Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Trojan.Dropper/Gen @schrauber

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 26.09.2012, 10:31   #1
Lisali
 
Trojan.Dropper/Gen @schrauber - Standard

Trojan.Dropper/Gen @schrauber



Da mein Problem bereits im HijackThis Forum von schrauber betreut wurde, er dort aber nicht mehr aktiv ist, ich mein Problem aber gerne gelöst hätte setze ich mein Thema hier fort. =)

Dann kommt hier also die nächste Ladung Logfiles! =)

Combofix
Code:
ATTFilter
ComboFix 12-09-22.02 - Lisa 22.09.2012  19:35:31.2.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3069.1743 [GMT 2:00]
ausgeführt von:: c:\users\Lisa\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Lisa\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-08-22 bis 2012-09-22  ))))))))))))))))))))))))))))))
.
.
2012-09-22 17:46 . 2012-09-22 17:46	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-09-22 11:25 . 2012-09-22 11:26	--------	d-----w-	c:\program files\Common Files\Adobe
2012-09-22 11:08 . 2012-09-22 11:08	93672	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2012-09-21 13:47 . 2012-08-30 08:17	6980552	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{EE101F67-4C5B-4C3B-992F-D5D7C61D6BC2}\mpengine.dll
2012-09-20 14:13 . 2012-09-20 14:13	--------	d-----w-	c:\program files\Apple Software Update
2012-09-20 13:03 . 2012-09-20 13:03	--------	d-----w-	c:\users\Lisa\AppData\Local\DDMSettings
2012-09-14 01:02 . 2012-09-14 01:02	--------	d-----w-	c:\program files\Common Files\Skype
2012-09-11 05:43 . 2012-09-11 05:43	73696	----a-w-	c:\program files\Mozilla Firefox\breakpadinjector.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-22 11:29 . 2012-04-11 14:28	696240	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-09-22 11:29 . 2011-05-19 06:23	73136	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-22 11:08 . 2012-07-06 18:22	821736	----a-w-	c:\windows\system32\npDeployJava1.dll
2012-09-22 11:08 . 2010-05-20 13:32	746984	----a-w-	c:\windows\system32\deployJava1.dll
2012-07-04 14:02 . 2012-08-16 01:01	2047488	----a-w-	c:\windows\system32\win32k.sys
2012-06-27 15:59 . 2012-08-15 11:48	834048	----a-w-	c:\windows\system32\wininet.dll
2012-06-27 14:15 . 2012-08-15 11:48	389632	----a-w-	c:\windows\system32\html.iec
2012-06-27 13:49 . 2012-08-15 11:48	1383424	----a-w-	c:\windows\system32\mshtml.tlb
2012-09-11 05:43 . 2011-05-02 16:04	266720	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
2010-09-11 10:10 . 2009-12-14 01:37	119808	----a-w-	c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-09-10 4780928]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-02-29 17920]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-06-30 196608]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 178712]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-08-05 3563520]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-09-11 30192]
"Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-06-03 446635]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2008-01-14 132392]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-08-29 442460]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
.
c:\users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-7-15 1226024]
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-6-5 752168]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-5-2 1211472]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-7-15 1226024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-08-04 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-08 11:31	548352	----a-w-	c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2008-10-22 12:58	10536	----a-w-	c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\Lisa\AppData\Local\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_2ba5baa4\aestsrv.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs	REG_MULTI_SZ   	BthServ
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 11:29]
.
2012-09-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2949012238-524043334-3398503266-1000Core.job
- c:\users\Lisa\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-11 19:33]
.
2012-09-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2949012238-524043334-3398503266-1000UA.job
- c:\users\Lisa\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-11 19:33]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.searchplusnetwork.com/?sp=vit4
uInternet Settings,ProxyOverride = 192.168.*.*
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\h9pgwyk3.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-09-22 19:46
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
 [838916096] 0x00320033
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(1540)
c:\windows\system32\btmmhook.dll
.
Zeit der Fertigstellung: 2012-09-22  19:55:26
ComboFix-quarantined-files.txt  2012-09-22 17:55
ComboFix2.txt  2012-09-22 10:58
.
Vor Suchlauf: 13 Verzeichnis(se), 72.888.553.472 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 72.863.035.392 Bytes frei
.
- - End Of File - - 14E49C846C7B7946EACA283067BAD341
         
Malwarebytes
Code:
ATTFilter
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.09.22.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 7.0.6002.18005
Lisa :: LISA-PC [Administrator]

22.09.2012 20:43:27
mbam-log-2012-09-23 (00-30-03).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|L:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 410839
Laufzeit: 3 Stunde(n), 36 Minute(n), 55 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 2
HKCU\Environment|AVAPP (Rogue.PersonalAntiVirus) -> Daten: C:\Program Files\PersonalAV -> Keine Aktion durchgeführt.
HKCU\Environment|AVUNINST (Rogue.PersonalAntiVirus) -> Daten: C:\Program Files\Common Files\Uninstall\PersonalAV\Uninstall.lnk -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 8
C:\Qoobox\Quarantine\C\$Recycle.Bin\S-1-5-21-2949012238-524043334-3398503266-1000\$14f73b0475fc59f6cbd2e679b5c32ffe\n.vir (Rootkit.0Access) -> Keine Aktion durchgeführt.
C:\Qoobox\Quarantine\C\$Recycle.Bin\S-1-5-21-2949012238-524043334-3398503266-1000\$14f73b0475fc59f6cbd2e679b5c32ffe\U\80000000.@.vir (Trojan.Small) -> Keine Aktion durchgeführt.
C:\Qoobox\Quarantine\C\$Recycle.Bin\S-1-5-21-2949012238-524043334-3398503266-1000\$14f73b0475fc59f6cbd2e679b5c32ffe\U\800000cb.@.vir (Rootkit.0Access) -> Keine Aktion durchgeführt.
C:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\4c321ea4-2e582102 (Trojan.Zbot) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Music\Sony Vegas 7 + DVD Architect 4 + keygen\Sony Vegas 7 + DVD Architect 4 + keygen\DVD Architect 4.0.125\Sony DVD Architect v4.0 Keygen.exe (Trojan.Downloader) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Music\Sony Vegas 7 + DVD Architect 4 + keygen\Sony Vegas 7 + DVD Architect 4 + keygen\Vegas 7.0a\Sony Vegas v7.0a Keygen.exe (Trojan.Downloader) -> Keine Aktion durchgeführt.
C:\Windows\Installer\MSIA4F0.tmp (HackTool.Hiderun) -> Keine Aktion durchgeführt.
C:\Windows\kdiue732.txt (Malware.Trace) -> Keine Aktion durchgeführt.

(Ende)
         
ESET
Code:
ATTFilter
C:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\3dfc430f-6273dabe	a variant of Win32/Injector.OYM trojan
C:\Users\Lisa\Downloads\BestVideoDownloaderSetup.exe	probably a variant of Win32/Adware.EHJCQJF application
C:\Users\Lisa\Downloads\SoftonicDownloader_for_free-pdf-unlocker.exe	a variant of Win32/SoftonicDownloader.E application
C:\Users\Lisa\Downloads\SoftonicDownloader_fuer_foxit-pdf-reader.exe	a variant of Win32/SoftonicDownloader.E application
C:\Users\Lisa\Downloads\SoftonicDownloader_fuer_pdf-xchange-viewer.exe	a variant of Win32/SoftonicDownloader.E application
         
OTL
Code:
ATTFilter
OTL logfile created on: 23.09.2012 14:16:25 - Run 2
OTL by OldTimer - Version 3.2.65.1     Folder = C:\Users\Lisa\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 48,34% Memory free
6,19 Gb Paging File | 4,54 Gb Available in Paging File | 73,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287,92 Gb Total Space | 68,43 Gb Free Space | 23,77% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 4,99 Gb Free Space | 49,89% Space Free | Partition Type: NTFS
 
Computer Name: LISA-PC | User Name: Lisa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.22 13:29:46 | 001,807,280 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_278.exe
PRC - [2012.09.21 20:24:58 | 000,600,576 | ---- | M] (OldTimer Tools) -- C:\Users\Lisa\Desktop\OTL.exe
PRC - [2012.09.11 07:43:58 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.09.10 19:36:52 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2012.08.08 17:25:08 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.05.08 18:23:06 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.08 18:23:04 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.08 18:23:04 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2010.05.21 01:52:06 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010.05.21 01:52:04 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009.05.21 11:13:58 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.08.29 14:23:48 | 000,442,460 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2008.08.29 14:23:46 | 000,225,362 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_2ba5baa4\stacsv.exe
PRC - [2008.08.29 14:23:40 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_2ba5baa4\AEstSrv.exe
PRC - [2008.08.14 01:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008.07.15 11:12:48 | 001,226,024 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DellDock.exe
PRC - [2008.06.30 12:28:24 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008.06.30 12:28:14 | 000,196,608 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2008.06.30 12:28:12 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2008.06.30 12:28:12 | 000,046,376 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2008.06.05 15:26:36 | 001,804,840 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2008.06.05 15:26:36 | 000,752,168 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.06.03 15:54:56 | 000,446,635 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe
PRC - [2008.05.02 14:57:00 | 001,211,472 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2008.05.02 14:09:04 | 000,161,048 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008.05.02 00:41:38 | 000,136,488 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\WTablet\Pen_TabletUser.exe
PRC - [2008.05.02 00:40:44 | 003,032,360 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.exe
PRC - [2008.01.14 10:13:02 | 000,132,392 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007.10.03 15:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007.10.03 15:44:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.09.22 13:29:46 | 009,813,424 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_4_402_278.dll
MOD - [2012.09.11 07:43:57 | 002,244,064 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.06.15 03:39:13 | 015,881,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MenuSkinning\35d5c990de9a4f3960faa37e2cc1f50f\MenuSkinning.ni.dll
MOD - [2012.06.15 03:38:58 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\508b444db523c5cf20ff12c7f440837b\System.Web.ni.dll
MOD - [2012.06.15 03:38:41 | 002,261,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DellDock\e510ac58495dd599fac0176a996c793b\DellDock.ni.exe
MOD - [2012.06.15 03:38:41 | 000,284,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\1802136e1ae5bc81fb17204ea694bc00\VistaBridgeLibrary.ni.dll
MOD - [2012.06.15 03:38:39 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MyDock.Util\d47ab8d1043612fbc28fd67ff61e15cb\MyDock.Util.ni.dll
MOD - [2012.06.15 03:36:50 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012.06.15 03:36:41 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012.05.15 20:27:22 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012.05.15 20:27:04 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll
MOD - [2012.05.15 20:26:49 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
MOD - [2012.05.15 20:26:46 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\1b337cf9a031145849bc48c11b2cfe58\Accessibility.ni.dll
MOD - [2012.05.15 20:09:17 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012.05.15 20:06:44 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012.05.15 20:06:12 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2010.09.11 12:10:40 | 000,034,816 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\gzlib.dll
MOD - [2010.05.04 16:36:28 | 000,970,752 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2009.03.30 06:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.30 06:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.10.22 14:42:44 | 001,679,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3019.36912__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2008.10.22 14:42:44 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3019.36870__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2008.10.22 14:42:44 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3019.36924__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2008.10.22 14:42:44 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3019.37100__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2008.10.22 14:42:44 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3019.37065__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2008.10.22 14:42:44 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3019.36904__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2008.10.22 14:42:44 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3019.37022__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2008.10.22 14:42:44 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3019.36890__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2008.10.22 14:42:43 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3019.37131__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2008.10.22 14:42:30 | 000,352,256 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3019.37072__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2008.10.22 14:42:30 | 000,147,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3019.37130__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2008.10.22 14:42:30 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3019.37137__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2008.10.22 14:42:30 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3019.37079__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2008.10.22 14:42:30 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3019.36884__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2008.10.22 14:42:30 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3019.37071__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2008.10.22 14:42:29 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3019.37030__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2008.10.22 14:42:29 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3019.36936__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2008.10.22 14:42:29 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3019.36891__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2008.10.22 14:42:29 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3019.37092__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2008.10.22 14:42:29 | 000,217,088 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3019.36930__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2008.10.22 14:42:29 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3019.37044__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2008.10.22 14:42:29 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3019.37029__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2008.10.22 14:42:29 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3019.37129__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2008.10.22 14:42:29 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3019.37044__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2008.10.22 14:42:28 | 000,479,232 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3019.37023__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2008.10.22 14:42:28 | 000,446,464 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3019.37015__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2008.10.22 14:42:28 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3019.37058__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2008.10.22 14:42:28 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3019.36943__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2008.10.22 14:42:28 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3019.37022__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2008.10.22 14:42:28 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3019.36942__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2008.10.22 14:42:28 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3019.37029__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2008.10.22 14:42:28 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2008.10.22 14:42:28 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3019.37058__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2008.10.22 14:42:28 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2008.10.22 14:42:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2008.10.22 14:42:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2008.10.22 14:42:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2008.10.22 14:42:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2008.10.22 14:42:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2008.10.22 14:42:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2008.10.22 14:42:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2008.10.22 14:42:28 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2008.10.22 14:42:27 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2008.10.22 14:42:27 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2008.10.22 14:42:27 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2008.10.22 14:42:27 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2008.10.22 14:42:27 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2008.10.22 14:42:27 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2008.10.22 14:42:27 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2008.10.22 14:42:27 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2939.23763__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2008.10.22 14:42:27 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2008.10.22 14:42:27 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2008.10.22 14:42:27 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2008.10.22 14:42:27 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll
MOD - [2008.10.22 14:42:27 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2008.10.22 14:42:27 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2008.10.22 14:42:27 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2008.10.22 14:42:27 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2008.10.22 14:42:27 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2008.10.22 14:42:27 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2008.10.22 14:42:26 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2008.10.22 14:42:26 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2008.10.22 14:42:26 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2008.10.22 14:42:26 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2008.10.22 14:42:26 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2008.10.22 14:42:26 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2008.10.22 14:42:26 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2008.10.22 14:42:26 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2008.10.22 14:42:26 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2008.10.22 14:42:26 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2008.10.22 14:42:26 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2008.10.22 14:42:26 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2008.10.22 14:42:26 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll
MOD - [2008.10.22 14:42:26 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2008.10.22 14:42:22 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3019.37147__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2008.10.22 14:42:22 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2008.10.22 14:42:22 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3019.36862__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2008.10.22 14:42:21 | 001,511,424 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3019.36878__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2008.10.22 14:42:21 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3019.36897__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2008.10.22 14:42:21 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3019.37122__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2008.10.22 14:42:21 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3019.36862__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2008.10.22 14:42:21 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3019.36863__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2008.10.22 14:42:21 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3019.37121__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2008.10.22 14:42:21 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2008.10.22 14:42:21 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2008.10.22 14:42:21 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2008.10.22 14:42:21 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2008.10.22 14:42:21 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3019.37122__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2008.10.22 14:42:21 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2008.10.22 14:42:21 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2008.10.22 14:42:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2008.10.22 14:42:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2008.10.22 14:42:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2008.10.22 14:42:20 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3019.36861__90ba9c70f846762e\APM.Server.dll
MOD - [2008.10.22 14:42:20 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3019.36862__90ba9c70f846762e\AEM.Server.dll
MOD - [2008.09.16 21:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.08.05 14:16:20 | 000,055,808 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll
MOD - [2008.06.05 15:19:56 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2008.05.04 10:42:20 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012.09.22 13:29:47 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.11 07:43:57 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.09.10 19:36:52 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.08 18:23:06 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.08 18:23:04 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2008.10.22 14:58:55 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008.08.29 14:23:46 | 000,225,362 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_2ba5baa4\stacsv.exe -- (STacSV)
SRV - [2008.08.29 14:23:40 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_2ba5baa4\AEstSrv.exe -- (AESTFilters)
SRV - [2008.08.14 01:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter)
SRV - [2008.05.02 14:09:04 | 000,161,048 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008.05.02 00:40:44 | 003,032,360 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Windows\System32\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.10.03 15:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motmodem.sys -- (motmodem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Lisa\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2012.05.08 18:23:06 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.08 18:23:06 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.12.09 13:40:20 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.08.04 14:19:30 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.08.04 14:19:30 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011.02.18 06:47:42 | 000,066,112 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2010.12.21 07:55:02 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010.12.21 07:55:02 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2010.12.21 07:55:02 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2010.12.21 07:55:02 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2010.08.13 10:50:41 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.08.13 10:50:40 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.02.21 16:19:16 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009.06.22 16:58:24 | 000,022,016 | ---- | M] (NT Kernel Resources) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Ndisrd.sys -- (NdisrdMP)
DRV - [2009.06.22 16:58:24 | 000,022,016 | ---- | M] (NT Kernel Resources) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Ndisrd.sys -- (Ndisrd)
DRV - [2008.08.29 14:23:50 | 000,382,976 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008.08.05 14:16:06 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008.07.28 09:14:08 | 000,144,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Ufd.sys -- (OA001Ufd)
DRV - [2008.07.28 09:14:06 | 000,277,504 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Vid.sys -- (OA001Vid)
DRV - [2008.06.30 12:28:10 | 000,170,032 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008.05.04 10:42:18 | 003,548,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2008.05.04 10:42:18 | 003,548,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.03.17 22:14:52 | 000,015,144 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2008.03.14 14:46:12 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2008.03.13 13:41:12 | 000,203,264 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x)
DRV - [2008.03.13 13:34:40 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2008.03.13 13:34:38 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008.03.13 13:34:36 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008.01.21 04:23:25 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2008.01.21 04:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2008.01.15 22:11:46 | 000,013,480 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2007.02.16 21:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2007.02.16 02:11:28 | 000,011,440 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WacomVKHid.sys -- (WacomVKHid)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DADE
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchplusnetwork.com/?sp=vit4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}: "URL" = hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms}
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7GPEA_de&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=zcw3jFF8VYr3DxmOuZAhGZXeTKs?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 192.168.*.*
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledAddons: rikaichan-jpde@polarcloud.com:2.01.111113
FF - prefs.js..extensions.enabledAddons: rikaichan-jpen@polarcloud.com:2.01.111113
FF - prefs.js..extensions.enabledAddons: ich@maltegoetz.de:1.4.3
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf:  File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf:  File not found
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Lisa\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Users\Lisa\AppData\Local\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player:  File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Lisa\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Lisa\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.03.12 11:39:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.22 12:33:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.22 13:26:53 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.22 12:33:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.22 13:26:53 | 000,000,000 | ---D | M]
 
[2008.12.24 21:41:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lisa\AppData\Roaming\mozilla\Extensions
[2012.09.22 12:33:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\h9pgwyk3.default\extensions
[2012.08.06 00:57:07 | 000,000,000 | ---D | M] (Rikaichan) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\h9pgwyk3.default\extensions\{0AA9101C-D3C1-4129-A9B7-D778C6A17F82}
[2012.09.15 23:35:13 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\h9pgwyk3.default\extensions\ich@maltegoetz.de
[2009.04.17 18:55:16 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\h9pgwyk3.default\extensions\moveplayer@movenetworks.com
[2011.11.15 18:38:27 | 000,000,000 | ---D | M] (Rikaichan Japanese-German Dictionary File) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\h9pgwyk3.default\extensions\rikaichan-jpde@polarcloud.com
[2011.11.15 18:36:49 | 000,000,000 | ---D | M] (Rikaichan Japanese-English Dictionary File) -- C:\Users\Lisa\AppData\Roaming\mozilla\Firefox\Profiles\h9pgwyk3.default\extensions\rikaichan-jpen@polarcloud.com
[2012.09.17 18:37:15 | 000,593,262 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\h9pgwyk3.default\extensions\toolbar@gmx.net.xpi
[2012.02.23 12:10:25 | 000,000,933 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\h9pgwyk3.default\searchplugins\11-suche.xml
[2012.02.23 12:10:25 | 000,002,419 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\h9pgwyk3.default\searchplugins\englische-ergebnisse.xml
[2012.02.23 12:10:25 | 000,010,525 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\h9pgwyk3.default\searchplugins\gmx-suche.xml
[2012.09.17 16:26:10 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\h9pgwyk3.default\searchplugins\icqplugin-1.xml
[2011.08.25 21:41:52 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\h9pgwyk3.default\searchplugins\icqplugin-10.xml
[2010.09.11 22:08:50 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\h9pgwyk3.default\searchplugins\icqplugin-2.xml
[2010.10.22 12:41:27 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\h9pgwyk3.default\searchplugins\icqplugin-3.xml
[2010.10.29 14:11:19 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\h9pgwyk3.default\searchplugins\icqplugin-4.xml
[2010.11.19 15:52:45 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\h9pgwyk3.default\searchplugins\icqplugin-5.xml
[2011.03.03 12:29:13 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\h9pgwyk3.default\searchplugins\icqplugin-6.xml
[2011.03.07 23:15:38 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\h9pgwyk3.default\searchplugins\icqplugin-7.xml
[2011.03.24 11:50:15 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\h9pgwyk3.default\searchplugins\icqplugin-8.xml
[2011.05.02 18:05:49 | 000,000,950 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\h9pgwyk3.default\searchplugins\icqplugin-9.xml
[2010.06.21 17:35:24 | 000,001,042 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\h9pgwyk3.default\searchplugins\icqplugin.xml
[2012.02.23 12:10:25 | 000,002,457 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\h9pgwyk3.default\searchplugins\lastminute.xml
[2012.02.23 12:10:25 | 000,005,508 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\h9pgwyk3.default\searchplugins\webde-suche.xml
[2012.03.21 01:02:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.07.27 17:52:34 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2009.09.08 04:14:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012.09.11 07:43:58 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.02.03 20:02:28 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.11 07:43:55 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.03 20:02:28 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.03 20:02:28 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.03 20:02:28 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.03 20:02:28 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com
 
O1 HOSTS File: ([2012.09.22 12:56:34 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6C43ED4C-9D45-4C06-B241-D371671568C8}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8678BE45-6EFB-4A65-87B0-F99722BE629D}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img18.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img18.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.23 11:06:45 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.09.23 11:06:23 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Lisa\Desktop\esetsmartinstaller_enu.exe
[2012.09.22 20:42:46 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Malwarebytes
[2012.09.22 20:42:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.22 20:42:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.09.22 20:41:54 | 010,524,080 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Lisa\Desktop\mbam-setup-1.65.0.1400.exe
[2012.09.22 19:55:40 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.09.22 19:54:23 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.09.22 14:39:46 | 002,212,440 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Lisa\Desktop\tdsskiller.exe
[2012.09.22 14:37:52 | 000,751,391 | ---- | C] (Farbar) -- C:\Users\Lisa\Desktop\MiniToolBox.exe
[2012.09.22 13:31:39 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\exe
[2012.09.22 13:25:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012.09.22 13:25:18 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2012.09.22 13:09:03 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012.09.22 13:08:48 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012.09.22 13:08:48 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012.09.22 13:08:48 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2012.09.22 12:43:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.09.22 12:43:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.09.22 12:43:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.09.22 12:43:09 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.09.22 12:42:38 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.09.22 12:40:33 | 004,754,913 | R--- | C] (Swearware) -- C:\Users\Lisa\Desktop\ComboFix.exe
[2012.09.21 20:24:56 | 000,600,576 | ---- | C] (OldTimer Tools) -- C:\Users\Lisa\Desktop\OTL.exe
[2012.09.21 19:07:20 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Lisa\Desktop\HiJackThis204.exe
[2012.09.20 16:15:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.09.20 16:13:00 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2012.09.20 15:03:10 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\DDMSettings
[2012.09.14 03:02:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.09.14 03:02:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.23 13:52:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.23 13:27:06 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2949012238-524043334-3398503266-1000UA.job
[2012.09.23 13:27:06 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2949012238-524043334-3398503266-1000Core.job
[2012.09.23 12:56:18 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.23 12:56:18 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.23 11:06:24 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Lisa\Desktop\esetsmartinstaller_enu.exe
[2012.09.23 10:56:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.23 10:56:07 | 3219,103,744 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.23 00:33:56 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.09.22 20:42:31 | 000,000,868 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.22 20:41:55 | 010,524,080 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Lisa\Desktop\mbam-setup-1.65.0.1400.exe
[2012.09.22 16:32:46 | 004,754,913 | R--- | M] (Swearware) -- C:\Users\Lisa\Desktop\ComboFix.exe
[2012.09.22 14:39:50 | 002,212,440 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Lisa\Desktop\tdsskiller.exe
[2012.09.22 14:37:59 | 000,751,391 | ---- | M] (Farbar) -- C:\Users\Lisa\Desktop\MiniToolBox.exe
[2012.09.22 13:29:46 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.09.22 13:29:46 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.09.22 13:26:53 | 000,001,854 | ---- | M] () -- C:\Users\Lisa\Documents\Adobe Reader X.lnk
[2012.09.22 13:08:24 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2012.09.22 13:08:17 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2012.09.22 13:08:17 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2012.09.22 13:08:17 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012.09.22 13:08:17 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012.09.22 13:08:17 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012.09.22 12:56:34 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.09.22 11:31:16 | 000,512,737 | ---- | M] () -- C:\Users\Lisa\Desktop\adwcleaner.exe
[2012.09.22 11:29:06 | 000,007,052 | ---- | M] () -- C:\Users\Lisa\AppData\Local\d3d9caps.dat
[2012.09.21 21:07:42 | 000,302,592 | ---- | M] () -- C:\Users\Lisa\Desktop\pcqm4gzm.exe
[2012.09.21 20:58:46 | 358,165,621 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.09.21 20:24:58 | 000,600,576 | ---- | M] (OldTimer Tools) -- C:\Users\Lisa\Desktop\OTL.exe
[2012.09.21 19:07:22 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Lisa\Desktop\HiJackThis204.exe
[2012.09.19 17:13:45 | 000,037,894 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\wklnhst.dat
[2012.09.14 15:15:43 | 000,001,849 | ---- | M] () -- C:\Users\Lisa\Documents\Adobe Reader 9.lnk
[2012.09.14 03:02:01 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.09.11 18:39:55 | 000,115,712 | ---- | M] () -- C:\Users\Lisa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
 
========== Files Created - No Company Name ==========
 
[2012.09.22 20:42:31 | 000,000,868 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.22 13:26:53 | 000,001,854 | ---- | C] () -- C:\Users\Lisa\Documents\Adobe Reader X.lnk
[2012.09.22 13:26:53 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.09.22 12:43:34 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.09.22 12:43:34 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.09.22 12:43:34 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.09.22 12:43:34 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.09.22 12:43:34 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.09.22 11:31:09 | 000,512,737 | ---- | C] () -- C:\Users\Lisa\Desktop\adwcleaner.exe
[2012.09.21 21:58:34 | 000,030,259 | ---- | C] () -- C:\Users\Lisa\Desktop\hjtscanlist.bat
[2012.09.21 21:07:40 | 000,302,592 | ---- | C] () -- C:\Users\Lisa\Desktop\pcqm4gzm.exe
[2012.09.20 16:13:00 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012.09.14 15:15:43 | 000,001,849 | ---- | C] () -- C:\Users\Lisa\Documents\Adobe Reader 9.lnk
[2012.09.14 03:02:01 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.08.09 19:52:26 | 000,000,146 | ---- | C] () -- C:\Windows\WININIT.INI
[2012.02.18 17:10:19 | 000,001,461 | ---- | C] () -- C:\Windows\eReg.dat
[2011.03.08 14:41:04 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.03.08 14:41:04 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.03.08 14:41:04 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.03.08 14:41:04 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.01.16 21:14:52 | 000,000,552 | ---- | C] () -- C:\Users\Lisa\AppData\Local\d3d8caps.dat
[2010.10.31 14:41:35 | 000,000,109 | ---- | C] () -- C:\Users\Lisa\webct_upload_applet.properties
[2009.07.20 12:56:41 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.03.30 19:45:06 | 000,135,025 | ---- | C] () -- C:\Users\Lisa\creeping_death_ver4.gp5
[2009.03.30 19:41:51 | 000,070,586 | ---- | C] () -- C:\Users\Lisa\i_never_told_you_what_i_do_for_a_living_ver2.gp5
[2008.12.25 02:32:18 | 000,007,052 | ---- | C] () -- C:\Users\Lisa\AppData\Local\d3d9caps.dat
[2008.12.24 23:07:27 | 000,037,894 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\wklnhst.dat
[2008.12.24 22:28:33 | 000,115,712 | ---- | C] () -- C:\Users\Lisa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2011.08.15 18:31:08 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\LocalLow\Microsoft\Silverlight\is\bpivbmfj.gdu\pin2gvtq.noh\1\l
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
========== LOP Check ==========
 
[2010.10.19 20:11:18 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\.anki
[2012.08.11 12:49:41 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\7-PDFSplitMerge
[2009.04.13 15:37:15 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Atari
[2012.08.11 12:51:48 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\BrowserCompanion
[2012.02.20 16:11:51 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\DAEMON Tools Pro
[2010.06.22 02:08:34 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Facebook
[2012.08.09 19:35:04 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Foxit Software
[2011.01.27 22:25:07 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\FrostWire
[2012.03.07 16:26:19 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Image Zone Express
[2010.11.19 17:53:40 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\OpenOffice.org
[2012.01.18 18:00:25 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Printer Info Cache
[2012.03.12 16:28:13 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Samsung
[2008.12.24 23:07:37 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Template
[2012.03.04 12:36:03 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\TuneUp Software
[2010.08.13 11:02:21 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Ubisoft
 
========== Purity Check ==========
 
 

< End of report >
         
Extras
Code:
ATTFilter
OTL Extras logfile created on: 23.09.2012 14:16:25 - Run 2
OTL by OldTimer - Version 3.2.65.1     Folder = C:\Users\Lisa\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 48,34% Memory free
6,19 Gb Paging File | 4,54 Gb Available in Paging File | 73,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287,92 Gb Total Space | 68,43 Gb Free Space | 23,77% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 4,99 Gb Free Space | 49,89% Space Free | Partition Type: NTFS
 
Computer Name: LISA-PC | User Name: Lisa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{A72DF9C8-8994-4694-B834-11279C3D56DD}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{EFEB7C94-0200-4949-8D75-F99CCB8B125E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{044D265D-E9DF-494D-8960-31AB4E64FAB4}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\anno4.exe | 
"{0B49300F-4ABA-4812-B5CF-A32FFD8A9E9A}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe | 
"{2B83DD39-346E-4650-8CC9-354858A7D0BA}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe | 
"{2E42CDF3-F3CD-426E-A7A8-4C69DD881F4C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{39B32995-0630-4608-8CA0-32A591B53A9A}" = protocol=6 | dir=in | app=c:\program files\dell video chat\dellvideochat.exe | 
"{3D95D870-9AC0-47FF-BBF9-F6571EA3CE02}" = protocol=6 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe | 
"{418A3B04-2C1A-4825-A8BC-84168EEE0C6C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{4C4EE40B-0E6B-4E70-89FF-FA6370209ADB}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{4D861AD8-1FBF-42AA-83DD-0E8678290C88}" = protocol=17 | dir=in | app=c:\program files\dell video chat\dellvideochat.exe | 
"{5BF40C42-B869-4A8F-BF8F-9DAA254A1657}" = protocol=17 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe | 
"{6545A5EC-1C0D-47EE-B581-FC46FED95BCA}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe | 
"{69C79727-B653-4E42-B38B-81DCEC7E5D41}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{6B014B94-64A2-4CF4-99BA-9CE39F066850}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{7C7F4C4A-A523-4895-BBFF-B7F4A93F8A72}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe | 
"{9B441862-2E8A-4D22-BDC7-B1BF67FE5DDF}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe | 
"{A0C7246A-0882-4D22-970F-9515576A0FFC}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe | 
"{A32A7B0E-4D50-43BB-AA76-F3C5553F2DEA}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe | 
"{A7AB3FDD-C1C1-4D2D-BE50-ECD8A10EA8D4}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{B52DA7DA-E33D-428E-B2D9-7B0F0EFB4A20}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe | 
"{CA70FC33-7FB4-46D7-9674-58AC4EF2ACC4}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{CF7EFF56-6902-4F2F-97C1-AF2046E77247}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{CFA18194-3F7A-4A3C-8DDC-541B0FAC1D51}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{D8531087-E04F-40EE-877E-72779DC6B103}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{D96D16AC-A471-4881-B63D-B9F07C3910CE}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\anno4.exe | 
"TCP Query User{3F2E4DC7-2357-4706-99AD-C6C82AB7C3A5}C:\program files\frostwire\frostwire.exe" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe | 
"TCP Query User{4DEF032E-8FAD-4192-9A35-41830B09EE2A}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | 
"TCP Query User{6268D2C6-125B-4076-8A3B-84FA5F861F36}C:\program files\gameforge\nclauncher\nclauncher.exe" = protocol=6 | dir=in | app=c:\program files\gameforge\nclauncher\nclauncher.exe | 
"TCP Query User{7230E34E-0F15-4D14-9D3B-30890BF18C95}C:\users\lisa\appdata\local\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\users\lisa\appdata\local\google\google earth\client\googleearth.exe | 
"TCP Query User{A5280345-B066-4F6B-AA11-33BFCC18EB9C}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | 
"TCP Query User{B14F9705-3EC0-4307-8A08-7EB2451DC8F5}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 
"TCP Query User{C2FE58EC-EC94-4119-B9A2-AD11EC800A6A}C:\users\lisa\appdata\local\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\users\lisa\appdata\local\google\google earth\client\googleearth.exe | 
"TCP Query User{FDBE9A9E-1832-4308-8DCD-6A0B786B5584}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{2010BAA0-2A28-4C30-AC0C-32D32E307460}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | 
"UDP Query User{2E9494C3-57DA-47D8-9ACD-F3A12B1665C0}C:\users\lisa\appdata\local\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\users\lisa\appdata\local\google\google earth\client\googleearth.exe | 
"UDP Query User{4E3930C1-7D65-41B0-BF25-B261EDB7202C}C:\program files\frostwire\frostwire.exe" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe | 
"UDP Query User{72EEADB6-F2A1-4D54-A53C-C6711712BC77}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{74034494-C535-476C-8F3D-0EE72F8D9233}C:\users\lisa\appdata\local\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\users\lisa\appdata\local\google\google earth\client\googleearth.exe | 
"UDP Query User{982D53E3-FBD2-464B-8C39-3927C0CF159A}C:\program files\gameforge\nclauncher\nclauncher.exe" = protocol=17 | dir=in | app=c:\program files\gameforge\nclauncher\nclauncher.exe | 
"UDP Query User{D2CEFC00-027A-42B2-BFED-E6F1AC629F60}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 
"UDP Query User{ED4E1030-C601-412F-AE34-2F099C67335A}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01521746-02A6-4A72-00BD-A285DF6B80C6}" = Die Sims 2: Wilde Campus-Jahre
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.4402
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05A677ED-F6EB-C225-0852-C8EDA143F637}" = Catalyst Control Center Core Implementation
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{10798AE3-DCBB-43C3-9C93-C23512427E25}" = Die Sims Deluxe 
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1339C679-8EBD-A264-F51B-8AFF9E5178AB}" = Catalyst Control Center Localization Chinese Standard
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216020F0}" = Java(TM) 6 Update 20
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{33D38429-A417-2939-F2ED-68B02C60524B}" = CCC Help Italian
"{348982C0-1053-041B-90E9-27E52C5CBAC4}" = Catalyst Control Center Localization Chinese Traditional
"{3683198D-D48D-8F78-D544-E0CEEDA9A5AD}" = Catalyst Control Center Localization Norwegian
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{39874C29-6A64-A5E4-15E8-48CAB1630758}" = Catalyst Control Center Graphics Full New
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4817189D-1785-4627-A33C-39FD90919300}" = Die Sims™ 2 Haustiere
"{497CDC20-F32E-B732-D5A7-C508832901B1}" = Catalyst Control Center Localization Italian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CA09BF7-1CFC-44B8-80EA-7B4D15D12DC5}" = Catalyst Control Center - Branding
"{4E8B4C51-20A4-A946-F2FD-361E1E64CBFE}" = Catalyst Control Center Localization Dutch
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{6009F2FC-EC56-4e28-B91C-0BA5104D6419}" = SF_CDA_Software
"{601F42A9-8B4F-4650-A472-4CA8325E3E87}" = D6100
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{66E07661-1C3B-EBB3-DDD7-CA2D9CF728E5}" = CCC Help Chinese Standard
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67192DDF-D12C-7C14-0891-1999A8322D9A}" = ccc-core-static
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{693C5CAC-E43C-4A5F-0793-DB1A91576F00}" = Catalyst Control Center Localization Swedish
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}" = AION Free-To-Play
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6BA2D1B0-0892-AF53-1542-767C1B1B558F}" = CCC Help German
"{6D3963B0-E13B-4FC3-B0FF-506A304BB043}" = Cisco EAP-FAST Module
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{706136D4-648C-92B9-FF9E-BDAC45C977CB}" = CCC Help Norwegian
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{714B6179-84C4-4FBE-B934-B6CF75ED37A5}" = D6100_D7100_D7300_Help
"{732784F2-BBB3-AF93-F0F8-2B28D93F023E}" = Catalyst Control Center Localization Finnish
"{75554025-5756-D2A8-E12A-3996A174E1AF}" = Catalyst Control Center Localization German
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7842F022-6597-76DA-4DE4-DA3FBD82ECF2}" = Skins
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A4CE9D2-DC5E-4B5B-0ED2-A2F66E76DD52}" = CCC Help Russian
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = Die Sims 2: Open For Business
"{7BE855E5-8130-A624-1C47-D5EB13FA6DF2}" = Catalyst Control Center Graphics Previews Vista
"{7D712AFE-2D7C-13B8-DEB7-BA8A28FED665}" = Catalyst Control Center Localization Danish
"{7E00AAF2-89F3-F7FC-A8F2-8C651449671E}" = CCC Help English
"{828816F4-629A-233E-DB02-A6F8BD004643}" = Catalyst Control Center Localization Portuguese
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = Die Sims™ 2 Freizeit-Spaß
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90601456-1F28-AD6C-C1CE-740526D3BC27}" = Catalyst Control Center Localization French
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{9718521B-A345-4ad9-A52B-74D1435FB708}" = SF_CDA_ProductContext
"{975F5675-8FC8-04A8-92CD-4653BD12282F}" = CCC Help French
"{97900633-AADE-35DC-A424-21380BFC5431}" = Catalyst Control Center Graphics Previews Common
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{981DE354-9301-440f-AAFC-025AA2354A93}" = HP Deskjet & Photosmart Printer Driver Software 8.0.A
"{98C948A6-5498-9DEE-BA4C-74B0A96CB521}" = CCC Help Danish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A7969E95-7E39-A1AC-2D6F-85531D8A371D}" = CCC Help Japanese
"{A9C78107-7CBC-B05B-083B-562FA9C1EA0B}" = CCC Help Portuguese
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay
"{BB883D70-5B1D-9430-E626-7F495925590D}" = Catalyst Control Center Localization Spanish
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet
"{C49E407D-A6A0-6F9A-767D-67387EF5523F}" = CCC Help Finnish
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{CBF91610-C661-3464-8831-DA8AE2589DB9}" = Catalyst Control Center Localization Japanese
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D2DB5404-378B-2821-513E-A8F230A0E948}" = ccc-utility
"{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}" = EA Download Manager UI
"{D5D92C28-42FB-5E24-DBFA-07232A50D670}" = CCC Help Dutch
"{D9DD6E03-ACE1-2503-205E-4FA74267CDC6}" = CCC Help Spanish
"{DB549485-9D94-E7AE-2FE7-DCB33A54FBD7}" = Catalyst Control Center Localization Russian
"{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}" = HP Update
"{DE200E10-45BD-E11E-EC8E-1DAD80EF8EA9}" = Catalyst Control Center Graphics Full Existing
"{DEF19AE8-B330-CF2A-AEAA-1E23BBBC7B00}" = CCC Help Chinese Traditional
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = Die Sims™ 2 Vier Jahreszeiten
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5BE4931-F31C-2BA0-F06E-4FEC56725673}" = CCC Help Swedish
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EC2C71BB-42DF-6F53-FB23-F7B3B160467B}" = Catalyst Control Center Graphics Light
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1465B68-4D9A-D412-2528-4F84A681F15C}" = Catalyst Control Center Localization Korean
"{F1E18790-4053-4031-483B-80E932CE3910}" = CCC Help Korean
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = Die Sims™ 2 Gute Reise
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = Die Sims 2: Nightlife
"{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver
"{FD023F61-65E9-465C-B558-7C64EB2B97E6}" = Dell Handbuch zum Einstieg
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira Free Antivirus
"Broadcom 802.11b Network Adapter" = Dienstprogramm für Dell Wireless WLAN Karte
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"Creative OA001" = Integrated Webcam Driver (1.02.02.0603)  
"Dell Video Chat" = Dell Video Chat (remove only)
"Dell Webcam Central" = Dell Webcam Central
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX-Setup
"ESET Online Scanner" = ESET Online Scanner v3
"Google Desktop" = Google Desktop
"GoToAssist" = GoToAssist 8.0.0.514
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"InstallShield_{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}" = AION Free-To-Play
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Movies" = Movies
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NCLauncher_GameForge" = NC Launcher (GameForge)
"Pen Tablet Driver" = Stifttablett
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"MyFreeCodec" = MyFreeCodec
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 21.09.2012 15:12:12 | Computer Name = Lisa-PC | Source = Perflib | ID = 1010
Description = 
 
Error - 22.09.2012 06:36:33 | Computer Name = Lisa-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 22.09.2012 07:06:09 | Computer Name = Lisa-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description = 
 
Error - 22.09.2012 07:06:10 | Computer Name = Lisa-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description = 
 
Error - 22.09.2012 08:36:39 | Computer Name = Lisa-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 15.0.1.4631 arbeitet nicht mehr mit 
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet 
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über
 das Problem zu suchen.  Prozess-ID: 17e8  Anfangszeit: 01cd98b593c8b080  Zeitpunkt der
 Beendigung: 53
 
Error - 22.09.2012 08:46:07 | Computer Name = Lisa-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 22.09.2012 13:57:37 | Computer Name = Lisa-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 22.09.2012 13:59:33 | Computer Name = Lisa-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.09.2012 04:57:51 | Computer Name = Lisa-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.09.2012 05:01:41 | Computer Name = Lisa-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description = 
 
Error - 23.09.2012 05:02:12 | Computer Name = Lisa-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description = 
 
[ Broadcom Wireless LAN Events ]
Error - 04.03.2012 07:13:16 | Computer Name = Lisa-PC | Source = WLAN-Tray | ID = 0
Description = 12:13:16, Sun, Mar 04, 12 Error - User "" does not have administrative
 privileges on this system 
 
Error - 21.03.2012 19:15:54 | Computer Name = Lisa-PC | Source = WLAN-Tray | ID = 0
Description = 00:15:54, Thu, Mar 22, 12 Error - User "" does not have administrative
 privileges on this system 
 
Error - 27.03.2012 06:16:24 | Computer Name = Lisa-PC | Source = WLAN-Tray | ID = 0
Description = 12:16:23, Tue, Mar 27, 12 Error - Unable to gain access to user store

 
[ System Events ]
Error - 11.05.2009 19:48:44 | Computer Name = Lisa-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 12.05.2009 06:51:52 | Computer Name = Lisa-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 13.05.2009 07:51:16 | Computer Name = Lisa-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 14.05.2009 08:09:12 | Computer Name = Lisa-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 14.05.2009 09:16:52 | Computer Name = Lisa-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 14.05.2009 13:01:32 | Computer Name = Lisa-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 14.05.2009 13:01:41 | Computer Name = Lisa-PC | Source = Print | ID = 54
Description = Das Dokument China.doc.wps konnte nicht gedruckt werden und wurde 
aufgrund einer Beschädigung an der gespoolten Datei gelöscht. Der zugewiesene Treiber
 ist "HP Photosmart D6100 series". Versuchen Sie erneut, das Dokument zu drucken.
 
Error - 14.05.2009 15:24:37 | Computer Name = Lisa-PC | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
 und wird nicht verwendet. Der Treiber wurde entladen.
 
Error - 15.05.2009 05:44:26 | Computer Name = Lisa-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 16.05.2009 04:44:24 | Computer Name = Lisa-PC | Source = HTTP | ID = 15016
Description = 
 
 
< End of report >
         
Und die Frage obs noch Probleme gibt, na ja, mein PC lief ja die ganze Zeit problemlos, nur Antivir hat mir die ganze Zeit diese Funde gezeigt. Momentan meldet es sich nicht mehr, kann es sein, dass langsam alles sauber ist? Oder gibt es noch ein paar Schritte, die ich durchführen sollte, damit alles wieder sauber ist?

Alt 26.09.2012, 10:45   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Trojan.Dropper/Gen @schrauber - Standard

Trojan.Dropper/Gen @schrauber



Hi

Den Downloads Ordner bitte leeren, danach Papierkorb leeren.

Windows-Taste + R drücken, appwiz.cpl eingeben und enter drücken. Bitte alle alten Java Versionen deinstallieren, ausser Java 7 Update 7.




Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:
ATTFilter
:OTL
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=zcw3jFF8VYr3DxmOuZAhGZXeTKs?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 192.168.*.*
FF - prefs.js..browser.search.order.1: "Ask"
:Commands
[emptytemp]
         
  • und füge es hier ein:
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Klick auf .
  • OTL verlangt einen Neustart. Bitte zulassen.
  • Nach dem Neustart findest Du ein Textdokument.
    Kopiere den Inhalt hier in Code-Tags in Deinen Thread.
__________________

__________________

Alt 26.09.2012, 14:24   #3
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Dropper/Gen @schrauber - Standard

Trojan.Dropper/Gen @schrauber



Ähem...

Code:
ATTFilter
C:\Users\Lisa\Music\Sony Vegas 7 + DVD Architect 4 + keygen\Sony Vegas 7 + DVD Architect 4 + keygen\DVD Architect 4.0.125\Sony DVD Architect v4.0 Keygen.exe (Trojan.Downloader) -> Keine Aktion durchgeführt.
C:\Users\Lisa\Music\Sony Vegas 7 + DVD Architect 4 + keygen\Sony Vegas 7 + DVD Architect 4 + keygen\Vegas 7.0a\Sony Vegas v7.0a Keygen.exe (Trojan.Downloader) -> Keine Aktion durchgeführt.
         
__________________
__________________

Alt 26.09.2012, 14:33   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Trojan.Dropper/Gen @schrauber - Standard

Trojan.Dropper/Gen @schrauber



Rofl, gar nicht gesehen, danke


Dann muss ich den Support leider an der Stelle beenden...
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.09.2012, 14:36   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Dropper/Gen @schrauber - Standard

Trojan.Dropper/Gen @schrauber



Poste lieber das hier:



Siehe auch => http://www.trojaner-board.de/95393-c...-software.html

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden.

Cracks/Keygens sind zu 99,9% gefährliche Schädlinge, mit denen man nicht spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zur kompletten Neuinstallation!!

Dass illegale Cracks und Keygens im Wesentlichen dazu dienen, Malware zu verbreiten ist kein Geheimnis und muss jedem klar sein!


In Zukunft Finger weg von: Softonic, Registry-Bereinigern und illegalem Zeugs Cracks/Keygens/Serials

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 26.09.2012, 14:39   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Trojan.Dropper/Gen @schrauber - Standard

Trojan.Dropper/Gen @schrauber



Ich hab ja drauf gehofft dass Du es machst, jetzt kann ich nämlich den Baustein klauen
__________________
--> Trojan.Dropper/Gen @schrauber

Alt 26.09.2012, 14:48   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Dropper/Gen @schrauber - Standard

Trojan.Dropper/Gen @schrauber



Mein Baustein braucht weder Crack noch Keygen

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 26.09.2012, 15:24   #8
Lisali
 
Trojan.Dropper/Gen @schrauber - Standard

Trojan.Dropper/Gen @schrauber



Wow. Das ist mir jetzt extrem peinlich. =/ Ich wusste gar nicht, dass das noch auf meinem Rechner rumspukt. Na ja. Es ist jetzt gelöscht und ich bedanke mich sehr für den Support bis hierher.

Antwort

Themen zu Trojan.Dropper/Gen @schrauber
32 bit, acrobat update, antivir, application/pdf:, audacity, avira, beschädigung, bho, bonjour, desktop, error, farbar, firefox, flash player, hacktool.hiderun, hijack, hijackthis, home, homepage, intranet, kaspersky, keygen, langsam, malware, nodrives, problem, programm, recycle.bin, rogue.personalantivirus, scan, security, software, sttray.exe, svchost.exe, system, updates, win32/softonicdownloader.e, windows



Ähnliche Themen: Trojan.Dropper/Gen @schrauber


  1. Win7 Trojan.Agent/Gen-XDown & Trojan.Unclassified/Dropper
    Log-Analyse und Auswertung - 15.11.2015 (9)
  2. TR/ATRAPS.Gen und TR/Kazy durch Antivir gemeldet; ferner Trojan.Agent.MRGGen, Trojan.0Access, Trojan.Dropper.BCMiner
    Plagegeister aller Art und deren Bekämpfung - 03.11.2012 (10)
  3. Trojan.Dropper & Trojan.FakeAlert & Trojan.Downloader
    Plagegeister aller Art und deren Bekämpfung - 14.10.2012 (17)
  4. 2x Rootkit0.Access, Trojan.Zaccess und zweimal Trojan.Dropper.PE4 in C:\Windows\Installer\
    Log-Analyse und Auswertung - 14.07.2012 (3)
  5. Spam mails vom computer? Trojan.sirefef, Trojan.dropper, trojan.small, etc.etc.
    Plagegeister aller Art und deren Bekämpfung - 03.07.2012 (13)
  6. TR.Dropper.gen in C:\Users\Christina\AppData\Local\Temp, Trojan/Zaccess, Trojan.Agent, ...
    Log-Analyse und Auswertung - 19.06.2012 (29)
  7. Trojan.BHO, Spyware.Passwords.XGen, Trojan.Dropper und Trojan.Agent mit Malware gefunden
    Plagegeister aller Art und deren Bekämpfung - 20.12.2010 (9)
  8. TR/Dropper.Gen von Avira AntiVir und Trojan.Agent.CK sowie Trojan.Orsam von Malwarebytes erkannt
    Plagegeister aller Art und deren Bekämpfung - 03.12.2010 (1)
  9. Stark trojanerverseuchtes System! (Trojan Buzuss, Backdoor Trojan, Trojan Dropper,..)
    Plagegeister aller Art und deren Bekämpfung - 09.09.2010 (3)
  10. Diverse Trojaner vom Typ Trojan.Rodecap, Trojan.Dropper und Trojan.Agent! Brauche dringend Hilfe!
    Log-Analyse und Auswertung - 09.08.2010 (16)
  11. unerwünschte pop ups -> (Adware Tracking Cookie,trojan agent,trojan dropper)
    Log-Analyse und Auswertung - 02.06.2010 (20)
  12. trojaner nicht löschbar (AVG u. Malwarebytes) (Trojan.Dropper / Trojan.SpamBot)
    Plagegeister aller Art und deren Bekämpfung - 20.05.2010 (7)
  13. Trojan.Dropper & Trojan.Agent
    Plagegeister aller Art und deren Bekämpfung - 16.03.2010 (23)
  14. Mehrere Trojaner Meldungen 'TR/Dldr.Agent.yla' [trojan] 'TR/Dropper.Gen' [trojan]
    Plagegeister aller Art und deren Bekämpfung - 02.03.2009 (19)
  15. Befall von Virtumonde, Trojan.Dropper/Gen und Trojan.DNSChanger-Codec
    Plagegeister aller Art und deren Bekämpfung - 28.10.2008 (23)
  16. trojan.dropper + trojan zlob
    Plagegeister aller Art und deren Bekämpfung - 23.09.2008 (27)
  17. Trojan.Banker.VB.0D9D0998 und Trojan-Dropper.Win32.Agent.wd
    Log-Analyse und Auswertung - 05.10.2005 (2)

Zum Thema Trojan.Dropper/Gen @schrauber - Da mein Problem bereits im HijackThis Forum von schrauber betreut wurde, er dort aber nicht mehr aktiv ist, ich mein Problem aber gerne gelöst hätte setze ich mein Thema hier - Trojan.Dropper/Gen @schrauber...
Archiv
Du betrachtest: Trojan.Dropper/Gen @schrauber auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.