WINPATROL PLUS Hijack log und HijackThis.exe Verschiedene Logs

kostikko · 04.01.2014, 05:53

Code:

ATTFilter

Log created by WinPatrol PLUS version 29.1.2013.0:29.1.2013.0
Scan saved at  2:42:51 AM, on  1/04/2014
Platform: Windows 7 Home Edition 
6.1 x64 Build 7601  2 Service Pack 1
MSIE: Internet Explorer (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\NVIDIA UPDATE CORE\NvTmru.exe
H:\WINPATROL\WINPATROL.EXE
C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER\ANTISPAM32\BDAPPPASSMGR.EXE
H:\INTERNET DOWNLOAD MANAGER\IDMan.exe
C:\PROGRAM FILES (X86)\Intel\INTEL(R) USB 3.0 EXTENSIBLE HOST CONTROLLER DRIVER\APPLICATION\iusb3mon.exe
H:\SAMSUNG MAGICIAN\SAMSUNG MAGICIAN.EXE
H:\ADOBE ACROBAT\Acrobat\acrotray.exe
H:\INTERNET DOWNLOAD MANAGER\IEMONITOR.EXE
C:\PROGRAM FILES (X86)\MALWAREBYTES' ANTI-MALWARE\mbamgui.exe
C:\PROGRAM FILES\Intel\INTEL(R) RAPID STORAGE TECHNOLOGY\IASTORICON.EXE
F:\LOL\RADS\system\RADS_USER_KERNEL.EXE
F:\LOL\RADS\projects\LOL_LAUNCHER\releases\0.0.0.196\deploy\LOLLAUNCHER.EXE
F:\LOL\RADS\projects\LOL_AIR_CLIENT\releases\0.0.1.64\deploy\LOLCLIENT.EXE
C:\PROGRAM FILES (X86)\Google\Chrome\APPLICATION\chrome.exe
F:\LOL\RADS\SOLUTIONS\LOL_GAME_CLIENT_SLN\releases\0.0.1.4\deploy\LEAGUE OF LEGENDS.EXE
H:\WINPATROL\WINPATROLEX.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
O2 - BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - H:\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - H:\Internet Download Manager\IDMIECC64.dll
O2 - BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll
O2 - BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [RTHDVCPL]C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\Run: [RtHDVBg_DTS]C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /DTSU2P
O4 - HKLM\..\Run: [IAStorIcon]C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60
O4 - HKLM\..\Run: [Nvtmru]C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
O4 - HKLM\..\Run: [ShadowPlay]C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [Bdagent]C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
O4 - HKLM\..\Run: [COMODO Internet Security]C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
O4 - HKCU\..\Run: [dualmonitor]H:\Dual Monitor\DualMonitor.exe
O4 - HKCU\..\Run: [WinPatrol PLUS]H:\WinPatrol\winpatrol.exe -expressboot
O4 - HKCU\..\Run: [Bitdefender-Geldbörse-Agent]C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
O4 - HKCU\..\Run: [Bitdefender-Geldbörse]C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard
O4 - HKCU\..\Run: [Bitdefender-Geldbörse-Anwendungs-Agent]C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
O4 - HKCU\..\Run: [IDMan]H:\Internet Download Manager\IDMan.exe /onboot
O4 - HKU\..\Run: [USB3MON]C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
O4 - HKU\..\Run: [AmIcoSinglun64]C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
O4 - HKU\..\Run: [Acrobat Assistant 8.0]H:\Adobe Acrobat\Acrobat\acrotray.exe
O4 - Startup: Samsung Magician.lnk=H:\Samsung Magician\Samsung Magician.exe
O8 - Extra context menu item: Download aller Links mit IDM - H:\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download mit IDM - H:\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O11 - Options group: [Accelerated graphics] Accelerated graphics - C:\Windows\System32
O11 - Options group: []  - 
O23 - Service: Adobe Acrobat Update Service - Adobe Systems Incorporated - C:\PROGRAM FILES (X86)\COMMON FILES\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FLASHPLAYERUPDATESERVICE.EXE
O23 - Service: ASUS Com Service -  - C:\PROGRAM FILES (X86)\ASUS\AXSP\1.00.12\ATKEXCOMSVC.EXE
O23 - Service: ASUS System Control Service -  - C:\PROGRAM FILES (X86)\ASUS\ASSYSCTRLSERVICE\1.00.11\ASSYSCTRLSERVICE.EXE
O23 - Service: COMODO Internet Security Helper Service - COMODO - C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager - COMODO - C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\cmdvirth.exe
O23 - Service: Defragmentation-Service - mst software GmbH, Germany - H:\ASHAMPOO UNINSTALLER 5\DfSdkS64.exe
O23 - Service: DTSAudioSvc - DTS, Inc - C:\PROGRAM FILES\Realtek\Audio\HDA\DTSU2PAUSRV64.EXE
O23 - Service: Google Update-Dienst (gupdate) - Google Inc. - C:\PROGRAM FILES (X86)\Google\Update\GOOGLEUPDATE.EXE
O23 - Service: Google Update-Dienst (gupdatem) - Google Inc. - C:\PROGRAM FILES (X86)\Google\Update\GOOGLEUPDATE.EXE
O23 - Service: HOSTS Anti-PUPs -  - C:\PROGRAM FILES (X86)\HOSTS_ANTI_ADWARES_PUPS\HOSTS_ANTI-ADWARE.EXE
O23 - Service: Intel(R) Rapid Storage Technology - Intel Corporation - C:\PROGRAM FILES\Intel\INTEL(R) RAPID STORAGE TECHNOLOGY\IASTORDATAMGRSVC.EXE
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\PROGRAM FILES\Intel\ICLS CLIENT\HECISERVER.EXE
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\PROGRAM FILES\Intel\ICLS CLIENT\SOCKETHECISERVER.EXE
O23 - Service: Intel(R) PROSet Monitoring Service - Intel Corporation - C:\WINDOWS\SYSTEM32\IPROSETMONITOR.EXE
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service - Intel Corporation - C:\PROGRAM FILES (X86)\Intel\INTEL(R) MANAGEMENT ENGINE COMPONENTS\DAL\JHI_SERVICE.EXE
O23 - Service: Intel(R) Management and Security Application Local Management Service - Intel Corporation - C:\PROGRAM FILES (X86)\Intel\INTEL(R) MANAGEMENT ENGINE COMPONENTS\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\PROGRAM FILES (X86)\MALWAREBYTES' ANTI-MALWARE\MBAMSCHEDULER.EXE
O23 - Service: MBAMService - Malwarebytes Corporation - C:\PROGRAM FILES (X86)\MALWAREBYTES' ANTI-MALWARE\MBAMSERVICE.EXE
O23 - Service: Net Driver HPZ12 - Hewlett-Packard - C:\WINDOWS\SYSTEM32\HPZINW12.DLL
O23 - Service: NVIDIA Streamer Service - NVIDIA Corporation - C:\PROGRAM FILES\NVIDIA CORPORATION\NVSTREAMSRV\NVSTREAMSVC.EXE
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\SYSTEM32\NVVSVC.EXE
O23 - Service: NVIDIA Update Service Daemon - NVIDIA Corporation - C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\NVIDIA UPDATE CORE\daemonu.exe
O23 - Service: Pml Driver HPZ12 - Hewlett-Packard - C:\WINDOWS\SYSTEM32\HPZIPM12.DLL
O23 - Service: Skype Updater - Skype Technologies - C:\PROGRAM FILES (X86)\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\PROGRAM FILES (X86)\COMMON FILES\Steam\STEAMSERVICE.EXE
O23 - Service: NVIDIA Stereoscopic 3D Driver Service - NVIDIA Corporation - C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\3D VISION\NVSCPAPISVR.EXE
O23 - Service: TuneUp Utilities Service - TuneUp Software - H:\TUNEUP 2014\TUNEUPUTILITIESSERVICE64.EXE
O23 - Service: Bitdefender Desktop Update Service - Bitdefender - C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER\UPDATESRV.EXE
O23 - Service: TuneUp Designerweiterung - TuneUp Software - C:\Windows\System32\uxtuneup.dll
O23 - Service: Bitdefender Virus Shield - Bitdefender - C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER\vsserv.exe

---  Additional WinPatrol Info  ---
Browser: Unable to find default browser.
MSIE: Internet Explorer (11.00.9600.16428)
117 IE Cookies in Folder: C:\Users\kostik\AppData\Roaming\Microsoft\Windows\Cookies\

WP00 - HKLM\CS1: BootExecute = autocheck autochk *
WP00 - HKLM\CCS: BootExecute = autocheck autochk *
WP00 - HKLM\CS2: BootExecute = autocheck autochk *
WP02 - HKLM\CCS: Command = C:\Windows\system32\cmd.exe


WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix: Default = hxxp://
WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes: www = hxxp://

WP31 - Scheduled Tasks: [GoogleUpdateTaskMachineUA.job]C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 01/04/2014  2:23 AM
WP31 - Scheduled Tasks: [GoogleUpdateTaskMachineCore.job]C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 01/03/2014  11:52 PM
WP31 - Scheduled Tasks: [Adobe Flash Player Updater.job]C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 01/04/2014  1:53 AM

WP16 - ActiveX: {25336920-03F9-11CF-8FD0-00AA00686F13} [HTML Document] C:\Windows\System32\mshtml.dll 11.00.9600.16428
WP16 - ActiveX: {6BF52A52-394A-11D3-B153-00C04F79FAA6} [Windows Media Player] C:\Windows\System32\wmp.dll 12.0.7601.18150
WP16 - ActiveX: {8856F961-340A-11D0-A96B-00C04FD705A2} [Microsoft Web Browser] C:\Windows\System32\ieframe.dll 11.00.9600.16428
WP16 - ActiveX: {88D96A05-F192-11D4-A65F-0040963251E5} [XML DOM Document 6.0] C:\Windows\System32\msxml6.dll 6.30.7601.17988
WP16 - ActiveX: {88D96A0A-F192-11D4-A65F-0040963251E5} [XML HTTP 6.0] C:\Windows\System32\msxml6.dll 6.30.7601.17988
WP16 - ActiveX: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} [Microsoft Url Search Hook] C:\Windows\System32\ieframe.dll 11.00.9600.16428
WP16 - ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} [Shockwave Flash Object] C:\WINDOWS\SYSTEM32\MACROMED\FLASH\FLASH64_11_9_900_170.OCX 11,9,900,170
WP16 - ActiveX: {F5078F32-C551-11D3-89B9-0000F81FE221} [XML DOM Document 3.0] C:\Windows\System32\msxml3.dll 8.110.7601.17988
WP16 - ActiveX: {F6D90F16-9C73-11D3-B32E-00C04F990BB4} [XML HTTP] C:\Windows\System32\msxml3.dll 8.110.7601.17988
WP16 - ActiveX: {05589fa1-c356-11ce-bf01-00aa0055595a} [ActiveMovieControl Object] C:\Windows\System32\wmpdxm.dll 12.0.7601.17514
WP16 - ActiveX: {52A2AAAE-085D-4187-97EA-8C30DB990436} [HHCtrl Object] C:\Windows\System32\hhctrl.ocx 6.1.7600.16385
WP16 - ActiveX: {54CE37E0-9834-41ae-9896-4DAB69DC022B} [Microsoft RDP Client Control (redistributable) - version 5a] C:\Windows\System32\mstscax.dll 6.2.9200.16398
WP16 - ActiveX: {72C24DD5-D70A-438B-8A42-98424B88AFB8} [Windows Script Host Shell Object] C:\Windows\System32\wshom.ocx 5.8.7600.16385
WP16 - ActiveX: {6A6F4B83-45C5-4ca9-BDD9-0D81C12295E4} [Microsoft RDP Client Control (redistributable) - version 4a] C:\Windows\System32\mstscax.dll 6.2.9200.16398
WP16 - ActiveX: {8856F961-340A-11D0-A96B-00C04FD705A2} [Microsoft Web Browser] C:\Windows\System32\ieframe.dll 11.00.9600.16428
WP16 - ActiveX: {971127BB-259F-48c2-BD75-5F97A3331551} [Microsoft RDP Client Control (redistributable) - version 3a] C:\Windows\System32\mstscax.dll 6.2.9200.16398
WP16 - ActiveX: {AE24FDAE-03C6-11D1-8B76-0080C744F389} [Microsoft Scriptlet Component] C:\Windows\System32\mshtml.dll 11.00.9600.16428
WP16 - ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} [Shockwave Flash Object] C:\WINDOWS\SYSTEM32\MACROMED\FLASH\FLASH64_11_9_900_170.OCX 11,9,900,170
WP16 - ActiveX: {D27CDB70-AE6D-11cf-96B8-444553540000} [Macromedia Flash Factory Object] C:\WINDOWS\SYSTEM32\MACROMED\FLASH\FLASH64_11_9_900_170.OCX 11,9,900,170
WP16 - ActiveX: {F935DC22-1CF0-11D0-ADB9-00C04FD58A0B} [Windows Script Host Shell Object] C:\Windows\System32\wshom.ocx 5.8.7600.16385

WP32 - Hidden File: C:\bdr-bz01
WP32 - Hidden File: C:\bdr-cf01
WP32 - Hidden File: C:\bdr-im01.gz
WP32 - Hidden File: C:\bdr-ld01
WP32 - Hidden File: C:\bdr-ld01.mbr
WP32 - Hidden File: C:\Windows\WindowsShell.Manifest
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll

WP33 - File Type .AVI: [VLC media file (.avi)]H:\VLC\vlc.exe --started-from-file %1
WP33 - File Type .BAT: [Windows Batch File]%1 %*
WP33 - File Type .CAB: [WinRAR-Archiv]C:\Program Files\WinRAR\WinRAR.exe %1
WP33 - File Type .CAT: [Security Catalog]C:\Windows\system32\rundll32.exe cryptext.dll,CryptExtOpenCAT %1
WP33 - File Type .CHM: [Compiled HTML Help file]C:\Windows\hh.exe %1
WP33 - File Type .COM: [MS-DOS Application]%1 %*
WP33 - File Type .CMD: [Windows Command Script]%1 %*
WP33 - File Type .DOC: [Microsoft Word 97 - 2003 Document]C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXE /n %1 /o %u
WP33 - File Type .EML: [E-mail Message]C:\Program Files\Microsoft Office 15\Root\Office15\OUTLOOK.EXE /eml %1
WP33 - File Type .EXE: [Application]%1 %*
WP33 - File Type .INF: [Setup Information]C:\Windows\system32\NOTEPAD.EXE %1
WP33 - File Type .JS: [JavaScript File]C:\Windows\System32\WScript.exe %1 %*
WP33 - File Type .LOG: [Text Document]C:\Windows\system32\NOTEPAD.EXE %1
WP33 - File Type .MSI: [Windows Installer Package]C:\Windows\System32\msiexec.exe /i %1 %*
WP33 - File Type .MSG: [Outlook Item]C:\Program Files\Microsoft Office 15\Root\Office15\OUTLOOK.EXE /f %1
WP33 - File Type .MID: [VLC media file (.mid)]H:\VLC\vlc.exe --started-from-file %1
WP33 - File Type .MP3: [VLC media file (.mp3)]H:\VLC\vlc.exe --started-from-file %1
WP33 - File Type .PIF: [Shortcut to MS-DOS Program]%1 %*
WP33 - File Type .RAM: [VLC media file (.ram)]H:\VLC\vlc.exe --started-from-file %1
WP33 - File Type .REG: [Registration Entries]regedit.exe %1
WP33 - File Type .RTF: [Rich Text Format]C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXE /n %1 /o %u
WP33 - File Type .SCR: [Screen saver]%1 /S
WP33 - File Type .TXT: [Text Document]C:\Windows\system32\NOTEPAD.EXE %1
WP33 - File Type .URL: [Betriebssystem Microsoft® Windows®]C:\Windows\System32\rundll32.exe C:\Windows\System32\ieframe.dll,OpenURL %l
WP33 - File Type .VBS: [VBScript Script File]C:\Windows\System32\WScript.exe %1 %*
WP33 - File Type .VBE: [VBScript Encoded File]C:\Windows\System32\WScript.exe %1 %*
WP33 - File Type .WSF: [Windows Script File]C:\Windows\System32\WScript.exe %1 %*
WP33 - File Type .WSH: [Windows Script Host Settings File]C:\Windows\System32\WScript.exe %1 %*
WP33 - File Type .XLS: [Microsoft Excel 97-2003 Worksheet]C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE /dde

Memory currently in use: 28%
Physical Memory Free: 4,194,303 KB
Paging File Free: 4,194,303 KB
Virtual Memory Free: 1,963,364 KB


--
End of file

das ist die HijackThis von winpatrol

wen ich sie ausswerte sagt mir die auswertung ich habe schädlinge

mit dem norameln HijackThis bekomme ich andere log file

was kann da für ein problem sein `?

ich habe erst jetzt gelesen das ihr HIjackt*his logs nicht mehr auswertet ...
aber die logs von winpatrol ? oder kann man die auch vergessen =???

WINPATROL PLUS Hijack log und HijackThis.exe Verschiedene Logs

Plagegeister aller Art und deren Bekämpfung: WINPATROL PLUS Hijack log und HijackThis.exe Verschiedene Logs

WINPATROL PLUS Hijack log und HijackThis.exe Verschiedene Logs

Ähnliche Themen: WINPATROL PLUS Hijack log und HijackThis.exe Verschiedene Logs