:48 | 000,436,728 | ---- | M] (TomTom) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.08.01 16:07:16 | 000,724,888 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.08.01 16:07:00 | 000,126,872 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2012.08.01 16:06:58 | 000,148,888 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2012.07.16 06:24:06 | 000,021,432 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.07.16 06:23:56 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012.07.16 06:23:56 | 000,975,800 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2012.04.05 15:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2012.03.13 12:01:14 | 001,609,208 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
PRC - [2012.03.09 16:31:26 | 000,306,184 | ---- | M] (G Data Software) -- C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe
PRC - [2012.02.02 12:21:36 | 001,524,728 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe
PRC - [2012.01.27 15:01:06 | 000,471,048 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe
PRC - [2012.01.27 05:18:28 | 000,985,080 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
PRC - [2012.01.27 05:13:02 | 001,470,968 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
PRC - [2012.01.27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe
PRC - [2012.01.18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011.05.11 17:55:12 | 000,512,000 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung Networking Wizard\ICM_Updater.exe
PRC - [2009.09.23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009.09.06 12:18:00 | 000,582,312 | ---- | M] ( ) -- C:\Programme\Lexmark\ErrorApp\LMab1err.EXE
PRC - [2009.02.03 14:53:00 | 001,155,072 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2008.12.24 17:34:12 | 000,288,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
PRC - [2008.12.24 17:34:10 | 000,058,664 | ---- | M] () -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSMonitorService.exe
PRC - [2008.12.18 13:51:34 | 000,075,048 | ---- | M] () -- C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2008.12.04 13:00:26 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.12.04 13:00:20 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.09.30 12:46:41 | 000,115,137 | ---- | M] () -- C:\Users\***\AppData\Local\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll
MOD - [2012.09.10 10:17:56 | 000,025,592 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\DeviceDetection.dll
MOD - [2012.09.10 10:17:52 | 000,254,968 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterProxy.dll
MOD - [2012.09.10 10:17:50 | 000,073,720 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterBase.dll
MOD - [2012.07.16 06:24:06 | 000,021,432 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012.06.16 09:51:51 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll
MOD - [2012.06.15 09:11:51 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll
MOD - [2012.06.15 09:11:40 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll
MOD - [2012.06.15 09:11:38 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll
MOD - [2012.06.15 09:11:32 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll
MOD - [2012.06.15 09:11:31 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll
MOD - [2012.05.09 21:11:05 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll
MOD - [2012.05.09 21:10:00 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\31fab24c51c0cfe8b8115f24545f169f\System.Runtime.Remoting.ni.dll
MOD - [2012.05.09 21:09:54 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll
MOD - [2012.05.09 21:02:55 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll
MOD - [2012.05.09 21:00:49 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll
MOD - [2012.05.09 21:00:46 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll
MOD - [2012.05.09 21:00:44 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll
MOD - [2012.05.09 21:00:43 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll
MOD - [2012.05.09 21:00:38 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2011.09.26 18:15:38 | 000,178,344 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R)
SRV:64bit: - [2009.09.06 12:18:00 | 001,044,992 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\LMabcoms.exe -- (lmab_device)
SRV:64bit: - [2009.07.02 14:16:04 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.08.01 16:07:16 | 000,724,888 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.07.17 23:14:05 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.04.05 15:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV - [2012.03.13 12:01:14 | 001,609,208 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe -- (GDBackupSvc)
SRV - [2012.03.09 16:31:26 | 000,306,184 | ---- | M] (G Data Software) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe -- (TSNxGService)
SRV - [2012.03.08 12:59:20 | 001,218,040 | ---- | M] (G Data Software AG) [On_Demand | Stopped] -- C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe -- (GDTunerSvc)
SRV - [2012.02.02 12:21:36 | 001,524,728 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2012.01.27 15:01:06 | 000,471,048 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe -- (GDScan)
SRV - [2012.01.27 05:07:28 | 001,765,352 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe -- (GDFwSvc)
SRV - [2012.01.27 05:01:08 | 002,006,872 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlX64.exe -- (AVKWCtl)
SRV - [2012.01.27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe -- (AVKService)
SRV - [2012.01.18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011.06.17 09:34:18 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.03.18 20:06:54 | 000,204,883 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Samsung\Samsung Networking Wizard\ICM_Service.exe -- (ICM_UpdaterService)
SRV - [2011.03.03 09:24:10 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.09.23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.09.06 12:18:00 | 000,593,920 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\LMabcoms.exe -- (lmab_device)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.03 14:53:00 | 001,155,072 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2008.12.24 17:34:12 | 000,288,120 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (CyberLink Media Server Service)
SRV - [2008.12.24 17:34:10 | 000,058,664 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSMonitorService.exe -- (CyberLink Media Server Monitor Service)
SRV - [2008.12.18 13:51:34 | 000,075,048 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2008.12.04 13:00:26 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008.08.07 10:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2007.05.31 11:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 11:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.06.27 15:18:52 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.05.21 04:09:00 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012.05.21 04:09:00 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012.04.24 09:06:02 | 000,106,648 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD)
DRV:64bit: - [2012.04.24 07:33:50 | 000,098,760 | ---- | M] (G Data Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TS4nt.sys -- (TS4NT)
DRV:64bit: - [2012.04.24 07:33:49 | 000,059,768 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt)
DRV:64bit: - [2012.04.24 07:33:38 | 000,122,744 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV:64bit: - [2012.04.24 07:33:38 | 000,064,376 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre)
DRV:64bit: - [2012.04.24 07:33:38 | 000,054,136 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave)
DRV:64bit: - [2012.04.24 07:33:37 | 000,065,912 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd)
DRV:64bit: - [2012.04.18 15:05:16 | 000,019,304 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.18 07:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012.01.18 07:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2012.01.09 17:28:20 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2012.01.09 17:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012.01.09 17:28:20 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.01.09 17:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.12.08 06:22:28 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011.12.08 06:22:28 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011.12.08 06:22:28 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2011.12.08 06:22:28 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011.12.08 06:22:28 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011.11.11 18:52:06 | 000,142,944 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsflt58.sys -- (vidsflt58)
DRV:64bit: - [2011.11.06 19:30:37 | 000,132,704 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv)
DRV:64bit: - [2011.08.02 18:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.07.26 10:55:14 | 000,302,808 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y62x64.sys -- (e1yexpress)
DRV:64bit: - [2011.04.30 13:59:22 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.04.30 13:59:22 | 000,060,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.10.29 16:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.05.07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010.05.07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010.04.27 17:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010.04.27 17:57:14 | 000,036,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo)
DRV:64bit: - [2010.04.27 17:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010.04.27 15:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010.04.27 15:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2009.10.26 16:54:22 | 000,032,768 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.07.02 14:51:28 | 006,036,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.05 06:20:26 | 000,114,192 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.06.05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2008.12.02 14:01:42 | 000,068,608 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTSTOR64.sys -- (RTSTOR)
DRV:64bit: - [2008.04.10 10:20:00 | 000,028,160 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gwfilt64.sys -- (gwfilt64)
DRV:64bit: - [2008.01.30 11:48:32 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2008.01.30 11:48:16 | 000,016,384 | ---- | M] (NewTech Infosystems Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV - [2011.02.24 09:00:52 | 000,106,224 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\GRD.sys -- (GRD)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.02.28 20:40:18 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/02/01 15:45:54] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2008.09.07 18:04:44 | 000,014,632 | ---- | M] () [Kernel | On_Demand | Stopped] -- J:\TREIBER-SOFTWARE\ACER\Aspire M 7720\BIOS\Entpackt\BIOS_ACER_R01.A3_Windows_ASM7720\UCOREW64.SYS -- (UCOREW64)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=0809&m=aspire_m7720
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0AF8D5E4-7BDF-4F5A-B3A7-E63F2EE2B6D2}: "URL" = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wiki-tab_internet_std&q={searchTerms}&br=ie7-toi
IE - HKCU\..\SearchScopes\{4072E9E1-2D9A-4542-8FD3-8B33E794EE96}: "URL" = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie7-toi
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE352
IE - HKCU\..\SearchScopes\{C42B3C71-565D-43F7-8156-E2F76592E7B5}: "URL" = hxxp://rover.ebay.com/rover/1/707-1403-27640-2/4?mpre=hxxp://search.ebay.de/search/search.dll?shortcut=4&query={searchTerms}
IE - HKCU\..\SearchScopes\{CA3B96AC-D02A-4E6C-987F-AA1221BA3D14}: "URL" = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=interactivemesuche-21&index=blended&linkCode=ur2&camp=1638&creative=6742
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..extensions.enabledAddons: {906305f7-aafc-45e9-8bbd-941950a84dad}:1.1.11215.1124
FF - prefs.js..extensions.enabledAddons: testpilot@labs.mozilla.com:1.2.2
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\***\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\***\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.22 18:00:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2010.07.24 12:54:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2010.07.24 12:54:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012.09.23 12:41:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\itl8ngc3.default\extensions
[2012.05.27 09:14:43 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\itl8ngc3.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.09.23 12:41:01 | 000,621,521 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\itl8ngc3.default\extensions\testpilot@labs.mozilla.com.xpi
[2012.01.03 16:27:44 | 000,002,333 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\itl8ngc3.default\searchplugins\askcom.xml
[2012.08.31 18:43:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.08.27 08:07:39 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.04.24 07:33:49 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
[2012.07.23 16:31:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.08.31 18:43:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.07.22 18:00:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
File not found (No name found) -- C:\USERS\***©\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL8NGC3.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
[2012.07.17 23:15:12 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.17 23:52:25 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.17 23:52:25 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.17 23:52:25 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.17 23:52:26 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.17 23:52:25 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.17 23:52:25 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://search.linkury.com/
CHR - default_search_provider: Linkury Smartbar Search (Enabled)
CHR - default_search_provider: search_url = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:5731629158&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
CHR - default_search_provider: suggest_url = 
CHR - homepage: hxxp://search.linkury.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\***\u00E9\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\***\u00E9\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\***\u00E9\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Click to Call = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
CHR - Extension: Google Mail = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012.09.30 10:02:08 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (SplitButtonBHO Class) - {C0C86BBE-9509-4296-8459-FDBFDAF4B673} - C:\Programme\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [NSU_agent] C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe ()
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [LMab1err] C:\Programme\Lexmark\ErrorApp\LMab1err.EXE ( )
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\Run: [MyTomTomSA.exe] C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe (TomTom)
O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: add to &BOM - C:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta ()
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: FRITZ!Box Dial - C:\Programme\FRITZ!Box\AddOn (IE)\fb_addon_dial_ie.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: add to &BOM - C:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta ()
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: FRITZ!Box Dial - C:\Programme\FRITZ!Box\AddOn (IE)\fb_addon_dial_ie.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9:64bit: - Extra Button: FRITZ!Box AddOn - {328ECD19-C167-40eb-A0C7-16FE7634105F} - C:\Programme\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: dhl.de ([www] https in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: fritz.repeater ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Domains: kabeldeutschland.de ([www] https in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16:64bit: - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection64.cab (Geräteerkennung)
O16:64bit: - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16:64bit: - DPF: {3234EB1E-733E-4E6A-A8AB-EBB6287E5A7E} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel64_4.4.24.0.cab (SysInfo Class)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab (Geräteerkennung)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9FD74E34-2CC1-4999-9613-B3C43CD4657C}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.30 12:07:49 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.09.30 09:40:32 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012.09.29 21:00:32 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.09.29 21:00:32 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.09.29 21:00:32 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.09.29 20:57:24 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.09.29 20:56:44 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.09.29 10:47:31 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012.09.26 17:27:06 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Trojaner Board
[2012.09.26 07:27:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.26 07:27:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.09.25 09:38:46 | 000,000,000 | ---D | C] -- C:\GDSupport
[2012.09.21 20:08:44 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.09.21 20:08:44 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.09.21 20:08:43 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.09.21 20:08:42 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.09.21 20:08:42 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.09.21 20:08:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.09.21 20:08:42 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.09.21 20:08:42 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.09.21 20:08:41 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.09.21 20:08:41 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.09.21 20:08:41 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.09.21 20:08:41 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.09.21 20:08:40 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.09.21 20:08:40 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.09.21 20:08:39 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.09.21 07:29:19 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rndismpx.sys
[2012.09.21 07:29:19 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012.09.21 07:29:18 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012.09.21 07:29:17 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012.09.21 07:29:17 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012.09.15 14:11:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LSoft Technologies
[2012.09.15 14:11:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ ISO Burner
[2012.09.04 16:33:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2012.09.04 16:32:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2012.09.04 16:24:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2012.09.04 16:24:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.09.04 16:24:05 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.08.31 18:43:15 | 000,157,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012.08.31 18:43:15 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012.08.31 18:43:15 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.30 12:50:47 | 000,011,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.30 12:50:47 | 000,011,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.30 12:48:13 | 001,507,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.30 12:48:13 | 000,657,650 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.09.30 12:48:13 | 000,618,936 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.30 12:48:13 | 000,131,040 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.09.30 12:48:13 | 000,107,256 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.30 12:45:56 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.30 12:43:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.30 12:43:24 | 529,928,191 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.30 12:21:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.30 11:34:41 | 000,811,261 | ---- | M] () -- C:\Windows\SysWow64\sig.bin
[2012.09.30 11:34:41 | 000,044,515 | ---- | M] () -- C:\Windows\SysWow64\nmp.map
[2012.09.30 10:02:08 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.09.26 17:28:43 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable
[2012.09.26 15:35:27 | 000,002,486 | ---- | M] () -- C:\Users\***\Desktop\Google Chrome.lnk
[2012.09.26 07:27:50 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.09.04 16:33:29 | 000,002,053 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2012.09.03 16:46:32 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
 
========== Files Created - No Company Name ==========
 
[2012.09.29 21:00:32 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.09.29 21:00:32 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.09.29 21:00:32 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.09.29 21:00:32 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.09.29 21:00:32 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.09.26 17:28:43 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable
[2012.09.26 07:27:50 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.04 16:33:29 | 000,002,053 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2012.09.03 16:46:32 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2012.05.23 18:49:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.03.07 08:13:38 | 000,000,272 | ---- | C] () -- C:\Users\***\AppData\Roaming\default.rss
[2012.01.18 07:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012.01.18 07:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012.01.18 07:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011.12.23 21:58:24 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.12.23 21:58:24 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.12.23 21:58:24 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.12.23 21:58:24 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.11.02 19:28:39 | 000,037,066 | ---- | C] () -- C:\Users\***\AppData\Roaming\Kommagetrennte Werte (DOS).ADR
[2011.07.16 20:39:05 | 000,021,182 | ---- | C] () -- C:\Users\***\AppData\Roaming\Kommagetrennte Werte (DOS).EML
[2011.07.16 14:13:24 | 000,811,261 | ---- | C] () -- C:\Windows\SysWow64\sig.bin
[2011.06.21 20:05:57 | 000,000,022 | ---- | C] () -- C:\Windows\cmm.dat
[2011.04.07 18:16:01 | 000,004,096 | -H-- | C] () -- C:\Users\***\AppData\Local\keyfile3.drm
[2011.02.08 16:42:42 | 001,040,384 | ---- | C] ( ) -- C:\Windows\SysWow64\LMabserv.dll
[2011.02.08 16:42:40 | 000,372,736 | ---- | C] ( ) -- C:\Windows\SysWow64\LMabcomm.dll
[2011.02.08 16:42:40 | 000,356,352 | ---- | C] ( ) -- C:\Windows\SysWow64\LMabhcp.dll
[2011.02.08 16:42:39 | 000,802,816 | ---- | C] ( ) -- C:\Windows\SysWow64\LMabcomc.dll
[2011.02.08 16:42:39 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\LMabprox.dll
[2011.01.29 18:07:29 | 000,148,996 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010.12.11 17:11:15 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.08.19 13:35:23 | 000,012,968 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft Excel.CAL
[2010.08.19 13:32:31 | 000,038,436 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft Excel.ADR
[2010.08.19 07:43:02 | 000,027,243 | ---- | C] () -- C:\Users\***\AppData\Roaming\Persönliches Adressbuch.ADR
[2010.08.17 08:06:54 | 000,012,994 | ---- | C] () -- C:\Users\***\AppData\Roaming\Kommagetrennte Werte (Windows).CAL
[2010.08.17 07:45:23 | 000,038,462 | ---- | C] () -- C:\Users\***\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
[2009.12.24 10:59:54 | 000,006,656 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.11 08:44:41 | 000,000,123 | -HS- | C] () -- C:\ProgramData\.zreglib
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Files - Unicode (All) ==========
[2011.02.10 19:29:10 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms
[2011.02.10 19:29:10 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G??) -- C:\Windows\SysWow64\洴G婄
[2011.02.10 19:29:10 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G??) -- C:\Windows\SysWow64\洴G婄
[2011.02.10 19:29:10 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G??{5af60c91-3524-11e0-95de-00016c6b8e33}.TM.blf) -- C:\Windows\SysWow64\洴G婄{5af60c91-3524-11e0-95de-00016c6b8e33}.TM.blf
[2011.02.10 19:29:10 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G??{5af60c8d-3524-11e0-95de-00016c6b8e33}.TM.blf) -- C:\Windows\SysWow64\洴G婄{5af60c8d-3524-11e0-95de-00016c6b8e33}.TM.blf
[2011.02.10 19:29:10 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G??{5af60c91-3524-11e0-95de-00016c6b8e33}.TM.blf) -- C:\Windows\SysWow64\洴G婄{5af60c91-3524-11e0-95de-00016c6b8e33}.TM.blf
[2011.02.10 19:29:10 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G??{5af60c8d-3524-11e0-95de-00016c6b8e33}.TM.blf) -- C:\Windows\SysWow64\洴G婄{5af60c8d-3524-11e0-95de-00016c6b8e33}.TM.blf
[2011.02.10 19:29:10 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G??.LOG1) -- C:\Windows\SysWow64\洴G婄.LOG1
[2011.02.10 19:29:10 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G??.LOG1) -- C:\Windows\SysWow64\洴G婄.LOG1
[2011.02.10 19:29:10 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G??.LOG2) -- C:\Windows\SysWow64\洴G婄.LOG2
[2011.02.10 19:29:10 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G??.LOG2) -- C:\Windows\SysWow64\洴G婄.LOG2
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 143 bytes -> C:\Users\***\AppData\Roaming\Kommagetrennte Werte (DOS).EML:OECustomProperty

< End of report >
         
--- --- ---


Wollte gerade meine eMails mit Outlook abrufen, bekomme aber immer (auch nach Neustart) die Meldung: "Fehler bei der Übermittlung".
Outlook kann Nachrichten senden, aber keine mehr empfangen.
__________________


Alt 30.09.2012, 12:51   #18
schrauber
/// the machine
/// TB-Ausbilder
 

Ich kann die Internetseite von Kabel Deutschland nicht öffnen - Standard

Ich kann die Internetseite von Kabel Deutschland nicht öffnen



Kannst Du bitte nochmal ein OTL log mit dem Custom Scan posten von hier:

http://www.trojaner-board.de/124666-...tml#post927076
__________________
__________________

Alt 30.09.2012, 13:16   #19
astralie
 
Ich kann die Internetseite von Kabel Deutschland nicht öffnen - Standard

Ich kann die Internetseite von Kabel Deutschland nicht öffnen



Hallo Schrauber,
hier die neue OTL-Log:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 30.09.2012 14:00:02 - Run 5
OTL by OldTimer - Version 3.2.68.0     Folder = C:\Users\***\Desktop\Trojaner Board\1. Mail
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,99 Gb Total Physical Memory | 4,34 Gb Available Physical Memory | 72,45% Memory free
11,98 Gb Paging File | 10,02 Gb Available in Paging File | 83,64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457,96 Gb Total Space | 372,23 Gb Free Space | 81,28% Space Free | Partition Type: NTFS
Drive H: | 457,93 Gb Total Space | 351,73 Gb Free Space | 76,81% Space Free | Partition Type: NTFS
Drive J: | 298,09 Gb Total Space | 50,66 Gb Free Space | 16,99% Space Free | Partition Type: NTFS
 
Computer Name: PC-BÜRO | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.26 17:30:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\Trojaner Board\1. Mail\OTL.exe
PRC - [2012.09.10 10:17:48 | 000,436,728 | ---- | M] (TomTom) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.08.01 16:07:16 | 000,724,888 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.08.01 16:07:00 | 000,126,872 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2012.08.01 16:06:58 | 000,148,888 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2012.07.16 06:24:06 | 000,021,432 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.07.16 06:23:56 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012.07.16 06:23:56 | 000,975,800 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2012.04.05 15:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2012.03.13 12:01:14 | 001,609,208 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
PRC - [2012.03.09 16:31:26 | 000,306,184 | ---- | M] (G Data Software) -- C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe
PRC - [2012.02.02 12:21:36 | 001,524,728 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe
PRC - [2012.01.27 15:01:06 | 000,471,048 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe
PRC - [2012.01.27 05:18:28 | 000,985,080 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
PRC - [2012.01.27 05:13:02 | 001,470,968 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
PRC - [2012.01.27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe
PRC - [2012.01.18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011.05.11 17:55:12 | 000,512,000 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung Networking Wizard\ICM_Updater.exe
PRC - [2009.09.23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009.02.03 14:53:00 | 001,155,072 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2008.12.24 17:34:12 | 000,288,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
PRC - [2008.12.24 17:34:10 | 000,058,664 | ---- | M] () -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSMonitorService.exe
PRC - [2008.12.18 13:51:34 | 000,075,048 | ---- | M] () -- C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2008.12.04 13:00:26 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.12.04 13:00:20 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.09.30 12:46:41 | 000,115,137 | ---- | M] () -- C:\Users\***\AppData\Local\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll
MOD - [2012.09.10 10:17:56 | 000,025,592 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\DeviceDetection.dll
MOD - [2012.09.10 10:17:52 | 000,254,968 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterProxy.dll
MOD - [2012.09.10 10:17:50 | 000,073,720 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterBase.dll
MOD - [2012.07.16 06:24:06 | 000,021,432 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012.06.16 09:51:51 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll
MOD - [2012.06.15 09:11:51 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll
MOD - [2012.06.15 09:11:40 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll
MOD - [2012.06.15 09:11:38 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll
MOD - [2012.06.15 09:11:32 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll
MOD - [2012.06.15 09:11:31 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll
MOD - [2012.05.09 21:11:05 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll
MOD - [2012.05.09 21:10:00 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\31fab24c51c0cfe8b8115f24545f169f\System.Runtime.Remoting.ni.dll
MOD - [2012.05.09 21:09:54 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll
MOD - [2012.05.09 21:02:55 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll
MOD - [2012.05.09 21:00:49 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll
MOD - [2012.05.09 21:00:46 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll
MOD - [2012.05.09 21:00:44 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll
MOD - [2012.05.09 21:00:43 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll
MOD - [2012.05.09 21:00:38 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2011.09.26 18:15:38 | 000,178,344 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R)
SRV:64bit: - [2009.09.06 12:18:00 | 001,044,992 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\LMabcoms.exe -- (lmab_device)
SRV:64bit: - [2009.07.02 14:16:04 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.08.01 16:07:16 | 000,724,888 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.07.17 23:14:05 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.04.05 15:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV - [2012.03.13 12:01:14 | 001,609,208 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe -- (GDBackupSvc)
SRV - [2012.03.09 16:31:26 | 000,306,184 | ---- | M] (G Data Software) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe -- (TSNxGService)
SRV - [2012.03.08 12:59:20 | 001,218,040 | ---- | M] (G Data Software AG) [On_Demand | Stopped] -- C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe -- (GDTunerSvc)
SRV - [2012.02.02 12:21:36 | 001,524,728 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2012.01.27 15:01:06 | 000,471,048 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe -- (GDScan)
SRV - [2012.01.27 05:07:28 | 001,765,352 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe -- (GDFwSvc)
SRV - [2012.01.27 05:01:08 | 002,006,872 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlX64.exe -- (AVKWCtl)
SRV - [2012.01.27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe -- (AVKService)
SRV - [2012.01.18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011.06.17 09:34:18 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.03.18 20:06:54 | 000,204,883 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Samsung\Samsung Networking Wizard\ICM_Service.exe -- (ICM_UpdaterService)
SRV - [2011.03.03 09:24:10 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.09.23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.09.06 12:18:00 | 000,593,920 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\LMabcoms.exe -- (lmab_device)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.03 14:53:00 | 001,155,072 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2008.12.24 17:34:12 | 000,288,120 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (CyberLink Media Server Service)
SRV - [2008.12.24 17:34:10 | 000,058,664 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSMonitorService.exe -- (CyberLink Media Server Monitor Service)
SRV - [2008.12.18 13:51:34 | 000,075,048 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2008.12.04 13:00:26 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008.08.07 10:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2007.05.31 11:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 11:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.06.27 15:18:52 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.05.21 04:09:00 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012.05.21 04:09:00 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012.04.24 09:06:02 | 000,106,648 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD)
DRV:64bit: - [2012.04.24 07:33:50 | 000,098,760 | ---- | M] (G Data Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TS4nt.sys -- (TS4NT)
DRV:64bit: - [2012.04.24 07:33:49 | 000,059,768 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt)
DRV:64bit: - [2012.04.24 07:33:38 | 000,122,744 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV:64bit: - [2012.04.24 07:33:38 | 000,064,376 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre)
DRV:64bit: - [2012.04.24 07:33:38 | 000,054,136 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave)
DRV:64bit: - [2012.04.24 07:33:37 | 000,065,912 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd)
DRV:64bit: - [2012.04.18 15:05:16 | 000,019,304 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.18 07:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012.01.18 07:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2012.01.09 17:28:20 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2012.01.09 17:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012.01.09 17:28:20 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.01.09 17:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.12.08 06:22:28 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011.12.08 06:22:28 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011.12.08 06:22:28 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2011.12.08 06:22:28 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011.12.08 06:22:28 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011.11.11 18:52:06 | 000,142,944 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsflt58.sys -- (vidsflt58)
DRV:64bit: - [2011.11.06 19:30:37 | 000,132,704 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv)
DRV:64bit: - [2011.08.02 18:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.07.26 10:55:14 | 000,302,808 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y62x64.sys -- (e1yexpress)
DRV:64bit: - [2011.04.30 13:59:22 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.04.30 13:59:22 | 000,060,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.10.29 16:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.05.07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010.05.07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010.04.27 17:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010.04.27 17:57:14 | 000,036,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo)
DRV:64bit: - [2010.04.27 17:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010.04.27 15:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010.04.27 15:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2009.10.26 16:54:22 | 000,032,768 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.07.02 14:51:28 | 006,036,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.05 06:20:26 | 000,114,192 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.06.05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2008.12.02 14:01:42 | 000,068,608 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTSTOR64.sys -- (RTSTOR)
DRV:64bit: - [2008.04.10 10:20:00 | 000,028,160 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gwfilt64.sys -- (gwfilt64)
DRV:64bit: - [2008.01.30 11:48:32 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2008.01.30 11:48:16 | 000,016,384 | ---- | M] (NewTech Infosystems Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV - [2011.02.24 09:00:52 | 000,106,224 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\GRD.sys -- (GRD)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.02.28 20:40:18 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/02/01 15:45:54] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2008.09.07 18:04:44 | 000,014,632 | ---- | M] () [Kernel | On_Demand | Stopped] -- J:\TREIBER-SOFTWARE\ACER\Aspire M 7720\BIOS\Entpackt\BIOS_ACER_R01.A3_Windows_ASM7720\UCOREW64.SYS -- (UCOREW64)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=0809&m=aspire_m7720
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0AF8D5E4-7BDF-4F5A-B3A7-E63F2EE2B6D2}: "URL" = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wiki-tab_internet_std&q={searchTerms}&br=ie7-toi
IE - HKCU\..\SearchScopes\{4072E9E1-2D9A-4542-8FD3-8B33E794EE96}: "URL" = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie7-toi
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE352
IE - HKCU\..\SearchScopes\{C42B3C71-565D-43F7-8156-E2F76592E7B5}: "URL" = hxxp://rover.ebay.com/rover/1/707-1403-27640-2/4?mpre=hxxp://search.ebay.de/search/search.dll?shortcut=4&query={searchTerms}
IE - HKCU\..\SearchScopes\{CA3B96AC-D02A-4E6C-987F-AA1221BA3D14}: "URL" = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=interactivemesuche-21&index=blended&linkCode=ur2&camp=1638&creative=6742
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..extensions.enabledAddons: {906305f7-aafc-45e9-8bbd-941950a84dad}:1.1.11215.1124
FF - prefs.js..extensions.enabledAddons: testpilot@labs.mozilla.com:1.2.2
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\***\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\***\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.22 18:00:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2010.07.24 12:54:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2010.07.24 12:54:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012.09.23 12:41:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\itl8ngc3.default\extensions
[2012.05.27 09:14:43 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\itl8ngc3.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.09.23 12:41:01 | 000,621,521 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\itl8ngc3.default\extensions\testpilot@labs.mozilla.com.xpi
[2012.01.03 16:27:44 | 000,002,333 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\itl8ngc3.default\searchplugins\askcom.xml
[2012.08.31 18:43:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.08.27 08:07:39 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.04.24 07:33:49 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
[2012.07.23 16:31:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.08.31 18:43:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.07.22 18:00:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
File not found (No name found) -- C:\USERS\***©\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL8NGC3.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
[2012.07.17 23:15:12 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.17 23:52:25 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.17 23:52:25 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.17 23:52:25 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.17 23:52:26 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.17 23:52:25 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.17 23:52:25 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://search.linkury.com/
CHR - default_search_provider: Linkury Smartbar Search (Enabled)
CHR - default_search_provider: search_url = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:5731629158&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
CHR - default_search_provider: suggest_url = 
CHR - homepage: hxxp://search.linkury.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\***\u00E9\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\***\u00E9\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\***\u00E9\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Click to Call = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
CHR - Extension: Google Mail = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012.09.30 10:02:08 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (SplitButtonBHO Class) - {C0C86BBE-9509-4296-8459-FDBFDAF4B673} - C:\Programme\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [NSU_agent] C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe ()
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [LMab1err] C:\Programme\Lexmark\ErrorApp\LMab1err.EXE ( )
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\Run: [MyTomTomSA.exe] C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe (TomTom)
O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: add to &BOM - C:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta ()
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: FRITZ!Box Dial - C:\Programme\FRITZ!Box\AddOn (IE)\fb_addon_dial_ie.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: add to &BOM - C:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta ()
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: FRITZ!Box Dial - C:\Programme\FRITZ!Box\AddOn (IE)\fb_addon_dial_ie.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9:64bit: - Extra Button: FRITZ!Box AddOn - {328ECD19-C167-40eb-A0C7-16FE7634105F} - C:\Programme\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: dhl.de ([www] https in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: fritz.repeater ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Domains: kabeldeutschland.de ([www] https in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16:64bit: - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection64.cab (Geräteerkennung)
O16:64bit: - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16:64bit: - DPF: {3234EB1E-733E-4E6A-A8AB-EBB6287E5A7E} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel64_4.4.24.0.cab (SysInfo Class)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab (Geräteerkennung)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9FD74E34-2CC1-4999-9613-B3C43CD4657C}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.30 12:07:49 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.09.30 09:40:32 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012.09.29 21:00:32 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.09.29 21:00:32 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.09.29 21:00:32 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.09.29 20:57:24 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.09.29 20:56:44 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.09.29 10:47:31 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012.09.26 17:27:06 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Trojaner Board
[2012.09.26 07:27:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.26 07:27:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.09.25 09:38:46 | 000,000,000 | ---D | C] -- C:\GDSupport
[2012.09.21 20:08:44 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.09.21 20:08:44 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.09.21 20:08:43 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.09.21 20:08:42 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.09.21 20:08:42 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.09.21 20:08:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.09.21 20:08:42 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.09.21 20:08:42 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.09.21 20:08:41 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.09.21 20:08:41 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.09.21 20:08:41 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.09.21 20:08:41 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.09.21 20:08:40 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.09.21 20:08:40 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.09.21 20:08:39 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.09.21 07:29:19 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rndismpx.sys
[2012.09.21 07:29:19 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012.09.21 07:29:18 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012.09.21 07:29:17 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012.09.21 07:29:17 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012.09.15 14:11:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LSoft Technologies
[2012.09.15 14:11:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ ISO Burner
[2012.09.04 16:33:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2012.09.04 16:32:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2012.09.04 16:24:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2012.09.04 16:24:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.09.04 16:24:05 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.08.31 18:43:15 | 000,157,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012.08.31 18:43:15 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012.08.31 18:43:15 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.30 13:56:39 | 000,011,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.30 13:56:39 | 000,011,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.30 13:53:53 | 001,507,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.30 13:53:53 | 000,657,650 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.09.30 13:53:53 | 000,618,936 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.30 13:53:53 | 000,131,040 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.09.30 13:53:53 | 000,107,256 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.30 13:49:18 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.30 13:49:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.30 13:49:02 | 529,928,191 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.30 13:21:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.30 11:34:41 | 000,811,261 | ---- | M] () -- C:\Windows\SysWow64\sig.bin
[2012.09.30 11:34:41 | 000,044,515 | ---- | M] () -- C:\Windows\SysWow64\nmp.map
[2012.09.30 10:02:08 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.09.26 17:28:43 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable
[2012.09.26 15:35:27 | 000,002,486 | ---- | M] () -- C:\Users\***\Desktop\Google Chrome.lnk
[2012.09.26 07:27:50 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.09.04 16:33:29 | 000,002,053 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2012.09.03 16:46:32 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
 
========== Files Created - No Company Name ==========
 
[2012.09.29 21:00:32 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.09.29 21:00:32 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.09.29 21:00:32 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.09.29 21:00:32 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.09.29 21:00:32 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.09.26 17:28:43 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable
[2012.09.26 07:27:50 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.04 16:33:29 | 000,002,053 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2012.09.03 16:46:32 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2012.05.23 18:49:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.03.07 08:13:38 | 000,000,272 | ---- | C] () -- C:\Users\***\AppData\Roaming\default.rss
[2012.01.18 07:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012.01.18 07:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012.01.18 07:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011.12.23 21:58:24 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.12.23 21:58:24 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.12.23 21:58:24 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.12.23 21:58:24 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.11.02 19:28:39 | 000,037,066 | ---- | C] () -- C:\Users\***\AppData\Roaming\Kommagetrennte Werte (DOS).ADR
[2011.07.16 20:39:05 | 000,021,182 | ---- | C] () -- C:\Users\***\AppData\Roaming\Kommagetrennte Werte (DOS).EML
[2011.07.16 14:13:24 | 000,811,261 | ---- | C] () -- C:\Windows\SysWow64\sig.bin
[2011.06.21 20:05:57 | 000,000,022 | ---- | C] () -- C:\Windows\cmm.dat
[2011.04.07 18:16:01 | 000,004,096 | -H-- | C] () -- C:\Users\***\AppData\Local\keyfile3.drm
[2011.02.08 16:42:42 | 001,040,384 | ---- | C] ( ) -- C:\Windows\SysWow64\LMabserv.dll
[2011.02.08 16:42:40 | 000,372,736 | ---- | C] ( ) -- C:\Windows\SysWow64\LMabcomm.dll
[2011.02.08 16:42:40 | 000,356,352 | ---- | C] ( ) -- C:\Windows\SysWow64\LMabhcp.dll
[2011.02.08 16:42:39 | 000,802,816 | ---- | C] ( ) -- C:\Windows\SysWow64\LMabcomc.dll
[2011.02.08 16:42:39 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\LMabprox.dll
[2011.01.29 18:07:29 | 000,148,996 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010.12.11 17:11:15 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.08.19 13:35:23 | 000,012,968 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft Excel.CAL
[2010.08.19 13:32:31 | 000,038,436 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft Excel.ADR
[2010.08.19 07:43:02 | 000,027,243 | ---- | C] () -- C:\Users\***\AppData\Roaming\Persönliches Adressbuch.ADR
[2010.08.17 08:06:54 | 000,012,994 | ---- | C] () -- C:\Users\***\AppData\Roaming\Kommagetrennte Werte (Windows).CAL
[2010.08.17 07:45:23 | 000,038,462 | ---- | C] () -- C:\Users\***\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
[2009.12.24 10:59:54 | 000,006,656 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.11 08:44:41 | 000,000,123 | -HS- | C] () -- C:\ProgramData\.zreglib
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Custom Scans ==========
 
< HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Telephony\Providers >
"ProviderID0" = 1
"ProviderID1" = 2
"ProviderID2" = 3
"ProviderID3" = 4
"NextProviderID" = 5
"ProviderFileName0" = unimdm.tsp -- [2010.11.20 14:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation)
"ProviderFileName1" = kmddsp.tsp -- [2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation)
"ProviderFileName2" = ndptsp.tsp -- [2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation)
"ProviderFileName3" = hidphone.tsp -- [2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation)
"NumProviders" = 4
 
< HKEY_LOCAL_MACHINE\software\Wow6432Node\microsoft\Windows\CurrentVersion\Telephony\Providers >
"ProviderID0" = 1
"ProviderID1" = 2
"ProviderID2" = 3
"ProviderID3" = 4
"NextProviderID" = 5
"ProviderFileName0" = unimdm.tsp -- [2010.11.20 14:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation)
"ProviderFileName1" = kmddsp.tsp -- [2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation)
"ProviderFileName2" = ndptsp.tsp -- [2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation)
"ProviderFileName3" = hidphone.tsp -- [2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation)
"NumProviders" = 4
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters >
"ServiceDll" = %SystemRoot%\System32\wkssvc.dll
"ServiceDllUnloadOnStop" = 1
"EnablePlainTextPassword" = 0
"EnableSecuritySignature" = 1
"RequireSecuritySignature" = 0
"OtherDomains" =  [binary data]
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters >
"ServiceDll" = %SystemRoot%\System32\dnsrslvr.dll
 
< HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost >
"netsvcs" = AeLookupSvcCertPropSvcSCPolicySv [Binary data over 200 bytes]
"LocalService" = RemoteRegistryWinHttpAutoProxySvc [Binary data over 200 bytes]
"LocalSystemNetworkRestricted" = NetmanAudioEndpointBuilderdot3sv [Binary data over 200 bytes]
"LocalServiceNoNetwork" = PLA [binary data] -- [2010.11.20 14:20:54 | 001,508,864 | ---- | M] (Microsoft Corporation)
"rpcss" = RpcSs [binary data]
"LocalServiceNetworkRestricted" = AudioSrvBthHFSrvLmHostswscsvcWPCSvc [binary data]
"LocalServiceAndNoImpersonation" = SSDPSRVupnphostSCardSvrTBSQWAVEwcncsvc [binary data]
"DcomLaunch" = PowerPlugPlayDcomLaunch [binary data]
"NetworkService" = CryptSvcDHCPTermServiceDNSCache [Binary data over 200 bytes]
"imgsvc" = StiSvc [binary data]
"wcssvc" = WcsPlugInService [binary data] -- [2009.07.14 03:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation)
"Update-Service-Installer-Service" = Update-Service-Installer-Service [binary data]
"Update-Service" = Update-Service [binary data]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalService]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceAndNoImpersonation]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceNetworkRestricted]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceNoNetwork]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalSystemNetworkRestricted]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\netsvcs]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkService]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopHyperVAgent]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopPublishing]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\termsvcs]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\wcssvc]
 
< HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost >
"netsvcs" = AeLookupSvcCertPropSvcSCPolicySv [Binary data over 200 bytes]
"LocalService" = RemoteRegistryWinHttpAutoProxySvc [Binary data over 200 bytes]
"LocalSystemNetworkRestricted" = NetmanAudioEndpointBuilderdot3sv [Binary data over 200 bytes]
"LocalServiceNoNetwork" = PLA [binary data] -- [2010.11.20 14:20:54 | 001,508,864 | ---- | M] (Microsoft Corporation)
"rpcss" = RpcSs [binary data]
"LocalServiceNetworkRestricted" = AudioSrvBthHFSrvLmHostswscsvcWPCSvc [binary data]
"LocalServiceAndNoImpersonation" = SSDPSRVupnphostSCardSvrTBSQWAVEwcncsvc [binary data]
"DcomLaunch" = PowerPlugPlayDcomLaunch [binary data]
"NetworkService" = CryptSvcDHCPTermServiceDNSCache [Binary data over 200 bytes]
"imgsvc" = StiSvc [binary data]
"wcssvc" = WcsPlugInService [binary data] -- [2009.07.14 03:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation)
"Update-Service-Installer-Service" = Update-Service-Installer-Service [binary data]
"Update-Service" = Update-Service [binary data]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalService]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalServiceAndNoImpersonation]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalServiceNetworkRestricted]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalServiceNoNetwork]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalSystemNetworkRestricted]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\netsvcs]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\NetworkService]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopHyperVAgent]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopPublishing]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\termsvcs]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\wcssvc]
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Joosoft.com >
 
< %SystemRoot%\system32\*.tsp >
[2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.20 14:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
 
< %SystemRoot%\system32\*.tsp /64 >
[2009.07.14 03:38:54 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\hidphone.tsp
[2012.01.18 17:02:17 | 001,418,240 | ---- | M] (IntTele) -- C:\Windows\SysNative\inttx1j6s.tsp
[2009.07.14 03:38:54 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kmddsp.tsp
[2009.07.14 03:38:54 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ndptsp.tsp
[2009.07.14 03:38:54 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\remotesp.tsp
[2010.11.20 15:24:24 | 000,321,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\unimdm.tsp
 
< C:\Windows\system32\*.dll /360 >
[2012.07.04 23:14:34 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\browcli.dll
[2012.06.06 07:03:06 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cdosys.dll
[2011.12.23 21:58:24 | 000,974,848 | ---- | M] () -- C:\Windows\system32\cis-2.4.dll
[2012.04.24 06:36:42 | 001,158,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\crypt32.dll
[2012.04.24 06:36:42 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptnet.dll
[2012.04.24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptsvc.dll
[2012.08.02 18:57:20 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10level9.dll
[2012.08.28 20:24:53 | 000,473,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\system32\deployJava1.dll
[2012.01.18 07:44:00 | 000,336,408 | ---- | M] () -- C:\Windows\system32\DevManagerCore.dll
[2012.05.23 18:49:30 | 000,821,824 | ---- | M] (Devguru Co., Ltd.) -- C:\Windows\system32\dgderapi.dll
[2012.03.03 07:31:19 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DWrite.dll
[2011.10.15 07:38:59 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\EncDec.dll
[2012.08.24 09:03:49 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieframe.dll
[2012.08.24 08:44:35 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iertutil.dll
[2012.08.24 08:40:11 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieui.dll
[2012.03.01 07:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imagehlp.dll
[2011.12.23 21:58:24 | 000,081,920 | ---- | M] () -- C:\Windows\system32\issacapi_bs-2.3.dll
[2011.12.23 21:58:24 | 000,065,536 | ---- | M] () -- C:\Windows\system32\issacapi_pe-2.3.dll
[2011.12.23 21:58:24 | 000,057,344 | ---- | M] () -- C:\Windows\system32\issacapi_se-2.3.dll
[2012.08.24 08:47:36 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript.dll
[2012.08.24 08:59:17 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9.dll
[2012.08.24 08:48:38 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsproxy.dll
[2012.01.18 07:44:00 | 010,920,984 | ---- | M] () -- C:\Windows\system32\LogiDPP.dll
[2012.01.18 07:44:26 | 000,307,488 | ---- | M] (Logitech Inc.) -- C:\Windows\system32\lvcodec2.dll
[2012.01.18 07:44:40 | 000,545,056 | ---- | M] (Logitech Inc.) -- C:\Windows\system32\LVUI2.dll
[2012.01.18 07:44:52 | 000,540,960 | ---- | M] (Logitech Inc.) -- C:\Windows\system32\LVUI2RC.dll
[2011.12.23 21:58:24 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\Windows\system32\MACXMLProto.dll
[2011.12.23 21:58:24 | 000,118,784 | ---- | M] ((주)마크애니) -- C:\Windows\system32\MaDRM.dll
[2011.12.23 21:58:24 | 000,049,152 | ---- | M] ((주) 마크애니) -- C:\Windows\system32\MaJGUILib.dll
[2012.05.23 18:49:32 | 000,045,320 | ---- | M] (MARKANY) -- C:\Windows\system32\MAMACExtract.dll
[2011.12.23 21:58:24 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\Windows\system32\MaXMLProto.dll
[2012.03.06 15:43:14 | 004,421,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfc100u.dll
[2012.03.06 15:43:14 | 000,080,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfcm100u.dll
[2011.12.23 21:58:24 | 000,057,344 | ---- | M] (Marktek) -- C:\Windows\system32\MK_Lyric.dll
[2011.12.23 21:58:24 | 000,245,760 | ---- | M] (Teruten Inc.) -- C:\Windows\system32\MSCLib.dll
[2012.08.24 08:45:46 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeeds.dll
[2011.12.23 21:58:24 | 000,155,648 | ---- | M] (Teruten Inc.) -- C:\Windows\system32\MSFLib.dll
[2012.08.24 09:27:00 | 012,319,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.dll
[2012.08.24 08:44:10 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmled.dll
[2012.04.07 13:26:29 | 002,342,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msi.dll
[2011.12.23 21:58:24 | 000,352,256 | ---- | M] (Sample Corporation) -- C:\Windows\system32\MSLUR71.dll
[2011.12.16 09:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcrt.dll
[2012.06.06 07:05:52 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml3.dll
[2012.06.25 16:04:24 | 001,394,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml4.dll
[2012.06.06 07:05:52 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml6.dll
[2011.12.23 21:58:24 | 000,040,960 | ---- | M] (Telechips Inc.,) -- C:\Windows\system32\MTTELECHIP.dll
[2011.12.23 21:58:24 | 000,057,344 | ---- | M] (Marktek Inc.) -- C:\Windows\system32\MTXSYNCICON.dll
[2011.12.23 21:58:24 | 000,135,168 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\system32\muzaf1.dll
[2011.12.23 21:58:24 | 000,491,520 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\system32\muzapp.dll
[2011.12.23 21:58:24 | 000,200,704 | ---- | M] ( (c) MusicCity) -- C:\Windows\system32\muzwmts.dll
[2012.06.02 06:39:10 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ncrypt.dll
[2012.07.04 23:16:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netapi32.dll
[2012.04.18 13:49:50 | 000,405,176 | ---- | M] (Newtonsoft) -- C:\Windows\system32\Newtonsoft.Json.Net20.dll
[2012.08.28 20:24:56 | 000,477,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\system32\npdeployJava1.dll
[2011.11.17 07:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntdll.dll
[2012.01.04 10:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntshrui.dll
[2011.11.19 16:01:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\packager.dll
[2012.05.04 11:59:54 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\qdvd.dll
[2012.03.22 13:43:58 | 002,557,952 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- C:\Windows\system32\QtCore4.dll
[2011.10.26 06:32:11 | 001,328,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\quartz.dll
[2012.02.17 07:34:22 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdpcore.dll
[2012.05.23 18:50:06 | 004,659,712 | ---- | M] (Dmitry Streblechenko) -- C:\Windows\system32\Redemption.dll
[2012.06.02 06:40:39 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\schannel.dll
[2012.06.02 06:40:42 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secur32.dll
[2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shell32.dll
[2012.05.05 09:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\srclient.dll
[2012.06.02 06:34:09 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sspicli.dll
[2011.11.05 06:26:03 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tzres.dll
[2012.08.24 08:49:57 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\url.dll
[2012.08.24 08:51:50 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\urlmon.dll
[2012.08.24 08:47:12 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vbscript.dll
[2011.11.17 07:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webio.dll
[2012.02.11 07:43:49 | 000,492,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\win32spl.dll
[2012.08.24 08:51:27 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininet.dll
[2012.03.01 07:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wintrust.dll
[2012.03.01 07:29:16 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmi.dll
 
< C:\Windows\SysNative\*.dll /360 >
[2011.10.26 11:42:04 | 000,840,312 | ---- | M] (Intel(R) Corporation) -- C:\Windows\SysNative\accesor.dll
[2012.07.05 00:13:27 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.07.05 00:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browser.dll
[2011.11.01 11:07:24 | 000,166,912 | ---- | M] (Nokia) -- C:\Windows\SysNative\ccdcmbwux64.dll
[2012.06.06 08:02:54 | 001,133,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.04.24 07:37:36 | 001,462,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.04.24 07:37:37 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.04.24 07:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptsvc.dll
[2011.10.26 07:21:20 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012.08.02 19:58:52 | 000,574,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012.01.18 07:44:00 | 000,336,408 | ---- | M] () -- C:\Windows\SysNative\DevManagerCore.dll
[2012.03.03 08:35:38 | 001,544,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011.10.15 08:31:56 | 000,723,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012.08.24 12:39:42 | 010,925,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieframe.dll
[2012.08.24 12:12:04 | 002,144,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2012.08.24 12:04:06 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.03.01 08:33:50 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012.08.24 12:14:34 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.08.24 12:31:32 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.08.24 12:17:03 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsproxy.dll
[2012.05.14 07:26:34 | 000,956,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.01.18 07:44:00 | 010,920,984 | ---- | M] () -- C:\Windows\SysNative\LogiDPP.dll
[2011.11.17 08:35:19 | 001,447,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.01.18 07:44:26 | 000,263,456 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\lvco13311044.dll
[2012.01.18 07:44:26 | 000,176,416 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\lvcod64.dll
[2012.01.18 07:44:28 | 000,769,312 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\LVUI64.dll
[2012.01.18 07:44:36 | 000,561,440 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\LVUIRC64.dll
[2012.08.24 12:11:57 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.08.24 13:15:45 | 017,810,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.dll
[2012.08.24 12:10:14 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.04.07 14:31:40 | 003,216,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2011.12.16 10:46:06 | 000,634,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012.06.06 08:06:16 | 001,881,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3.dll
[2012.06.06 08:06:16 | 002,004,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6.dll
[2012.06.02 07:44:21 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2011.10.26 11:42:06 | 000,859,256 | ---- | M] (Intel(R) Corporation) -- C:\Windows\SysNative\ncs2dmix.dll
[2011.10.26 11:00:28 | 000,228,472 | ---- | M] (Intel(R) Corporation) -- C:\Windows\SysNative\ncs2instutility.dll
[2011.10.25 12:04:50 | 000,240,128 | ---- | M] (Intel(R) Corporation) -- C:\Windows\SysNative\Ncs2Setp.dll
[2011.10.26 10:31:16 | 002,859,128 | ---- | M] (Intel(R) Corporation) -- C:\Windows\SysNative\ncscolib.dll
[2012.07.05 00:16:43 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.01.09 17:28:20 | 000,057,856 | ---- | M] (Nokia) -- C:\Windows\SysNative\nmwcdclsX64.dll
[2011.11.01 11:07:26 | 000,640,000 | ---- | M] (Nokia) -- C:\Windows\SysNative\nmwcdcoclsx64.dll
[2011.11.17 08:41:18 | 001,731,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.01.04 12:44:20 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2011.11.19 16:58:00 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.05.01 07:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\profsvc.dll
[2012.05.04 13:00:43 | 000,366,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2011.10.26 07:25:16 | 001,572,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.02.17 08:38:26 | 001,031,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012.04.26 07:41:55 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.04.26 07:41:56 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.06.02 07:45:31 | 000,340,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\schannel.dll
[2011.11.17 08:35:25 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\shell32.dll
[2012.05.05 10:36:55 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2011.11.17 08:35:26 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2011.11.17 08:35:26 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2011.11.05 07:32:50 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tzres.dll
[2012.08.24 12:18:46 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.08.24 12:22:46 | 001,346,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\urlmon.dll
[2012.08.24 12:13:29 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.12.08 06:22:28 | 001,917,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01005.dll
[2011.11.17 08:35:28 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012.02.11 08:43:47 | 000,751,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.08.24 12:21:18 | 001,392,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2012.03.01 08:38:27 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.03.01 08:28:47 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmi.dll
[2012.06.03 00:19:23 | 000,701,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.06.03 00:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuaueng.dll
[2012.06.03 00:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.04.22 13:51:40 | 002,152,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFUpdate_01009.dll
[2012.06.03 00:15:08 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.06.03 00:19:46 | 000,038,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.06.03 00:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.06.02 15:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
 
< C:\Windows\SysWOW64\*.dll /360 >
[2012.07.04 23:14:34 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\browcli.dll
[2012.06.06 07:03:06 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cdosys.dll
[2011.12.23 21:58:24 | 000,974,848 | ---- | M] () -- C:\Windows\SysWOW64\cis-2.4.dll
[2012.04.24 06:36:42 | 001,158,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
[2012.04.24 06:36:42 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
[2012.04.24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsvc.dll
[2012.08.02 18:57:20 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10level9.dll
[2012.08.28 20:24:53 | 000,473,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWOW64\deployJava1.dll
[2012.01.18 07:44:00 | 000,336,408 | ---- | M] () -- C:\Windows\SysWOW64\DevManagerCore.dll
[2012.05.23 18:49:30 | 000,821,824 | ---- | M] (Devguru Co., Ltd.) -- C:\Windows\SysWOW64\dgderapi.dll
[2012.03.03 07:31:19 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
[2011.10.15 07:38:59 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EncDec.dll
[2012.08.24 09:03:49 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
[2012.08.24 08:44:35 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
[2012.08.24 08:40:11 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieui.dll
[2012.03.01 07:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
[2011.12.23 21:58:24 | 000,081,920 | ---- | M] () -- C:\Windows\SysWOW64\issacapi_bs-2.3.dll
[2011.12.23 21:58:24 | 000,065,536 | ---- | M] () -- C:\Windows\SysWOW64\issacapi_pe-2.3.dll
[2011.12.23 21:58:24 | 000,057,344 | ---- | M] () -- C:\Windows\SysWOW64\issacapi_se-2.3.dll
[2012.08.24 08:47:36 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript.dll
[2012.08.24 08:59:17 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll
[2012.08.24 08:48:38 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jsproxy.dll
[2012.01.18 07:44:00 | 010,920,984 | ---- | M] () -- C:\Windows\SysWOW64\LogiDPP.dll
[2012.01.18 07:44:26 | 000,307,488 | ---- | M] (Logitech Inc.) -- C:\Windows\SysWOW64\lvcodec2.dll
[2012.01.18 07:44:40 | 000,545,056 | ---- | M] (Logitech Inc.) -- C:\Windows\SysWOW64\LVUI2.dll
[2012.01.18 07:44:52 | 000,540,960 | ---- | M] (Logitech Inc.) -- C:\Windows\SysWOW64\LVUI2RC.dll
[2011.12.23 21:58:24 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\Windows\SysWOW64\MACXMLProto.dll
[2011.12.23 21:58:24 | 000,118,784 | ---- | M] ((주)마크애니) -- C:\Windows\SysWOW64\MaDRM.dll
[2011.12.23 21:58:24 | 000,049,152 | ---- | M] ((주) 마크애니) -- C:\Windows\SysWOW64\MaJGUILib.dll
[2012.05.23 18:49:32 | 000,045,320 | ---- | M] (MARKANY) -- C:\Windows\SysWOW64\MAMACExtract.dll
[2011.12.23 21:58:24 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\Windows\SysWOW64\MaXMLProto.dll
[2012.03.06 15:43:14 | 004,421,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc100u.dll
[2012.03.06 15:43:14 | 000,080,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfcm100u.dll
[2011.12.23 21:58:24 | 000,057,344 | ---- | M] (Marktek) -- C:\Windows\SysWOW64\MK_Lyric.dll
[2011.12.23 21:58:24 | 000,245,760 | ---- | M] (Teruten Inc.) -- C:\Windows\SysWOW64\MSCLib.dll
[2012.08.24 08:45:46 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msfeeds.dll
[2011.12.23 21:58:24 | 000,155,648 | ---- | M] (Teruten Inc.) -- C:\Windows\SysWOW64\MSFLib.dll
[2012.08.24 09:27:00 | 012,319,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
[2012.08.24 08:44:10 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtmled.dll
[2012.04.07 13:26:29 | 002,342,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
[2011.12.23 21:58:24 | 000,352,256 | ---- | M] (Sample Corporation) -- C:\Windows\SysWOW64\MSLUR71.dll
[2011.12.16 09:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
[2012.06.06 07:05:52 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
[2012.06.25 16:04:24 | 001,394,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml4.dll
[2012.06.06 07:05:52 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll
[2011.12.23 21:58:24 | 000,040,960 | ---- | M] (Telechips Inc.,) -- C:\Windows\SysWOW64\MTTELECHIP.dll
[2011.12.23 21:58:24 | 000,057,344 | ---- | M] (Marktek Inc.) -- C:\Windows\SysWOW64\MTXSYNCICON.dll
[2011.12.23 21:58:24 | 000,135,168 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\SysWOW64\muzaf1.dll
[2011.12.23 21:58:24 | 000,491,520 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\SysWOW64\muzapp.dll
[2011.12.23 21:58:24 | 000,200,704 | ---- | M] ( (c) MusicCity) -- C:\Windows\SysWOW64\muzwmts.dll
[2012.06.02 06:39:10 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
[2012.07.04 23:16:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
[2012.04.18 13:49:50 | 000,405,176 | ---- | M] (Newtonsoft) -- C:\Windows\SysWOW64\Newtonsoft.Json.Net20.dll
[2012.08.28 20:24:56 | 000,477,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWOW64\npdeployJava1.dll
[2011.11.17 07:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
[2012.01.04 10:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
[2011.11.19 16:01:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\packager.dll
[2012.05.04 11:59:54 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\qdvd.dll
[2012.03.22 13:43:58 | 002,557,952 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- C:\Windows\SysWOW64\QtCore4.dll
[2011.10.26 06:32:11 | 001,328,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\quartz.dll
[2012.02.17 07:34:22 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rdpcore.dll
[2012.05.23 18:50:06 | 004,659,712 | ---- | M] (Dmitry Streblechenko) -- C:\Windows\SysWOW64\Redemption.dll
[2012.06.02 06:40:39 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
[2012.06.02 06:40:42 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
[2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
[2012.05.05 09:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
[2012.06.02 06:34:09 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
[2011.11.05 06:26:03 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\tzres.dll
[2012.08.24 08:49:57 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\url.dll
[2012.08.24 08:51:50 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
[2012.08.24 08:47:12 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vbscript.dll
[2011.11.17 07:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
[2012.02.11 07:43:49 | 000,492,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\win32spl.dll
[2012.08.24 08:51:27 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
[2012.03.01 07:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
[2012.03.01 07:29:16 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmi.dll
 
========== Files - Unicode (All) ==========
[2011.02.10 19:29:10 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms
[2011.02.10 19:29:10 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G??) -- C:\Windows\SysWow64\洴G婄
[2011.02.10 19:29:10 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G??) -- C:\Windows\SysWow64\洴G婄
[2011.02.10 19:29:10 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G??{5af60c91-3524-11e0-95de-00016c6b8e33}.TM.blf) -- C:\Windows\SysWow64\洴G婄{5af60c91-3524-11e0-95de-00016c6b8e33}.TM.blf
[2011.02.10 19:29:10 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G??{5af60c8d-3524-11e0-95de-00016c6b8e33}.TM.blf) -- C:\Windows\SysWow64\洴G婄{5af60c8d-3524-11e0-95de-00016c6b8e33}.TM.blf
[2011.02.10 19:29:10 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G??{5af60c91-3524-11e0-95de-00016c6b8e33}.TM.blf) -- C:\Windows\SysWow64\洴G婄{5af60c91-3524-11e0-95de-00016c6b8e33}.TM.blf
[2011.02.10 19:29:10 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G??{5af60c8d-3524-11e0-95de-00016c6b8e33}.TM.blf) -- C:\Windows\SysWow64\洴G婄{5af60c8d-3524-11e0-95de-00016c6b8e33}.TM.blf
[2011.02.10 19:29:10 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G??.LOG1) -- C:\Windows\SysWow64\洴G婄.LOG1
[2011.02.10 19:29:10 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G??.LOG1) -- C:\Windows\SysWow64\洴G婄.LOG1
[2011.02.10 19:29:10 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G??.LOG2) -- C:\Windows\SysWow64\洴G婄.LOG2
[2011.02.10 19:29:10 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G??.LOG2) -- C:\Windows\SysWow64\洴G婄.LOG2
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 143 bytes -> C:\Users\***\AppData\Roaming\Kommagetrennte Werte (DOS).EML:OECustomProperty

< End of report >
         
--- --- ---

Alt 30.09.2012, 13:24   #20
schrauber
/// the machine
/// TB-Ausbilder
 

Ich kann die Internetseite von Kabel Deutschland nicht öffnen - Standard

Ich kann die Internetseite von Kabel Deutschland nicht öffnen



Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:
ATTFilter
:files
C:\Windows\SysNative\inttx1j6s.tsp

:reg
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
"Update-Service-Installer-Service"=-
"Update-Service"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
"Update-Service-Installer-Service"=-
"Update-Service"=-

:Commands
[emptytemp]
         
  • und füge es hier ein:
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Klick auf .
  • OTL verlangt einen Neustart. Bitte zulassen.
  • Nach dem Neustart findest Du ein Textdokument.

Nochmal neues OTL Log mit dem gleichen Custom Scan wie eben bitte.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 30.09.2012, 15:43   #21
astralie
 
Ich kann die Internetseite von Kabel Deutschland nicht öffnen - Standard

Ich kann die Internetseite von Kabel Deutschland nicht öffnen



So, dann bin ich wieder...alles erledigt.
Hier die Log-Files:

All processes killed
========== FILES ==========
C:\Windows\SysNative\inttx1j6s.tsp moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\\Update-Service-Installer-Service deleted successfully.
Registry value HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\\Update-Service deleted successfully.
Registry value HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\\Update-Service-Installer-Service not found.
Registry value HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\\Update-Service not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: ***
->Temp folder emptied: 569909 bytes
->Temporary Internet Files folder emptied: 9907637 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 5939706 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 506 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1216 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 16,00 mb


OTL by OldTimer - Version 3.2.68.0 log created on 09302012_143055

Files\Folders moved on Reboot...
C:\Users\***\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1NIMWMPB\124666-internetseite-kabel-deutschland-oeffnen-2[1].htm moved successfully.
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
File move failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
File\Folder C:\Windows\temp\JET4DC1.tmp not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

...und die OTL.txtOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 30.09.2012 14:39:02 - Run 6
OTL by OldTimer - Version 3.2.68.0     Folder = C:\Users\***\Desktop\Trojaner Board\1. Mail
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,99 Gb Total Physical Memory | 4,09 Gb Available Physical Memory | 68,21% Memory free
11,98 Gb Paging File | 9,75 Gb Available in Paging File | 81,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457,96 Gb Total Space | 372,24 Gb Free Space | 81,28% Space Free | Partition Type: NTFS
Drive H: | 457,93 Gb Total Space | 351,73 Gb Free Space | 76,81% Space Free | Partition Type: NTFS
Drive J: | 298,09 Gb Total Space | 50,66 Gb Free Space | 16,99% Space Free | Partition Type: NTFS
 
Computer Name: PC-BÜRO | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.26 17:30:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\Trojaner Board\1. Mail\OTL.exe
PRC - [2012.09.10 10:17:48 | 000,436,728 | ---- | M] (TomTom) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.08.03 16:06:06 | 001,086,376 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
PRC - [2012.08.01 16:07:16 | 000,724,888 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.08.01 16:07:00 | 000,126,872 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2012.08.01 16:06:58 | 000,148,888 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2012.07.16 06:24:06 | 000,021,432 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.07.16 06:23:56 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012.07.16 06:23:56 | 000,975,800 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2012.04.05 15:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2012.03.13 12:01:14 | 001,609,208 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
PRC - [2012.03.09 16:31:26 | 000,306,184 | ---- | M] (G Data Software) -- C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe
PRC - [2012.02.02 12:21:36 | 001,524,728 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe
PRC - [2012.01.27 15:01:06 | 000,471,048 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe
PRC - [2012.01.27 05:18:28 | 000,985,080 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
PRC - [2012.01.27 05:13:02 | 001,470,968 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
PRC - [2012.01.27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe
PRC - [2012.01.18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011.05.11 17:55:12 | 000,512,000 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung Networking Wizard\ICM_Updater.exe
PRC - [2009.09.23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009.09.06 12:18:00 | 000,582,312 | ---- | M] ( ) -- C:\Programme\Lexmark\ErrorApp\LMab1err.EXE
PRC - [2009.02.03 14:53:00 | 001,155,072 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2008.12.24 17:34:12 | 000,288,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
PRC - [2008.12.24 17:34:10 | 000,058,664 | ---- | M] () -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSMonitorService.exe
PRC - [2008.12.18 13:51:34 | 000,075,048 | ---- | M] () -- C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2008.12.04 13:00:26 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.12.04 13:00:20 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.09.30 14:35:58 | 000,115,137 | ---- | M] () -- C:\Users\***\AppData\Local\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll
MOD - [2012.09.10 10:17:56 | 000,025,592 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\DeviceDetection.dll
MOD - [2012.09.10 10:17:52 | 000,254,968 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterProxy.dll
MOD - [2012.09.10 10:17:50 | 000,073,720 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterBase.dll
MOD - [2012.08.03 16:07:06 | 000,276,392 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
MOD - [2012.08.03 16:06:50 | 002,652,584 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
MOD - [2012.08.03 16:06:50 | 000,363,944 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
MOD - [2012.08.03 16:06:48 | 011,166,120 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
MOD - [2012.08.03 16:06:46 | 000,205,736 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
MOD - [2012.08.03 16:06:44 | 001,346,472 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
MOD - [2012.08.03 16:06:44 | 000,720,296 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
MOD - [2012.08.03 16:06:42 | 008,506,792 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
MOD - [2012.08.03 16:06:42 | 001,013,672 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
MOD - [2012.08.03 16:06:42 | 000,520,104 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
MOD - [2012.08.03 16:06:40 | 002,480,552 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
MOD - [2012.08.03 16:06:40 | 002,353,576 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
MOD - [2012.08.03 16:06:36 | 000,445,864 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
MOD - [2012.08.03 16:06:32 | 000,206,760 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\Imageformats\qjpeg4.dll
MOD - [2012.08.03 16:06:32 | 000,035,240 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\Imageformats\qico4.dll
MOD - [2012.08.03 16:06:30 | 000,032,680 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\Imageformats\qgif4.dll
MOD - [2012.08.03 16:06:02 | 000,437,672 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
MOD - [2012.08.03 16:05:24 | 000,604,072 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
MOD - [2012.07.16 06:24:06 | 000,021,432 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012.07.02 11:29:08 | 000,391,600 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
MOD - [2012.07.02 11:29:08 | 000,059,280 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
MOD - [2012.07.02 11:28:20 | 000,110,080 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll
MOD - [2012.06.16 09:51:51 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll
MOD - [2012.06.15 09:11:51 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll
MOD - [2012.06.15 09:11:40 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll
MOD - [2012.06.15 09:11:38 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll
MOD - [2012.06.15 09:11:32 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll
MOD - [2012.06.15 09:11:31 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll
MOD - [2012.05.09 21:11:05 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll
MOD - [2012.05.09 21:10:00 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\31fab24c51c0cfe8b8115f24545f169f\System.Runtime.Remoting.ni.dll
MOD - [2012.05.09 21:09:54 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll
MOD - [2012.05.09 21:02:55 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll
MOD - [2012.05.09 21:00:49 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll
MOD - [2012.05.09 21:00:46 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll
MOD - [2012.05.09 21:00:44 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll
MOD - [2012.05.09 21:00:43 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll
MOD - [2012.05.09 21:00:38 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2011.09.26 18:15:38 | 000,178,344 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R)
SRV:64bit: - [2009.09.06 12:18:00 | 001,044,992 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\LMabcoms.exe -- (lmab_device)
SRV:64bit: - [2009.07.02 14:16:04 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.08.01 16:07:16 | 000,724,888 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.07.17 23:14:05 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.04.05 15:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV - [2012.03.13 12:01:14 | 001,609,208 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe -- (GDBackupSvc)
SRV - [2012.03.09 16:31:26 | 000,306,184 | ---- | M] (G Data Software) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe -- (TSNxGService)
SRV - [2012.03.08 12:59:20 | 001,218,040 | ---- | M] (G Data Software AG) [On_Demand | Stopped] -- C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe -- (GDTunerSvc)
SRV - [2012.02.02 12:21:36 | 001,524,728 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2012.01.27 15:01:06 | 000,471,048 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe -- (GDScan)
SRV - [2012.01.27 05:07:28 | 001,765,352 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe -- (GDFwSvc)
SRV - [2012.01.27 05:01:08 | 002,006,872 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlX64.exe -- (AVKWCtl)
SRV - [2012.01.27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe -- (AVKService)
SRV - [2012.01.18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011.06.17 09:34:18 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.03.18 20:06:54 | 000,204,883 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Samsung\Samsung Networking Wizard\ICM_Service.exe -- (ICM_UpdaterService)
SRV - [2011.03.03 09:24:10 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.09.23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.09.06 12:18:00 | 000,593,920 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\LMabcoms.exe -- (lmab_device)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.03 14:53:00 | 001,155,072 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2008.12.24 17:34:12 | 000,288,120 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (CyberLink Media Server Service)
SRV - [2008.12.24 17:34:10 | 000,058,664 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSMonitorService.exe -- (CyberLink Media Server Monitor Service)
SRV - [2008.12.18 13:51:34 | 000,075,048 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2008.12.04 13:00:26 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008.08.07 10:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2007.05.31 11:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 11:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.06.27 15:18:52 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.05.21 04:09:00 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012.05.21 04:09:00 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012.04.24 09:06:02 | 000,106,648 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD)
DRV:64bit: - [2012.04.24 07:33:50 | 000,098,760 | ---- | M] (G Data Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TS4nt.sys -- (TS4NT)
DRV:64bit: - [2012.04.24 07:33:49 | 000,059,768 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt)
DRV:64bit: - [2012.04.24 07:33:38 | 000,122,744 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV:64bit: - [2012.04.24 07:33:38 | 000,064,376 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre)
DRV:64bit: - [2012.04.24 07:33:38 | 000,054,136 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave)
DRV:64bit: - [2012.04.24 07:33:37 | 000,065,912 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd)
DRV:64bit: - [2012.04.18 15:05:16 | 000,019,304 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.18 07:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012.01.18 07:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2012.01.09 17:28:20 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2012.01.09 17:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012.01.09 17:28:20 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.01.09 17:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.12.08 06:22:28 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011.12.08 06:22:28 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011.12.08 06:22:28 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2011.12.08 06:22:28 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011.12.08 06:22:28 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011.11.11 18:52:06 | 000,142,944 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsflt58.sys -- (vidsflt58)
DRV:64bit: - [2011.11.06 19:30:37 | 000,132,704 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv)
DRV:64bit: - [2011.08.02 18:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.07.26 10:55:14 | 000,302,808 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y62x64.sys -- (e1yexpress)
DRV:64bit: - [2011.04.30 13:59:22 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.04.30 13:59:22 | 000,060,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.10.29 16:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.05.07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010.05.07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010.04.27 17:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010.04.27 17:57:14 | 000,036,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo)
DRV:64bit: - [2010.04.27 17:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010.04.27 15:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010.04.27 15:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2009.10.26 16:54:22 | 000,032,768 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.07.02 14:51:28 | 006,036,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.05 06:20:26 | 000,114,192 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.06.05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2008.12.02 14:01:42 | 000,068,608 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTSTOR64.sys -- (RTSTOR)
DRV:64bit: - [2008.04.10 10:20:00 | 000,028,160 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gwfilt64.sys -- (gwfilt64)
DRV:64bit: - [2008.01.30 11:48:32 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2008.01.30 11:48:16 | 000,016,384 | ---- | M] (NewTech Infosystems Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV - [2011.02.24 09:00:52 | 000,106,224 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\GRD.sys -- (GRD)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.02.28 20:40:18 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/02/01 15:45:54] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2008.09.07 18:04:44 | 000,014,632 | ---- | M] () [Kernel | On_Demand | Stopped] -- J:\TREIBER-SOFTWARE\ACER\Aspire M 7720\BIOS\Entpackt\BIOS_ACER_R01.A3_Windows_ASM7720\UCOREW64.SYS -- (UCOREW64)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=0809&m=aspire_m7720
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0AF8D5E4-7BDF-4F5A-B3A7-E63F2EE2B6D2}: "URL" = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wiki-tab_internet_std&q={searchTerms}&br=ie7-toi
IE - HKCU\..\SearchScopes\{4072E9E1-2D9A-4542-8FD3-8B33E794EE96}: "URL" = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie7-toi
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE352
IE - HKCU\..\SearchScopes\{C42B3C71-565D-43F7-8156-E2F76592E7B5}: "URL" = hxxp://rover.ebay.com/rover/1/707-1403-27640-2/4?mpre=hxxp://search.ebay.de/search/search.dll?shortcut=4&query={searchTerms}
IE - HKCU\..\SearchScopes\{CA3B96AC-D02A-4E6C-987F-AA1221BA3D14}: "URL" = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=interactivemesuche-21&index=blended&linkCode=ur2&camp=1638&creative=6742
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..extensions.enabledAddons: {906305f7-aafc-45e9-8bbd-941950a84dad}:1.1.11215.1124
FF - prefs.js..extensions.enabledAddons: testpilot@labs.mozilla.com:1.2.2
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\***\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\***\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.22 18:00:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2010.07.24 12:54:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2010.07.24 12:54:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012.09.23 12:41:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\itl8ngc3.default\extensions
[2012.05.27 09:14:43 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\itl8ngc3.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.09.23 12:41:01 | 000,621,521 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\itl8ngc3.default\extensions\testpilot@labs.mozilla.com.xpi
[2012.01.03 16:27:44 | 000,002,333 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\itl8ngc3.default\searchplugins\askcom.xml
[2012.08.31 18:43:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.08.27 08:07:39 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.04.24 07:33:49 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
[2012.07.23 16:31:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.08.31 18:43:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.07.22 18:00:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
File not found (No name found) -- C:\USERS\***©\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL8NGC3.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
[2012.07.17 23:15:12 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.17 23:52:25 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.17 23:52:25 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.17 23:52:25 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.17 23:52:26 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.17 23:52:25 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.17 23:52:25 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://search.linkury.com/
CHR - default_search_provider: Linkury Smartbar Search (Enabled)
CHR - default_search_provider: search_url = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:5731629158&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
CHR - default_search_provider: suggest_url = 
CHR - homepage: hxxp://search.linkury.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\***\u00E9\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\***\u00E9\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\***\u00E9\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Click to Call = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
CHR - Extension: Google Mail = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012.09.30 10:02:08 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (SplitButtonBHO Class) - {C0C86BBE-9509-4296-8459-FDBFDAF4B673} - C:\Programme\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [NSU_agent] C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe ()
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [LMab1err] C:\Programme\Lexmark\ErrorApp\LMab1err.EXE ( )
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\Run: [MyTomTomSA.exe] C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe (TomTom)
O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: add to &BOM - C:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta ()
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: FRITZ!Box Dial - C:\Programme\FRITZ!Box\AddOn (IE)\fb_addon_dial_ie.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: add to &BOM - C:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta ()
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: FRITZ!Box Dial - C:\Programme\FRITZ!Box\AddOn (IE)\fb_addon_dial_ie.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9:64bit: - Extra Button: FRITZ!Box AddOn - {328ECD19-C167-40eb-A0C7-16FE7634105F} - C:\Programme\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: dhl.de ([www] https in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: fritz.repeater ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Domains: kabeldeutschland.de ([www] https in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16:64bit: - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection64.cab (Geräteerkennung)
O16:64bit: - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16:64bit: - DPF: {3234EB1E-733E-4E6A-A8AB-EBB6287E5A7E} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel64_4.4.24.0.cab (SysInfo Class)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab (Geräteerkennung)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = ***
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9FD74E34-2CC1-4999-9613-B3C43CD4657C}: DhcpNameServer = ***
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.30 12:07:49 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.09.30 09:40:32 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012.09.29 21:00:32 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.09.29 21:00:32 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.09.29 21:00:32 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.09.29 20:57:24 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.09.29 20:56:44 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.09.29 10:47:31 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012.09.26 17:27:06 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Trojaner Board
[2012.09.26 07:27:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.26 07:27:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.09.25 09:38:46 | 000,000,000 | ---D | C] -- C:\GDSupport
[2012.09.21 20:08:44 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.09.21 20:08:44 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.09.21 20:08:43 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.09.21 20:08:42 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.09.21 20:08:42 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.09.21 20:08:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.09.21 20:08:42 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.09.21 20:08:42 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.09.21 20:08:41 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.09.21 20:08:41 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.09.21 20:08:41 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.09.21 20:08:41 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.09.21 20:08:40 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.09.21 20:08:40 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.09.21 20:08:39 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.09.21 07:29:19 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rndismpx.sys
[2012.09.21 07:29:19 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012.09.21 07:29:18 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012.09.21 07:29:17 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012.09.21 07:29:17 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012.09.15 14:11:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LSoft Technologies
[2012.09.15 14:11:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ ISO Burner
[2012.09.04 16:33:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2012.09.04 16:32:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2012.09.04 16:24:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2012.09.04 16:24:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.09.04 16:24:05 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.08.31 18:43:15 | 000,157,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012.08.31 18:43:15 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012.08.31 18:43:15 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.30 14:42:24 | 000,011,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.30 14:42:24 | 000,011,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.30 14:40:44 | 001,507,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.30 14:40:44 | 000,657,650 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.09.30 14:40:44 | 000,618,936 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.30 14:40:44 | 000,131,040 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.09.30 14:40:44 | 000,107,256 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.30 14:35:14 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.30 14:35:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.30 14:35:01 | 529,928,191 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.30 14:21:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.30 11:34:41 | 000,811,261 | ---- | M] () -- C:\Windows\SysWow64\sig.bin
[2012.09.30 11:34:41 | 000,044,515 | ---- | M] () -- C:\Windows\SysWow64\nmp.map
[2012.09.30 10:02:08 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.09.26 17:28:43 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable
[2012.09.26 15:35:27 | 000,002,486 | ---- | M] () -- C:\Users\***\Desktop\Google Chrome.lnk
[2012.09.26 07:27:50 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.09.04 16:33:29 | 000,002,053 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2012.09.03 16:46:32 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
 
========== Files Created - No Company Name ==========
 
[2012.09.29 21:00:32 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.09.29 21:00:32 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.09.29 21:00:32 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.09.29 21:00:32 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.09.29 21:00:32 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.09.26 17:28:43 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable
[2012.09.26 07:27:50 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.04 16:33:29 | 000,002,053 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2012.09.03 16:46:32 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2012.05.23 18:49:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.03.07 08:13:38 | 000,000,272 | ---- | C] () -- C:\Users\***\AppData\Roaming\default.rss
[2012.01.18 07:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012.01.18 07:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012.01.18 07:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011.12.23 21:58:24 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.12.23 21:58:24 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.12.23 21:58:24 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.12.23 21:58:24 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.11.02 19:28:39 | 000,037,066 | ---- | C] () -- C:\Users\***\AppData\Roaming\Kommagetrennte Werte (DOS).ADR
[2011.07.16 20:39:05 | 000,021,182 | ---- | C] () -- C:\Users\***\AppData\Roaming\Kommagetrennte Werte (DOS).EML
[2011.07.16 14:13:24 | 000,811,261 | ---- | C] () -- C:\Windows\SysWow64\sig.bin
[2011.06.21 20:05:57 | 000,000,022 | ---- | C] () -- C:\Windows\cmm.dat
[2011.04.07 18:16:01 | 000,004,096 | -H-- | C] () -- C:\Users\***\AppData\Local\keyfile3.drm
[2011.02.08 16:42:42 | 001,040,384 | ---- | C] ( ) -- C:\Windows\SysWow64\LMabserv.dll
[2011.02.08 16:42:40 | 000,372,736 | ---- | C] ( ) -- C:\Windows\SysWow64\LMabcomm.dll
[2011.02.08 16:42:40 | 000,356,352 | ---- | C] ( ) -- C:\Windows\SysWow64\LMabhcp.dll
[2011.02.08 16:42:39 | 000,802,816 | ---- | C] ( ) -- C:\Windows\SysWow64\LMabcomc.dll
[2011.02.08 16:42:39 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\LMabprox.dll
[2011.01.29 18:07:29 | 000,148,996 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010.12.11 17:11:15 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.08.19 13:35:23 | 000,012,968 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft Excel.CAL
[2010.08.19 13:32:31 | 000,038,436 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft Excel.ADR
[2010.08.19 07:43:02 | 000,027,243 | ---- | C] () -- C:\Users\***\AppData\Roaming\Persönliches Adressbuch.ADR
[2010.08.17 08:06:54 | 000,012,994 | ---- | C] () -- C:\Users\***\AppData\Roaming\Kommagetrennte Werte (Windows).CAL
[2010.08.17 07:45:23 | 000,038,462 | ---- | C] () -- C:\Users\***\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
[2009.12.24 10:59:54 | 000,006,656 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.11 08:44:41 | 000,000,123 | -HS- | C] () -- C:\ProgramData\.zreglib
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Custom Scans ==========
 
< :files >
 
< C:\Windows\SysNative\inttx1j6s.tsp >
 
<  >
 
< :reg >
 
< [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] >
 
< "Update-Service-Installer-Service"=- >
 
< "Update-Service"=- >
 
< [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] >
 
< "Update-Service-Installer-Service"=- >
 
< "Update-Service"=- >
 
<  >
 
< :Commands >
 
< [emptytemp] >
 
========== Files - Unicode (All) ==========
[2011.02.10 19:29:10 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms
[2011.02.10 19:29:10 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G??) -- C:\Windows\SysWow64\洴G婄
[2011.02.10 19:29:10 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G??) -- C:\Windows\SysWow64\洴G婄
[2011.02.10 19:29:10 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G??{5af60c91-3524-11e0-95de-00016c6b8e33}.TM.blf) -- C:\Windows\SysWow64\洴G婄{5af60c91-3524-11e0-95de-00016c6b8e33}.TM.blf
[2011.02.10 19:29:10 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G??{5af60c8d-3524-11e0-95de-00016c6b8e33}.TM.blf) -- C:\Windows\SysWow64\洴G婄{5af60c8d-3524-11e0-95de-00016c6b8e33}.TM.blf
[2011.02.10 19:29:10 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G??{5af60c91-3524-11e0-95de-00016c6b8e33}.TM.blf) -- C:\Windows\SysWow64\洴G婄{5af60c91-3524-11e0-95de-00016c6b8e33}.TM.blf
[2011.02.10 19:29:10 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G??{5af60c8d-3524-11e0-95de-00016c6b8e33}.TM.blf) -- C:\Windows\SysWow64\洴G婄{5af60c8d-3524-11e0-95de-00016c6b8e33}.TM.blf
[2011.02.10 19:29:10 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G??.LOG1) -- C:\Windows\SysWow64\洴G婄.LOG1
[2011.02.10 19:29:10 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G??.LOG1) -- C:\Windows\SysWow64\洴G婄.LOG1
[2011.02.10 19:29:10 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G??.LOG2) -- C:\Windows\SysWow64\洴G婄.LOG2
[2011.02.10 19:29:10 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G??.LOG2) -- C:\Windows\SysWow64\洴G婄.LOG2
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 143 bytes -> C:\Users\***\AppData\Roaming\Kommagetrennte Werte (DOS).EML:OECustomProperty

< End of report >
         
--- --- ---

Alt 30.09.2012, 15:59   #22
schrauber
/// the machine
/// TB-Ausbilder
 

Ich kann die Internetseite von Kabel Deutschland nicht öffnen - Standard

Ich kann die Internetseite von Kabel Deutschland nicht öffnen



Hi, Du hast als Custom Scan den letzten Fix benutzt . Du solltest aber den letzten Custom Scan benutzen.

http://www.trojaner-board.de/124666-...tml#post927076
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 30.09.2012, 16:27   #23
astralie
 
Ich kann die Internetseite von Kabel Deutschland nicht öffnen - Standard

Ich kann die Internetseite von Kabel Deutschland nicht öffnen



Sorry, vor lauter Fix und Custom war ich etwas durcheinander gekommen
Hier die korrekte Datei:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 30.09.2012 17:11:40 - Run 7
OTL by OldTimer - Version 3.2.68.0     Folder = C:\Users\***\Desktop\Trojaner Board\1. Mail
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,99 Gb Total Physical Memory | 3,99 Gb Available Physical Memory | 66,58% Memory free
11,98 Gb Paging File | 9,53 Gb Available in Paging File | 79,55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457,96 Gb Total Space | 372,22 Gb Free Space | 81,28% Space Free | Partition Type: NTFS
Drive H: | 457,93 Gb Total Space | 351,73 Gb Free Space | 76,81% Space Free | Partition Type: NTFS
Drive J: | 298,09 Gb Total Space | 50,66 Gb Free Space | 16,99% Space Free | Partition Type: NTFS
 
Computer Name: PC-BÜRO | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.26 17:30:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\Trojaner Board\1. Mail\OTL.exe
PRC - [2012.09.10 10:17:48 | 000,436,728 | ---- | M] (TomTom) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.08.03 16:06:06 | 001,086,376 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
PRC - [2012.08.01 16:07:16 | 000,724,888 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.08.01 16:07:00 | 000,126,872 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2012.08.01 16:06:58 | 000,148,888 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2012.07.16 06:24:06 | 000,021,432 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.07.16 06:23:56 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012.07.16 06:23:56 | 000,975,800 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2012.04.05 15:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2012.03.13 12:01:14 | 001,609,208 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
PRC - [2012.03.09 16:31:26 | 000,306,184 | ---- | M] (G Data Software) -- C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe
PRC - [2012.02.02 12:21:36 | 001,524,728 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe
PRC - [2012.01.27 15:01:06 | 000,471,048 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe
PRC - [2012.01.27 05:18:28 | 000,985,080 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
PRC - [2012.01.27 05:13:02 | 001,470,968 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
PRC - [2012.01.27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe
PRC - [2012.01.18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011.05.11 17:55:12 | 000,512,000 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung Networking Wizard\ICM_Updater.exe
PRC - [2009.09.23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009.09.06 12:18:00 | 000,582,312 | ---- | M] ( ) -- C:\Programme\Lexmark\ErrorApp\LMab1err.EXE
PRC - [2009.02.03 14:53:00 | 001,155,072 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2008.12.24 17:34:12 | 000,288,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
PRC - [2008.12.24 17:34:10 | 000,058,664 | ---- | M] () -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSMonitorService.exe
PRC - [2008.12.18 13:51:34 | 000,075,048 | ---- | M] () -- C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2008.12.04 13:00:26 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.12.04 13:00:20 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.09.30 14:35:58 | 000,115,137 | ---- | M] () -- C:\Users\***\AppData\Local\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll
MOD - [2012.09.10 10:17:56 | 000,025,592 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\DeviceDetection.dll
MOD - [2012.09.10 10:17:52 | 000,254,968 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterProxy.dll
MOD - [2012.09.10 10:17:50 | 000,073,720 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterBase.dll
MOD - [2012.08.03 16:07:06 | 000,276,392 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
MOD - [2012.08.03 16:06:50 | 002,652,584 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
MOD - [2012.08.03 16:06:50 | 000,363,944 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
MOD - [2012.08.03 16:06:48 | 011,166,120 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
MOD - [2012.08.03 16:06:46 | 000,205,736 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
MOD - [2012.08.03 16:06:44 | 001,346,472 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
MOD - [2012.08.03 16:06:44 | 000,720,296 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
MOD - [2012.08.03 16:06:42 | 008,506,792 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
MOD - [2012.08.03 16:06:42 | 001,013,672 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
MOD - [2012.08.03 16:06:42 | 000,520,104 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
MOD - [2012.08.03 16:06:40 | 002,480,552 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
MOD - [2012.08.03 16:06:40 | 002,353,576 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
MOD - [2012.08.03 16:06:36 | 000,445,864 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
MOD - [2012.08.03 16:06:32 | 000,206,760 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\Imageformats\qjpeg4.dll
MOD - [2012.08.03 16:06:32 | 000,035,240 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\Imageformats\qico4.dll
MOD - [2012.08.03 16:06:30 | 000,032,680 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\Imageformats\qgif4.dll
MOD - [2012.08.03 16:06:02 | 000,437,672 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
MOD - [2012.08.03 16:05:24 | 000,604,072 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
MOD - [2012.07.16 06:24:06 | 000,021,432 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012.07.02 11:29:08 | 000,391,600 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
MOD - [2012.07.02 11:29:08 | 000,059,280 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
MOD - [2012.07.02 11:28:20 | 000,110,080 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll
MOD - [2012.06.16 09:51:51 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll
MOD - [2012.06.15 09:11:51 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll
MOD - [2012.06.15 09:11:40 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll
MOD - [2012.06.15 09:11:38 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll
MOD - [2012.06.15 09:11:32 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll
MOD - [2012.06.15 09:11:31 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll
MOD - [2012.05.09 21:11:05 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll
MOD - [2012.05.09 21:10:00 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\31fab24c51c0cfe8b8115f24545f169f\System.Runtime.Remoting.ni.dll
MOD - [2012.05.09 21:09:54 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll
MOD - [2012.05.09 21:02:55 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll
MOD - [2012.05.09 21:00:49 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll
MOD - [2012.05.09 21:00:46 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll
MOD - [2012.05.09 21:00:44 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll
MOD - [2012.05.09 21:00:43 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll
MOD - [2012.05.09 21:00:38 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2011.09.26 18:15:38 | 000,178,344 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R)
SRV:64bit: - [2009.09.06 12:18:00 | 001,044,992 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\LMabcoms.exe -- (lmab_device)
SRV:64bit: - [2009.07.02 14:16:04 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.08.01 16:07:16 | 000,724,888 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.07.17 23:14:05 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.04.05 15:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV - [2012.03.13 12:01:14 | 001,609,208 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe -- (GDBackupSvc)
SRV - [2012.03.09 16:31:26 | 000,306,184 | ---- | M] (G Data Software) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe -- (TSNxGService)
SRV - [2012.03.08 12:59:20 | 001,218,040 | ---- | M] (G Data Software AG) [On_Demand | Stopped] -- C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe -- (GDTunerSvc)
SRV - [2012.02.02 12:21:36 | 001,524,728 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2012.01.27 15:01:06 | 000,471,048 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe -- (GDScan)
SRV - [2012.01.27 05:07:28 | 001,765,352 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe -- (GDFwSvc)
SRV - [2012.01.27 05:01:08 | 002,006,872 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlX64.exe -- (AVKWCtl)
SRV - [2012.01.27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe -- (AVKService)
SRV - [2012.01.18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011.06.17 09:34:18 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.03.18 20:06:54 | 000,204,883 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Samsung\Samsung Networking Wizard\ICM_Service.exe -- (ICM_UpdaterService)
SRV - [2011.03.03 09:24:10 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.09.23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.09.06 12:18:00 | 000,593,920 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\LMabcoms.exe -- (lmab_device)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.03 14:53:00 | 001,155,072 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2008.12.24 17:34:12 | 000,288,120 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (CyberLink Media Server Service)
SRV - [2008.12.24 17:34:10 | 000,058,664 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSMonitorService.exe -- (CyberLink Media Server Monitor Service)
SRV - [2008.12.18 13:51:34 | 000,075,048 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2008.12.04 13:00:26 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008.08.07 10:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2007.05.31 11:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 11:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.06.27 15:18:52 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.05.21 04:09:00 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012.05.21 04:09:00 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012.04.24 09:06:02 | 000,106,648 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD)
DRV:64bit: - [2012.04.24 07:33:50 | 000,098,760 | ---- | M] (G Data Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TS4nt.sys -- (TS4NT)
DRV:64bit: - [2012.04.24 07:33:49 | 000,059,768 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt)
DRV:64bit: - [2012.04.24 07:33:38 | 000,122,744 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV:64bit: - [2012.04.24 07:33:38 | 000,064,376 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre)
DRV:64bit: - [2012.04.24 07:33:38 | 000,054,136 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave)
DRV:64bit: - [2012.04.24 07:33:37 | 000,065,912 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd)
DRV:64bit: - [2012.04.18 15:05:16 | 000,019,304 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.18 07:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012.01.18 07:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2012.01.09 17:28:20 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2012.01.09 17:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012.01.09 17:28:20 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.01.09 17:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.12.08 06:22:28 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011.12.08 06:22:28 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011.12.08 06:22:28 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2011.12.08 06:22:28 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011.12.08 06:22:28 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011.11.11 18:52:06 | 000,142,944 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsflt58.sys -- (vidsflt58)
DRV:64bit: - [2011.11.06 19:30:37 | 000,132,704 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv)
DRV:64bit: - [2011.08.02 18:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.07.26 10:55:14 | 000,302,808 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y62x64.sys -- (e1yexpress)
DRV:64bit: - [2011.04.30 13:59:22 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.04.30 13:59:22 | 000,060,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.10.29 16:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.05.07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010.05.07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010.04.27 17:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010.04.27 17:57:14 | 000,036,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo)
DRV:64bit: - [2010.04.27 17:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010.04.27 15:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010.04.27 15:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2009.10.26 16:54:22 | 000,032,768 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.07.02 14:51:28 | 006,036,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.05 06:20:26 | 000,114,192 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.06.05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2008.12.02 14:01:42 | 000,068,608 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTSTOR64.sys -- (RTSTOR)
DRV:64bit: - [2008.04.10 10:20:00 | 000,028,160 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gwfilt64.sys -- (gwfilt64)
DRV:64bit: - [2008.01.30 11:48:32 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2008.01.30 11:48:16 | 000,016,384 | ---- | M] (NewTech Infosystems Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV - [2011.02.24 09:00:52 | 000,106,224 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\GRD.sys -- (GRD)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.02.28 20:40:18 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/02/01 15:45:54] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2008.09.07 18:04:44 | 000,014,632 | ---- | M] () [Kernel | On_Demand | Stopped] -- J:\TREIBER-SOFTWARE\ACER\Aspire M 7720\BIOS\Entpackt\BIOS_ACER_R01.A3_Windows_ASM7720\UCOREW64.SYS -- (UCOREW64)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=0809&m=aspire_m7720
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0AF8D5E4-7BDF-4F5A-B3A7-E63F2EE2B6D2}: "URL" = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wiki-tab_internet_std&q={searchTerms}&br=ie7-toi
IE - HKCU\..\SearchScopes\{4072E9E1-2D9A-4542-8FD3-8B33E794EE96}: "URL" = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie7-toi
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE352
IE - HKCU\..\SearchScopes\{C42B3C71-565D-43F7-8156-E2F76592E7B5}: "URL" = hxxp://rover.ebay.com/rover/1/707-1403-27640-2/4?mpre=hxxp://search.ebay.de/search/search.dll?shortcut=4&query={searchTerms}
IE - HKCU\..\SearchScopes\{CA3B96AC-D02A-4E6C-987F-AA1221BA3D14}: "URL" = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=interactivemesuche-21&index=blended&linkCode=ur2&camp=1638&creative=6742
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..extensions.enabledAddons: {906305f7-aafc-45e9-8bbd-941950a84dad}:1.1.11215.1124
FF - prefs.js..extensions.enabledAddons: testpilot@labs.mozilla.com:1.2.2
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\***\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\***\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.22 18:00:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2010.07.24 12:54:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2010.07.24 12:54:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012.09.23 12:41:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\itl8ngc3.default\extensions
[2012.05.27 09:14:43 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\itl8ngc3.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.09.23 12:41:01 | 000,621,521 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\itl8ngc3.default\extensions\testpilot@labs.mozilla.com.xpi
[2012.01.03 16:27:44 | 000,002,333 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\itl8ngc3.default\searchplugins\askcom.xml
[2012.08.31 18:43:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.08.27 08:07:39 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.04.24 07:33:49 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
[2012.07.23 16:31:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.08.31 18:43:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.07.22 18:00:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
File not found (No name found) -- C:\USERS\***©\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITL8NGC3.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
[2012.07.17 23:15:12 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.17 23:52:25 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.17 23:52:25 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.17 23:52:25 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.17 23:52:26 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.17 23:52:25 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.17 23:52:25 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://search.linkury.com/
CHR - default_search_provider: Linkury Smartbar Search (Enabled)
CHR - default_search_provider: search_url = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:5731629158&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
CHR - default_search_provider: suggest_url = 
CHR - homepage: hxxp://search.linkury.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\***\u00E9\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\***\u00E9\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\***\u00E9\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Click to Call = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
CHR - Extension: Google Mail = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012.09.30 10:02:08 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (SplitButtonBHO Class) - {C0C86BBE-9509-4296-8459-FDBFDAF4B673} - C:\Programme\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [NSU_agent] C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe ()
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [LMab1err] C:\Programme\Lexmark\ErrorApp\LMab1err.EXE ( )
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\Run: [MyTomTomSA.exe] C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe (TomTom)
O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: add to &BOM - C:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta ()
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: FRITZ!Box Dial - C:\Programme\FRITZ!Box\AddOn (IE)\fb_addon_dial_ie.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: add to &BOM - C:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta ()
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: FRITZ!Box Dial - C:\Programme\FRITZ!Box\AddOn (IE)\fb_addon_dial_ie.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9:64bit: - Extra Button: FRITZ!Box AddOn - {328ECD19-C167-40eb-A0C7-16FE7634105F} - C:\Programme\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: dhl.de ([www] https in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: fritz.repeater ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Domains: kabeldeutschland.de ([www] https in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16:64bit: - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection64.cab (Geräteerkennung)
O16:64bit: - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16:64bit: - DPF: {3234EB1E-733E-4E6A-A8AB-EBB6287E5A7E} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel64_4.4.24.0.cab (SysInfo Class)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab (Geräteerkennung)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = ***
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9FD74E34-2CC1-4999-9613-B3C43CD4657C}: DhcpNameServer = ***
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.30 12:07:49 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.09.30 09:40:32 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012.09.29 21:00:32 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.09.29 21:00:32 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.09.29 21:00:32 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.09.29 20:57:24 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.09.29 20:56:44 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.09.29 10:47:31 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012.09.26 17:27:06 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Trojaner Board
[2012.09.26 07:27:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.26 07:27:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.09.25 09:38:46 | 000,000,000 | ---D | C] -- C:\GDSupport
[2012.09.21 20:08:44 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.09.21 20:08:44 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.09.21 20:08:43 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.09.21 20:08:42 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.09.21 20:08:42 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.09.21 20:08:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.09.21 20:08:42 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.09.21 20:08:42 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.09.21 20:08:41 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.09.21 20:08:41 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.09.21 20:08:41 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.09.21 20:08:41 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.09.21 20:08:40 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.09.21 20:08:40 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.09.21 20:08:39 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.09.21 07:29:19 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rndismpx.sys
[2012.09.21 07:29:19 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012.09.21 07:29:18 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012.09.21 07:29:17 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012.09.21 07:29:17 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012.09.15 14:11:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LSoft Technologies
[2012.09.15 14:11:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ ISO Burner
[2012.09.04 16:33:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2012.09.04 16:32:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2012.09.04 16:24:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2012.09.04 16:24:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.09.04 16:24:05 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.08.31 18:43:15 | 000,157,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012.08.31 18:43:15 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012.08.31 18:43:15 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.30 16:21:31 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.30 14:42:24 | 000,011,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.30 14:42:24 | 000,011,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.30 14:40:44 | 001,507,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.30 14:40:44 | 000,657,650 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.09.30 14:40:44 | 000,618,936 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.30 14:40:44 | 000,131,040 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.09.30 14:40:44 | 000,107,256 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.30 14:35:14 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.30 14:35:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.30 14:35:01 | 529,928,191 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.30 11:34:41 | 000,811,261 | ---- | M] () -- C:\Windows\SysWow64\sig.bin
[2012.09.30 11:34:41 | 000,044,515 | ---- | M] () -- C:\Windows\SysWow64\nmp.map
[2012.09.30 10:02:08 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.09.26 17:28:43 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable
[2012.09.26 15:35:27 | 000,002,486 | ---- | M] () -- C:\Users\***\Desktop\Google Chrome.lnk
[2012.09.26 07:27:50 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.09.04 16:33:29 | 000,002,053 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2012.09.03 16:46:32 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
 
========== Files Created - No Company Name ==========
 
[2012.09.29 21:00:32 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.09.29 21:00:32 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.09.29 21:00:32 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.09.29 21:00:32 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.09.29 21:00:32 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.09.26 17:28:43 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable
[2012.09.26 07:27:50 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.04 16:33:29 | 000,002,053 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2012.09.03 16:46:32 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2012.05.23 18:49:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.03.07 08:13:38 | 000,000,272 | ---- | C] () -- C:\Users\***\AppData\Roaming\default.rss
[2012.01.18 07:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012.01.18 07:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012.01.18 07:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011.12.23 21:58:24 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.12.23 21:58:24 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.12.23 21:58:24 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.12.23 21:58:24 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.11.02 19:28:39 | 000,037,066 | ---- | C] () -- C:\Users\***\AppData\Roaming\Kommagetrennte Werte (DOS).ADR
[2011.07.16 20:39:05 | 000,021,182 | ---- | C] () -- C:\Users\***\AppData\Roaming\Kommagetrennte Werte (DOS).EML
[2011.07.16 14:13:24 | 000,811,261 | ---- | C] () -- C:\Windows\SysWow64\sig.bin
[2011.06.21 20:05:57 | 000,000,022 | ---- | C] () -- C:\Windows\cmm.dat
[2011.04.07 18:16:01 | 000,004,096 | -H-- | C] () -- C:\Users\***\AppData\Local\keyfile3.drm
[2011.02.08 16:42:42 | 001,040,384 | ---- | C] ( ) -- C:\Windows\SysWow64\LMabserv.dll
[2011.02.08 16:42:40 | 000,372,736 | ---- | C] ( ) -- C:\Windows\SysWow64\LMabcomm.dll
[2011.02.08 16:42:40 | 000,356,352 | ---- | C] ( ) -- C:\Windows\SysWow64\LMabhcp.dll
[2011.02.08 16:42:39 | 000,802,816 | ---- | C] ( ) -- C:\Windows\SysWow64\LMabcomc.dll
[2011.02.08 16:42:39 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\LMabprox.dll
[2011.01.29 18:07:29 | 000,148,996 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010.12.11 17:11:15 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.08.19 13:35:23 | 000,012,968 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft Excel.CAL
[2010.08.19 13:32:31 | 000,038,436 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft Excel.ADR
[2010.08.19 07:43:02 | 000,027,243 | ---- | C] () -- C:\Users\***\AppData\Roaming\Persönliches Adressbuch.ADR
[2010.08.17 08:06:54 | 000,012,994 | ---- | C] () -- C:\Users\***\AppData\Roaming\Kommagetrennte Werte (Windows).CAL
[2010.08.17 07:45:23 | 000,038,462 | ---- | C] () -- C:\Users\***\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
[2009.12.24 10:59:54 | 000,006,656 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.11 08:44:41 | 000,000,123 | -HS- | C] () -- C:\ProgramData\.zreglib
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Custom Scans ==========
 
< HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Telephony\Providers >
"ProviderID0" = 1
"ProviderID1" = 2
"ProviderID2" = 3
"ProviderID3" = 4
"NextProviderID" = 5
"ProviderFileName0" = unimdm.tsp -- [2010.11.20 14:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation)
"ProviderFileName1" = kmddsp.tsp -- [2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation)
"ProviderFileName2" = ndptsp.tsp -- [2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation)
"ProviderFileName3" = hidphone.tsp -- [2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation)
"NumProviders" = 4
 
< HKEY_LOCAL_MACHINE\software\Wow6432Node\microsoft\Windows\CurrentVersion\Telephony\Providers >
"ProviderID0" = 1
"ProviderID1" = 2
"ProviderID2" = 3
"ProviderID3" = 4
"NextProviderID" = 5
"ProviderFileName0" = unimdm.tsp -- [2010.11.20 14:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation)
"ProviderFileName1" = kmddsp.tsp -- [2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation)
"ProviderFileName2" = ndptsp.tsp -- [2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation)
"ProviderFileName3" = hidphone.tsp -- [2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation)
"NumProviders" = 4
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters >
"ServiceDll" = %SystemRoot%\System32\wkssvc.dll
"ServiceDllUnloadOnStop" = 1
"EnablePlainTextPassword" = 0
"EnableSecuritySignature" = 1
"RequireSecuritySignature" = 0
"OtherDomains" =  [binary data]
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters >
"ServiceDll" = %SystemRoot%\System32\dnsrslvr.dll
 
< HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost >
"netsvcs" = AeLookupSvcCertPropSvcSCPolicySv [Binary data over 200 bytes]
"LocalService" = RemoteRegistryWinHttpAutoProxySvc [Binary data over 200 bytes]
"LocalSystemNetworkRestricted" = NetmanAudioEndpointBuilderdot3sv [Binary data over 200 bytes]
"LocalServiceNoNetwork" = PLA [binary data] -- [2010.11.20 14:20:54 | 001,508,864 | ---- | M] (Microsoft Corporation)
"rpcss" = RpcSs [binary data]
"LocalServiceNetworkRestricted" = AudioSrvBthHFSrvLmHostswscsvcWPCSvc [binary data]
"LocalServiceAndNoImpersonation" = SSDPSRVupnphostSCardSvrTBSQWAVEwcncsvc [binary data]
"DcomLaunch" = PowerPlugPlayDcomLaunch [binary data]
"NetworkService" = CryptSvcDHCPTermServiceDNSCache [Binary data over 200 bytes]
"imgsvc" = StiSvc [binary data]
"wcssvc" = WcsPlugInService [binary data] -- [2009.07.14 03:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalService]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceAndNoImpersonation]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceNetworkRestricted]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceNoNetwork]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalSystemNetworkRestricted]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\netsvcs]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkService]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopHyperVAgent]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopPublishing]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\termsvcs]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\wcssvc]
 
< HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost >
"netsvcs" = AeLookupSvcCertPropSvcSCPolicySv [Binary data over 200 bytes]
"LocalService" = RemoteRegistryWinHttpAutoProxySvc [Binary data over 200 bytes]
"LocalSystemNetworkRestricted" = NetmanAudioEndpointBuilderdot3sv [Binary data over 200 bytes]
"LocalServiceNoNetwork" = PLA [binary data] -- [2010.11.20 14:20:54 | 001,508,864 | ---- | M] (Microsoft Corporation)
"rpcss" = RpcSs [binary data]
"LocalServiceNetworkRestricted" = AudioSrvBthHFSrvLmHostswscsvcWPCSvc [binary data]
"LocalServiceAndNoImpersonation" = SSDPSRVupnphostSCardSvrTBSQWAVEwcncsvc [binary data]
"DcomLaunch" = PowerPlugPlayDcomLaunch [binary data]
"NetworkService" = CryptSvcDHCPTermServiceDNSCache [Binary data over 200 bytes]
"imgsvc" = StiSvc [binary data]
"wcssvc" = WcsPlugInService [binary data] -- [2009.07.14 03:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalService]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalServiceAndNoImpersonation]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalServiceNetworkRestricted]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalServiceNoNetwork]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalSystemNetworkRestricted]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\netsvcs]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\NetworkService]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopHyperVAgent]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopPublishing]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\termsvcs]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\wcssvc]
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Joosoft.com >
 
< %SystemRoot%\system32\*.tsp >
[2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.20 14:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
 
< %SystemRoot%\system32\*.tsp /64 >
[2009.07.14 03:38:54 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\hidphone.tsp
[2009.07.14 03:38:54 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kmddsp.tsp
[2009.07.14 03:38:54 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ndptsp.tsp
[2009.07.14 03:38:54 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\remotesp.tsp
[2010.11.20 15:24:24 | 000,321,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\unimdm.tsp
 
< C:\Windows\system32\*.dll /360 >
[2012.07.04 23:14:34 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\browcli.dll
[2012.06.06 07:03:06 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cdosys.dll
[2011.12.23 21:58:24 | 000,974,848 | ---- | M] () -- C:\Windows\system32\cis-2.4.dll
[2012.04.24 06:36:42 | 001,158,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\crypt32.dll
[2012.04.24 06:36:42 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptnet.dll
[2012.04.24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptsvc.dll
[2012.08.02 18:57:20 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10level9.dll
[2012.08.28 20:24:53 | 000,473,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\system32\deployJava1.dll
[2012.01.18 07:44:00 | 000,336,408 | ---- | M] () -- C:\Windows\system32\DevManagerCore.dll
[2012.05.23 18:49:30 | 000,821,824 | ---- | M] (Devguru Co., Ltd.) -- C:\Windows\system32\dgderapi.dll
[2012.03.03 07:31:19 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DWrite.dll
[2011.10.15 07:38:59 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\EncDec.dll
[2012.08.24 09:03:49 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieframe.dll
[2012.08.24 08:44:35 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iertutil.dll
[2012.08.24 08:40:11 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieui.dll
[2012.03.01 07:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imagehlp.dll
[2011.12.23 21:58:24 | 000,081,920 | ---- | M] () -- C:\Windows\system32\issacapi_bs-2.3.dll
[2011.12.23 21:58:24 | 000,065,536 | ---- | M] () -- C:\Windows\system32\issacapi_pe-2.3.dll
[2011.12.23 21:58:24 | 000,057,344 | ---- | M] () -- C:\Windows\system32\issacapi_se-2.3.dll
[2012.08.24 08:47:36 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript.dll
[2012.08.24 08:59:17 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9.dll
[2012.08.24 08:48:38 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsproxy.dll
[2012.01.18 07:44:00 | 010,920,984 | ---- | M] () -- C:\Windows\system32\LogiDPP.dll
[2012.01.18 07:44:26 | 000,307,488 | ---- | M] (Logitech Inc.) -- C:\Windows\system32\lvcodec2.dll
[2012.01.18 07:44:40 | 000,545,056 | ---- | M] (Logitech Inc.) -- C:\Windows\system32\LVUI2.dll
[2012.01.18 07:44:52 | 000,540,960 | ---- | M] (Logitech Inc.) -- C:\Windows\system32\LVUI2RC.dll
[2011.12.23 21:58:24 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\Windows\system32\MACXMLProto.dll
[2011.12.23 21:58:24 | 000,118,784 | ---- | M] ((주)마크애니) -- C:\Windows\system32\MaDRM.dll
[2011.12.23 21:58:24 | 000,049,152 | ---- | M] ((주) 마크애니) -- C:\Windows\system32\MaJGUILib.dll
[2012.05.23 18:49:32 | 000,045,320 | ---- | M] (MARKANY) -- C:\Windows\system32\MAMACExtract.dll
[2011.12.23 21:58:24 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\Windows\system32\MaXMLProto.dll
[2012.03.06 15:43:14 | 004,421,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfc100u.dll
[2012.03.06 15:43:14 | 000,080,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfcm100u.dll
[2011.12.23 21:58:24 | 000,057,344 | ---- | M] (Marktek) -- C:\Windows\system32\MK_Lyric.dll
[2011.12.23 21:58:24 | 000,245,760 | ---- | M] (Teruten Inc.) -- C:\Windows\system32\MSCLib.dll
[2012.08.24 08:45:46 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeeds.dll
[2011.12.23 21:58:24 | 000,155,648 | ---- | M] (Teruten Inc.) -- C:\Windows\system32\MSFLib.dll
[2012.08.24 09:27:00 | 012,319,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.dll
[2012.08.24 08:44:10 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmled.dll
[2012.04.07 13:26:29 | 002,342,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msi.dll
[2011.12.23 21:58:24 | 000,352,256 | ---- | M] (Sample Corporation) -- C:\Windows\system32\MSLUR71.dll
[2011.12.16 09:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcrt.dll
[2012.06.06 07:05:52 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml3.dll
[2012.06.25 16:04:24 | 001,394,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml4.dll
[2012.06.06 07:05:52 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml6.dll
[2011.12.23 21:58:24 | 000,040,960 | ---- | M] (Telechips Inc.,) -- C:\Windows\system32\MTTELECHIP.dll
[2011.12.23 21:58:24 | 000,057,344 | ---- | M] (Marktek Inc.) -- C:\Windows\system32\MTXSYNCICON.dll
[2011.12.23 21:58:24 | 000,135,168 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\system32\muzaf1.dll
[2011.12.23 21:58:24 | 000,491,520 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\system32\muzapp.dll
[2011.12.23 21:58:24 | 000,200,704 | ---- | M] ( (c) MusicCity) -- C:\Windows\system32\muzwmts.dll
[2012.06.02 06:39:10 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ncrypt.dll
[2012.07.04 23:16:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netapi32.dll
[2012.04.18 13:49:50 | 000,405,176 | ---- | M] (Newtonsoft) -- C:\Windows\system32\Newtonsoft.Json.Net20.dll
[2012.08.28 20:24:56 | 000,477,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\system32\npdeployJava1.dll
[2011.11.17 07:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntdll.dll
[2012.01.04 10:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntshrui.dll
[2011.11.19 16:01:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\packager.dll
[2012.05.04 11:59:54 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\qdvd.dll
[2012.03.22 13:43:58 | 002,557,952 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- C:\Windows\system32\QtCore4.dll
[2011.10.26 06:32:11 | 001,328,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\quartz.dll
[2012.02.17 07:34:22 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdpcore.dll
[2012.05.23 18:50:06 | 004,659,712 | ---- | M] (Dmitry Streblechenko) -- C:\Windows\system32\Redemption.dll
[2012.06.02 06:40:39 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\schannel.dll
[2012.06.02 06:40:42 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secur32.dll
[2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shell32.dll
[2012.05.05 09:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\srclient.dll
[2012.06.02 06:34:09 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sspicli.dll
[2011.11.05 06:26:03 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tzres.dll
[2012.08.24 08:49:57 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\url.dll
[2012.08.24 08:51:50 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\urlmon.dll
[2012.08.24 08:47:12 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vbscript.dll
[2011.11.17 07:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webio.dll
[2012.02.11 07:43:49 | 000,492,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\win32spl.dll
[2012.08.24 08:51:27 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininet.dll
[2012.03.01 07:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wintrust.dll
[2012.03.01 07:29:16 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmi.dll
 
< C:\Windows\SysNative\*.dll /360 >
[2011.10.26 11:42:04 | 000,840,312 | ---- | M] (Intel(R) Corporation) -- C:\Windows\SysNative\accesor.dll
[2012.07.05 00:13:27 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.07.05 00:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browser.dll
[2011.11.01 11:07:24 | 000,166,912 | ---- | M] (Nokia) -- C:\Windows\SysNative\ccdcmbwux64.dll
[2012.06.06 08:02:54 | 001,133,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.04.24 07:37:36 | 001,462,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.04.24 07:37:37 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.04.24 07:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptsvc.dll
[2011.10.26 07:21:20 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012.08.02 19:58:52 | 000,574,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012.01.18 07:44:00 | 000,336,408 | ---- | M] () -- C:\Windows\SysNative\DevManagerCore.dll
[2012.03.03 08:35:38 | 001,544,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011.10.15 08:31:56 | 000,723,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012.08.24 12:39:42 | 010,925,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieframe.dll
[2012.08.24 12:12:04 | 002,144,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2012.08.24 12:04:06 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.03.01 08:33:50 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012.08.24 12:14:34 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.08.24 12:31:32 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.08.24 12:17:03 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsproxy.dll
[2012.05.14 07:26:34 | 000,956,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.01.18 07:44:00 | 010,920,984 | ---- | M] () -- C:\Windows\SysNative\LogiDPP.dll
[2011.11.17 08:35:19 | 001,447,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.01.18 07:44:26 | 000,263,456 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\lvco13311044.dll
[2012.01.18 07:44:26 | 000,176,416 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\lvcod64.dll
[2012.01.18 07:44:28 | 000,769,312 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\LVUI64.dll
[2012.01.18 07:44:36 | 000,561,440 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\LVUIRC64.dll
[2012.08.24 12:11:57 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.08.24 13:15:45 | 017,810,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.dll
[2012.08.24 12:10:14 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.04.07 14:31:40 | 003,216,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2011.12.16 10:46:06 | 000,634,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012.06.06 08:06:16 | 001,881,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3.dll
[2012.06.06 08:06:16 | 002,004,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6.dll
[2012.06.02 07:44:21 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2011.10.26 11:42:06 | 000,859,256 | ---- | M] (Intel(R) Corporation) -- C:\Windows\SysNative\ncs2dmix.dll
[2011.10.26 11:00:28 | 000,228,472 | ---- | M] (Intel(R) Corporation) -- C:\Windows\SysNative\ncs2instutility.dll
[2011.10.25 12:04:50 | 000,240,128 | ---- | M] (Intel(R) Corporation) -- C:\Windows\SysNative\Ncs2Setp.dll
[2011.10.26 10:31:16 | 002,859,128 | ---- | M] (Intel(R) Corporation) -- C:\Windows\SysNative\ncscolib.dll
[2012.07.05 00:16:43 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.01.09 17:28:20 | 000,057,856 | ---- | M] (Nokia) -- C:\Windows\SysNative\nmwcdclsX64.dll
[2011.11.01 11:07:26 | 000,640,000 | ---- | M] (Nokia) -- C:\Windows\SysNative\nmwcdcoclsx64.dll
[2011.11.17 08:41:18 | 001,731,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.01.04 12:44:20 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2011.11.19 16:58:00 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.05.01 07:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\profsvc.dll
[2012.05.04 13:00:43 | 000,366,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2011.10.26 07:25:16 | 001,572,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.02.17 08:38:26 | 001,031,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012.04.26 07:41:55 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.04.26 07:41:56 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.06.02 07:45:31 | 000,340,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\schannel.dll
[2011.11.17 08:35:25 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\shell32.dll
[2012.05.05 10:36:55 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2011.11.17 08:35:26 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2011.11.17 08:35:26 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2011.11.05 07:32:50 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tzres.dll
[2012.08.24 12:18:46 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.08.24 12:22:46 | 001,346,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\urlmon.dll
[2012.08.24 12:13:29 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.12.08 06:22:28 | 001,917,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01005.dll
[2011.11.17 08:35:28 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012.02.11 08:43:47 | 000,751,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.08.24 12:21:18 | 001,392,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2012.03.01 08:38:27 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.03.01 08:28:47 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmi.dll
[2012.06.03 00:19:23 | 000,701,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.06.03 00:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuaueng.dll
[2012.06.03 00:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.04.22 13:51:40 | 002,152,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFUpdate_01009.dll
[2012.06.03 00:15:08 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.06.03 00:19:46 | 000,038,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.06.03 00:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.06.02 15:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
 
< C:\Windows\SysWOW64\*.dll /360 >
[2012.07.04 23:14:34 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\browcli.dll
[2012.06.06 07:03:06 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cdosys.dll
[2011.12.23 21:58:24 | 000,974,848 | ---- | M] () -- C:\Windows\SysWOW64\cis-2.4.dll
[2012.04.24 06:36:42 | 001,158,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
[2012.04.24 06:36:42 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
[2012.04.24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsvc.dll
[2012.08.02 18:57:20 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10level9.dll
[2012.08.28 20:24:53 | 000,473,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWOW64\deployJava1.dll
[2012.01.18 07:44:00 | 000,336,408 | ---- | M] () -- C:\Windows\SysWOW64\DevManagerCore.dll
[2012.05.23 18:49:30 | 000,821,824 | ---- | M] (Devguru Co., Ltd.) -- C:\Windows\SysWOW64\dgderapi.dll
[2012.03.03 07:31:19 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
[2011.10.15 07:38:59 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EncDec.dll
[2012.08.24 09:03:49 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
[2012.08.24 08:44:35 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
[2012.08.24 08:40:11 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieui.dll
[2012.03.01 07:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
[2011.12.23 21:58:24 | 000,081,920 | ---- | M] () -- C:\Windows\SysWOW64\issacapi_bs-2.3.dll
[2011.12.23 21:58:24 | 000,065,536 | ---- | M] () -- C:\Windows\SysWOW64\issacapi_pe-2.3.dll
[2011.12.23 21:58:24 | 000,057,344 | ---- | M] () -- C:\Windows\SysWOW64\issacapi_se-2.3.dll
[2012.08.24 08:47:36 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript.dll
[2012.08.24 08:59:17 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll
[2012.08.24 08:48:38 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jsproxy.dll
[2012.01.18 07:44:00 | 010,920,984 | ---- | M] () -- C:\Windows\SysWOW64\LogiDPP.dll
[2012.01.18 07:44:26 | 000,307,488 | ---- | M] (Logitech Inc.) -- C:\Windows\SysWOW64\lvcodec2.dll
[2012.01.18 07:44:40 | 000,545,056 | ---- | M] (Logitech Inc.) -- C:\Windows\SysWOW64\LVUI2.dll
[2012.01.18 07:44:52 | 000,540,960 | ---- | M] (Logitech Inc.) -- C:\Windows\SysWOW64\LVUI2RC.dll
[2011.12.23 21:58:24 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\Windows\SysWOW64\MACXMLProto.dll
[2011.12.23 21:58:24 | 000,118,784 | ---- | M] ((주)마크애니) -- C:\Windows\SysWOW64\MaDRM.dll
[2011.12.23 21:58:24 | 000,049,152 | ---- | M] ((주) 마크애니) -- C:\Windows\SysWOW64\MaJGUILib.dll
[2012.05.23 18:49:32 | 000,045,320 | ---- | M] (MARKANY) -- C:\Windows\SysWOW64\MAMACExtract.dll
[2011.12.23 21:58:24 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\Windows\SysWOW64\MaXMLProto.dll
[2012.03.06 15:43:14 | 004,421,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc100u.dll
[2012.03.06 15:43:14 | 000,080,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfcm100u.dll
[2011.12.23 21:58:24 | 000,057,344 | ---- | M] (Marktek) -- C:\Windows\SysWOW64\MK_Lyric.dll
[2011.12.23 21:58:24 | 000,245,760 | ---- | M] (Teruten Inc.) -- C:\Windows\SysWOW64\MSCLib.dll
[2012.08.24 08:45:46 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msfeeds.dll
[2011.12.23 21:58:24 | 000,155,648 | ---- | M] (Teruten Inc.) -- C:\Windows\SysWOW64\MSFLib.dll
[2012.08.24 09:27:00 | 012,319,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
[2012.08.24 08:44:10 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtmled.dll
[2012.04.07 13:26:29 | 002,342,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
[2011.12.23 21:58:24 | 000,352,256 | ---- | M] (Sample Corporation) -- C:\Windows\SysWOW64\MSLUR71.dll
[2011.12.16 09:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
[2012.06.06 07:05:52 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
[2012.06.25 16:04:24 | 001,394,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml4.dll
[2012.06.06 07:05:52 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll
[2011.12.23 21:58:24 | 000,040,960 | ---- | M] (Telechips Inc.,) -- C:\Windows\SysWOW64\MTTELECHIP.dll
[2011.12.23 21:58:24 | 000,057,344 | ---- | M] (Marktek Inc.) -- C:\Windows\SysWOW64\MTXSYNCICON.dll
[2011.12.23 21:58:24 | 000,135,168 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\SysWOW64\muzaf1.dll
[2011.12.23 21:58:24 | 000,491,520 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\SysWOW64\muzapp.dll
[2011.12.23 21:58:24 | 000,200,704 | ---- | M] ( (c) MusicCity) -- C:\Windows\SysWOW64\muzwmts.dll
[2012.06.02 06:39:10 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
[2012.07.04 23:16:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
[2012.04.18 13:49:50 | 000,405,176 | ---- | M] (Newtonsoft) -- C:\Windows\SysWOW64\Newtonsoft.Json.Net20.dll
[2012.08.28 20:24:56 | 000,477,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWOW64\npdeployJava1.dll
[2011.11.17 07:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
[2012.01.04 10:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
[2011.11.19 16:01:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\packager.dll
[2012.05.04 11:59:54 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\qdvd.dll
[2012.03.22 13:43:58 | 002,557,952 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- C:\Windows\SysWOW64\QtCore4.dll
[2011.10.26 06:32:11 | 001,328,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\quartz.dll
[2012.02.17 07:34:22 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rdpcore.dll
[2012.05.23 18:50:06 | 004,659,712 | ---- | M] (Dmitry Streblechenko) -- C:\Windows\SysWOW64\Redemption.dll
[2012.06.02 06:40:39 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
[2012.06.02 06:40:42 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
[2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
[2012.05.05 09:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
[2012.06.02 06:34:09 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
[2011.11.05 06:26:03 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\tzres.dll
[2012.08.24 08:49:57 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\url.dll
[2012.08.24 08:51:50 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
[2012.08.24 08:47:12 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vbscript.dll
[2011.11.17 07:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
[2012.02.11 07:43:49 | 000,492,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\win32spl.dll
[2012.08.24 08:51:27 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
[2012.03.01 07:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
[2012.03.01 07:29:16 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmi.dll
 
========== Files - Unicode (All) ==========
[2011.02.10 19:29:10 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | M] ()(C:\Windows\SysWow64\?G??{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c91-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000002.regtrans-ms
[2011.02.10 19:29:10 | 000,524,288 | -HS- | C] ()(C:\Windows\SysWow64\?G??{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms) -- C:\Windows\SysWow64\洴G婄{5af60c8d-3524-11e0-95de-00016c6b8e33}.TMContainer00000000000000000001.regtrans-ms
[2011.02.10 19:29:10 | 000,262,144 | ---- | M] ()(C:\Windows\SysWow64\?G??) -- C:\Windows\SysWow64\洴G婄
[2011.02.10 19:29:10 | 000,262,144 | ---- | C] ()(C:\Windows\SysWow64\?G??) -- C:\Windows\SysWow64\洴G婄
[2011.02.10 19:29:10 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G??{5af60c91-3524-11e0-95de-00016c6b8e33}.TM.blf) -- C:\Windows\SysWow64\洴G婄{5af60c91-3524-11e0-95de-00016c6b8e33}.TM.blf
[2011.02.10 19:29:10 | 000,065,536 | -HS- | M] ()(C:\Windows\SysWow64\?G??{5af60c8d-3524-11e0-95de-00016c6b8e33}.TM.blf) -- C:\Windows\SysWow64\洴G婄{5af60c8d-3524-11e0-95de-00016c6b8e33}.TM.blf
[2011.02.10 19:29:10 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G??{5af60c91-3524-11e0-95de-00016c6b8e33}.TM.blf) -- C:\Windows\SysWow64\洴G婄{5af60c91-3524-11e0-95de-00016c6b8e33}.TM.blf
[2011.02.10 19:29:10 | 000,065,536 | -HS- | C] ()(C:\Windows\SysWow64\?G??{5af60c8d-3524-11e0-95de-00016c6b8e33}.TM.blf) -- C:\Windows\SysWow64\洴G婄{5af60c8d-3524-11e0-95de-00016c6b8e33}.TM.blf
[2011.02.10 19:29:10 | 000,005,120 | -HS- | M] ()(C:\Windows\SysWow64\?G??.LOG1) -- C:\Windows\SysWow64\洴G婄.LOG1
[2011.02.10 19:29:10 | 000,005,120 | -HS- | C] ()(C:\Windows\SysWow64\?G??.LOG1) -- C:\Windows\SysWow64\洴G婄.LOG1
[2011.02.10 19:29:10 | 000,000,000 | -HS- | M] ()(C:\Windows\SysWow64\?G??.LOG2) -- C:\Windows\SysWow64\洴G婄.LOG2
[2011.02.10 19:29:10 | 000,000,000 | -HS- | C] ()(C:\Windows\SysWow64\?G??.LOG2) -- C:\Windows\SysWow64\洴G婄.LOG2
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 143 bytes -> C:\Users\***\AppData\Roaming\Kommagetrennte Werte (DOS).EML:OECustomProperty

< End of report >
         
--- --- ---

Alt 30.09.2012, 16:46   #24
schrauber
/// the machine
/// TB-Ausbilder
 

Ich kann die Internetseite von Kabel Deutschland nicht öffnen - Standard

Ich kann die Internetseite von Kabel Deutschland nicht öffnen



das sieht doch schon besser aus

Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 30.09.2012, 20:57   #25
astralie
 
Ich kann die Internetseite von Kabel Deutschland nicht öffnen - Standard

Ich kann die Internetseite von Kabel Deutschland nicht öffnen



Hallo Schrauber,
es bestehen immer noch die Probleme mit Outlook, IE9 32-Bit und MyTomTom.
Outlook meldet im Dialogfeld:"Fehler (0x800408FC) beim Ausführen der Aufgabe "*** GMX - Nachrichten werden empfangen":
"Der eingegebene Servername wurde im Netzwerk nicht gefunden. (Das Netzwerk steht möglicherweise gerade nicht zur Verfügung.)
Überprüfen Sie den Namen und die Netzwerkverbindung."
Die Meldung bekomme ich für alle eMail-Konten.
GData Total Protection kann auch keine Verbindung zum Update-Server herstellen.
Google Chrome geht auch nicht.
Gruß Astralie

Geändert von astralie (30.09.2012 um 21:05 Uhr)

Alt 01.10.2012, 06:05   #26
schrauber
/// the machine
/// TB-Ausbilder
 

Ich kann die Internetseite von Kabel Deutschland nicht öffnen - Standard

Ich kann die Internetseite von Kabel Deutschland nicht öffnen



Downloade dir Complete Internet Repair.
  • Führe das Tool per Doppelklick aus.
  • Wähle alle Kästchen an, drücke GO und warte, bis das Tool fertig ist.
  • Poste mir bitte alle Dateien im Ordner "Logging" (oder hänge sie an, je nach Größe).




Downloade dir bitte Farbar's Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.
Poste bitte den Inhalt hier.





Downloade dir bitte Farbar's MiniToolBox auf deinen Desktop und starte das Tool

Setze einen Haken bei folgenden Einträgen
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset IE Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
  • List Minidump Files
Klicke Go und poste den Inhalt der Result.txt.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.10.2012, 06:35   #27
astralie
 
Ich kann die Internetseite von Kabel Deutschland nicht öffnen - Standard

Ich kann die Internetseite von Kabel Deutschland nicht öffnen



Guten Morgen Schrauber,
habe die Programme ausgeführt, hier die Logs:

ClntRep:

./
(o o)
--------------------------------------oOOo-(_)-oOOo--------------------------------------
[01/10/2012 07:17:51] Resetting all TCP/IP Interfaces, Please wait.....
-----------------------------------------------------------------------------------------
[01/10/2012 07:17:52] TCP/IP interfaces reset successful.
[01/10/2012 07:17:52] TCP/IP v6 interfaces reset successful.
[01/10/2012 07:17:52] You may need to restart your computer for the settings to take effect.
[01/10/2012 07:17:52] Finished resetting the Internet Protocol (TCP/IP).

-----------------------------------------------------------------------------------------
[01/10/2012 07:17:52] Attempting to reset Winsock catalog, Please wait.....
-----------------------------------------------------------------------------------------
[01/10/2012 07:17:52] Successfully reset the Winsock Catalog.
[01/10/2012 07:17:52] Finished repairing Winsock

-----------------------------------------------------------------------------------------
[01/10/2012 07:17:53] Releasing TCP/IP connections, Please wait.....
-----------------------------------------------------------------------------------------
[01/10/2012 07:17:53] Successfully released TCP/IP connections.

-----------------------------------------------------------------------------------------
[01/10/2012 07:17:53] Renewing TCP/IP connections, Please wait.....
-----------------------------------------------------------------------------------------
[01/10/2012 07:17:57] Successfully renewed TCP/IP adapters.

-----------------------------------------------------------------------------------------
[01/10/2012 07:17:57] Configuring the Windows Event Log Service, Please wait.....
-----------------------------------------------------------------------------------------
[01/10/2012 07:17:57] Windows Event Log Service Configured.
[01/10/2012 07:17:57] Starting the Windows Event Log Service.....
[01/10/2012 07:17:58] Windows Event Log Service Started Successfully.

-----------------------------------------------------------------------------------------
[01/10/2012 07:17:58] Flushing DNS Resolver Cache, Please wait.....
-----------------------------------------------------------------------------------------
[01/10/2012 07:17:58] Successfully flushed DNS Resolver Cache.
[01/10/2012 07:17:58] Refreshing all DHCP leases and re-registering DNS names, Please wait.....
[01/10/2012 07:17:58] Registration of the DNS resource records has been initiated.
[01/10/2012 07:17:58] Note: Any errors will be reported in the 'Event Viewer' in about 15 minutes.
[01/10/2012 07:17:58] Note: Click on 'File' and then 'Event Viewer...' to open the Event Viewer.

-----------------------------------------------------------------------------------------
[01/10/2012 07:17:58] Repairing Internet Explorer 9.0.8112, Please wait.....
-----------------------------------------------------------------------------------------
[01/10/2012 07:18:06] RegSvr32.exe: 'actxprxy.dll' registration succeeded.
[01/10/2012 07:18:06] RegSvr32.exe: 'asctrls.ocx' Specified module not found
[01/10/2012 07:18:06] RegSvr32.exe: 'browseui.dll' Module loaded but entry-point DllRegisterServer was not found.
[01/10/2012 07:18:06] RegSvr32.exe: 'cdfview.dll' Specified module not found
[01/10/2012 07:18:06] RegSvr32.exe: 'comcat.dll' registration succeeded.
[01/10/2012 07:18:06] RegSvr32.exe: 'comctl32.dll' registration succeeded.
[01/10/2012 07:18:07] RegSvr32.exe: 'corpol.dll' Specified module not found
[01/10/2012 07:18:07] RegSvr32.exe: 'cryptdlg.dll' registration succeeded.
[01/10/2012 07:18:07] RegSvr32.exe: '"C:\Program Files (x86)\Internet Explorer\custsat.dll"' Specified module not found
[01/10/2012 07:18:07] RegSvr32.exe: 'digest.dll' Specified module not found
[01/10/2012 07:18:07] RegSvr32.exe: 'dispex.dll' registration succeeded.
[01/10/2012 07:18:07] RegSvr32.exe: 'dxtmsft.dll' registration succeeded.
[01/10/2012 07:18:07] RegSvr32.exe: 'dxtrans.dll' registration succeeded.
[01/10/2012 07:18:07] RegSvr32.exe: 'extmgr.dll' Specified module not found
[01/10/2012 07:18:07] RegSvr32.exe: '"C:\Program Files (x86)\Internet Explorer\hmmapi.dll"' Specified module not found
[01/10/2012 07:18:07] RegSvr32.exe: 'hlink.dll' registration succeeded.
[01/10/2012 07:18:07] RegSvr32.exe: 'ieaksie.dll' registration succeeded.
[01/10/2012 07:18:07] RegSvr32.exe: 'ieapfltr.dll' Error number: 0x80070005
[01/10/2012 07:18:07] RegSvr32.exe: 'iedkcs32.dll' registration succeeded.
[01/10/2012 07:18:08] RegSvr32.exe: '"C:\Program Files (x86)\Internet Explorer\iedvtool.dll"' registration succeeded.
[01/10/2012 07:18:08] RegSvr32.exe: 'iedvtool.dll' Specified module not found
[01/10/2012 07:18:08] RegSvr32.exe: 'ieframe.dll' registration succeeded.
[01/10/2012 07:18:08] RegSvr32.exe: 'iepeers.dll' registration succeeded.
[01/10/2012 07:18:09] RegSvr32.exe: '"C:\Program Files (x86)\Internet Explorer\ieproxy.dll"' registration succeeded.
[01/10/2012 07:18:09] RegSvr32.exe: 'ieproxy.dll' Specified module not found
[01/10/2012 07:18:09] RegSvr32.exe: 'iesetup.dll' Module loaded but entry-point DllRegisterServer was not found.
[01/10/2012 07:18:09] RegSvr32.exe: 'imgutil.dll' Module loaded but entry-point DllRegisterServer was not found.
[01/10/2012 07:18:09] RegSvr32.exe: 'inetcpl.cpl' Module loaded but entry-point DllRegisterServer was not found.
[01/10/2012 07:18:09] RegSvr32.exe: 'inetcpl.cpl' registration succeeded.
[01/10/2012 07:18:09] RegSvr32.exe: 'initpki.dll' Specified module not found
[01/10/2012 07:18:09] RegSvr32.exe: 'inseng.dll' Module loaded but entry-point DllRegisterServer was not found.
[01/10/2012 07:18:09] RegSvr32.exe: 'jscript.dll' registration succeeded.
[01/10/2012 07:18:10] RegSvr32.exe: 'licmgr10.dll' registration succeeded.
[01/10/2012 07:18:10] RegSvr32.exe: 'mlang.dll' Module loaded but entry-point DllRegisterServer was not found.
[01/10/2012 07:18:10] RegSvr32.exe: 'mobsync.dll' Specified module not found
[01/10/2012 07:18:10] RegSvr32.exe: 'msapsspc.dll' Specified module not found
[01/10/2012 07:18:10] RegSvr32.exe: 'mscoree.dll' registration succeeded.
[01/10/2012 07:18:10] RegSvr32.exe: 'mscorier.dll' Module loaded but entry-point DllRegisterServer was not found.
[01/10/2012 07:18:10] RegSvr32.exe: 'mscories.dll' Module loaded but entry-point DllRegisterServer was not found.
[01/10/2012 07:18:10] RegSvr32.exe: 'msdbg2.dll' Specified module not found
[01/10/2012 07:18:10] RegSvr32.exe: 'mshta.exe' Module loaded but entry-point DllRegisterServer was not found.
[01/10/2012 07:18:10] RegSvr32.exe: 'mshtml.dll' Module loaded but entry-point DllRegisterServer was not found.
[01/10/2012 07:18:10] RegSvr32.exe: 'mshtmled.dll' registration succeeded.
[01/10/2012 07:18:10] RegSvr32.exe: 'msident.dll' Module loaded but entry-point DllRegisterServer was not found.
[01/10/2012 07:18:10] RegSvr32.exe: 'msieftp.dll' Module loaded but entry-point DllRegisterServer was not found.
[01/10/2012 07:18:10] RegSvr32.exe: 'msnsspc.dll' Specified module not found
[01/10/2012 07:18:11] RegSvr32.exe: 'msr2c.dll' Specified module not found
[01/10/2012 07:18:11] RegSvr32.exe: 'msrating.dll' Module loaded but entry-point DllRegisterServer was not found.
[01/10/2012 07:18:11] RegSvr32.exe: 'mstime.dll' Specified module not found
[01/10/2012 07:18:11] RegSvr32.exe: 'msxml.dll' Specified module not found
[01/10/2012 07:18:11] RegSvr32.exe: 'ole32.dll' registration succeeded.
[01/10/2012 07:18:11] RegSvr32.exe: 'oleacc.dll' registration succeeded.
[01/10/2012 07:18:11] RegSvr32.exe: 'occache.dll' Module loaded but entry-point DllRegisterServer was not found.
[01/10/2012 07:18:13] RegSvr32.exe: 'oleaut32.dll' registration succeeded.
[01/10/2012 07:18:13] RegSvr32.exe: '"C:\Program Files (x86)\Internet Explorer\pdm.dll"' registration succeeded.
[01/10/2012 07:18:13] RegSvr32.exe: 'plugin.ocx' Specified module not found
[01/10/2012 07:18:14] RegSvr32.exe: 'pngfilt.dll' Module loaded but entry-point DllRegisterServer was not found.
[01/10/2012 07:18:14] RegSvr32.exe: 'proctexe.ocx' Specified module not found
[01/10/2012 07:18:14] RegSvr32.exe: 'scrobj.dll' Error number: 0x80070005
[01/10/2012 07:18:14] RegSvr32.exe: 'sendmail.dll' Module loaded but entry-point DllRegisterServer was not found.
[01/10/2012 07:18:14] RegSvr32.exe: 'setupwbv.dll' Specified module not found
[01/10/2012 07:18:14] RegSvr32.exe: 'shdocvw.dll' Module loaded but entry-point DllRegisterServer was not found.
[01/10/2012 07:18:14] RegSvr32.exe: 'tdc.ocx' registration succeeded.
[01/10/2012 07:18:14] RegSvr32.exe: 'url.dll' Module loaded but entry-point DllRegisterServer was not found.
[01/10/2012 07:18:15] RegSvr32.exe: 'urlmon.dll' registration succeeded.
[01/10/2012 07:18:15] RegSvr32.exe: 'urlmon.dll,NI,HKLM' Specified module not found
[01/10/2012 07:18:15] RegSvr32.exe: 'vbscript.dll' registration succeeded.
[01/10/2012 07:18:15] RegSvr32.exe: '"C:\Program Files (x86)\microsoft shared\vgx\vgx.dll"' Specified module not found
[01/10/2012 07:18:15] RegSvr32.exe: 'webcheck.dll' Module loaded but entry-point DllRegisterServer was not found.
[01/10/2012 07:18:15] Finished repairing Internet Explorer 9.0.8112

-----------------------------------------------------------------------------------------
[01/10/2012 07:18:15] Repairing Windows Update / Automatic Updates, Please wait.....
-----------------------------------------------------------------------------------------
[01/10/2012 07:18:15] Stopping the BITS Service.....
[01/10/2012 07:18:15] BITS Stopped Successfully.
[01/10/2012 07:18:16] Stopping the Automatic Updates (wuauserv) Service.....
[01/10/2012 07:18:16] Automatic Updates (wuauserv) Service Stopped Successfully.
[01/10/2012 07:18:16] Clearing File Stores (Update History).....
[01/10/2012 07:18:16] Clearing [C:\Windows\SoftwareDistribution\Download].....
[01/10/2012 07:18:20] [C:\Windows\SoftwareDistribution\Download] Cleared.
[01/10/2012 07:18:20] Clearing [C:\Windows\SoftwareDistribution\DataStore].....
[01/10/2012 07:18:20] [C:\Windows\SoftwareDistribution\DataStore] Cleared.
[01/10/2012 07:18:20] Clearing [C:\Windows\SysWOW64\CatRoot2].....
[01/10/2012 07:18:20] [C:\Windows\SysWOW64\CatRoot2] Cleared.
[01/10/2012 07:18:20] Setting BITS Security Descriptor.....
[01/10/2012 07:18:20] BITS Security Descriptor Set.
[01/10/2012 07:18:20] Setting Automatic Updates (wuauserv) Service Security Descriptor.....
[01/10/2012 07:18:20] Automatic Updates (wuauserv) Security Descriptor Set.
[01/10/2012 07:18:20] Configuring the Automatic Updates (wuauserv) Service.....
[01/10/2012 07:18:21] Automatic Updates (wuauserv) Service Configured.
[01/10/2012 07:18:21] Configuring BITS.....
[01/10/2012 07:18:21] BITS Configured.
[01/10/2012 07:18:21] Registering WUAU DLLs.....
[01/10/2012 07:18:21] RegSvr32.exe: 'actxprxy.dll' registration succeeded.
[01/10/2012 07:18:21] RegSvr32.exe: 'atl.dll' registration succeeded.
[01/10/2012 07:18:21] RegSvr32.exe: 'browseui.dll' Module loaded but entry-point DllRegisterServer was not found.
[01/10/2012 07:18:22] RegSvr32.exe: 'corpol.dll' Specified module not found
[01/10/2012 07:18:22] RegSvr32.exe: 'cryptdlg.dll' registration succeeded.
[01/10/2012 07:18:22] RegSvr32.exe: 'dispex.dll' registration succeeded.
[01/10/2012 07:18:22] RegSvr32.exe: 'dssenh.dll' registration succeeded.
[01/10/2012 07:18:22] RegSvr32.exe: 'gpkcsp.dll' Specified module not found
[01/10/2012 07:18:22] RegSvr32.exe: 'initpki.dll' Specified module not found
[01/10/2012 07:18:22] RegSvr32.exe: 'jscript.dll' registration succeeded.
[01/10/2012 07:18:22] RegSvr32.exe: 'mshtml.dll' Module loaded but entry-point DllRegisterServer was not found.
[01/10/2012 07:18:22] RegSvr32.exe: 'msscript.ocx' registration succeeded.
[01/10/2012 07:18:22] RegSvr32.exe: 'msxml.dll' Specified module not found
[01/10/2012 07:18:22] RegSvr32.exe: 'msxml2.dll' Specified module not found
[01/10/2012 07:18:22] RegSvr32.exe: 'msxml3.dll' registration succeeded.
[01/10/2012 07:18:23] RegSvr32.exe: 'msxml4.dll' registration succeeded.
[01/10/2012 07:18:23] RegSvr32.exe: 'msxml6.dll' registration succeeded.
[01/10/2012 07:18:23] RegSvr32.exe: 'muweb.dll' Specified module not found
[01/10/2012 07:18:23] RegSvr32.exe: 'ole.dll' Specified module not found
[01/10/2012 07:18:23] RegSvr32.exe: 'ole32.dll' registration succeeded.
[01/10/2012 07:18:23] RegSvr32.exe: 'oleaut.dll' Specified module not found
[01/10/2012 07:18:24] RegSvr32.exe: 'oleaut32.dll' registration succeeded.
[01/10/2012 07:18:24] RegSvr32.exe: 'qmgr.dll' Specified module not found
[01/10/2012 07:18:24] RegSvr32.exe: 'qmgrprxy.dll' registration succeeded.
[01/10/2012 07:18:24] RegSvr32.exe: 'gpkcsp.dll' Specified module not found
[01/10/2012 07:18:24] RegSvr32.exe: 'rsaenh.dll' registration succeeded.
[01/10/2012 07:18:24] RegSvr32.exe: 'sccbase.dll' Specified module not found
[01/10/2012 07:18:24] RegSvr32.exe: 'scrobj.dll' registration succeeded.
[01/10/2012 07:18:24] RegSvr32.exe: 'scrrun.dll' registration succeeded.
[01/10/2012 07:18:25] RegSvr32.exe: 'shdocvw.dll' Module loaded but entry-point DllRegisterServer was not found.
[01/10/2012 07:18:25] RegSvr32.exe: 'shell.dll' Specified module not found
[01/10/2012 07:18:25] RegSvr32.exe: 'shell32.dll' registration succeeded.
[01/10/2012 07:18:25] RegSvr32.exe: 'slbcsp.dll' Specified module not found
[01/10/2012 07:18:25] RegSvr32.exe: 'softpub.dll' registration succeeded.
[01/10/2012 07:18:25] RegSvr32.exe: 'urlmon.dll' registration succeeded.
[01/10/2012 07:18:25] RegSvr32.exe: 'vbscript.dll' registration succeeded.
[01/10/2012 07:18:25] RegSvr32.exe: 'winhttp.dll' Module loaded but entry-point DllRegisterServer was not found.
[01/10/2012 07:18:25] RegSvr32.exe: 'wintrust.dll' registration succeeded.
[01/10/2012 07:18:25] RegSvr32.exe: 'wshext.dll' Error number: 0x80070005
[01/10/2012 07:18:25] RegSvr32.exe: 'wuapi.dll' registration succeeded.
[01/10/2012 07:18:25] RegSvr32.exe: 'wuaueng.dll' Specified module not found
[01/10/2012 07:18:25] RegSvr32.exe: 'wuaueng1.dll' Specified module not found
[01/10/2012 07:18:26] RegSvr32.exe: 'wucltui.dll' Specified module not found
[01/10/2012 07:18:26] RegSvr32.exe: 'wucltux.dll' Specified module not found
[01/10/2012 07:18:26] RegSvr32.exe: 'wups.dll' registration succeeded.
[01/10/2012 07:18:26] RegSvr32.exe: 'wups2.dll' Specified module not found
[01/10/2012 07:18:26] RegSvr32.exe: 'wuweb.dll' Specified module not found
[01/10/2012 07:18:26] RegSvr32.exe: 'wuwebv.dll' registration succeeded.
[01/10/2012 07:18:26] WUAU DLLs Reregistered.
[01/10/2012 07:18:26] Resetting proxy settings.....
[01/10/2012 07:18:26] Proxy settings reset successfully.
[01/10/2012 07:18:26] Restarting the Automatic Updates (wuauserv) Service.....
[01/10/2012 07:18:26] Automatic Updates (wuauserv) Service Restarted.
[01/10/2012 07:18:26] Restarting the BITS Service.....
[01/10/2012 07:18:26] BITS Service Restarted.
[01/10/2012 07:18:27] Clearing the BITS queue.....
[01/10/2012 07:18:27] BITS queue cleared.
[01/10/2012 07:18:27] Initiating Windows Updates detection right away.....
[01/10/2012 07:19:00] Finished repairing Windows Update / Automatic Updates.

-----------------------------------------------------------------------------------------
[01/10/2012 07:19:00] Repairing SSL / HTTPS / Cryptography service, Please wait.....
-----------------------------------------------------------------------------------------
[01/10/2012 07:19:00] Configuring the Cryptographic Service.....
[01/10/2012 07:19:00] Cryptographic Service Configured.
[01/10/2012 07:19:00] Stopping the Cryptographic Service.....
[01/10/2012 07:19:00] Cryptographic service Stopped Successfully.
[01/10/2012 07:19:00] Clearing [C:\Windows\system32\CatRoot].....
[01/10/2012 07:19:02] [C:\Windows\system32\CatRoot] cleared.
[01/10/2012 07:19:02] Re-registering SSL / HTTPS / Cryptography DLLs.....
[01/10/2012 07:19:02] RegSvr32.exe: 'cryptdlg.dll' registration succeeded.
[01/10/2012 07:19:03] RegSvr32.exe: 'cryptext.dll' registration succeeded.
[01/10/2012 07:19:03] RegSvr32.exe: 'cryptui.dll' registration succeeded.
[01/10/2012 07:19:03] RegSvr32.exe: 'dssenh.dll' registration succeeded.
[01/10/2012 07:19:03] RegSvr32.exe: 'gpkcsp.dll' Specified module not found
[01/10/2012 07:19:03] RegSvr32.exe: 'initpki.dll' Specified module not found
[01/10/2012 07:19:03] RegSvr32.exe: 'licdll.dll' Specified module not found
[01/10/2012 07:19:03] RegSvr32.exe: 'mssign32.dll' registration succeeded.
[01/10/2012 07:19:03] RegSvr32.exe: 'mssip32.dll' registration succeeded.
[01/10/2012 07:19:04] RegSvr32.exe: 'regwizc.dll' Specified module not found
[01/10/2012 07:19:04] RegSvr32.exe: 'rsaenh.dll' registration succeeded.
[01/10/2012 07:19:04] RegSvr32.exe: 'scardssp.dll' Specified module not found
[01/10/2012 07:19:04] RegSvr32.exe: 'sccbase.dll' Specified module not found
[01/10/2012 07:19:06] RegSvr32.exe: 'scecli.dll' registration succeeded.
[01/10/2012 07:19:06] RegSvr32.exe: 'slbcsp.dll' Specified module not found
[01/10/2012 07:19:06] RegSvr32.exe: 'softpub.dll' registration succeeded.
[01/10/2012 07:19:06] RegSvr32.exe: 'winhttp.dll' Module loaded but entry-point DllRegisterServer was not found.
[01/10/2012 07:19:06] RegSvr32.exe: 'wintrust.dll' registration succeeded.
[01/10/2012 07:19:06] SSL / HTTPS / Cryptography DLLs re-registered.
[01/10/2012 07:19:07] Restarting the Cryptographic Service.....
[01/10/2012 07:19:07] Cryptographic Service restarted.
[01/10/2012 07:19:07] Finished repairing SSL / HTTPS / Cryptography service.

-----------------------------------------------------------------------------------------
[01/10/2012 07:19:07] Resetting the Windows Firewall configuraton, Please wait.....
-----------------------------------------------------------------------------------------
[01/10/2012 07:19:08] Windows Firewall configuration reset successful.
[01/10/2012 07:19:08] Finished resetting the Windows Firewall configuraton.

-----------------------------------------------------------------------------------------
[01/10/2012 07:19:08] Restoring the default Windows HOSTS file, Please wait.....
-----------------------------------------------------------------------------------------
[01/10/2012 07:19:08] Writing data to the HOSTS file.....
[01/10/2012 07:19:08] HOSTS file created successfully.

-----------------------------------------------------------------------------------------
[01/10/2012 07:19:08] Repairing Workgroup Computers view, Please wait.....
-----------------------------------------------------------------------------------------
[01/10/2012 07:19:08] Finished repairing Workgroup Computers view.

-----------------------------------------------------------------------------------------
[01/10/2012 07:19:08] You will need to reboot your computer before the settings will take effect.
-----------------------------------------------------------------------------------------
[01/10/2012 07:20:08] Your computer is restarting now.....

-----------------------------------------------------------------------------------------

FSS:

Farbar Service Scanner Version: 19-09-2012
Ran by *** (administrator) on 01-10-2012 at 07:26:06
Running from "C:\Users\***\Desktop\Trojaner Board\10. Mail"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of Dnscache. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of Dnscache. The value does not exist.
The ServiceDll of Dnscache service is OK.


Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Other errors
LAN connected.
Attempt to access Google IP returned error: Other errors
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo IP returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Result:

MiniToolBox by Farbar Version: 23-07-2012
Ran by *** (administrator) on 01-10-2012 at 07:28:46
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows-IP-Konfiguration

Der DNS-Aufl”sungscache konnte nicht geleert werden: Beim Ausfhren der Funktion ist ein Fehler aufgetreten.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel(R) 82567LF-2 Gigabit Network Connection = LAN-Verbindung (Connected)


# ----------------------------------
# IPv4-Konfiguration
# ----------------------------------
pushd interface ipv4

reset


popd
# Ende der IPv4-Konfiguration



Windows-IP-Konfiguration

Hostname . . . . . . . . . . . . : PC-Bro
Prim„res DNS-Suffix . . . . . . . :
Knotentyp . . . . . . . . . . . . : Hybrid
IP-Routing aktiviert . . . . . . : Nein
WINS-Proxy aktiviert . . . . . . : Nein
DNS-Suffixsuchliste . . . . . . . : fritz.box

Ethernet-Adapter LAN-Verbindung:

Verbindungsspezifisches DNS-Suffix: fritz.box
Beschreibung. . . . . . . . . . . : Intel(R) 82567LF-2 Gigabit Network Connection
Physikalische Adresse . . . . . . : 00-01-6C-6B-8E-33
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Verbindungslokale IPv6-Adresse . : fe80::457f:6a45:8767:fb40%9(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 192.168.178.20(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Lease erhalten. . . . . . . . . . : Montag, 1. Oktober 2012 07:21:28
Lease l„uft ab. . . . . . . . . . : Donnerstag, 11. Oktober 2012 07:21:27
Standardgateway . . . . . . . . . : 192.168.178.1
DHCP-Server . . . . . . . . . . . : 192.168.178.1
DHCPv6-IAID . . . . . . . . . . . : 218104172
DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-12-1C-7D-67-00-01-6C-6B-8E-33
DNS-Server . . . . . . . . . . . : 192.168.178.1
NetBIOS ber TCP/IP . . . . . . . : Aktiviert

Tunneladapter Teredo Tunneling Pseudo-Interface:

Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
IPv6-Adresse. . . . . . . . . . . : 2001:0:5ef5:79fd:2484:a53:a0a5:4ef9(Bevorzugt)
Verbindungslokale IPv6-Adresse . : fe80::2484:a53:a0a5:4ef9%11(Bevorzugt)
Standardgateway . . . . . . . . . : ::
NetBIOS ber TCP/IP . . . . . . . : Deaktiviert

Tunneladapter isatap.fritz.box:

Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix: fritz.box
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #2
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Server: fritz.box
Address: 192.168.178.1

Name: google.com
Addresses: 2a00:1450:4008:c01::8a
173.194.69.139
173.194.69.100
173.194.69.102
173.194.69.138
173.194.69.113
173.194.69.101

Ping-Anforderung konnte Host "google.com" nicht finden. šberprfen Sie den Namen, und versuchen Sie es erneut.
Server: fritz.box
Address: 192.168.178.1

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109

Ping-Anforderung konnte Host "yahoo.com" nicht finden. šberprfen Sie den Namen, und versuchen Sie es erneut.
Server: fritz.box
Address: 192.168.178.1

Name: bleepingcomputer.com
Address: 208.43.87.2

Ping-Anforderung konnte Host "bleepingcomputer.com" nicht finden. šberprfen Sie den Namen, und versuchen Sie es erneut.

Ping wird ausgefhrt fr 127.0.0.1 mit 32 Bytes Daten:
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128

Ping-Statistik fr 127.0.0.1:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms
===========================================================================
Schnittstellenliste
9...00 01 6c 6b 8e 33 ......Intel(R) 82567LF-2 Gigabit Network Connection
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
20...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #2
===========================================================================

IPv4-Routentabelle
===========================================================================
Aktive Routen:
Netzwerkziel Netzwerkmaske Gateway Schnittstelle Metrik
0.0.0.0 0.0.0.0 192.168.178.1 192.168.178.20 10
127.0.0.0 255.0.0.0 Auf Verbindung 127.0.0.1 306
127.0.0.1 255.255.255.255 Auf Verbindung 127.0.0.1 306
127.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
192.168.178.0 255.255.255.0 Auf Verbindung 192.168.178.20 266
192.168.178.20 255.255.255.255 Auf Verbindung 192.168.178.20 266
192.168.178.255 255.255.255.255 Auf Verbindung 192.168.178.20 266
224.0.0.0 240.0.0.0 Auf Verbindung 127.0.0.1 306
224.0.0.0 240.0.0.0 Auf Verbindung 192.168.178.20 266
255.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
255.255.255.255 255.255.255.255 Auf Verbindung 192.168.178.20 266
===========================================================================
St„ndige Routen:
Keine

IPv6-Routentabelle
===========================================================================
Aktive Routen:
If Metrik Netzwerkziel Gateway
11 58 ::/0 Auf Verbindung
1 306 ::1/128 Auf Verbindung
11 58 2001::/32 Auf Verbindung
11 306 2001:0:5ef5:79fd:2484:a53:a0a5:4ef9/128
Auf Verbindung
9 266 fe80::/64 Auf Verbindung
11 306 fe80::/64 Auf Verbindung
11 306 fe80::2484:a53:a0a5:4ef9/128
Auf Verbindung
9 266 fe80::457f:6a45:8767:fb40/128
Auf Verbindung
1 306 ff00::/8 Auf Verbindung
11 306 ff00::/8 Auf Verbindung
9 266 ff00::/8 Auf Verbindung
===========================================================================
St„ndige Routen:
Keine
========================= Winsock entries =====================================

Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/01/2012 07:23:07 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/01/2012 07:21:35 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (10/01/2012 07:21:31 AM) (Source: TSNxGService) (User: )
Description: G Data Datensafe
Die Initialisierung des Dateischutzmoduls (AFP) ist fehlgeschlagen
Fehlercode: 1

Error: (10/01/2012 06:41:57 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (10/01/2012 06:34:10 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/01/2012 06:32:31 AM) (Source: TSNxGService) (User: )
Description: G Data Datensafe
Die Initialisierung des Dateischutzmoduls (AFP) ist fehlgeschlagen
Fehlercode: 1

Error: (09/30/2012 08:19:22 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/30/2012 08:17:54 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/30/2012 08:17:46 PM) (Source: TSNxGService) (User: )
Description: G Data Datensafe
Die Initialisierung des Dateischutzmoduls (AFP) ist fehlgeschlagen
Fehlercode: 1

Error: (09/30/2012 02:36:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (10/01/2012 07:23:34 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (10/01/2012 07:22:12 AM) (Source: WMPNetworkSvc) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, a ein Fehler "0x80070422" in "CoCreateInstance(CLSID_UPnPRegistrar)" aufgetreten ist. Überprüfen Sie, ob der Dienst "UPnPHost" ausgeführt wird und ob die Windows-Komponente "UPnPHost" richtig installiert ist.

Error: (10/01/2012 07:22:12 AM) (Source: WMPNetworkSvc) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, a ein Fehler "0x80070422" in "CoCreateInstance(CLSID_UPnPRegistrar)" aufgetreten ist. Überprüfen Sie, ob der Dienst "UPnPHost" ausgeführt wird und ob die Windows-Komponente "UPnPHost" richtig installiert ist.

Error: (10/01/2012 07:21:32 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
GLogin

Error: (10/01/2012 07:04:36 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.

Error: (10/01/2012 07:04:36 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.

Error: (10/01/2012 07:04:36 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.

Error: (10/01/2012 07:04:36 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.

Error: (10/01/2012 07:04:36 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.

Error: (10/01/2012 07:04:36 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.


Microsoft Office Sessions:
=========================
Error: (09/28/2012 03:09:52 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 49 seconds with 0 seconds of active time. This session ended with a crash.

Error: (09/15/2012 07:55:29 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 98 seconds with 0 seconds of active time. This session ended with a crash.

Error: (09/01/2012 01:53:29 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 91 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/25/2012 07:25:26 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 54 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

ACDSee Foto-Manager 2009 (Version: 11.0.113)
ACDSee Image Decoder Update (Version: 2.0.5)
ACDSee RAW Image Decoder Plug-In Update 4.0 (Version: 4.0.76)
Acer Arcade Deluxe (Version: 2.6.6209)
Acer Product Registration (Version: 3.0.0.10)
Acer ScreenSaver (Version: 4.01.0718)
Acer Updater (Version: 1.02.3502)
Active@ ISO Burner (Version: 2.5.1)
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch (Version: 9.0.0)
Adobe Acrobat 9 Pro Extended 64-bit Add-On (Version: 9.0.0)
Adobe AIR (Version: 2.6.0.19120)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.265)
Adobe Flash Player 11 Plugin (Version: 11.0.1.152)
Adobe Reader 9.5.0 - Deutsch (Version: 9.5.0)
Advertising Center (Version: 0.0.0.2)
AVM FRITZ!Box AddOn (IE) (x64) (Version: 1.5.5)
Biet-O-Matic v2.12.6 (Version: Biet-O-Matic v2.12.6)
BufferChm (Version: 90.0.146.000)
C:\Program Files (x86)\Acer GameZone\GameConsole (Version: 2.0.1.6)
CameraHelperMsi (Version: 13.25.1010.0)
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon My Printer
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0702.1239.20840)
Catalyst Control Center Graphics Full Existing (Version: 2009.0702.1239.20840)
Catalyst Control Center Graphics Full New (Version: 2009.0702.1239.20840)
Catalyst Control Center Graphics Light (Version: 2009.0702.1239.20840)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0702.1239.20840)
Catalyst Control Center InstallProxy (Version: 2008.1003.1759.30358)
Catalyst Control Center InstallProxy (Version: 2009.0702.1239.20840)
Catalyst Control Center Localization All (Version: 2009.0702.1239.20840)
ccc-core-static (Version: 2009.0702.1239.20840)
ccc-utility64 (Version: 2009.0702.1239.20840)
CCC Help Chinese Standard (Version: 2009.0702.1238.20840)
CCC Help Chinese Traditional (Version: 2009.0702.1238.20840)
CCC Help Czech (Version: 2009.0702.1238.20840)
CCC Help Danish (Version: 2009.0702.1238.20840)
CCC Help Dutch (Version: 2009.0702.1238.20840)
CCC Help English (Version: 2009.0702.1238.20840)
CCC Help Finnish (Version: 2009.0702.1238.20840)
CCC Help French (Version: 2009.0702.1238.20840)
CCC Help German (Version: 2009.0702.1238.20840)
CCC Help Greek (Version: 2009.0702.1238.20840)
CCC Help Hungarian (Version: 2009.0702.1238.20840)
CCC Help Italian (Version: 2009.0702.1238.20840)
CCC Help Japanese (Version: 2009.0702.1238.20840)
CCC Help Korean (Version: 2009.0702.1238.20840)
CCC Help Norwegian (Version: 2009.0702.1238.20840)
CCC Help Polish (Version: 2009.0702.1238.20840)
CCC Help Portuguese (Version: 2009.0702.1238.20840)
CCC Help Russian (Version: 2009.0702.1238.20840)
CCC Help Spanish (Version: 2009.0702.1238.20840)
CCC Help Swedish (Version: 2009.0702.1238.20840)
CCC Help Thai (Version: 2009.0702.1238.20840)
CCC Help Turkish (Version: 2009.0702.1238.20840)
Choice Guard (Version: 1.2.87.0)
CloneDVD2
Compatibility Pack für 2007 Office System (Version: 12.0.4518.1014)
CyberLink MediaShow (Version: 4.1.2325)
CyberLink PowerDirector (Version: 7.0.2514)
CyberLink PowerDVD 9 (Version: 9.0.1501)
Destination Component (Version: 090.000.091.086)
DeviceManagementQFolder (Version: 1.00.0000)
DHTML Editing Component (Version: 6.02.0001)
dLAN Cockpit (Version: 3.2.28)
DocProc (Version: 9.0.0.0)
DocProcQFolder (Version: 1.00.0000)
DolbyFiles (Version: 2.0)
EAS
erLT (Version: 1.20.138.34)
eSupportQFolder (Version: 1.00.0000)
FastStone Image Viewer 3.9 (Version: 3.9)
Feedback Tool (Version: 1.1.0)
Feedback Tool (Version: 1.2.0)
FileZilla Client 3.5.3 (Version: 3.5.3)
Firebird SQL Server - MAGIX Edition (Version: 2.1.23.0)
Free YouTube to MP3 Converter version 3.11.22.508 (Version: 3.11.22.508)
G Data TotalCare 2012
G Data TotalProtection 2013 (Version: 23.0.0.0)
Garmin USB Drivers (Version: 2.3.1.0)
Garmin WebUpdater (Version: 2.5.6)
GO Contact Sync Mod (Version: 3.5.8)
Google Chrome (Version: 22.0.1229.79)
Google Earth (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.123)
HP Imaging Device Functions 9.0 (Version: 9.0)
HP OCR Software 9.0 (Version: 9.0)
HP Photosmart Essential (Version: 1.12.0.46)
HP Scanjet 3800 series 9.0 (Version: 9.0)
HP Share-to-Web
HP Solution Center 9.0 (Version: 9.0)
HP Update (Version: 5.002.001.004)
hpg3800 (Version: 8.0.0.0)
hpg3800QFolder (Version: 1.00.0000)
HPProductAssistant (Version: 90.0.146.000)
ImagXpress (Version: 7.0.74.0)
ImgBurn (Version: 2.5.6.0)
Intel(R) Network Connections 16.7.166.0 (Version: 16.7.166.0)
Intel® Matrix Storage Manager
Java Auto Updater (Version: 2.0.7.1)
Java(TM) 6 Update 24 (64-bit) (Version: 6.0.240)
Java(TM) 6 Update 35 (Version: 6.0.350)
Junk Mail filter update (Version: 14.0.8050.1202)
Lexmark Software deinstallieren
Logitech Gaming Software 5.10 (Version: 5.10.127)
Logitech Harmony Remote Software 7 (Version: 7.7.0.0)
Logitech SetPoint 6.30 (Version: 6.30.43)
Logitech Vid HD (Version: 7.2 (7240))
Logitech Webcam Software (Version: 2.0)
LWS Facebook (Version: 13.20.1166.0)
LWS Gallery (Version: 13.20.1166.0)
LWS Help_main (Version: 13.25.1016.0)
LWS Launcher (Version: 13.20.1166.0)
LWS Motion Detection (Version: 13.20.1176.0)
LWS Pictures And Video (Version: 13.25.1010.0)
LWS Twitter (Version: 13.20.1166.0)
LWS Video Mask Maker (Version: 13.10.1216.0)
LWS VideoEffects (Version: 13.25.1005.0)
LWS Webcam Software (Version: 13.20.1168.0)
LWS WLM Plugin (Version: 1.20.1166.0)
LWS YouTube Plugin (Version: 13.20.1166.0)
MAGIX Foto Manager 8 (Version: 6.0.1.471)
MAGIX Fotobuch 3.6 (Version: 3.6)
MAGIX Media Suite (Version: 1.13.0.112)
MAGIX Online Druck Service 3.4.3.0 (D) (Version: 3.4.3.0)
MAGIX Ringtone Maker SE (Version: 3.1.0.5)
Malwarebytes Anti-Malware Version 1.65.0.1400 (Version: 1.65.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2003 Primary Interop Assemblies (Version: 11.0.6553.0)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Silverlight (Version: 4.0.60129.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60816.0)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)
Movie Templates - Starter Kit (Version: 9.4.6.0)
Mozilla Firefox 15.0 (x86 de) (Version: 15.0)
Mozilla Maintenance Service (Version: 15.0)
MSVC80_x64_v2 (Version: 1.0.3.0)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
mufin player (Version: 1.0.0.98)
MyPhoneExplorer (Version: 1.8.2)
MyTomTom 3.2.0.802 (Version: 3.2.0.802)
Nero 9 Trial
Nero BurnRights (Version: 3.4.13.100)
Nero ControlCenter (Version: 9.0.0.1)
Nero CoverDesigner (Version: 4.4.12.100)
Nero Disc Copy Gadget (Version: 2.4.34.0)
Nero DiscSpeed (Version: 5.4.13.100)
Nero DriveSpeed (Version: 4.4.12.100)
Nero InfoTool (Version: 6.4.12.100)
Nero Installer (Version: 4.4.9.0)
Nero PhotoSnap (Version: 2.4.28.0)
Nero Recode (Version: 4.4.38.1)
Nero Rescue Agent (Version: 2.4.14.100)
Nero ShowTime (Version: 5.4.21.100)
Nero StartSmart (Version: 9.4.19.100)
Nero Vision (Version: 6.4.16.100)
Nero WaveEditor (Version: 5.4.37.1)
NeroBurningROM (Version: 9.4.26.100)
NeroExpress (Version: 9.4.26.100)
neroxml (Version: 1.0.0)
Nokia Connectivity Cable Driver (Version: 7.1.78.0)
Nokia PC Suite (Version: 7.1.62.1)
Nokia Software Updater (Version: 3.0.655)
Nokia Suite (Version: 3.5.34.0)
NSU (Version: 1.00.1000)
NTI Backup Now 5 (Version: 5.1.2.616)
NTI Backup Now Standard (Version: 5.1.2.616)
NTI Media Maker 8 (Version: 8.0.2.6509)
Nur Deinstallierung der CopyTrans Suite möglich. (Version: 2.15)
Outlook Synchronization Server for Outlook 2003 (Version: 1.0.0)
PanoStandAlone (Version: 90.0.146.000)
PC Connectivity Solution (Version: 12.0.32.0)
PKH-fix 3.2
PlayReady PC Runtime amd64 (Version: 1.3.0)
Realtek High Definition Audio Driver (Version: 6.0.1.5898)
Realtek USB 2.0 Card Reader (Version: 6.0.6000.20113)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30126)
Remote Control USB Driver (Version: 2.3.2.317)
Samsung Kies (Version: 2.3.2.12054_20)
Samsung Networking Wizard (Version: 1.1.11052.2)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.6.0)
Samsung_MonSetup (Version: 1.00.0000)
Scan (Version: 9.0.0.0)
ScannerCopy (Version: 9.0.0.0)
Skype Click to Call (Version: 6.2.10687)
Skype™ 5.9 (Version: 5.9.123)
SmartCopy
SmartLauncher
SolutionCenter (Version: 90.0.146.000)
SoundTrax (Version: 4.4.37.1)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Sprite Backup (Version: 5.10)
System Requirements Lab for Intel (64-bit) (Version: 4.4.24.0)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
Turbo Lister 2 (Version: 2.00.0000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Visual Studio 2005 Tools for Office Second Edition Runtime
Visual Studio C++ 10.0 Runtime (Version: 10.0.0)
Visual Studio C++ 9.0 Runtime (Version: 1.0.0)
WebReg (Version: 90.0.146.000)
Windows-Treiberpaket - Nokia Modem (02/25/2011 4.7) (Version: 02/25/2011 4.7)
Windows-Treiberpaket - Nokia Modem (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)
Windows Live-Uploadtool (Version: 14.0.8014.1029)
Windows Live Anmelde-Assistent (Version: 5.000.817.1)
Windows Live Call (Version: 14.0.8050.1202)
Windows Live Communications Platform (Version: 14.0.8050.1202)
Windows Live Essentials (Version: 14.0.8050.1202)
Windows Live Fotogalerie (Version: 14.0.8051.1204)
Windows Live Mail (Version: 14.0.8050.1202)
Windows Live Messenger (Version: 14.0.8050.1202)
Windows Live Sync (Version: 14.0.8050.1202)
Windows Live Writer (Version: 14.0.8050.1202)
Windows Mobile-Gerätecenter (Version: 6.1.6965.0)
Windows Mobile-Gerätecenter: Treiberupdate (Version: 6.1.6965.0)
WinRAR
WISO Steuer-Sparbuch 2011 (Version: 18.00.6928)
WISO Steuer-Sparbuch 2012 (Version: 19.00.7303)
Your Uninstaller! 7 (Version: 7.4.2011.11)

========================= Memory info: ===================================

Percentage of memory in use: 29%
Total physical RAM: 6135.17 MB
Available physical RAM: 4316.19 MB
Total Pagefile: 12268.54 MB
Available Pagefile: 10039.48 MB
Total Virtual: 4095.88 MB
Available Virtual: 3976.32 MB

========================= Partitions: =====================================

1 Drive c: (ACER) (Fixed) (Total:457.96 GB) (Free:372.11 GB) NTFS
2 Drive h: (DATEN) (Fixed) (Total:457.93 GB) (Free:351.73 GB) NTFS
4 Drive j: (EXT(S-ATA)) (Fixed) (Total:298.09 GB) (Free:50.66 GB) NTFS

========================= Users: ========================================

Benutzerkonten fr \\PC-BšRO

Administrator ***‚ Gast
Der Befehl wurde erfolgreich ausgefhrt.

========================= Minidump Files ==================================

No minidump file found


**** End of log ****

Alt 01.10.2012, 06:45   #28
schrauber
/// the machine
/// TB-Ausbilder
 

Ich kann die Internetseite von Kabel Deutschland nicht öffnen - Standard

Ich kann die Internetseite von Kabel Deutschland nicht öffnen



bitte lade diese dateien auf den desktop und führe sie aus mit doppelklick, evtl meldungen erlauben. rechner neu starten und neues FSS log bitte. Probleme behoben?


http://download.bleepingcomputer.com...7/Dnscache.reg
http://download.bleepingcomputer.com...7/wuauserv.reg
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.10.2012, 06:45   #29
schrauber
/// the machine
/// TB-Ausbilder
 

Ich kann die Internetseite von Kabel Deutschland nicht öffnen - Standard

Ich kann die Internetseite von Kabel Deutschland nicht öffnen



und Dir auch nen guten Morgen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.10.2012, 06:57   #30
astralie
 
Ich kann die Internetseite von Kabel Deutschland nicht öffnen - Standard

Ich kann die Internetseite von Kabel Deutschland nicht öffnen



So, erledigt. Problem ist aber leider nicht behoben.
Hier die FSS log:

Farbar Service Scanner Version: 19-09-2012
Ran by *** (administrator) on 01-10-2012 at 07:56:12
Running from "C:\Users\***\Desktop\Trojaner Board\10. Mail"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Other errors
LAN connected.
Attempt to access Google IP returned error: Other errors
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo IP returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Antwort

Themen zu Ich kann die Internetseite von Kabel Deutschland nicht öffnen
andere, anderen, angezeigt, antivirensoftware, browser, browsern, deutschland, fehlermeldung, hängt, interne, internetseite, kabel, laptop, nicht mehr, nicht öffnen, probleme, router, seite, software, super, vermute, versuche, webseite, weiterhelfen, welchem, zugriff, öffnen



Ähnliche Themen: Ich kann die Internetseite von Kabel Deutschland nicht öffnen


  1. Fatale Sicherheitslücken in Zwangsroutern von Vodafone/Kabel Deutschland
    Nachrichten - 30.10.2015 (0)
  2. Kabel Deutschland
    Plagegeister aller Art und deren Bekämpfung - 09.04.2015 (36)
  3. Kabel Deutschland noch mal
    Mülltonne - 15.03.2015 (1)
  4. App von Kabel Deutschland mit Datenleck
    Nachrichten - 02.09.2014 (0)
  5. Windows 8: Guter ping. Kann jedoch keine Webseite öffnen im Browser öffnen|Steamshop geht auch nicht
    Plagegeister aller Art und deren Bekämpfung - 26.05.2014 (20)
  6. Internetseite kann nicht geladen werden
    Überwachung, Datenschutz und Spam - 28.03.2014 (13)
  7. flash player required for this website, click download now - Internetseite (meine) kann nicht betreten werden
    Plagegeister aller Art und deren Bekämpfung - 22.12.2013 (9)
  8. Kabel BW Spam:Ihre Kabel BW Rechnung Juni 2013
    Diskussionsforum - 03.06.2013 (0)
  9. Internetseite: Dieses Programm kann die Webseite nicht anzeigen
    Log-Analyse und Auswertung - 23.11.2012 (3)
  10. tag1.html nach öffnen von neuer Internetseite - Virus?
    Plagegeister aller Art und deren Bekämpfung - 12.04.2012 (2)
  11. Es öffnet sich immer eine Internetseite die ich überhaupt nicht öffnen wollte HORROR
    Plagegeister aller Art und deren Bekämpfung - 18.12.2011 (23)
  12. Internetseite öffnet sich gleich am PC Start und man kann sie nicht schließen
    Log-Analyse und Auswertung - 29.07.2011 (4)
  13. Trojahner kann nicht gelöscht werden. Googleseiten lassen sich nicht öffnen
    Plagegeister aller Art und deren Bekämpfung - 29.07.2010 (1)
  14. Kann bestimmte Internetseite nicht mehr erreichen...erbitte Kontrolle meiner Log-file
    Log-Analyse und Auswertung - 28.07.2009 (1)
  15. Kann C nicht öffnen - Recycler.../Anti-Malwareprogramme starten nicht
    Plagegeister aller Art und deren Bekämpfung - 31.03.2009 (29)
  16. kann eine bestimmte Internetseite nicht mehr öffnen - Virus???
    Plagegeister aller Art und deren Bekämpfung - 12.08.2008 (10)
  17. Internetseite kann nicht angezeigt werden
    Log-Analyse und Auswertung - 25.09.2007 (5)

Zum Thema Ich kann die Internetseite von Kabel Deutschland nicht öffnen - war ja klar dann gibts jetzt eben was mit der groben kelle für den knecht Bitte downloade dir LSPFix Speichere die Datei auf dem Desktop. Starte die LSPFix.exe. Markiere die - Ich kann die Internetseite von Kabel Deutschland nicht öffnen...
Archiv
Du betrachtest: Ich kann die Internetseite von Kabel Deutschland nicht öffnen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.