| |
| |||||||
Log-Analyse und Auswertung: TR/ATRAPS.Gen + andere unerwünschte VirenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
04.12.2012, 16:10
| #1 |
| |  TR/ATRAPS.Gen + andere unerwünschte Viren Hallo, seit geraumer Zeit meldet mein Avira mehrere Viren u.a "TR/ATRAPS.Gen". Ich versuchte sie mit Malwarebytes zum Beispiel loszuwerden. Das Programm schien sie erkannt zu haben, aber ich bin sie nie wirklich losgeworden ... Jetzt meldet mein Malwarebytes gar nichts mehr, wenn ich es durchlaufen lasse aber mein Avira lässt ständig Pop Ups erscheinen, wo es hinweist, etwas gefunden zu haben. Schon etwas verzweifelnd. Ich hoffe, ihr könnt mir helfen. :/ Hier die Logs für euch: Anti Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.12.01.04 Windows Vista Service Pack 1 x64 NTFS Internet Explorer 7.0.6001.18000 Basti :: BASTI-PC [Administrator] 04.12.2012 09:40:33 mbam-log-2012-12-04 (09-40-33).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 663603 Laufzeit: 2 Stunde(n), 53 Minute(n), 45 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter OTL logfile created on: 04.12.2012 07:47:39 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Basti\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
6,00 Gb Total Physical Memory | 3,82 Gb Available Physical Memory | 63,66% Memory free
12,11 Gb Paging File | 9,80 Gb Available in Paging File | 80,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916,99 Gb Total Space | 171,80 Gb Free Space | 18,73% Space Free | Partition Type: NTFS
Drive D: | 14,52 Gb Total Space | 1,99 Gb Free Space | 13,74% Space Free | Partition Type: NTFS
Drive E: | 3,40 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 232,88 Gb Total Space | 168,12 Gb Free Space | 72,19% Space Free | Partition Type: NTFS
Computer Name: BASTI-PC | User Name: Basti | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
PRC - C:\Users\Basti\Desktop\OTL(1).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Users\Basti\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe (Microsoft Corporation.)
PRC - C:\Users\Basti\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\TrojanHunter 5.5\THGuard.exe (Mischel Internet Security)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe (Panasonic Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Last.fm\LastFM.exe (Last.fm)
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Users\Basti\Program Files (x86)\DNA\btdna.exe (BitTorrent, Inc.)
PRC - C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe ()
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
PRC - C:\Windows\SysWOW64\conime.exe (Microsoft Corporation)
PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files (x86)\Last.fm\srv_rtaudioplayback.dll ()
MOD - C:\Program Files (x86)\Last.fm\ext_messengernotify.dll ()
MOD - C:\Program Files (x86)\Last.fm\ext_skypenotify.dll ()
MOD - C:\Program Files (x86)\Last.fm\srv_madtranscode.dll ()
MOD - C:\Program Files (x86)\Last.fm\srv_httpinput.dll ()
MOD - C:\Program Files (x86)\Last.fm\LastFmFingerprint1.dll ()
MOD - C:\Program Files (x86)\Last.fm\breakpad.dll ()
MOD - C:\Program Files (x86)\Last.fm\Moose1.dll ()
MOD - C:\Program Files (x86)\Last.fm\LastFmTools1.dll ()
MOD - C:\Program Files (x86)\Last.fm\libfftw3f-3.dll ()
MOD - C:\Program Files (x86)\Last.fm\zlibwapi.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\plugins\iCalendarPlugin.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe ()
MOD - C:\Program Files (x86)\Rainlendar2\lfs.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\lua51.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\Last.fm\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Last.fm\QtSql4.dll ()
MOD - C:\Program Files (x86)\Last.fm\QtGui4.dll ()
MOD - C:\Program Files (x86)\Last.fm\QtXml4.dll ()
MOD - C:\Program Files (x86)\Last.fm\QtCore4.dll ()
MOD - C:\Program Files (x86)\Last.fm\imageformats\qmng4.dll ()
MOD - C:\Program Files (x86)\Last.fm\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Last.fm\imageformats\qjpeg4.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (TabletServiceWacom) -- C:\Windows\SysNative\Wacom_Tablet.exe ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll ()
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe (Microsoft Corporation.)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (DAUpdaterSvc) -- c:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\DAUpdaterSvc.Service.exe (BioWare)
SRV - (!SASCORE) -- C:\Programme\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (wlidsvc) -- c:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)
========== Driver Services (SafeList) ==========
DRV:64bit: - (SABKUTIL) -- C:\Program Files\SUPERAntiSpyware\SABKUTIL.sys File not found
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys ()
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys ()
DRV:64bit: - (snapman) -- C:\Windows\SysNative\DRIVERS\snapman.sys ()
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\DRIVERS\avipbb.sys ()
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\DRIVERS\avgntflt.sys ()
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys ()
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iastor.sys ()
DRV:64bit: - (wacmoumonitor) -- C:\Windows\SysNative\DRIVERS\wacmoumonitor.sys ()
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys ()
DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\DRIVERS\wacomvhid.sys ()
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys ()
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys ()
DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\DRIVERS\wacommousefilter.sys ()
DRV:64bit: - (WacomVKHid) -- C:\Windows\SysNative\DRIVERS\WacomVKHid.sys ()
DRV:64bit: - (AVMUNET) -- C:\Windows\SysNative\DRIVERS\avmunet.sys ()
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (ISODrive) -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys (EZB Systems, Inc.)
DRV - ({55662437-DA8C-40c0-AADA-2C816A897A49}) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl (Cyberlink Corp.)
DRV - (PCD5SRVC{8AAF211B-043E02A9-05040000}) -- C:\Programme\PC-Doctor for Windows\pcd5srvc_x64.pkms (PC-Doctor, Inc.)
DRV - (PDNMp50) -- C:\Windows\SysWOW64\drivers\PDNMp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (PDNSp50) -- C:\Windows\SysWOW64\drivers\PDNSp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {017E639E-7655-4B12-BF00-A9D580554CFD}
IE:64bit: - HKLM\..\SearchScopes\{017E639E-7655-4B12-BF00-A9D580554CFD}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
IE:64bit: - HKLM\..\SearchScopes\{D871CB93-D1FF-4B5B-AFAF-88164EA1652C}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE:64bit: - HKLM\..\SearchScopes\{FB9521CF-AA0D-400B-B12F-B15ADBD02725}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt
IE - HKLM\..\SearchScopes,DefaultScope = {017E639E-7655-4B12-BF00-A9D580554CFD}
IE - HKLM\..\SearchScopes\{017E639E-7655-4B12-BF00-A9D580554CFD}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
IE - HKLM\..\SearchScopes\{D871CB93-D1FF-4B5B-AFAF-88164EA1652C}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKLM\..\SearchScopes\{FB9521CF-AA0D-400B-B12F-B15ADBD02725}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\SearchScopes,DefaultScope = {6552C7DD-90A4-4387-B795-F8F96747DE19}
IE - HKCU\..\SearchScopes\{017E639E-7655-4B12-BF00-A9D580554CFD}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{D871CB93-D1FF-4B5B-AFAF-88164EA1652C}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKCU\..\SearchScopes\{FB9521CF-AA0D-400B-B12F-B15ADBD02725}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "XfireXO Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/"
FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.7
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q="
FF - prefs.js..network.proxy.type: 4
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files (x86)\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKCU\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Users\Basti\Program Files (x86)\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Basti\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Basti\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.10.05 19:34:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.10.05 19:34:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.10.05 19:34:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.18 11:52:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.11.30 15:46:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}: C:\Users\Basti\Program Files (x86)\DNA [2012.12.04 07:35:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.18 11:52:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.11.30 15:46:23 | 000,000,000 | ---D | M]
[2009.04.09 10:25:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Basti\AppData\Roaming\mozilla\Extensions
[2012.11.10 17:04:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Basti\AppData\Roaming\mozilla\Firefox\Profiles\tk13t1f6.default\extensions
[2010.07.22 20:09:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Basti\AppData\Roaming\mozilla\Firefox\Profiles\tk13t1f6.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.11.10 17:04:30 | 000,000,000 | ---D | M] (XfireXO Community Toolbar) -- C:\Users\Basti\AppData\Roaming\mozilla\Firefox\Profiles\tk13t1f6.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2012.11.10 17:04:40 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Users\Basti\AppData\Roaming\mozilla\Firefox\Profiles\tk13t1f6.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2009.04.09 15:35:29 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\Basti\AppData\Roaming\mozilla\Firefox\Profiles\tk13t1f6.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010.06.11 01:08:24 | 000,000,917 | ---- | M] () -- C:\Users\Basti\AppData\Roaming\mozilla\firefox\profiles\tk13t1f6.default\searchplugins\conduit.xml
[2012.11.30 15:23:33 | 000,000,950 | ---- | M] () -- C:\Users\Basti\AppData\Roaming\mozilla\firefox\profiles\tk13t1f6.default\searchplugins\icqplugin-1.xml
[2009.07.24 14:34:17 | 000,000,950 | ---- | M] () -- C:\Users\Basti\AppData\Roaming\mozilla\firefox\profiles\tk13t1f6.default\searchplugins\icqplugin-2.xml
[2009.08.12 05:53:02 | 000,000,950 | ---- | M] () -- C:\Users\Basti\AppData\Roaming\mozilla\firefox\profiles\tk13t1f6.default\searchplugins\icqplugin-3.xml
[2009.09.11 10:47:56 | 000,000,950 | ---- | M] () -- C:\Users\Basti\AppData\Roaming\mozilla\firefox\profiles\tk13t1f6.default\searchplugins\icqplugin-4.xml
[2009.10.30 08:57:34 | 000,000,950 | ---- | M] () -- C:\Users\Basti\AppData\Roaming\mozilla\firefox\profiles\tk13t1f6.default\searchplugins\icqplugin-5.xml
[2009.12.17 17:58:24 | 000,000,950 | ---- | M] () -- C:\Users\Basti\AppData\Roaming\mozilla\firefox\profiles\tk13t1f6.default\searchplugins\icqplugin-6.xml
[2010.01.07 20:25:08 | 000,000,950 | ---- | M] () -- C:\Users\Basti\AppData\Roaming\mozilla\firefox\profiles\tk13t1f6.default\searchplugins\icqplugin-7.xml
[2009.06.08 20:23:58 | 000,000,944 | ---- | M] () -- C:\Users\Basti\AppData\Roaming\mozilla\firefox\profiles\tk13t1f6.default\searchplugins\icqplugin.xml
[2012.10.27 23:55:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.10.27 23:55:24 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files (x86)\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.10.27 23:55:30 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2008.09.04 01:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npbittorrent.dll
[2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.08.10 10:38:28 | 000,072,960 | ---- | M] (Foxit Software Company) -- C:\Program Files (x86)\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2012.10.05 19:33:54 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll
[2012.02.14 16:44:57 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.07 09:50:38 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.02.14 16:44:57 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.14 16:44:57 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.14 16:44:57 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.14 16:44:57 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://start.icq.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Basti\AppData\Local\Google\Chrome\Application\11.0.696.71\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Basti\AppData\Local\Google\Chrome\Application\11.0.696.71\pdf.dll
CHR - plugin: Chrome NaCl (Disabled) = C:\Users\Basti\AppData\Local\Google\Chrome\Application\11.0.696.71\ppGoogleNaClPluginChrome.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Users\Basti\AppData\Local\Google\Chrome\Application\11.0.696.71\gears.dll
CHR - plugin: BitTorrent (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npbittorrent.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Pando Web Installer (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npPandoWebInst.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files (x86)\DNA\plugins\npbtdna.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Basti\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_1\
O1 HOSTS File: ([2010.07.31 21:23:45 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll ()
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.dll ()
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Programme\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DVDAgent] c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [THGuard] C:\Program Files (x86)\TrojanHunter 5.5\THGuard.exe (Mischel Internet Security)
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TSMAgent] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Basti\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [BitTorrent DNA] C:\Users\Basti\Program Files (x86)\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Basti\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O8:64bit: - Extra context menu item: &AOL Toolbar-Suche - C:\ProgramData\AOL\ieToolbar\resources\de-DE\local\search.html ()
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: &AOL Toolbar-Suche - C:\ProgramData\AOL\ieToolbar\resources\de-DE\local\search.html ()
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range2 ([*] in Lokales Intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 10.4.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{35AEFBDD-487B-4204-B8AB-DEE7EA99591C}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DD3424AF-4672-4093-A44A-33BA1DC28B37}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Basti\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Basti\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4c18e5d4-b35b-11df-820c-00248c07bd6c}\Shell - "" = AutoRun
O33 - MountPoints2\{4c18e5d4-b35b-11df-820c-00248c07bd6c}\Shell\AutoRun\command - "" = F:\preinst.exe
O33 - MountPoints2\{8f4fbe2c-b2fc-11de-896b-00150cc77426}\Shell - "" = AutoRun
O33 - MountPoints2\{8f4fbe2c-b2fc-11de-896b-00150cc77426}\Shell\AutoRun\command - "" = M:\LaunchU3.exe -a
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\M\Shell - "" = AutoRun
O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.12.01 12:53:10 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2012.12.01 10:45:36 | 000,000,000 | ---D | C] -- C:\Users\Basti\Documents\Raiderz
[2012.12.01 10:45:31 | 004,204,272 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des
[2012.12.01 10:44:54 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys
[2012.12.01 10:44:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2012.12.01 10:30:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.12.01 10:28:58 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.12.01 10:28:55 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.12.01 10:28:55 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012.12.01 10:18:02 | 000,000,000 | ---D | C] -- C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
[2012.11.30 15:51:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RaiderZ_Installer_20121022
[2012.11.30 15:45:30 | 000,000,000 | ---D | C] -- C:\Users\Basti\.swt
[2012.11.21 19:00:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Basti\Desktop\OTL(1).exe
[2012.11.18 11:53:44 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.11.18 11:51:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.11.18 11:51:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2009.10.24 14:06:40 | 1147,925,946 | ---- | C] (Nexon) -- C:\Program Files (x86)\DFOSetup12N.exe
[2006.06.26 06:33:46 | 000,163,840 | ---- | C] (アリスソフト) -- C:\Users\Basti\AppData\Local\Tempals_inst.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.12.04 07:35:43 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.04 07:35:42 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.04 07:35:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.03 21:29:54 | 000,007,592 | ---- | M] () -- C:\Users\Basti\AppData\Local\d3d9caps.dat
[2012.12.02 23:20:02 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1076486813-2031935461-2553922340-1000UA.job
[2012.12.02 23:15:10 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.01 17:20:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1076486813-2031935461-2553922340-1000Core.job
[2012.12.01 10:30:21 | 000,001,696 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.12.01 10:18:02 | 000,000,851 | ---- | M] () -- C:\Users\Basti\Desktop\RaiderZ.lnk
[2012.11.30 20:01:48 | 001,559,970 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.30 20:01:48 | 000,671,424 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.30 20:01:48 | 000,632,154 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.30 20:01:48 | 000,144,592 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.30 20:01:48 | 000,118,780 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.30 15:22:17 | 000,002,044 | ---- | M] () -- C:\Users\Basti\Desktop\Google Chrome.lnk
[2012.11.21 19:00:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Basti\Desktop\OTL(1).exe
[2012.11.21 19:00:03 | 000,000,000 | ---- | M] () -- C:\Users\Basti\defogger_reenable
[2012.11.21 18:59:20 | 000,050,477 | ---- | M] () -- C:\Users\Basti\Desktop\Defogger.exe
[2012.11.19 20:54:47 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.11.19 20:54:47 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.11.18 11:51:50 | 000,001,758 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012.11.10 15:33:54 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.12.03 21:29:54 | 000,007,592 | ---- | C] () -- C:\Users\Basti\AppData\Local\d3d9caps.dat
[2012.12.01 10:44:54 | 000,005,174 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd
[2012.12.01 10:30:21 | 000,001,696 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.12.01 10:18:02 | 000,000,851 | ---- | C] () -- C:\Users\Basti\Desktop\RaiderZ.lnk
[2012.11.21 19:00:03 | 000,000,000 | ---- | C] () -- C:\Users\Basti\defogger_reenable
[2012.11.21 18:59:20 | 000,050,477 | ---- | C] () -- C:\Users\Basti\Desktop\Defogger.exe
[2012.11.18 11:51:50 | 000,001,758 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012.10.02 22:29:03 | 000,000,553 | ---- | C] () -- C:\Windows\eReg.dat
[2012.08.17 08:33:32 | 000,059,392 | R--- | C] () -- C:\Windows\SysWow64\streamhlp.dll
[2012.06.14 22:11:04 | 000,000,150 | ---- | C] () -- C:\Users\Basti\AppData\Roaming\wklnhst.dat
[2012.04.26 07:47:00 | 000,000,552 | ---- | C] () -- C:\Users\Basti\AppData\Local\d3d8caps.dat
[2011.07.04 19:22:46 | 001,539,214 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.04.16 17:51:16 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.03.04 12:19:42 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2011.02.11 18:32:59 | 000,000,732 | ---- | C] () -- C:\Users\Basti\AppData\Local\d3d9caps64.dat
[2010.08.16 11:07:17 | 000,003,941 | ---- | C] () -- C:\Program Files (x86)\updater.config.xml
[2009.09.12 16:37:54 | 000,001,890 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2009.09.12 16:37:54 | 000,000,088 | RHS- | C] () -- C:\ProgramData\159E04BAFC.sys
[2009.04.09 10:23:28 | 000,056,832 | ---- | C] () -- C:\Users\Basti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.04.09 08:27:03 | 003,174,400 | ---- | C] () -- C:\Users\Basti\fritz.box_wlan_3050.16.04.07.image
========== ZeroAccess Check ==========
[2010.10.15 14:43:22 | 000,002,048 | -HS- | M] () -- C:\Windows\Installer\{7b7b5ea4-7ea3-c8cb-10e6-3ad0f993cf1b}\@
[2010.10.15 14:43:22 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{7b7b5ea4-7ea3-c8cb-10e6-3ad0f993cf1b}\L
[2012.12.01 17:07:31 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{7b7b5ea4-7ea3-c8cb-10e6-3ad0f993cf1b}\U
[2012.11.10 14:45:57 | 000,000,928 | ---- | M] () -- C:\Windows\Installer\{7b7b5ea4-7ea3-c8cb-10e6-3ad0f993cf1b}\U\00000001.@
[2012.12.01 17:07:30 | 000,014,848 | ---- | M] () -- C:\Windows\Installer\{7b7b5ea4-7ea3-c8cb-10e6-3ad0f993cf1b}\U\80000000.@
[2012.12.01 17:07:31 | 000,025,088 | ---- | M] () -- C:\Windows\Installer\{7b7b5ea4-7ea3-c8cb-10e6-3ad0f993cf1b}\U\800000cb.@
[2012.06.26 07:09:18 | 000,002,048 | -HS- | M] () -- C:\Users\Basti\AppData\Local\{7b7b5ea4-7ea3-c8cb-10e6-3ad0f993cf1b}\@
[2010.10.15 14:43:22 | 000,000,000 | -HSD | M] -- C:\Users\Basti\AppData\Local\{7b7b5ea4-7ea3-c8cb-10e6-3ad0f993cf1b}\L
[2010.10.15 14:43:22 | 000,000,000 | -HSD | M] -- C:\Users\Basti\AppData\Local\{7b7b5ea4-7ea3-c8cb-10e6-3ad0f993cf1b}\U
[2006.11.02 16:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\Users\Basti\AppData\Local\{7b7b5ea4-7ea3-c8cb-10e6-3ad0f993cf1b}\n.
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2011.01.21 16:56:31 | 012,898,304 | ---- | M] ()
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011.01.21 16:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.03.03 05:53:36 | 000,891,392 | ---- | M] ()
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.03.03 05:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008.01.21 03:50:58 | 000,513,024 | ---- | M] ()
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
|
| Themen zu TR/ATRAPS.Gen + andere unerwünschte Viren |
| akamai, antivir, askbar, autorun, avira, bho, bingbar, bonjour, downloader, explorer, firefox, flash player, format, google, helper, home, intranet, logfile, pando media booster, plug-in, pop ups, programm, registry, scan, security, senden, superantispyware, viren, vista, wlan |
Baum-Darstellung