Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   sweetim und utorrent toolbar lassen sich nicht löschen (https://www.trojaner-board.de/126450-sweetim-utorrent-toolbar-lassen-loeschen.html)

JackyBre 02.11.2012 22:26
sweetim und utorrent toolbar lassen sich nicht löschen
 
Guten Abend,

ich brauche wirklich dringend Hilfe und habe folgendes Problem: Ich habe vor einigen Wochen bemerkt, dass sich beim Öffnen von Google Chrome automatisch ein weiteres Tab öffnet das die Suchmaschine home.sweetim.com öffnet ( Das Tab hat folgenden URL : hxxp://home.sweetim.com/?crg=3.1010000.00000&barid={45648A91-0043-11E2-BCA0-DE6EBCA2925D} ).
Ich vermutete, das dies ein Tool ist, das ich wahrscheinlich beim Herunterladen von einem Programm vor einigen Wochen mitheruntergeladen hatte. Also löschte ich zunächst das Programm (sweetim) über die Systemsteuerung > Programm deinstallieren. Doch das Tab öffnet sich beim starten von google chrome trotzdem. Also lud ich Google Chrome erneut herunter. Als ich dann google chrome startet stand dort "Vielen Dank für das Laden von utorrent toolbar" (?). Ich suchte nun nach utorrent und sweetim auf meinem Computer und löschte alle vorhandenen Datein und Programme. Doch der Tab (home.sweetim) beim Öffnen von Chrome verschwand nicht. Also lud ich die Testversion von Malewarebytes runter und löschte die angezeigten "schädlichen" Dateien über das Programm. Doch das brachte auch nichts, der Tab (home.sweetim) war immernoch da. Also lud ich die neuste Version von Avira runter und lies Luke Filewalker über meinen PC "maschieren" , lud danach erneut chrome runter. Doch das sweetim Tab war immer noch da! Also lud ich auch noch Spyhunter runter und lies diesen darüber laufen, dort wurden einige bösartige Dateien erkannt doch um diese mit Spyhunter zu löschen muss man das Programm für 30€ kaufen, deswegen entschied ich mich dagegen, weil es mir so vorkam als wäre das nur Geldmacherei. Stattdessen lud ich das tool Adwcleaner runter und löschte damit schädliche Dateien. Danach lud ich google chrome erneut runter und wieder wurde "Vielen Dank für das Herunterladen von utorrent " angezeigt. Ich schaltete danach auch utorrent im Google Chrome browser aus doch das Tab von sweetim wird immernoch angezeigt! Ich habe das Gefühl ich hab mir da einen ziemlichen Virus eingefangen und habe auch schon gelesen, dass dieser sweetim Virus sich angeblich immer wieder in anderen Dateien speichert und entpackt und daher sehr schwer zu entfernen ist.

Ich bin wirklich für jede Hilfe dankbar!

LG

cosinus 03.11.2012 18:07
Zitat:
Also lud ich die Testversion von Malewarebytes runter und löschte die angezeigten "schädlichen" Dateien über das Programm.
Bitte beachten => http://www.trojaner-board.de/125889-...tml#post941520

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

JackyBre 03.11.2012 18:37
Vielen Dank für die schnelle Antwort! Hier meine Logdateien von drei Suchläufen bei Malewarebytes.



1. Suchlauf

Code:
Malwarebytes Anti-Malware (Test) 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.09.28.04

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Jacky :: JACKY-PC [Administrator]

Schutz: Aktiviert

28.09.2012 15:13:49
mbam-log-2012-09-28 (15-13-49).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 352553
Laufzeit: 1 Stunde(n), 52 Minute(n), 16 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 38
HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (PUP.MyWebSearch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (PUP.MyWebSearch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.MyWebSearch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.MyWebSearch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{8BCB5337-EC01-4E38-840C-A964F174255B} (Adware.SmartShopper) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEBF} (Adware.SmartShopper) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEBF} (Adware.SmartShopper) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEC0} (Adware.SmartShopper) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEC0} (Adware.SmartShopper) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6FD31ED6-7C94-4BBC-8E95-F927F4D3A949} (Adware.180Solutions) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (PUP.MyWebSearch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (PUP.MyWebSearch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (PUP.MyWebSearch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (PUP.MyWebSearch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (PUP.MyWebSearch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (PUP.MyWebSearch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Smart-Shopper.HbInfoBand (Adware.SmartShopper) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Smart-Shopper.HbInfoBand.1 (Adware.SmartShopper) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\fcn (Rogue.Residue) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\QZAIB7KITK (Trojan.FakeAlert) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\YVIBBBHA8C (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\FunWebProducts (PUP.MyWebSearch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Smart-Shopper (Adware.SmartShopper) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (PUP.MyWebSearch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 5
C:\Users\Jacky\Downloads\etypesetup (1).exe (PUP.BundleInstaller.BI) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jacky\Downloads\etypesetup.exe (PUP.BundleInstaller.BI) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jacky\Downloads\SoftonicDownloader_fuer_winrar.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
zweiter Suchlauf

Code:

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.11.01.04

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Jacky :: JACKY-PC [Administrator]

01.11.2012 16:56:23
mbam-log-2012-11-01 (16-56-23).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 354014
Laufzeit: 1 Stunde(n), 34 Minute(n), 59 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
3. Suchlauf

Code:

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.11.01.04

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Jacky :: JACKY-PC [Administrator]

02.11.2012 22:28:46
mbam-log-2012-11-02 (22-28-46).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 340064
Laufzeit: 2 Stunde(n), 44 Minute(n), 32 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

cosinus 03.11.2012 18:42
Code:
C:\Users\Jacky\Downloads\SoftonicDownloader_fuer_winrar.exe
Vermüllte Software von Softonic scheint gerade stark in Mode zu sein! :stirn:

Finger weg von Softonic!! :pfui:

Softonic ist eine Toolbar- und Adwareschleuder! Finger weg! Software lädt man sich mit oberster Priorität direkt vom Hersteller oder von Filepony aber nicht von solchen Toolbarklitschen wie Softonic!

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

JackyBre 03.11.2012 19:01
Okay vielen Dank. Hier die Log.

OTL Logfile:
Code:
OTL logfile created on: 03.11.2012 18:46:05 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Jacky\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,87 Gb Total Physical Memory | 0,92 Gb Available Physical Memory | 49,26% Memory free
3,98 Gb Paging File | 2,58 Gb Available in Paging File | 64,70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 55,74 Gb Total Space | 7,18 Gb Free Space | 12,88% Space Free | Partition Type: NTFS
Drive D: | 54,58 Gb Total Space | 49,72 Gb Free Space | 91,09% Space Free | Partition Type: NTFS
Drive E: | 4,38 Gb Total Space | 3,67 Gb Free Space | 83,87% Space Free | Partition Type: UDF
 
Computer Name: JACKY-PC | User Name: Jacky | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Jacky\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Google\Update\1.3.21.123\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Programme\360Amigo\360Amigo.exe (360Amigo)
PRC - C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Programme\Enigma Software Group\SpyHunter\SH4Service.exe (Enigma Software Group USA, LLC.)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
PRC - C:\Programme\Toshiba TEMPRO\TempoSVC.exe (Toshiba Europe GmbH)
PRC - C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\TOSHIBA\SMARTLogService\TosIPCSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
PRC - C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Google\Chrome\Application\22.0.1229.96\ppgooglenaclpluginchrome.dll ()
MOD - C:\Programme\Google\Chrome\Application\22.0.1229.96\pdf.dll ()
MOD - C:\Programme\Google\Chrome\Application\22.0.1229.96\avutil-51.dll ()
MOD - C:\Programme\Google\Chrome\Application\22.0.1229.96\avformat-54.dll ()
MOD - C:\Programme\Google\Chrome\Application\22.0.1229.96\avcodec-54.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programme\TOSHIBA\FlashCards\BlackPng.dll ()
MOD - C:\Programme\TOSHIBA\PCDiag\NotifyPCD.dll ()
MOD - C:\Programme\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll ()
MOD - C:\Programme\TOSHIBA\TOSHIBA Assist\NotifyX.dll ()
MOD - C:\Programme\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (SpyHunter 4 Service) -- C:\Programme\Enigma Software Group\SpyHunter\SH4Service.exe (Enigma Software Group USA, LLC.)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirMailService) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (TNaviSrv) -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
SRV - (TempoMonitoringService) -- C:\Programme\Toshiba TEMPRO\TempoSVC.exe (Toshiba Europe GmbH)
SRV - (ConfigFree Service) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (TOSHIBA SMART Log Service) -- C:\Programme\TOSHIBA\SMARTLogService\TosIPCSrv.exe (TOSHIBA Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (TosCoSrv) -- C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (UleadBurningHelper) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (LVUVC) -- system32\DRIVERS\lvuvc.sys File not found
DRV - (LVRS) -- system32\DRIVERS\lvrs.sys File not found
DRV - (lvpopflt) -- system32\DRIVERS\lvpopflt.sys File not found
DRV - (Lbd) -- system32\DRIVERS\Lbd.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (IntcAzAudAddService) -- system32\drivers\RTKVHDA.sys File not found
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (EsgScanner) -- C:\Windows\System32\drivers\EsgScanner.sys ()
DRV - (esgiguard) -- C:\Programme\Enigma Software Group\SpyHunter\esgiguard.sys ()
DRV - (ZTEusbnmea) -- C:\Windows\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (ZTEusbvoice) -- C:\Windows\System32\drivers\ZTEusbvoice.sys (ZTE Incorporated)
DRV - (ZTEusbser6k) -- C:\Windows\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (ZTEusbnet) -- C:\Windows\System32\drivers\ZTEusbnet.sys (ZTE Corporation)
DRV - (tos_sps32) -- C:\Windows\System32\drivers\tos_sps32.sys (TOSHIBA Corporation)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (RTL8187B) -- C:\Windows\System32\drivers\rtl8187B.sys (Realtek Semiconductor Corporation                          )
DRV - (TVALZ) -- C:\Windows\System32\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (RtlProt) -- C:\Windows\System32\drivers\RtlProt.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (FwLnk) -- C:\Windows\System32\drivers\FwLnk.sys (TOSHIBA Corporation)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{433ACC53-6F11-4204-BC63-C77FBDE2C973}: "URL" = hxxp://www.google.com/search?source=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEA;
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-8319358-3851552214-330997586-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE - HKU\S-1-5-21-8319358-3851552214-330997586-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
IE - HKU\S-1-5-21-8319358-3851552214-330997586-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com
IE - HKU\S-1-5-21-8319358-3851552214-330997586-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-8319358-3851552214-330997586-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-8319358-3851552214-330997586-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-8319358-3851552214-330997586-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKU\S-1-5-21-8319358-3851552214-330997586-1000\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-8319358-3851552214-330997586-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-8319358-3851552214-330997586-1000\..\SearchScopes\{433ACC53-6F11-4204-BC63-C77FBDE2C973}: "URL" = hxxp://www.google.com/search?source=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7GGLL_de
IE - HKU\S-1-5-21-8319358-3851552214-330997586-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7GGLL_de&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-8319358-3851552214-330997586-1000\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-i3752
IE - HKU\S-1-5-21-8319358-3851552214-330997586-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-8319358-3851552214-330997586-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.3
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.6.0
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..browser.search.defaulturl: ""
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
 
[2009.02.21 17:17:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jacky\AppData\Roaming\mozilla\Extensions
[2012.11.02 21:16:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jacky\AppData\Roaming\mozilla\Firefox\Profiles\tfpqeojd.default\extensions
[2011.02.24 21:36:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jacky\AppData\Roaming\mozilla\Firefox\Profiles\tfpqeojd.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.02.21 17:18:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jacky\AppData\Roaming\mozilla\Firefox\Profiles\tfpqeojd.default\extensions\toolbar_extras@de.yahoo.com
[2010.04.17 15:14:40 | 000,002,061 | ---- | M] () -- C:\Users\Jacky\AppData\Roaming\mozilla\firefox\profiles\tfpqeojd.default\searchplugins\qipsearch.xml
File not found (No name found) -- C:\PROGRAM FILES\AVG\AVG9\FIREFOX
File not found (No name found) -- C:\USERS\JACKY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TFPQEOJD.DEFAULT\EXTENSIONS\{32A1FD71-835E-4B11-8E54-886FDA0B4C89}
File not found (No name found) -- C:\USERS\JACKY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TFPQEOJD.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\USERS\JACKY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TFPQEOJD.DEFAULT\EXTENSIONS\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
File not found (No name found) -- C:\USERS\JACKY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TFPQEOJD.DEFAULT\EXTENSIONS\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
File not found (No name found) -- C:\USERS\JACKY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TFPQEOJD.DEFAULT\EXTENSIONS\{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.96\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.96\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.96\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.250.6 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U25 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa2\npPicasa3.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Jacky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Jacky\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Mail = C:\Users\Jacky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O4 - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [cfFncEnabler.exe] cfFncEnabler.exe File not found
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [Toshiba TEMPO] C:\Programme\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe (Toshiba Europe GmbH)
O4 - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-8319358-3851552214-330997586-1000..\Run: [360Amigo] C:\Program files\360Amigo\360Amigo.exe (360Amigo)
O4 - HKU\S-1-5-21-8319358-3851552214-330997586-1000..\Run: [Sidebar] C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-8319358-3851552214-330997586-1000..\Run: [TOSCDSPD] TOSCDSPD.EXE File not found
O4 - HKU\S-1-5-21-8319358-3851552214-330997586-1000..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Programme\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Programme\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Jacky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Media Player.lnk =  File not found
O4 - Startup: C:\Users\Jacky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Jacky\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - hxxp://rover.ebay.com/rover/1/707-44556-9400-3/4 File not found
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - hxxp://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.100.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1F87CB5-52A2-4D10-BFCD-904E23C2350B}: DhcpNameServer = 172.16.100.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (AVGRSSTX.DLL) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Dock.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Dock.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1b190c87-997d-11df-9fe6-001e336d8205}\Shell - "" = AutoRun
O33 - MountPoints2\{1b190c87-997d-11df-9fe6-001e336d8205}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{7b521479-0e81-11de-b08f-001e336d8205}\Shell - "" = AutoRun
O33 - MountPoints2\{7b521479-0e81-11de-b08f-001e336d8205}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{9e16fddc-8110-11de-984f-00216382e496}\Shell - "" = AutoRun
O33 - MountPoints2\{9e16fddc-8110-11de-984f-00216382e496}\Shell\AutoRun\command - "" = F:\SFR.exe
O33 - MountPoints2\{ad427f5c-8101-11de-bafa-00216382e496}\Shell - "" = AutoRun
O33 - MountPoints2\{ad427f5c-8101-11de-bafa-00216382e496}\Shell\AutoRun\command - "" = F:\SFR.exe
O33 - MountPoints2\{c515f9ed-d9cf-11dd-b451-001e336d8205}\Shell - "" = AutoRun
O33 - MountPoints2\{c515f9ed-d9cf-11dd-b451-001e336d8205}\Shell\AutoRun\command - "" = F:\start.exe
O33 - MountPoints2\{ec76dc43-eef5-11de-b70c-001e336d8205}\Shell\AutoRun\command - "" = explorer .\index.html
O33 - MountPoints2\{ffd52e55-8102-11de-8875-00a0c6000000}\Shell - "" = AutoRun
O33 - MountPoints2\{ffd52e55-8102-11de-8875-00a0c6000000}\Shell\AutoRun\command - "" = G:\SFR.exe
O33 - MountPoints2\{ffd52e78-8102-11de-8875-001e336d8205}\Shell - "" = AutoRun
O33 - MountPoints2\{ffd52e78-8102-11de-8875-001e336d8205}\Shell\AutoRun\command - "" = F:\SFR.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\SFR.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.02 21:57:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.11.02 19:57:08 | 000,000,000 | ---D | C] -- C:\Users\Jacky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
[2012.11.02 19:57:04 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2012.11.02 19:57:04 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2012.11.02 12:15:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360Amigo
[2012.11.02 12:14:59 | 000,000,000 | ---D | C] -- C:\Users\Jacky\AppData\Local\360Amigo
[2012.11.02 12:14:56 | 000,000,000 | ---D | C] -- C:\Program Files\360Amigo
[2012.10.14 16:17:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012.10.14 16:17:43 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.10.14 16:17:43 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.03 18:29:25 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.03 18:29:25 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.03 18:29:25 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.03 18:29:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.03 10:23:57 | 000,644,136 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.11.03 10:23:57 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.11.03 10:23:57 | 000,131,388 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.11.03 10:23:57 | 000,108,572 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.11.02 22:01:23 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.02 21:57:59 | 000,001,968 | ---- | M] () -- C:\Users\Jacky\Desktop\Google Chrome.lnk
[2012.11.02 19:57:08 | 000,002,082 | ---- | M] () -- C:\Users\Jacky\Desktop\SpyHunter.lnk
[2012.11.02 12:15:00 | 000,000,811 | ---- | M] () -- C:\Users\Jacky\Desktop\360Amigo System Speedup.lnk
[2012.11.01 16:55:39 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.11.01 16:30:08 | 000,000,474 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012.10.28 14:09:10 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.11.02 21:57:59 | 000,001,968 | ---- | C] () -- C:\Users\Jacky\Desktop\Google Chrome.lnk
[2012.11.02 21:56:14 | 000,001,096 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.02 21:56:07 | 000,001,092 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.02 19:57:08 | 000,002,082 | ---- | C] () -- C:\Users\Jacky\Desktop\SpyHunter.lnk
[2012.11.02 12:15:00 | 000,000,811 | ---- | C] () -- C:\Users\Jacky\Desktop\360Amigo System Speedup.lnk
[2012.06.22 12:01:30 | 000,019,984 | ---- | C] () -- C:\Windows\System32\ESGScanner.sys
[2012.06.22 12:01:30 | 000,019,984 | ---- | C] () -- C:\Windows\System32\drivers\EsgScanner.sys
[2011.04.16 11:00:25 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.04.16 10:57:19 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.04.16 10:15:58 | 000,000,680 | ---- | C] () -- C:\Users\Jacky\AppData\Local\d3d9caps.dat
[2011.04.07 18:29:04 | 000,011,776 | ---- | C] () -- C:\Users\Jacky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.16 18:48:24 | 003,736,521 | ---- | C] () -- C:\Users\Jacky\Saints 2010.mp3
[2010.03.30 16:16:57 | 000,004,125 | ---- | C] () -- C:\Users\Jacky\.recently-used.xbel
[2009.01.15 06:07:39 | 000,000,570 | ---- | C] () -- C:\Users\Jacky\AppData\Roaming\wklnhst.dat
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.10 22:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.10 22:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >
--- --- ---


und die zweite Datei

OTL EXTRAS Logfile:
Code:
OTL Extras logfile created on: 03.11.2012 18:46:06 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Jacky\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,87 Gb Total Physical Memory | 0,92 Gb Available Physical Memory | 49,26% Memory free
3,98 Gb Paging File | 2,58 Gb Available in Paging File | 64,70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 55,74 Gb Total Space | 7,18 Gb Free Space | 12,88% Space Free | Partition Type: NTFS
Drive D: | 54,58 Gb Total Space | 49,72 Gb Free Space | 91,09% Space Free | Partition Type: NTFS
Drive E: | 4,38 Gb Total Space | 3,67 Gb Free Space | 83,87% Space Free | Partition Type: UDF
 
Computer Name: JACKY-PC | User Name: Jacky | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-8319358-3851552214-330997586-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0DE9FF4C-BC88-40DA-8694-805408DEF704}" = lport=139 | protocol=6 | dir=in | app=system |
"{23E752A2-EC67-49FB-8825-05846A717B47}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{49537634-E16D-4D9B-A28A-B23F5CC4AA2A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4CD509BE-3BBD-478D-87B6-A7D5C3E09BEF}" = lport=137 | protocol=17 | dir=in | app=system |
"{4FB87737-E019-4487-938B-002E19034ED8}" = rport=445 | protocol=6 | dir=out | app=system |
"{5C4416DE-DCFB-4F67-92F9-A9A172A9E92D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{644BAA70-401E-41DA-BD32-04C8E0F2B3B1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6CF5A90C-CCBC-4FA7-81A1-9CDAD465C737}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7072CD45-ACBD-4EB6-8360-FEC8B750806F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A3A05134-1E63-4FDB-8F59-CCAEC73C3E93}" = rport=138 | protocol=17 | dir=out | app=system |
"{A9B18D72-D9AA-4F86-B37A-300D851F21BD}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{AACFE0C2-EDF5-4258-8C4D-43DF050C3F79}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{AD1B7EFF-8BE1-4C7F-82F6-898D69E9294F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B57FDE1B-1627-4594-892C-E4D9CC5636F6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{BB534E9F-5477-4E5A-96FF-449C864907A3}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{CD4F98EB-C56C-402F-99A5-5BD2CDF10C3C}" = rport=139 | protocol=6 | dir=out | app=system |
"{CF90D7E2-3B08-4E06-8E44-08F1C08B94B7}" = rport=137 | protocol=17 | dir=out | app=system |
"{D6AD4785-5FCD-4B77-8C98-B488E88F57A4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DC7A6C6E-122C-4D62-8D68-F02A11AE1DFE}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{EA150504-47F5-43C8-8ECC-D82B43F91927}" = lport=445 | protocol=6 | dir=in | app=system |
"{F4DEB78A-4E4B-4A3A-9A59-1B7060065610}" = lport=138 | protocol=17 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05916CDD-A3BC-43A0-AEB7-52ADE1FCEAD1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{33FB6C62-B022-4B81-BB74-D8BE13A197CE}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3D61E098-7CE6-4124-A3FD-7B18ECBD5F96}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3EE95352-79FA-4432-90C9-FBF2D1588EFF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{462801B8-0E40-49EF-AD65-AEA7F33379E7}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{545A10AE-09E0-4016-A7D5-E5B64AF03597}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{55894D81-F61E-4BFC-8F20-DBA84A681FCB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5F79AF1E-D81C-4091-B5C2-CCEAEDBB61A7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{85A25090-DA8C-4541-AB6E-8DDD0A38B534}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{87963857-1D18-439D-A1CA-D97C9F6461F9}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{950F67D4-3B8D-44FA-9D15-ADD2A7255265}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{9534CCC3-777B-4E77-90A5-3D353EBDAC23}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{A6F30EA9-02B4-49A4-B3BC-98180C075F67}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{AF9A67A1-97FE-4D68-98DA-2E1184F94831}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CAA68633-C2DB-465B-858C-A8D27A0B6B25}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{CAF7CBE5-2813-40A3-8E0E-A050D3C22B1C}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02CA24DD-C8B0-4280-BE53-7862869C2EB1}" = Realtek WiFi Protected Setup Library
"{03FAA727-E2B7-471C-AC41-2E1C7F29C7EA}" = Toshiba TEMPRO
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}" = TOSHIBA ConfigFree
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{1C971EE3-B4C4-4367-9676-57549919C6CE}" = TOSHIBA Benutzerhandbücher
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 25
"{2883F6F5-0509-43F3-868C-D50330DD9DD3}" = TOSHIBA Hardware Setup
"{32A3A4F4-B792-11D6-A78A-00B0D0160250}" = Java(TM) SE Development Kit 6 Update 25
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B1E87C3-00DE-4898-8E39-E390AAEF2391}" = TOSHIBA Supervisor Password
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{895722FE-25FE-4854-95AC-B0C42F9DBEDA}" = REALTEK RTL8187B Wireless LAN Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DDABC667-56B3-4122-82B0-2F5782EA2F9A}" = SpyHunter
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"360Amigo" = 360Amigo System Speedup Free
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Avira AntiVir Desktop" = Avira Antivirus Premium 2012
"CNXT_MODEM_PCI_VEN_14F1&DEV_2C06&SUBSYS_14F10000" = HDAUDIO Soft Data Fax Modem with SmartCP
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"My Stitch_is1" = My Stitch 1.1
"myphotobook" = myphotobook 3.6
"Picasa 3" = Picasa 3
"Prism" = Prism Video Converter
"Revo Uninstaller" = Revo Uninstaller 1.94
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-Bit)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 08.10.2012 11:52:37 | Computer Name = JACKY-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 08.10.2012 11:52:37 | Computer Name = JACKY-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1762
 
Error - 08.10.2012 11:52:37 | Computer Name = JACKY-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1762
 
Error - 08.10.2012 11:52:39 | Computer Name = JACKY-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 08.10.2012 11:52:39 | Computer Name = JACKY-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3993
 
Error - 08.10.2012 11:52:39 | Computer Name = JACKY-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3993
 
Error - 08.10.2012 11:52:41 | Computer Name = JACKY-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 08.10.2012 11:52:41 | Computer Name = JACKY-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6006
 
Error - 08.10.2012 11:52:41 | Computer Name = JACKY-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6006
 
Error - 08.10.2012 12:08:19 | Computer Name = JACKY-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
[ System Events ]
Error - 09.04.2009 04:54:41 | Computer Name = Jacky-PC | Source = Service Control Manager | ID = 7011
Description =
 
Error - 15.04.2009 21:02:07 | Computer Name = Jacky-PC | Source = DCOM | ID = 10005
Description =
 
Error - 15.04.2009 21:02:07 | Computer Name = Jacky-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 15.04.2009 21:02:07 | Computer Name = Jacky-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 15.04.2009 21:02:07 | Computer Name = Jacky-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 15.04.2009 21:02:07 | Computer Name = Jacky-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 15.04.2009 21:03:42 | Computer Name = Jacky-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 15.04.2009 21:03:42 | Computer Name = Jacky-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 15.04.2009 21:03:42 | Computer Name = Jacky-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 15.04.2009 21:03:42 | Computer Name = Jacky-PC | Source = Service Control Manager | ID = 7000
Description =
 
 
< End of report >
--- --- ---

[/code]

cosinus 03.11.2012 19:17
Sieht aus als wären nur nervige Toolbars da. Ich würde trotzdem noch auf Rootkits scannen sicherheitshalber

Bitte nun Logs mit GMER (<<< klick für Anleitung) und aswMBR (Anleitung etwas weiter unten) erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim zweiten Mal nicht will, lass es einfach weg und führ nur aswMBR aus.

aswMBR-Download => aswMBR.exe - speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

JackyBre 03.11.2012 20:18
hier der log von GMER

[code]
GMER Logfile:
Code:
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-11-03 20:16:58
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD12 rev.01.0
Running: elv4trci.exe; Driver: C:\Users\Jacky\AppData\Local\Temp\fwtoypoc.sys


---- System - GMER 1.0.15 ----

SSDT            89E90396                                                                                                                              ZwCreateSection
SSDT            89E9036E                                                                                                                              ZwCreateSymbolicLinkObject
SSDT            89E90373                                                                                                                              ZwLoadDriver
SSDT            89E90369                                                                                                                              ZwOpenSection
SSDT            89E903A0                                                                                                                              ZwRequestWaitReplyPort
SSDT            89E9039B                                                                                                                              ZwSetContextThread
SSDT            89E903A5                                                                                                                              ZwSetSecurityObject
SSDT            89E90378                                                                                                                              ZwSetSystemInformation
SSDT            89E903AA                                                                                                                              ZwSystemDebugControl
SSDT            89E90337                                                                                                                              ZwTerminateProcess
SSDT            89E90332                                                                                                                              ZwWriteVirtualMemory

---- Kernel code sections - GMER 1.0.15 ----

.text          ntkrnlpa.exe!KeSetEvent + 215                                                                                                          820E28D8 4 Bytes  [96, 03, E9, 89]
.text          ntkrnlpa.exe!KeSetEvent + 21D                                                                                                          820E28E0 4 Bytes  [6E, 03, E9, 89]
.text          ntkrnlpa.exe!KeSetEvent + 37D                                                                                                          820E2A40 4 Bytes  [73, 03, E9, 89]
.text          ntkrnlpa.exe!KeSetEvent + 3FD                                                                                                          820E2AC0 4 Bytes  [69, 03, E9, 89]
.text          ntkrnlpa.exe!KeSetEvent + 539                                                                                                          820E2BFC 4 Bytes  [A0, 03, E9, 89]
.text          ...                                                                                                                                   
.text          C:\Windows\system32\DRIVERS\tos_sps32.sys                                                                                              section is writeable [0x87D5C480, 0x3C939, 0xE8000020]
.dsrt          C:\Windows\system32\DRIVERS\tos_sps32.sys                                                                                              unknown last section [0x87D9D900, 0x3CA, 0x48000040]

---- User code sections - GMER 1.0.15 ----

.text          C:\Program Files\Internet Explorer\iexplore.exe[4288] USER32.dll!EnableWindow                                                          7786CD8B 5 Bytes  JMP 6BF29EBC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4288] USER32.dll!DialogBoxParamW                                                      778910B0 5 Bytes  JMP 6BE81893 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4288] USER32.dll!DialogBoxIndirectParamW                                              77892EF5 5 Bytes  JMP 6C07902E C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4288] USER32.dll!DialogBoxParamA                                                      778A8152 5 Bytes  JMP 6C078FC9 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4288] USER32.dll!DialogBoxIndirectParamA                                              778A847D 5 Bytes  JMP 6C079093 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4288] USER32.dll!MessageBoxIndirectA                                                  778BD4D9 5 Bytes  JMP 6C078F50 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4288] USER32.dll!MessageBoxIndirectW                                                  778BD5D3 1 Byte  [E9]
.text          C:\Program Files\Internet Explorer\iexplore.exe[4288] USER32.dll!MessageBoxIndirectW                                                  778BD5D3 5 Bytes  JMP 6C078ED7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4288] USER32.dll!MessageBoxExA                                                        778BD639 5 Bytes  JMP 6C078E73 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4288] USER32.dll!MessageBoxExW                                                        778BD65D 5 Bytes  JMP 6C078E0F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] kernel32.dll!CreateThread                                                        7628CB2E 5 Bytes  JMP 6BEE75E3 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!CreateDialogParamW                                                    778672A2 5 Bytes  JMP 6C079398 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!GetAsyncKeyState                                                      7786863C 5 Bytes  JMP 6BECDECD C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!SetWindowsHookExW                                                    778687AD 5 Bytes  JMP 6BF225B4 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!CallNextHookEx                                                        77868E3B 5 Bytes  JMP 6BF47FDF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!UnhookWindowsHookEx                                                  778698DB 5 Bytes  JMP 6BF6ED00 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!EnableWindow                                                          7786CD8B 5 Bytes  JMP 6BF29EBC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!DefWindowProcA                                                        7786DB88 7 Bytes  JMP 6BEE980D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!CreateWindowExA                                                      7786DC2A 5 Bytes  JMP 6BEF3643 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!CreateWindowExW                                                      77871305 5 Bytes  JMP 6BF503CF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!GetKeyState                                                          77878CB1 5 Bytes  JMP 6BECDDA7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!DefWindowProcW                                                        778803B4 7 Bytes  JMP 6BF48042 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!IsDialogMessageW                                                      77880745 5 Bytes  JMP 6C079AF2 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!CreateDialogParamA                                                    778817AA 5 Bytes  JMP 6C079360 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!IsDialogMessage                                                      77881847 5 Bytes  JMP 6C079ACA C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!CreateDialogIndirectParamA                                            778826F1 5 Bytes  JMP 6C0793D0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!CreateDialogIndirectParamW                                            77889A62 5 Bytes  JMP 6C079408 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!SetKeyboardState                                                      77890987 5 Bytes  JMP 6C07A3E5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!DialogBoxParamW                                                      778910B0 5 Bytes  JMP 6BE81893 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!DialogBoxIndirectParamW                                              77892EF5 5 Bytes  JMP 6C07902E C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!SendInput                                                            77892F75 5 Bytes  JMP 6C07A38D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!EndDialog                                                            7789326E 5 Bytes  JMP 6C079D9E C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!SetCursorPos                                                          778A6FB2 5 Bytes  JMP 6C07A466 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!DialogBoxParamA                                                      778A8152 5 Bytes  JMP 6C078FC9 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!DialogBoxIndirectParamA                                              778A847D 5 Bytes  JMP 6C079093 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!MessageBoxIndirectA                                                  778BD4D9 5 Bytes  JMP 6C078F50 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!MessageBoxIndirectW                                                  778BD5D3 1 Byte  [E9]
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!MessageBoxIndirectW                                                  778BD5D3 5 Bytes  JMP 6C078ED7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!MessageBoxExA                                                        778BD639 5 Bytes  JMP 6C078E73 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!MessageBoxExW                                                        778BD65D 5 Bytes  JMP 6C078E0F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] USER32.dll!keybd_event                                                          778BD972 5 Bytes  JMP 6C07A34A C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] SHELL32.dll!SHRestricted + D95                                                  765189A8 4 Bytes  [CF, 01, 20, 72]
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] SHELL32.dll!SHRestricted + D9D                                                  765189B0 8 Bytes  [E0, 61, 1F, 72, 79, F7, 1F, ...]
.text          C:\Program Files\Internet Explorer\iexplore.exe[4836] ole32.dll!OleLoadFromStream                                                      75ED1E80 5 Bytes  JMP 6C0797FC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT            C:\Windows\Explorer.EXE[1804] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown]                                                  [73937817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1804] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage]                                                  [7397B4E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1804] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI]                                              [7393BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1804] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode]                                        [7392F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1804] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup]                                                  [739375E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1804] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC]                                                [7392E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1804] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM]                                    [739673F5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1804] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream]                                      [7393DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1804] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight]                                              [7392FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1804] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth]                                                [7392FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1804] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage]                                                [739271CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1804] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM]                                        [739BCAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1804] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile]                                            [7395C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1804] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics]                                              [7392D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1804] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree]                                                        [73926853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1804] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc]                                                        [7392687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Windows\Explorer.EXE[1804] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode]                                          [73932AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress]                [721F47BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress]                  [721F47BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW]                      [7220029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW]                  [721F5EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CopyFileW]                        [7220BC51] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!MoveFileW]                        [7220E089] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!DeleteFileW]                      [7220C811] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                  [72207F4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW]            [7220F500] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose]                        [7220F94D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW]                    [722107CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW]                  [7220FCF6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA]                    [721F6D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW]                      [721F63E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW]      [7220B56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW]                    [721F4E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress]                  [721F47BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW]        [7220ABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryInfoKeyW]                [72201555] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegEnumValueW]                    [72200E28] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegOpenKeyExW]                    [721F60B5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW]                [721F7278] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW]                    [722133C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCreateKeyExW]                  [722019CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCloseKey]                      [721F6692] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW]                    [721F5EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA]                      [721F6D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW]                        [7220BC51] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress]                    [721F47BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW]                      [721F4E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW]                      [721F63E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW]                      [7220029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW]                      [7220C811] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindClose]                        [7220F94D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileA]                  [7220F9A0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileA]                    [7221072B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileW]                  [7220FCF6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileW]                    [722107CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesA]              [72200ADF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryA]            [7220EFD7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesA]              [72209229] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryA]                [7220E73F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryA]                [7220ECFB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileA]                      [7220C6B1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesW]              [721F5F62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryW]            [7220F500] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesW]              [7220939B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryW]                [721F6291] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileW]                      [7220C811] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileW]                        [7220E089] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryW]                [7220EE67] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileA]                        [7220DFBD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress]                  [721F47BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA]                    [721F6D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                  [72207BE8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                  [72207F4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileA]                      [721FF1F1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileW]                      [721F63E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW]                    [721F4E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW]                    [721F4E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW]                    [7220E457] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW]      [7220B56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW]        [7220ABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA]        [7220AA37] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW]                    [7220C811] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW]                  [721F5EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW]              [7220939B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW]                    [721F63E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW]                  [7220FCF6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW]                  [722107CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW]                    [7220029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW]              [721F5F62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA]              [72209229] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA]                    [721FF1F1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA]                  [7220F9A0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA]                  [7221072B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose]                      [7220F94D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA]                    [7220F2BD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA]              [72200ADF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA]                    [721F6D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress]                  [721F47BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpW]                          [7220D6BF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpA]                          [7220D557] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCloseKey]                    [721F6692] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExA]                [72212FB4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyA]                  [7221327D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyA]                [72213B2F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExA]                  [721FEEBD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExW]                [722019CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExW]                  [721F60B5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExW]                  [72200859] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW]                  [72213983] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW]                  [722133C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyW]                [72201555] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW]                [721F7278] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueW]                  [72200E28] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyW]                    [72213E89] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExA]                  [721FF30B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueA]                  [72213FED] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyA]                    [72213D27] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA]                [721FFCC5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW]      [7220A56D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindNextFileW]                  [722107CA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW]                    [7220E457] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW]  [7220A89F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW]    [7220B245] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW]      [7220B56B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW]                [7220C49D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetCurrentDirectoryW]            [7220F500] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW]                      [7220BC51] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW]                  [72209F4B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW]                  [721F5EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                  [72207F4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW]                      [7220E089] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindFirstFileW]                  [7220FCF6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindClose]                      [7220F94D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA]              [72209AF3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesA]              [72200ADF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SearchPathW]                    [7220029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW]          [7220A249] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW]        [7220ABDB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!RemoveDirectoryW]                [7220EE67] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateDirectoryW]                [721F6291] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeleteFileW]                    [7220C811] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileAttributesW]              [7220939B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesW]              [721F5F62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW]                    [7220E0C1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameW]              [72209C69] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW]                    [721F4E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileW]                    [721F63E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesExW]            [7220968F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA]                    [721F6D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetLongPathNameW]                [7220997F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW]                        [7220CB0F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [USER32.dll!WinHelpW]                          [7220D6BF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW]              [7220D11F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW]          [72210DFB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW]            [721FF725] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW]                  [721FF817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW]                [72210D47] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA]                    [72211F32] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW]                    [72211095] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W]                [721FFB25] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW]                [722112D2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW]                      [721FFA79] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA]                      [72211542] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW]                      [72211590] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW]                [72211C5E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW]                  [72211191] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW]                  [72211BC6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW]                  [722119EE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW]            [721FE265] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW]                    [72211B2E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW]            [7221136E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsSystemFolderW]              [7221162F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA]                [72211284] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW]              [7221194A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA]                  [72210F4E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW]                    [72212769] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW]                    [72212937] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW]                [721F7430] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW]              [72200178] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW]                  [721FFC0B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW]                  [721F4984] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW]              [7221140A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW]            [722117B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW]                [7221171C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW]          [72211CAC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW]            [722118A2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCW]                      [721FFA2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRelativeW]                  [721F5D08] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHGetValueW]                      [721F4927] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootW]                  [72210F9F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteValueW]                  [72212028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHSetValueW]                      [72212B62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumKeyExW]                    [722120D3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumValueW]                    [7221218A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFileExistsW]                  [72200123] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyW]                    [72211F83] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile]              [72208C1A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindClose]                        [7220F94D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindFirstFileW]                    [7220FCF6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW]                    [721F5EC7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SearchPathW]                      [7220029E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                    [72207F4F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!DeleteFileW]                      [7220C811] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetShortPathNameW]                [72209C69] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesExW]              [7220968F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateFileW]                      [721F63E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW]                      [721F4E2B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesW]                [721F5F62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA]                      [721F6D22] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA]          [721FF6D1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA]                    [72211F32] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW]                  [72212028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA]                      [72212B05] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW]                      [72212B62] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW]              [72200178] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetUSValueA]                [721F64C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA]                      [721F4CAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW]                      [721F4927] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW]                  [721F4984] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA]                  [721F6528] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress]                  [721F47BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress]                  [721F47BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress]                  [721F47BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress]                [721F47BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress]                  [721F47BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT            C:\Program Files\Internet Explorer\iexplore.exe[4836] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress]                  [721F47BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                                                                Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1                                                                                                Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----
--- --- ---


und hier das Ergebnis von aswMBR

Code:

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-11-03 20:25:09
-----------------------------
20:25:09.638    OS Version: Windows 6.0.6002 Service Pack 2
20:25:09.639    Number of processors: 1 586 0xF0D
20:25:09.640    ComputerName: JACKY-PC  UserName: Jacky
20:25:11.015    Initialize success
20:25:23.671    AVAST engine defs: 12110300
20:25:33.838    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:25:33.838    Disk 0 Vendor: WDC_WD12 01.0 Size: 114473MB BusType: 3
20:25:34.197    Disk 0 MBR read successfully
20:25:34.197    Disk 0 MBR scan
20:25:34.197    Disk 0 Windows VISTA default MBR code
20:25:34.275    Disk 0 Partition 1 00    27 Hidden NTFS WinRE NTFS        1500 MB offset 2048
20:25:34.353    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        57077 MB offset 3074048
20:25:34.446    Disk 0 Partition 3 00    07    HPFS/NTFS NTFS        55894 MB offset 119967744
20:25:34.680    Disk 0 scanning sectors +234439600
20:25:35.211    Disk 0 scanning C:\Windows\system32\drivers
20:27:35.750    Service scanning
20:27:59.447    Modules scanning
20:30:21.512    Disk 0 trace - called modules:
20:30:21.976    ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
20:30:21.976    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86074130]
20:30:21.991    3 CLASSPNP.SYS[833198b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8478e028]
20:30:25.643    AVAST engine scan C:\Windows
20:31:07.981    AVAST engine scan C:\Windows\system32
20:43:19.900    AVAST engine scan C:\Windows\system32\drivers
20:43:35.113    AVAST engine scan C:\Users\Jacky
20:56:08.449    AVAST engine scan C:\ProgramData
20:57:09.885    Scan finished successfully
20:58:11.552    Disk 0 MBR has been saved successfully to "C:\Users\Jacky\Desktop\MBR.dat"
20:58:11.568    The log file has been saved successfully to "C:\Users\Jacky\Desktop\aswMBR.txt"
Vielen Dank!

cosinus 04.11.2012 16:30
Sieht unauffällig aus. Machen wir mal die Adware weg ;)

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)

JackyBre 04.11.2012 22:25
Code:

# AdwCleaner v2.006 - Datei am 04/11/2012 um 22:23:48 erstellt
# Aktualisiert am 30/10/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Benutzer : Jacky - JACKY-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Jacky\Downloads\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v [Version kann nicht ermittelt werden]

Profilname : default
Datei : C:\Users\Jacky\AppData\Roaming\Mozilla\Firefox\Profiles\tfpqeojd.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Jacky\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [25414 octets] - [02/11/2012 20:53:36]
AdwCleaner[S1].txt - [446 octets] - [02/11/2012 20:55:00]
AdwCleaner[S2].txt - [25330 octets] - [02/11/2012 21:15:52]
AdwCleaner[S3].txt - [1211 octets] - [02/11/2012 21:31:37]
AdwCleaner[R2].txt - [1387 octets] - [04/11/2012 22:23:48]

########## EOF - C:\AdwCleaner[R2].txt - [1447 octets] ##########

cosinus 05.11.2012 10:09
adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)


Alle Zeitangaben in WEZ +1. Es ist jetzt 01:29 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19