Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
möglicher trojaner-befall? malwarebytes blockiert potentiell gefährliche zugänge

möglicher trojaner-befall? malwarebytes blockiert potentiell gefährliche zugänge


Plagegeister aller Art und deren Bekämpfung: möglicher trojaner-befall? malwarebytes blockiert potentiell gefährliche zugänge

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 04.11.2012, 21:41   #1
fux89
 
möglicher trojaner-befall? malwarebytes blockiert potentiell gefährliche zugänge - Standard

möglicher trojaner-befall? malwarebytes blockiert potentiell gefährliche zugänge


hallo,

ich habe folgendes problem: vor zwei tagen hat mcafee die meldung ausgegeben, dass ein trojaner von meinem pc entfernt wurde und keine weiteren schritte notwendig seien.
ich habe dann mit mcafee einen scan durchgeführt, bei dem nichts gefunden wurde.
um sicher zu gehen, habe ich mir noch Malwarebytes runtergeladen und den pc gescannt - auch nichts gefunden.

allerdings erhalte ich nun mehrmals am tag von Malwarebytes eine meldung, dass ein potentiell gefährlicher zugang blockiert wurde:

Code:
ATTFilter
2012/11/02 19:52:59 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Starting protection
2012/11/02 19:52:59 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Protection started successfully
2012/11/02 19:52:59 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Starting IP protection
2012/11/02 19:53:20 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	IP Protection started successfully
2012/11/02 19:54:32 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Starting database refresh
2012/11/02 19:54:32 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Stopping IP protection
2012/11/02 19:54:33 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	IP Protection stopped successfully
2012/11/02 19:54:38 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Database refreshed successfully
2012/11/02 19:54:38 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Starting IP protection
2012/11/02 19:54:48 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	IP Protection started successfully
2012/11/02 19:59:24 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Executing scheduled update:  Daily
2012/11/02 19:59:28 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Database already up-to-date
2012/11/02 20:13:21 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	222.186.30.31 (Type: outgoing, Port: 137)
2012/11/02 20:13:21 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	222.186.30.31 (Type: outgoing, Port: 137)
2012/11/02 20:13:21 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	222.186.30.31 (Type: outgoing, Port: 137)
2012/11/02 23:56:53 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	193.169.40.44 (Type: outgoing, Port: 51390, Process: firefox.exe)
2012/11/02 23:56:53 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	193.169.40.44 (Type: outgoing, Port: 51391, Process: firefox.exe)
Code:
ATTFilter
2012/11/03 00:38:07 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	178.208.83.16 (Type: outgoing, Port: 52589, Process: firefox.exe)
2012/11/03 08:53:20 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Executing scheduled update:  Daily
2012/11/03 08:53:24 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Starting protection
2012/11/03 08:53:24 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Protection started successfully
2012/11/03 08:53:24 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Starting IP protection
2012/11/03 08:53:39 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Scheduled update executed successfully:  database updated from version v2012.11.02.10 to version v2012.11.03.03
2012/11/03 08:53:39 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	IP Protection started successfully
2012/11/03 08:53:39 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Starting database refresh
2012/11/03 08:53:39 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Stopping IP protection
2012/11/03 08:53:39 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	IP Protection stopped successfully
2012/11/03 08:53:43 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Database refreshed successfully
2012/11/03 08:53:43 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Starting IP protection
2012/11/03 08:53:51 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	IP Protection started successfully
2012/11/03 11:37:47 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	222.186.30.31 (Type: outgoing, Port: 137)
2012/11/03 11:37:55 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	222.186.30.31 (Type: outgoing, Port: 137)
2012/11/03 11:37:55 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	222.186.30.31 (Type: outgoing, Port: 137)
2012/11/03 15:26:47 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	109.163.227.110 (Type: outgoing, Port: 54654, Process: firefox.exe)
2012/11/03 15:27:19 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	109.163.227.110 (Type: outgoing, Port: 54662, Process: firefox.exe)
2012/11/03 15:27:27 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	109.163.227.110 (Type: outgoing, Port: 54667, Process: firefox.exe)
2012/11/03 15:28:56 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	109.163.227.110 (Type: outgoing, Port: 54774, Process: firefox.exe)
2012/11/03 15:29:12 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	109.163.227.110 (Type: outgoing, Port: 54788, Process: firefox.exe)
2012/11/03 15:29:12 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	109.163.227.110 (Type: outgoing, Port: 54789, Process: firefox.exe)
2012/11/03 15:57:01 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	222.186.30.31 (Type: outgoing, Port: 137)
2012/11/03 15:59:26 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	93.114.45.126 (Type: outgoing, Port: 55134, Process: firefox.exe)
2012/11/03 15:59:26 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	93.114.45.126 (Type: outgoing, Port: 55135, Process: firefox.exe)
2012/11/03 16:00:14 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	109.163.227.110 (Type: outgoing, Port: 55186, Process: firefox.exe)
2012/11/03 16:00:22 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	109.163.227.110 (Type: outgoing, Port: 55197, Process: firefox.exe)
2012/11/03 16:00:22 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	109.163.227.110 (Type: outgoing, Port: 55198, Process: firefox.exe)
2012/11/03 16:00:22 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	109.163.227.110 (Type: outgoing, Port: 55199, Process: firefox.exe)
2012/11/03 16:00:22 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	109.163.227.110 (Type: outgoing, Port: 55200, Process: firefox.exe)
2012/11/03 16:00:22 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	109.163.227.110 (Type: outgoing, Port: 55201, Process: firefox.exe)
2012/11/03 16:00:22 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	109.163.227.110 (Type: outgoing, Port: 55202, Process: firefox.exe)
2012/11/03 16:00:22 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	109.163.227.110 (Type: outgoing, Port: 55209, Process: firefox.exe)
2012/11/03 16:00:22 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	109.163.227.110 (Type: outgoing, Port: 55210, Process: firefox.exe)
2012/11/03 16:00:30 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	109.163.227.110 (Type: outgoing, Port: 55212, Process: firefox.exe)
2012/11/03 16:00:30 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	109.163.227.110 (Type: outgoing, Port: 55213, Process: firefox.exe)
2012/11/03 16:00:30 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	109.163.227.110 (Type: outgoing, Port: 55214, Process: firefox.exe)
2012/11/03 16:00:30 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	109.163.227.110 (Type: outgoing, Port: 55215, Process: firefox.exe)
2012/11/03 16:00:54 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	109.163.226.229 (Type: outgoing, Port: 55237, Process: firefox.exe)
2012/11/03 16:00:54 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	109.163.226.229 (Type: outgoing, Port: 55239, Process: firefox.exe)
2012/11/03 16:01:51 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	109.163.227.110 (Type: outgoing, Port: 55343, Process: firefox.exe)
2012/11/03 16:01:51 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	109.163.227.110 (Type: outgoing, Port: 55344, Process: firefox.exe)
2012/11/03 16:08:00 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	222.186.3.15 (Type: outgoing, Port: 137)
2012/11/03 20:34:23 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	222.186.30.31 (Type: outgoing, Port: 137)
2012/11/03 20:34:23 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	222.186.30.31 (Type: outgoing, Port: 137)
2012/11/03 20:34:23 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	222.186.30.31 (Type: outgoing, Port: 137)
2012/11/03 23:22:39 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	219.146.8.78 (Type: outgoing, Port: 137)
2012/11/03 23:22:48 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	219.146.8.78 (Type: outgoing, Port: 137)
2012/11/03 23:22:48 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	219.146.8.78 (Type: outgoing, Port: 137)
Code:
ATTFilter
2012/11/04 05:17:45 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Executing scheduled update:  Daily
2012/11/04 05:17:52 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Starting protection
2012/11/04 05:17:52 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Protection started successfully
2012/11/04 05:17:52 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Starting IP protection
2012/11/04 05:18:03 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	IP Protection started successfully
2012/11/04 05:18:09 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Starting database refresh
2012/11/04 05:18:09 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Scheduled update executed successfully:  database updated from version v2012.11.03.03 to version v2012.11.04.01
2012/11/04 05:18:09 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Stopping IP protection
2012/11/04 05:18:09 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	IP Protection stopped successfully
2012/11/04 05:18:13 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Database refreshed successfully
2012/11/04 05:18:13 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Starting IP protection
2012/11/04 05:18:21 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	IP Protection started successfully
2012/11/04 12:25:18 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Starting protection
2012/11/04 12:25:19 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Protection started successfully
2012/11/04 12:25:19 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Starting IP protection
2012/11/04 12:25:28 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	IP Protection started successfully
2012/11/04 14:39:54 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	222.186.30.31 (Type: outgoing, Port: 137)
2012/11/04 19:17:38 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	222.186.30.31 (Type: outgoing, Port: 137)
2012/11/04 19:17:38 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	222.186.30.31 (Type: outgoing, Port: 137)
2012/11/04 19:17:38 +0100	CHRISTOPHER-PC	Christopher	IP-BLOCK	222.186.30.31 (Type: outgoing, Port: 137)
2012/11/04 20:00:14 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Stopping protection
2012/11/04 20:00:14 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Protection stopped successfully
2012/11/04 21:14:47 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Starting protection
2012/11/04 21:14:47 +0100	CHRISTOPHER-PC	Christopher	MESSAGE	Protection started successfully
bei den meldungen wo firefox als prozess angegeben ist, bin ich mir relativ sicher das es sich um fehlalarm handelt. sorgen machen mir diejenigen, bei denen kein prozess dazusteht. diese erscheinen ohne aktivitäten meinerseits. als würde ein (verstecktes) programm eine verbindung nach außen aufbauen wollen.

hier der bericht von malwarebytes:

Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.11.02.10

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 7.0.6002.18005
Christopher :: CHRISTOPHER-PC [Administrator]

Schutz: Aktiviert

02.11.2012 19:54:42
mbam-log-2012-11-02 (19-54-42).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 368961
Laufzeit: 2 Stunde(n), 18 Minute(n), 54 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
defogger:

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:33 on 04/11/2012 (Christopher)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
OTL:

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 04.11.2012 19:35:34 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Christopher\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,92 Gb Available Physical Memory | 64,21% Memory free
6,22 Gb Paging File | 4,65 Gb Available in Paging File | 74,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287,01 Gb Total Space | 202,80 Gb Free Space | 70,66% Space Free | Partition Type: NTFS
Drive D: | 11,08 Gb Total Space | 1,74 Gb Free Space | 15,66% Space Free | Partition Type: NTFS
 
Computer Name: CHRISTOPHER-PC | User Name: Christopher | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.11.04 19:35:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Christopher\Desktop\OTL.exe
PRC - [2012.10.16 13:02:04 | 001,111,432 | ---- | M] (Spigot, Inc.) -- C:\Programme\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2012.10.09 15:44:44 | 000,799,112 | ---- | M] (Spigot, Inc.) -- C:\Programme\Application Updater\ApplicationUpdater.exe
PRC - [2012.09.29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.09.12 11:21:04 | 001,278,648 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee.com\Agent\mcagent.exe
PRC - [2012.08.31 12:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) -- C:\Programme\Common Files\Mcafee\McSvcHost\McSvHost.exe
PRC - [2012.06.22 06:55:08 | 000,166,320 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2012.06.22 06:51:34 | 000,168,368 | ---- | M] (McAfee, Inc.) -- C:\Programme\Common Files\Mcafee\SystemCore\mfefire.exe
PRC - [2012.06.22 06:49:14 | 000,200,816 | ---- | M] (McAfee, Inc.) -- C:\Programme\Common Files\Mcafee\SystemCore\mcshield.exe
PRC - [2012.01.03 15:31:34 | 001,391,272 | ---- | M] (Ask) -- C:\Programme\Ask.com\Updater\Updater.exe
PRC - [2010.12.08 10:45:16 | 000,253,264 | ---- | M] () -- C:\Programme\1&1 Surf-Stick\AssistantServices.exe
PRC - [2010.12.08 10:45:16 | 000,139,088 | ---- | M] () -- C:\Programme\1&1 Surf-Stick\UIExec.exe
PRC - [2010.04.13 19:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Online Backup\MOBKbackup.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009.02.26 14:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2009.02.09 17:14:02 | 000,296,320 | ---- | M] () -- C:\Programme\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
PRC - [2009.02.09 17:14:02 | 000,116,096 | ---- | M] () -- C:\Programme\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
PRC - [2009.02.09 17:13:36 | 000,206,120 | ---- | M] (CyberLink Corp.) -- C:\Programme\Hewlett-Packard\Media\TV\TVAgent.exe
PRC - [2008.10.06 09:54:52 | 000,365,952 | ---- | M] () -- C:\Programme\SMINST\BLService.exe
PRC - [2008.09.26 20:14:10 | 000,446,556 | ---- | M] (IDT, Inc.) -- C:\Programme\IDT\WDM\sttray.exe
PRC - [2008.09.26 20:13:54 | 000,237,650 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\stacsv.exe
PRC - [2008.09.26 20:13:26 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\AEstSrv.exe
PRC - [2008.09.26 01:36:40 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Programme\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2008.09.25 17:42:24 | 000,189,736 | ---- | M] (CyberLink) -- C:\Programme\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2008.09.25 17:41:44 | 001,152,296 | ---- | M] (CyberLink Corp.) -- C:\Programme\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
PRC - [2008.09.23 10:03:38 | 000,912,688 | ---- | M] (Hewlett-Packard) -- C:\Programme\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.06.18 19:47:56 | 001,711,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\2467a133aee73396c830b9b0a9c7ec0d\Microsoft.VisualBasic.ni.dll
MOD - [2012.06.18 19:43:41 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\508b444db523c5cf20ff12c7f440837b\System.Web.ni.dll
MOD - [2012.06.18 19:43:25 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012.06.18 19:42:41 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
MOD - [2012.06.18 19:42:31 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\1b337cf9a031145849bc48c11b2cfe58\Accessibility.ni.dll
MOD - [2012.06.17 18:44:11 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012.06.17 18:43:16 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012.06.17 18:42:57 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012.06.16 20:36:40 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\bfdd10e0a0aacf46bac557ffc5d55ba5\System.Data.ni.dll
MOD - [2012.06.16 20:36:25 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c8c3ab08933fef9fb6657da871395c46\PresentationFramework.Aero.ni.dll
MOD - [2012.06.16 20:36:23 | 014,329,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7343fbab1ba137db2f8b284047ef3f3c\PresentationFramework.ni.dll
MOD - [2012.06.16 20:35:56 | 012,219,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7b6293b0c23321c255c2530aea8e32bb\PresentationCore.ni.dll
MOD - [2012.06.16 20:35:33 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\54426ee1881b42af5b090e223f43823c\WindowsBase.ni.dll
MOD - [2012.06.16 20:35:28 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012.06.16 20:35:08 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2010.12.08 10:45:16 | 000,139,088 | ---- | M] () -- C:\Programme\1&1 Surf-Stick\UIExec.exe
MOD - [2010.09.25 15:30:55 | 001,691,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3194.25263__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2010.09.25 15:30:55 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3194.25390__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2010.09.25 15:30:55 | 000,266,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3194.25243__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2010.09.25 15:30:55 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3194.25266__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2010.09.25 15:30:55 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3194.25362__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2010.09.25 15:30:55 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3194.25334__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2010.09.25 15:30:55 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3194.25259__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2010.09.25 15:30:55 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3194.25311__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2010.09.25 15:30:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3194.25252__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2010.09.25 15:30:42 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3194.25391__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2010.09.25 15:30:42 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3194.25251__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2010.09.25 15:30:41 | 000,356,352 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3194.25342__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2010.09.25 15:30:41 | 000,147,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3194.25389__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2010.09.25 15:30:41 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3194.25343__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2010.09.25 15:30:41 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3194.25341__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2010.09.25 15:30:41 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3194.25388__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2010.09.25 15:30:40 | 000,811,008 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3194.25315__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2010.09.25 15:30:40 | 000,589,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3194.25268__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2010.09.25 15:30:40 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3194.25254__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2010.09.25 15:30:40 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3194.25354__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2010.09.25 15:30:40 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3194.25332__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2010.09.25 15:30:40 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3194.25273__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2010.09.25 15:30:40 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3194.25267__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2010.09.25 15:30:40 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3194.25329__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2010.09.25 15:30:40 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3194.25314__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2010.09.25 15:30:40 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3194.25272__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2010.09.25 15:30:40 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3194.25328__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2010.09.25 15:30:39 | 000,450,560 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3194.25307__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2010.09.25 15:30:39 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3194.25312__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2010.09.25 15:30:39 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3194.25331__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2010.09.25 15:30:38 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3194.25313__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2010.09.25 15:30:38 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3194.25313__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2010.09.25 15:30:38 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3127.31122__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2010.09.25 15:30:38 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3127.31117__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2010.09.25 15:30:38 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3127.31128__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2010.09.25 15:30:38 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3127.31160__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2010.09.25 15:30:38 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3127.31131__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2010.09.25 15:30:38 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3127.31160__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2010.09.25 15:30:38 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2010.09.25 15:30:37 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3127.31111__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2010.09.25 15:30:37 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3127.31124__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2010.09.25 15:30:37 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2010.09.25 15:30:37 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3127.31108__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2010.09.25 15:30:37 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3127.31110__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2010.09.25 15:30:37 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3127.31186__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2010.09.25 15:30:37 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3127.31134__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2010.09.25 15:30:37 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3127.31124__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2010.09.25 15:30:37 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3127.31121__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2010.09.25 15:30:37 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3127.31118__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2010.09.25 15:30:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3127.31130__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2010.09.25 15:30:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3127.31156__90ba9c70f846762e\DEM.OS.dll
MOD - [2010.09.25 15:30:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2010.09.25 15:30:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3127.31135__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2010.09.25 15:30:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2010.09.25 15:30:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3127.31123__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2010.09.25 15:30:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3127.31137__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2010.09.25 15:30:36 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3127.31143__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2010.09.25 15:30:36 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3127.31143__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2010.09.25 15:30:36 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3127.31140__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2010.09.25 15:30:36 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3127.31156__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2010.09.25 15:30:36 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3127.31130__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2010.09.25 15:30:36 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3127.31155__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2010.09.25 15:30:36 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3127.31137__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2010.09.25 15:30:36 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3127.31141__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2010.09.25 15:30:36 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3127.31136__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2010.09.25 15:30:36 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3127.31135__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2010.09.25 15:30:35 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3127.31140__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2010.09.25 15:30:35 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3127.31139__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2010.09.25 15:30:35 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3127.31142__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2010.09.25 15:30:35 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3127.31136__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2010.09.25 15:30:35 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3127.31131__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2010.09.25 15:30:35 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2010.09.25 15:30:35 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3127.31130__90ba9c70f846762e\APM.Foundation.dll
MOD - [2010.09.25 15:30:35 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3127.31123__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2010.09.25 15:30:32 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3194.25405__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2010.09.25 15:30:32 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2010.09.25 15:30:32 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3194.25418__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2010.09.25 15:30:32 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3194.25239__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2010.09.25 15:30:32 | 000,005,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.3194.25373_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll
MOD - [2010.09.25 15:30:32 | 000,004,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.resources\2.0.3194.25247_de_90ba9c70f846762e\CLI.Component.Dashboard.resources.dll
MOD - [2010.09.25 15:30:31 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3194.25373__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2010.09.25 15:30:31 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3194.25258__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2010.09.25 15:30:31 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3194.25381__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2010.09.25 15:30:31 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3194.25240__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2010.09.25 15:30:31 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3194.25378__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2010.09.25 15:30:31 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3194.25242__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2010.09.25 15:30:31 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3127.31133__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2010.09.25 15:30:31 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3127.31115__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2010.09.25 15:30:31 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3127.31119__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2010.09.25 15:30:31 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3127.31132__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2010.09.25 15:30:31 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3127.31132__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2010.09.25 15:30:31 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3127.31129__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2010.09.25 15:30:31 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3127.31114__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2010.09.25 15:30:31 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2010.09.25 15:30:30 | 001,028,096 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3194.25247__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2010.09.25 15:30:30 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3194.25240__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2010.09.25 15:30:30 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3194.25237__90ba9c70f846762e\APM.Server.dll
MOD - [2010.09.25 15:30:30 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3194.25238__90ba9c70f846762e\AEM.Server.dll
MOD - [2010.09.25 15:30:30 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3127.31126__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2010.09.25 15:30:30 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2010.09.25 15:30:30 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3194.25380__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2010.09.25 15:30:30 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3127.31144__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009.03.30 05:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009.03.30 05:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.30 05:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.03.30 05:42:11 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_de_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
MOD - [2009.02.25 02:16:56 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2009.02.25 02:16:56 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2009.02.09 17:14:04 | 000,124,288 | ---- | M] () -- C:\Programme\Hewlett-Packard\Media\TV\Kernel\TV\CLSchMgr.dll
MOD - [2009.02.09 17:14:02 | 000,263,560 | ---- | M] () -- C:\Programme\Hewlett-Packard\Media\TV\Kernel\TV\CLCapEngine.dll
MOD - [2009.02.09 17:14:02 | 000,038,184 | ---- | M] () -- C:\Programme\Hewlett-Packard\Media\TV\Kernel\TV\CLCapSvcps.dll
MOD - [2009.02.09 17:14:00 | 000,349,480 | ---- | M] () -- C:\Programme\Hewlett-Packard\Media\TV\Kernel\TV\CLTinyDB.dll
MOD - [2009.02.09 17:13:26 | 000,066,856 | ---- | M] () -- C:\Programme\Hewlett-Packard\Media\TV\Kernel\Common\MCEMediaStatus.dll
MOD - [2008.09.29 16:51:26 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008.09.25 17:42:26 | 000,881,960 | ---- | M] () -- C:\Programme\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
MOD - [2008.08.22 09:03:00 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2007.08.14 12:59:54 | 006,365,184 | ---- | M] () -- C:\Programme\Common Files\LightScribe\QtGui4.dll
MOD - [2007.07.12 12:55:52 | 000,131,072 | ---- | M] () -- C:\Programme\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2007.07.12 12:55:28 | 001,581,056 | ---- | M] () -- C:\Programme\Common Files\LightScribe\QtCore4.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe /s Norton Internet Security /m C:\Program Files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll /prefetch:1 -- (Norton Internet Security)
SRV - [2012.10.28 23:59:13 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.25 09:04:49 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.09 15:44:44 | 000,799,112 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Programme\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.09.10 16:44:06 | 000,279,048 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2012.08.31 12:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2012.08.31 12:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2012.08.31 12:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2012.08.31 12:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2012.08.31 12:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2012.08.31 12:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2012.08.31 12:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2012.06.22 06:55:08 | 000,166,320 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2012.06.22 06:51:34 | 000,168,368 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2012.06.22 06:49:14 | 000,200,816 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011.07.20 04:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010.12.08 10:45:16 | 000,253,264 | ---- | M] () [Auto | Running] -- C:\Programme\1&1 Surf-Stick\AssistantServices.exe -- (UI Assistant Service)
SRV - [2010.04.13 19:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Programme\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2009.02.09 17:14:02 | 000,296,320 | ---- | M] () [Auto | Running] -- C:\Programme\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc)
SRV - [2009.02.09 17:14:02 | 000,116,096 | ---- | M] () [Auto | Running] -- C:\Programme\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- (TVSched)
SRV - [2008.10.06 09:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Programme\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008.09.26 20:13:54 | 000,237,650 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\stacsv.exe -- (STacSV)
SRV - [2008.09.26 20:13:26 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\AEstSrv.exe -- (AESTFilters)
SRV - [2008.02.03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008.01.21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.01.19 12:54:14 | 000,097,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\MSN Messenger\usnsvc.exe -- (usnjsvc)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS -- (SRTSPX)
DRV - File not found [File_System | System | Stopped] -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS -- (SRTSP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS -- (NAVEX15)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS -- (NAVENG)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (mfeavfk01)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.09.29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.06.22 06:58:12 | 000,060,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2012.06.22 06:55:18 | 000,206,784 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2012.06.22 06:53:48 | 000,092,192 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2012.06.22 06:52:38 | 000,554,048 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2012.06.22 06:51:46 | 000,360,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2012.06.22 06:51:16 | 000,061,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2012.06.22 06:50:56 | 000,230,224 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2012.06.22 06:50:24 | 000,127,992 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2012.04.20 15:40:44 | 000,146,872 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HipShieldK.sys -- (HipShieldK)
DRV - [2010.04.13 19:10:22 | 000,054,776 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\MOBK.sys -- (MOBKFilter)
DRV - [2009.10.29 19:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009.10.29 19:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2009.10.29 19:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2009.10.29 19:28:24 | 000,009,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2008.09.29 17:27:56 | 003,930,112 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.09.26 20:14:12 | 000,389,120 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008.09.26 01:36:34 | 000,059,376 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Programme\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
DRV - [2008.07.21 11:53:02 | 000,100,184 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008.05.28 16:54:20 | 000,022,072 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2008.04.28 10:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2008.04.27 10:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.03.27 11:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2008.03.27 11:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008.03.17 10:05:30 | 000,101,632 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008.02.14 15:56:02 | 000,118,784 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008.01.24 14:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV - [2008.01.21 03:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2007.06.18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\..\SearchScopes,DefaultScope = {F8A8A8A5-B365-473C-AA7C-184CE245C539}
IE - HKLM\..\SearchScopes\{57894ECA-22F7-48EE-B33C-F8E91C919BE0}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKLM\..\SearchScopes\{7F9762D3-6D28-4174-B2C2-6DEA8B1BD51C}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKLM\..\SearchScopes\{F8A8A8A5-B365-473C-AA7C-184CE245C539}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\6.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=852330CE-F35D-49DA-8803-E96BE28D3EE4&apn_sauid=DCBE4AB5-A78D-4FCD-96BB-D1A698D698A8
IE - HKCU\..\SearchScopes\{57894ECA-22F7-48EE-B33C-F8E91C919BE0}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKCU\..\SearchScopes\{7F9762D3-6D28-4174-B2C2-6DEA8B1BD51C}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKCU\..\SearchScopes\{BBE200DD-47EE-499E-AE51-7C82B9CFE061}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=302398&p={searchTerms}
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={searchTerms}
IE - HKCU\..\SearchScopes\{F8A8A8A5-B365-473C-AA7C-184CE245C539}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}:6.0.37
FF - prefs.js..extensions.enabledAddons: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.5.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:4.1
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.1
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=302398&p="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012.08.24 15:14:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.28 23:59:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.28 23:59:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2012.10.04 17:16:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.28 23:59:14 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.28 23:59:05 | 000,000,000 | ---D | M]
 
[2010.09.25 15:36:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christopher\AppData\Roaming\mozilla\Extensions
[2012.10.25 18:50:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christopher\AppData\Roaming\mozilla\Firefox\Profiles\2hshrfwh.default\extensions
[2012.10.25 18:51:27 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Christopher\AppData\Roaming\mozilla\Firefox\Profiles\2hshrfwh.default\extensions\toolbar@ask.com
[2012.10.08 18:25:17 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Christopher\AppData\Roaming\mozilla\firefox\profiles\2hshrfwh.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.01.03 15:27:44 | 000,002,333 | ---- | M] () -- C:\Users\Christopher\AppData\Roaming\mozilla\firefox\profiles\2hshrfwh.default\searchplugins\askcom.xml
[2012.10.28 23:59:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.10.28 23:59:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.10.28 23:59:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.10.28 23:59:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2012.08.24 15:14:12 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2012.10.28 23:59:04 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2012.10.28 23:59:14 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.10.20 08:27:45 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.20 08:27:45 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.20 08:27:45 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.20 08:27:45 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.20 08:27:45 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.20 08:27:45 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\6.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\6.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DVDAgent] C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Programme\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon]  File not found
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SmartMenu] C:\Programme\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [TSMAgent] C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [TVAgent] C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UIExec] C:\Program Files\1&1 Surf-Stick\UIExec.exe ()
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O8 - Extra context menu item: &AOL Toolbar-Suche - C:\ProgramData\AOL\ieToolbar\resources\de-DE\local\search.html ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5EC8687E-215F-442C-B6AF-3E2031450235}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9BDC2E49-2576-4912-A90B-A0400BC3C60E}: NameServer = 141.30.66.1,141.30.66.135
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Silhouette.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Silhouette.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{af751361-d6da-11df-9056-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{af751361-d6da-11df-9056-806e6f6e6963}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{bbea20e6-c980-11df-b586-00235a2ae087}\Shell - "" = AutoRun
O33 - MountPoints2\{bbea20e6-c980-11df-b586-00235a2ae087}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{bbea20eb-c980-11df-b586-00235a2ae087}\Shell - "" = AutoRun
O33 - MountPoints2\{bbea20eb-c980-11df-b586-00235a2ae087}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{bbea2113-c980-11df-b586-00235a2ae087}\Shell - "" = AutoRun
O33 - MountPoints2\{bbea2113-c980-11df-b586-00235a2ae087}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{e72f8b79-d6d9-11df-abc9-00235a2ae087}\Shell - "" = AutoRun
O33 - MountPoints2\{e72f8b79-d6d9-11df-abc9-00235a2ae087}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.04 19:34:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Christopher\Desktop\OTL.exe
[2012.11.04 12:31:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012.11.02 19:52:31 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Malwarebytes
[2012.11.02 19:52:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.11.02 19:52:03 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.11.02 19:52:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.10.28 23:59:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.10.25 18:50:25 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2012.10.25 18:40:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
[2012.10.24 23:06:31 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\Macromedia
[2012.10.23 18:39:35 | 000,000,000 | R--D | C] -- C:\Users\Christopher\Dropbox
[2012.10.23 18:36:43 | 000,000,000 | ---D | C] -- C:\Program Files\Dropbox
[2012.10.23 18:36:10 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2012.10.23 18:35:03 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Dropbox
[2012.10.20 08:29:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2012.10.20 08:29:51 | 000,000,000 | ---D | C] -- C:\Program Files\pdfforge Toolbar
[2012.10.20 08:29:51 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2012.10.20 08:27:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.10.20 08:27:56 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.10.13 17:15:58 | 000,000,000 | ---D | C] -- C:\Users\Christopher\Desktop\Music
[2012.10.07 13:16:32 | 000,000,000 | ---D | C] -- C:\Users\Christopher\Desktop\Wintersemester 12~13
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.04 19:35:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Christopher\Desktop\OTL.exe
[2012.11.04 19:33:55 | 000,000,000 | ---- | M] () -- C:\Users\Christopher\defogger_reenable
[2012.11.04 19:33:29 | 000,050,477 | ---- | M] () -- C:\Users\Christopher\Desktop\Defogger.exe
[2012.11.04 19:04:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.04 18:24:54 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.04 18:24:54 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.04 12:31:20 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.11.04 12:31:20 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.11.04 12:31:20 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.11.04 12:31:19 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.11.04 12:24:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.04 12:24:41 | 3218,952,192 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.04 05:25:52 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.11.02 17:44:43 | 000,554,880 | ---- | M] () -- C:\Users\Christopher\Desktop\abschluss0d18f3b9-23e2-4c5a-ab7a-999fcebc07ba.pdf
[2012.10.29 08:09:07 | 000,006,836 | ---- | M] () -- C:\Users\Christopher\AppData\Local\d3d9caps.dat
 
========== Files Created - No Company Name ==========
 
[2012.11.04 19:33:55 | 000,000,000 | ---- | C] () -- C:\Users\Christopher\defogger_reenable
[2012.11.04 19:33:27 | 000,050,477 | ---- | C] () -- C:\Users\Christopher\Desktop\Defogger.exe
[2012.11.02 17:44:42 | 000,554,880 | ---- | C] () -- C:\Users\Christopher\Desktop\abschluss0d18f3b9-23e2-4c5a-ab7a-999fcebc07ba.pdf
[2012.10.24 23:04:48 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2011.05.12 07:39:58 | 000,006,836 | ---- | C] () -- C:\Users\Christopher\AppData\Local\d3d9caps.dat
[2011.01.26 18:39:19 | 000,006,144 | ---- | C] () -- C:\Users\Christopher\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.17 19:39:52 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.11.03 14:04:53 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\Dropbox
[2010.11.03 18:46:17 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\IrfanView
[2010.09.26 16:30:31 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\Vodafone
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---


ich hoffe ihr könnt mir helfen, ich bedanke mich schonmal im voraus!

 

Themen zu möglicher trojaner-befall? malwarebytes blockiert potentiell gefährliche zugänge
adobe, autorun, bho, blockiert, branding, defender, fehlalarm, flash player, format, helper, home, intranet, logfile, mozilla, pdfforge toolbar, plug-in, port, problem, programm, prozess, realtek, registry, scan, security, senden, siteadvisor, software, trojaner, vista


« Google-Ergebnisse leiten auf andere Seiten weiter | Online-Banking-Trojaner bzw schädliche ZeuS/ZBot-Software »


Ähnliche Themen: möglicher trojaner-befall? malwarebytes blockiert potentiell gefährliche zugänge


  1. möglicher malware - Befall meines PC
    Plagegeister aller Art und deren Bekämpfung - 20.01.2015 (9)
  2. MCAfee LifeSafe - Internet Security Meldung: Potentiell unerwünschtes Programm blockiert
    Plagegeister aller Art und deren Bekämpfung - 05.12.2014 (3)
  3. Windows 7: MyStart - Incredibar entfernen, möglicher Trojaner Befall?
    Log-Analyse und Auswertung - 19.07.2014 (9)
  4. malwarebytes hat pups (potentiell unerwünschte software) gefunden - was tun?
    Plagegeister aller Art und deren Bekämpfung - 19.05.2014 (6)
  5. GMER Fehlermeldung/möglicher Befall?
    Plagegeister aller Art und deren Bekämpfung - 14.05.2014 (5)
  6. Windows 7 x64: Malwarebytes verhindert Zugriff von Skype.exe auf potentiell gefährliche IP-Adresse
    Log-Analyse und Auswertung - 25.01.2014 (15)
  7. Windows 7 möglicher Trojaner befall nach gefälschter Telekom-Mail
    Plagegeister aller Art und deren Bekämpfung - 24.01.2014 (9)
  8. WIN8.1: Malwarebytes Pro stoppt Zugänge zu bösartigen Seiten während Battle.net läuft
    Log-Analyse und Auswertung - 03.01.2014 (10)
  9. Mahnung Zip Datei heruntergeladen und geöffnet - möglicher Befall
    Plagegeister aller Art und deren Bekämpfung - 23.08.2013 (11)
  10. BKA-Trojaner --> Möglicher Befall von anderen Dateien möglich?
    Plagegeister aller Art und deren Bekämpfung - 04.04.2012 (3)
  11. PC plötzlich langsamer als gewohnt, möglicher Befall?
    Plagegeister aller Art und deren Bekämpfung - 05.01.2012 (23)
  12. Möglicher Maleware Befall - Typ unbekannt
    Log-Analyse und Auswertung - 09.04.2011 (37)
  13. Möglicher Trojaner/Backdoor-Befall nach Neuaufsetzung!
    Log-Analyse und Auswertung - 02.01.2010 (2)
  14. Möglicher Trojaner-Befall
    Log-Analyse und Auswertung - 31.12.2009 (2)
  15. möglicher virus befall (w32 hidrag/a) ??
    Mülltonne - 30.12.2008 (0)
  16. Möglicher Befall - Bitte um Auswertung
    Log-Analyse und Auswertung - 07.05.2007 (6)
  17. gefunden: potentiell gefährliche Software Hidden object iexplore.exe
    Log-Analyse und Auswertung - 17.04.2007 (9)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema möglicher trojaner-befall? malwarebytes blockiert potentiell gefährliche zugänge - hallo, ich habe folgendes problem: vor zwei tagen hat mcafee die meldung ausgegeben, dass ein trojaner von meinem pc entfernt wurde und keine weiteren schritte notwendig seien. ich habe dann - möglicher trojaner-befall? malwarebytes blockiert potentiell gefährliche zugänge...
Archiv
Du betrachtest: möglicher trojaner-befall? malwarebytes blockiert potentiell gefährliche zugänge auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131