| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Massenemails von meinem T-Online AccountWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
14.06.2013, 14:54
| #31 |
 |  Massenemails von meinem T-Online Account ich habe jetzt keinen bock mehr alles scheint sauber zu sein! |
|
14.06.2013, 14:55
| #32 |
| /// Malware-holic   | Massenemails von meinem T-Online Account scheint ist gut, es ist aber nicht alles sauber was meinst du warum im letzten log failed steht? aber is halt dein pc
__________________
__________________ |
|
14.06.2013, 15:03
| #33 |
| | Massenemails von meinem T-Online Account OTL Logfile:
__________________Code:
ATTFilter OTL logfile created on: 14.06.2013 15:53:40 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\kappen\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16614) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 15,91 Gb Total Physical Memory | 13,28 Gb Available Physical Memory | 83,47% Memory free 31,82 Gb Paging File | 28,94 Gb Available in Paging File | 90,94% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 279,45 Gb Total Space | 190,09 Gb Free Space | 68,02% Space Free | Partition Type: NTFS Drive D: | 394,18 Gb Total Space | 394,08 Gb Free Space | 99,97% Space Free | Partition Type: NTFS Computer Name: KAPPEN-PC | User Name: kappen | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.06.13 14:06:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\kappen\Desktop\OTL.exe PRC - [2013.06.13 14:04:59 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) -- C:\PROGRA~2\UTILIT~2\bar\1.bin\49barsvc.exe PRC - [2013.04.25 17:23:34 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012.09.17 07:39:30 | 000,171,600 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe PRC - [2012.08.17 17:02:07 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.07.01 10:10:07 | 002,326,920 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe PRC - [2012.06.22 09:23:22 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE PRC - [2012.06.22 09:23:22 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe PRC - [2012.06.22 09:23:22 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012.06.22 09:23:22 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2011.05.18 01:55:33 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe PRC - [2011.01.25 20:32:28 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe PRC - [2010.12.21 03:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010.12.21 03:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010.11.24 03:31:56 | 000,965,728 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe PRC - [2010.08.17 23:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe PRC - [2010.02.03 09:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe PRC - [2010.01.21 08:22:04 | 000,909,824 | ---- | M] (Sonix Technology Co., Ltd.) -- C:\Windows\vsnp2uvc.exe PRC - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe PRC - [2009.11.03 00:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe PRC - [2009.09.12 18:09:48 | 000,357,800 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe PRC - [2009.09.12 18:09:14 | 005,082,488 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe PRC - [2009.06.19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe PRC - [2009.06.19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe PRC - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe PRC - [2009.05.06 02:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe PRC - [2008.12.23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe PRC - [2008.08.14 06:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe PRC - [2007.11.30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ========== Modules (No Company Name) ========== MOD - [2013.04.25 17:23:34 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf MOD - [2011.01.18 22:21:56 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\asus\VirtualCamera\virtualCamera.ax MOD - [2009.11.03 00:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2009.11.03 00:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll MOD - [2007.11.30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ========== Services (SafeList) ========== SRV:64bit: - [2013.06.14 13:34:03 | 000,109,352 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler) SRV:64bit: - [2012.05.29 13:09:50 | 000,035,680 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) SRV:64bit: - [2011.01.25 23:11:56 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent) SRV:64bit: - [2010.11.30 00:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV:64bit: - [2010.09.23 04:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2009.11.24 01:53:58 | 000,127,784 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService) SRV:64bit: - [2009.11.24 01:53:54 | 005,556,520 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Windows\SysNative\Pen_Tablet.exe -- (TabletServicePen) SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2013.06.13 14:04:59 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\PROGRA~2\UTILIT~2\bar\1.bin\49barsvc.exe -- (UtilityChest_49Service) SRV - [2013.06.12 10:17:28 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012.10.10 03:22:26 | 000,277,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2012.10.08 12:42:54 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.09.17 07:39:30 | 000,171,600 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor11.0) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.07.01 10:10:07 | 002,326,920 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv) SRV - [2012.06.22 09:23:22 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService) SRV - [2012.06.22 09:23:22 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService) SRV - [2012.06.22 09:23:22 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.06.22 09:23:22 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.29 13:09:52 | 002,143,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2010.12.21 03:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010.12.21 03:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010.11.13 00:24:12 | 000,241,648 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2009.09.12 18:10:04 | 000,891,848 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012.10.10 03:22:28 | 005,343,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2012.10.08 12:42:36 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012.08.10 04:01:00 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2012.07.01 10:10:08 | 000,250,400 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp) DRV:64bit: - [2012.07.01 10:10:06 | 001,455,648 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm251.sys -- (tdrpman251) DRV:64bit: - [2012.07.01 10:10:05 | 000,929,312 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter) DRV:64bit: - [2012.07.01 10:10:01 | 000,254,496 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman) DRV:64bit: - [2012.06.22 09:23:22 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.06.22 09:23:22 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.04.13 05:05:16 | 000,075,016 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS) DRV:64bit: - [2012.04.13 05:05:02 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.01.15 16:18:31 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2011.10.07 10:49:50 | 002,770,944 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2011.03.13 19:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:64bit: - [2011.03.13 19:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV:64bit: - [2011.03.13 19:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP) DRV:64bit: - [2011.03.13 19:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:64bit: - [2011.03.13 19:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:64bit: - [2011.03.13 19:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort) DRV:64bit: - [2011.03.13 19:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.02.25 02:01:14 | 000,302,592 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc) DRV:64bit: - [2011.02.25 02:01:14 | 000,081,920 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh) DRV:64bit: - [2011.02.16 11:11:08 | 000,428,136 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010.11.30 00:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.05 17:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.10.20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010.10.14 18:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2010.09.23 10:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2010.09.08 13:39:32 | 000,129,024 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:64bit: - [2010.09.07 11:19:38 | 001,800,832 | ---- | M] (Sonix Technology Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) DRV:64bit: - [2010.08.20 22:08:46 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901) DRV:64bit: - [2009.08.28 00:06:34 | 000,018,216 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor) DRV:64bit: - [2009.07.20 11:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.20 20:54:06 | 000,015,656 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid) DRV:64bit: - [2008.05.24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV:64bit: - [2007.02.16 20:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter) DRV - [2012.02.01 13:24:02 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2010.07.26 22:57:20 | 000,017,024 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009.07.03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\..\URLSearchHook: {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7BFE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052%7D:2.0.0.576 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation) FF - HKCU\Software\MozillaPlugins\@phonostar.de/phonostar: C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll ( ) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2013.02.08 22:15:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kappen\AppData\Roaming\mozilla\Extensions [2013.06.13 21:37:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kappen\AppData\Roaming\mozilla\Firefox\Profiles\extensions [2013.02.08 22:33:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kappen\AppData\Roaming\mozilla\Firefox\Profiles\dv6b6w9r.default\Extensions [2012.10.04 17:57:36 | 000,214,514 | ---- | M] () (No name found) -- C:\Users\kappen\AppData\Roaming\mozilla\firefox\profiles\extensions\TorrentHandler@TorrentHandler.com.xpi File not found (No name found) -- C:\PROGRAM FILES\IB UPDATER\FIREFOX ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - Extension: AdblockPlus = C:\Users\kappen\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajhdafmlgdbnceanjdnahnblimohpdc\2.2.13_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O2 - BHO: (AdblockPlus) - {9FD6379A-EF46-4193-BC64-99F59DF1334F} - C:\Users\kappen\AppData\LocalLow\AdblockPlus\IE\AdblockPlus.dll (Wladimir Palant) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Utility Chest) - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll File not found O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Utility Chest) - {CF67755F-9265-449C-87CF-B945519E073B} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll File not found O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix Technology Co., Ltd.) O4:64bit: - HKLM..\Run: [Utility Chest Home Page Guard 64 bit] "C:\PROGRA~2\UTILIT~2\bar\1.bin\AppIntegrator64.exe" File not found O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation) O4 - HKCU..\Run: [phonostar-PlayerTimer] C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5A565F83-0F5D-40A5-A167-5A6FFD777046}: DhcpNameServer = 134.108.34.5 134.108.34.6 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5A565F83-0F5D-40A5-A167-5A6FFD777046}: NameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{920FAD4C-3077-416D-B08A-C443A04CFD16}: NameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (bootdelete) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.06.14 14:24:43 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.06.14 14:24:38 | 000,000,000 | ---D | C] -- C:\JRT [2013.06.14 14:24:32 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\kappen\Desktop\JRT.exe [2013.06.14 13:34:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro [2013.06.14 13:34:03 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro [2013.06.14 13:33:34 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro [2013.06.14 13:33:29 | 009,833,328 | ---- | C] (SurfRight B.V.) -- C:\Users\kappen\Desktop\HitmanPro_x64.exe [2013.06.13 21:03:26 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine [2013.06.13 20:03:18 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\kappen\Desktop\tdsskiller.exe [2013.06.13 14:06:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\kappen\Desktop\OTL.exe [2013.06.13 14:04:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UtilityChest_49 [5 C:\Users\kappen\Desktop\*.tmp files -> C:\Users\kappen\Desktop\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.06.14 15:52:59 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.14 15:52:59 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.14 15:48:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.06.14 15:45:56 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe [2013.06.14 15:45:55 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.06.14 15:45:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.06.14 15:45:22 | 4225,032,190 | -HS- | M] () -- C:\hiberfil.sys [2013.06.14 15:36:07 | 000,001,660 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini [2013.06.14 15:17:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.06.14 14:24:37 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\kappen\Desktop\JRT.exe [2013.06.14 13:50:04 | 000,007,934 | ---- | M] () -- C:\Users\kappen\Desktop\AW_ Bericht als Angebot.html [2013.06.14 13:34:03 | 000,001,911 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk [2013.06.14 13:33:32 | 009,833,328 | ---- | M] (SurfRight B.V.) -- C:\Users\kappen\Desktop\HitmanPro_x64.exe [2013.06.14 12:50:45 | 000,656,685 | ---- | M] () -- C:\Users\kappen\Desktop\1.jpg [2013.06.14 12:50:18 | 000,535,910 | ---- | M] () -- C:\Users\kappen\Desktop\jadequell-mit-geschirra1.jpg [2013.06.14 11:41:13 | 000,001,729 | ---- | M] () -- C:\Users\kappen\Desktop\matlab.exe.lnk [2013.06.14 11:40:25 | 010,908,165 | ---- | M] () -- C:\Users\kappen\Desktop\jadequell-preisverleihung1.jpg [2013.06.14 11:39:55 | 002,884,442 | ---- | M] () -- C:\Users\kappen\Desktop\teezeremonie-gruender-blickinkamera1.jpg [2013.06.13 20:54:49 | 000,648,201 | ---- | M] () -- C:\Users\kappen\Desktop\adwcleaner.exe [2013.06.13 20:03:24 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\kappen\Desktop\tdsskiller.exe [2013.06.13 18:02:48 | 000,002,638 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini [2013.06.13 14:06:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\kappen\Desktop\OTL.exe [2013.06.08 17:05:04 | 002,494,968 | ---- | M] () -- C:\Users\kappen\Desktop\DSC_0128.JPG [2013.06.07 16:49:34 | 001,020,922 | ---- | M] () -- C:\Users\kappen\Documents\fische2.jpg [2013.06.05 12:05:31 | 003,002,894 | ---- | M] () -- C:\Users\kappen\Desktop\baumgartes-mit-teebauer-grossa.jpg [2013.06.05 12:04:08 | 005,591,548 | ---- | M] () -- C:\Users\kappen\Desktop\jadequell-mit-geschirra.jpg [2013.06.01 14:43:17 | 000,000,132 | ---- | M] () -- C:\Users\kappen\AppData\Roaming\Adobe CS5-Voreinstellungen für PNG-Format [2013.05.31 10:32:12 | 000,603,078 | ---- | M] () -- C:\Users\kappen\Documents\King_Willem-Alexander,_Queen_Maxima_and_their_daughters_13.jpg [2013.05.29 18:13:18 | 004,620,189 | ---- | M] () -- C:\Users\kappen\Desktop\Trott-war_Juni_2013.pdf [2013.05.23 20:24:12 | 000,000,024 | ---- | M] () -- C:\Windows\ATKPF.ini [2013.05.15 17:46:04 | 002,063,280 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [5 C:\Users\kappen\Desktop\*.tmp files -> C:\Users\kappen\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.06.14 13:50:04 | 000,007,934 | ---- | C] () -- C:\Users\kappen\Desktop\AW_ Bericht als Angebot.html [2013.06.14 13:34:03 | 000,001,911 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk [2013.06.14 12:50:45 | 000,656,685 | ---- | C] () -- C:\Users\kappen\Desktop\1.jpg [2013.06.14 12:50:18 | 000,535,910 | ---- | C] () -- C:\Users\kappen\Desktop\jadequell-mit-geschirra1.jpg [2013.06.14 11:40:21 | 010,908,165 | ---- | C] () -- C:\Users\kappen\Desktop\jadequell-preisverleihung1.jpg [2013.06.14 11:39:53 | 002,884,442 | ---- | C] () -- C:\Users\kappen\Desktop\teezeremonie-gruender-blickinkamera1.jpg [2013.06.13 20:54:43 | 000,648,201 | ---- | C] () -- C:\Users\kappen\Desktop\adwcleaner.exe [2013.06.08 19:24:48 | 002,494,968 | ---- | C] () -- C:\Users\kappen\Desktop\DSC_0128.JPG [2013.06.07 16:49:34 | 001,020,922 | ---- | C] () -- C:\Users\kappen\Documents\fische2.jpg [2013.06.05 12:05:29 | 003,002,894 | ---- | C] () -- C:\Users\kappen\Desktop\baumgartes-mit-teebauer-grossa.jpg [2013.06.05 12:04:06 | 005,591,548 | ---- | C] () -- C:\Users\kappen\Desktop\jadequell-mit-geschirra.jpg [2013.06.01 14:43:17 | 000,000,132 | ---- | C] () -- C:\Users\kappen\AppData\Roaming\Adobe CS5-Voreinstellungen für PNG-Format [2013.05.31 10:32:11 | 000,603,078 | ---- | C] () -- C:\Users\kappen\Documents\King_Willem-Alexander,_Queen_Maxima_and_their_daughters_13.jpg [2013.05.29 18:13:18 | 004,620,189 | ---- | C] () -- C:\Users\kappen\Desktop\Trott-war_Juni_2013.pdf [2012.11.06 20:58:05 | 000,000,018 | -HS- | C] () -- C:\Windows\WINPROD.DLL [2012.10.10 03:22:34 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012.10.10 03:22:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin [2012.10.10 03:22:20 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin [2012.02.13 21:18:27 | 000,000,600 | ---- | C] () -- C:\Users\kappen\AppData\Roaming\winscp.rnd [2012.01.27 15:57:11 | 001,804,860 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.01.15 16:56:21 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini [2011.01.12 18:02:43 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.08.21 15:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.08.21 15:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.08.21 15:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.10.06 11:35:41 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\101Panda PDF Reader [2012.07.01 10:17:12 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Acronis [2012.01.15 15:37:18 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Asus WebStorage [2013.01.27 21:07:28 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Buca [2013.02.14 18:39:04 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\cef-cache [2012.04.18 18:48:00 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Drivers For Free [2012.10.15 20:50:17 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\f-secure [2013.02.14 01:30:05 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Hefi [2012.10.02 16:24:01 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\minimalarts_temp [2012.01.15 17:22:43 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Nuance [2013.02.09 00:34:14 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Party [2012.10.02 16:23:35 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\phonostar GmbH [2012.11.06 20:59:28 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Processor Expert [2012.04.18 17:25:21 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Softland [2012.03.31 15:34:05 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\TuneUp Software [2013.02.08 22:16:42 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Ubidra [2012.04.18 19:01:21 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\WTouch [2012.01.15 17:22:41 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Zeon ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:52DBE86F < End of report > |
|
14.06.2013, 15:11
| #34 |
| /// Malware-holic | Massenemails von meinem T-Online Account Hi, otl fix Fixen mit OTL
Code:
ATTFilter :OTL
IE - HKCU\..\URLSearchHook: {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Utility Chest) - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Utility Chest) - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Utility Chest Home Page Guard 64 bit] "C:\PROGRA~2\UTILIT~2\bar\1.bin\AppIntegrator64.exe" File not found
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
utilitychest_49
[2013.06.13 14:04:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UtilityChest_49
:files
:Commands
[emptytemp]
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
14.06.2013, 15:51
| #35 |
| | Massenemails von meinem T-Online Account OTL Logfile: Code:
ATTFilter OTL logfile created on: 14.06.2013 16:39:38 - Run 4 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\kappen\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16614) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 15,91 Gb Total Physical Memory | 13,24 Gb Available Physical Memory | 83,23% Memory free 31,82 Gb Paging File | 28,90 Gb Available in Paging File | 90,82% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 279,45 Gb Total Space | 190,09 Gb Free Space | 68,02% Space Free | Partition Type: NTFS Drive D: | 394,18 Gb Total Space | 394,08 Gb Free Space | 99,97% Space Free | Partition Type: NTFS Computer Name: KAPPEN-PC | User Name: kappen | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.06.13 14:06:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\kappen\Desktop\OTL.exe PRC - [2013.06.13 14:04:59 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) -- C:\PROGRA~2\UTILIT~2\bar\1.bin\49barsvc.exe PRC - [2013.04.25 17:23:34 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012.09.17 07:39:30 | 000,171,600 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe PRC - [2012.08.17 17:02:07 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.07.01 10:10:07 | 002,326,920 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe PRC - [2012.06.22 09:23:22 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE PRC - [2012.06.22 09:23:22 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe PRC - [2012.06.22 09:23:22 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012.06.22 09:23:22 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2011.05.18 01:55:33 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe PRC - [2011.01.25 20:32:28 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe PRC - [2010.12.21 03:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010.12.21 03:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010.11.24 03:31:56 | 000,965,728 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe PRC - [2010.08.17 23:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe PRC - [2010.02.03 09:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe PRC - [2010.01.21 08:22:04 | 000,909,824 | ---- | M] (Sonix Technology Co., Ltd.) -- C:\Windows\vsnp2uvc.exe PRC - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe PRC - [2009.11.03 00:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe PRC - [2009.09.12 18:09:48 | 000,357,800 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe PRC - [2009.09.12 18:09:14 | 005,082,488 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe PRC - [2009.06.19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe PRC - [2009.06.19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe PRC - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe PRC - [2009.05.06 02:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe PRC - [2008.12.23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe PRC - [2008.08.14 06:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe PRC - [2007.11.30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ========== Modules (No Company Name) ========== MOD - [2013.04.25 17:23:34 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf MOD - [2011.01.18 22:21:56 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\asus\VirtualCamera\virtualCamera.ax MOD - [2009.11.03 00:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2009.11.03 00:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll MOD - [2007.11.30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ========== Services (SafeList) ========== SRV:64bit: - [2013.06.14 13:34:03 | 000,109,352 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler) SRV:64bit: - [2012.05.29 13:09:50 | 000,035,680 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) SRV:64bit: - [2011.01.25 23:11:56 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent) SRV:64bit: - [2010.11.30 00:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV:64bit: - [2010.09.23 04:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2009.11.24 01:53:58 | 000,127,784 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService) SRV:64bit: - [2009.11.24 01:53:54 | 005,556,520 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Windows\SysNative\Pen_Tablet.exe -- (TabletServicePen) SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2013.06.13 14:04:59 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\PROGRA~2\UTILIT~2\bar\1.bin\49barsvc.exe -- (UtilityChest_49Service) SRV - [2013.06.12 10:17:28 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012.10.10 03:22:26 | 000,277,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2012.10.08 12:42:54 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.09.17 07:39:30 | 000,171,600 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor11.0) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.07.01 10:10:07 | 002,326,920 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv) SRV - [2012.06.22 09:23:22 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService) SRV - [2012.06.22 09:23:22 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService) SRV - [2012.06.22 09:23:22 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.06.22 09:23:22 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.29 13:09:52 | 002,143,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2010.12.21 03:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010.12.21 03:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010.11.13 00:24:12 | 000,241,648 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2009.09.12 18:10:04 | 000,891,848 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012.10.10 03:22:28 | 005,343,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2012.10.08 12:42:36 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012.08.10 04:01:00 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2012.07.01 10:10:08 | 000,250,400 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp) DRV:64bit: - [2012.07.01 10:10:06 | 001,455,648 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm251.sys -- (tdrpman251) DRV:64bit: - [2012.07.01 10:10:05 | 000,929,312 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter) DRV:64bit: - [2012.07.01 10:10:01 | 000,254,496 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman) DRV:64bit: - [2012.06.22 09:23:22 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.06.22 09:23:22 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.04.13 05:05:16 | 000,075,016 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS) DRV:64bit: - [2012.04.13 05:05:02 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.01.15 16:18:31 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2011.10.07 10:49:50 | 002,770,944 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2011.03.13 19:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:64bit: - [2011.03.13 19:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV:64bit: - [2011.03.13 19:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP) DRV:64bit: - [2011.03.13 19:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:64bit: - [2011.03.13 19:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:64bit: - [2011.03.13 19:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort) DRV:64bit: - [2011.03.13 19:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.02.25 02:01:14 | 000,302,592 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc) DRV:64bit: - [2011.02.25 02:01:14 | 000,081,920 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh) DRV:64bit: - [2011.02.16 11:11:08 | 000,428,136 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010.11.30 00:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.05 17:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.10.20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010.10.14 18:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2010.09.23 10:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2010.09.08 13:39:32 | 000,129,024 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:64bit: - [2010.09.07 11:19:38 | 001,800,832 | ---- | M] (Sonix Technology Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) DRV:64bit: - [2010.08.20 22:08:46 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901) DRV:64bit: - [2009.08.28 00:06:34 | 000,018,216 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor) DRV:64bit: - [2009.07.20 11:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.20 20:54:06 | 000,015,656 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid) DRV:64bit: - [2008.05.24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV:64bit: - [2007.02.16 20:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter) DRV - [2012.02.01 13:24:02 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2010.07.26 22:57:20 | 000,017,024 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009.07.03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3205339724-4250530709-1376320068-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login. IE - HKU\S-1-5-21-3205339724-4250530709-1376320068-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKU\S-1-5-21-3205339724-4250530709-1376320068-1001\..\URLSearchHook: {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} - No CLSID value found IE - HKU\S-1-5-21-3205339724-4250530709-1376320068-1001\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKU\S-1-5-21-3205339724-4250530709-1376320068-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT IE - HKU\S-1-5-21-3205339724-4250530709-1376320068-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-3205339724-4250530709-1376320068-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7BFE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052%7D:2.0.0.576 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation) FF - HKCU\Software\MozillaPlugins\@phonostar.de/phonostar: C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll ( ) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2013.02.08 22:15:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kappen\AppData\Roaming\mozilla\Extensions [2013.06.13 21:37:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kappen\AppData\Roaming\mozilla\Firefox\Profiles\extensions [2013.02.08 22:33:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kappen\AppData\Roaming\mozilla\Firefox\Profiles\dv6b6w9r.default\Extensions [2012.10.04 17:57:36 | 000,214,514 | ---- | M] () (No name found) -- C:\Users\kappen\AppData\Roaming\mozilla\firefox\profiles\extensions\TorrentHandler@TorrentHandler.com.xpi File not found (No name found) -- C:\PROGRAM FILES\IB UPDATER\FIREFOX ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - Extension: AdblockPlus = C:\Users\kappen\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajhdafmlgdbnceanjdnahnblimohpdc\2.2.13_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O2 - BHO: (AdblockPlus) - {9FD6379A-EF46-4193-BC64-99F59DF1334F} - C:\Users\kappen\AppData\LocalLow\AdblockPlus\IE\AdblockPlus.dll (Wladimir Palant) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Utility Chest) - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll File not found O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-3205339724-4250530709-1376320068-1001\..\Toolbar\WebBrowser: (Utility Chest) - {CF67755F-9265-449C-87CF-B945519E073B} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll File not found O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix Technology Co., Ltd.) O4:64bit: - HKLM..\Run: [Utility Chest Home Page Guard 64 bit] "C:\PROGRA~2\UTILIT~2\bar\1.bin\AppIntegrator64.exe" File not found O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3205339724-4250530709-1376320068-1001..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation) O4 - HKU\S-1-5-21-3205339724-4250530709-1376320068-1001..\Run: [phonostar-PlayerTimer] C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-3205339724-4250530709-1376320068-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5A565F83-0F5D-40A5-A167-5A6FFD777046}: DhcpNameServer = 134.108.34.5 134.108.34.6 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5A565F83-0F5D-40A5-A167-5A6FFD777046}: NameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{920FAD4C-3077-416D-B08A-C443A04CFD16}: NameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (bootdelete) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.06.14 14:24:43 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.06.14 14:24:38 | 000,000,000 | ---D | C] -- C:\JRT [2013.06.14 14:24:32 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\kappen\Desktop\JRT.exe [2013.06.14 13:34:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro [2013.06.14 13:34:03 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro [2013.06.14 13:33:34 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro [2013.06.14 13:33:29 | 009,833,328 | ---- | C] (SurfRight B.V.) -- C:\Users\kappen\Desktop\HitmanPro_x64.exe [2013.06.13 21:03:26 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine [2013.06.13 20:03:18 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\kappen\Desktop\tdsskiller.exe [2013.06.13 14:06:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\kappen\Desktop\OTL.exe [2013.06.13 14:04:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UtilityChest_49 [5 C:\Users\kappen\Desktop\*.tmp files -> C:\Users\kappen\Desktop\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.06.14 16:42:08 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.14 16:42:08 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.14 16:35:33 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.06.14 16:34:51 | 4225,032,190 | -HS- | M] () -- C:\hiberfil.sys [2013.06.14 16:34:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.06.14 15:48:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.06.14 15:45:56 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe [2013.06.14 15:36:07 | 000,001,660 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini [2013.06.14 15:17:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.06.14 14:24:37 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\kappen\Desktop\JRT.exe [2013.06.14 13:50:04 | 000,007,934 | ---- | M] () -- C:\Users\kappen\Desktop\AW_ Bericht als Angebot.html [2013.06.14 13:34:03 | 000,001,911 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk [2013.06.14 13:33:32 | 009,833,328 | ---- | M] (SurfRight B.V.) -- C:\Users\kappen\Desktop\HitmanPro_x64.exe [2013.06.14 12:50:45 | 000,656,685 | ---- | M] () -- C:\Users\kappen\Desktop\1.jpg [2013.06.14 12:50:18 | 000,535,910 | ---- | M] () -- C:\Users\kappen\Desktop\jadequell-mit-geschirra1.jpg [2013.06.14 11:41:13 | 000,001,729 | ---- | M] () -- C:\Users\kappen\Desktop\matlab.exe.lnk [2013.06.14 11:40:25 | 010,908,165 | ---- | M] () -- C:\Users\kappen\Desktop\jadequell-preisverleihung1.jpg [2013.06.14 11:39:55 | 002,884,442 | ---- | M] () -- C:\Users\kappen\Desktop\teezeremonie-gruender-blickinkamera1.jpg [2013.06.13 20:54:49 | 000,648,201 | ---- | M] () -- C:\Users\kappen\Desktop\adwcleaner.exe [2013.06.13 20:03:24 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\kappen\Desktop\tdsskiller.exe [2013.06.13 18:02:48 | 000,002,638 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini [2013.06.13 14:06:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\kappen\Desktop\OTL.exe [2013.06.08 17:05:04 | 002,494,968 | ---- | M] () -- C:\Users\kappen\Desktop\DSC_0128.JPG [2013.06.07 16:49:34 | 001,020,922 | ---- | M] () -- C:\Users\kappen\Documents\fische2.jpg [2013.06.05 12:05:31 | 003,002,894 | ---- | M] () -- C:\Users\kappen\Desktop\baumgartes-mit-teebauer-grossa.jpg [2013.06.05 12:04:08 | 005,591,548 | ---- | M] () -- C:\Users\kappen\Desktop\jadequell-mit-geschirra.jpg [2013.06.01 14:43:17 | 000,000,132 | ---- | M] () -- C:\Users\kappen\AppData\Roaming\Adobe CS5-Voreinstellungen für PNG-Format [2013.05.31 10:32:12 | 000,603,078 | ---- | M] () -- C:\Users\kappen\Documents\King_Willem-Alexander,_Queen_Maxima_and_their_daughters_13.jpg [2013.05.29 18:13:18 | 004,620,189 | ---- | M] () -- C:\Users\kappen\Desktop\Trott-war_Juni_2013.pdf [2013.05.23 20:24:12 | 000,000,024 | ---- | M] () -- C:\Windows\ATKPF.ini [2013.05.15 17:46:04 | 002,063,280 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [5 C:\Users\kappen\Desktop\*.tmp files -> C:\Users\kappen\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.06.14 13:50:04 | 000,007,934 | ---- | C] () -- C:\Users\kappen\Desktop\AW_ Bericht als Angebot.html [2013.06.14 13:34:03 | 000,001,911 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk [2013.06.14 12:50:45 | 000,656,685 | ---- | C] () -- C:\Users\kappen\Desktop\1.jpg [2013.06.14 12:50:18 | 000,535,910 | ---- | C] () -- C:\Users\kappen\Desktop\jadequell-mit-geschirra1.jpg [2013.06.14 11:40:21 | 010,908,165 | ---- | C] () -- C:\Users\kappen\Desktop\jadequell-preisverleihung1.jpg [2013.06.14 11:39:53 | 002,884,442 | ---- | C] () -- C:\Users\kappen\Desktop\teezeremonie-gruender-blickinkamera1.jpg [2013.06.13 20:54:43 | 000,648,201 | ---- | C] () -- C:\Users\kappen\Desktop\adwcleaner.exe [2013.06.08 19:24:48 | 002,494,968 | ---- | C] () -- C:\Users\kappen\Desktop\DSC_0128.JPG [2013.06.07 16:49:34 | 001,020,922 | ---- | C] () -- C:\Users\kappen\Documents\fische2.jpg [2013.06.05 12:05:29 | 003,002,894 | ---- | C] () -- C:\Users\kappen\Desktop\baumgartes-mit-teebauer-grossa.jpg [2013.06.05 12:04:06 | 005,591,548 | ---- | C] () -- C:\Users\kappen\Desktop\jadequell-mit-geschirra.jpg [2013.06.01 14:43:17 | 000,000,132 | ---- | C] () -- C:\Users\kappen\AppData\Roaming\Adobe CS5-Voreinstellungen für PNG-Format [2013.05.31 10:32:11 | 000,603,078 | ---- | C] () -- C:\Users\kappen\Documents\King_Willem-Alexander,_Queen_Maxima_and_their_daughters_13.jpg [2013.05.29 18:13:18 | 004,620,189 | ---- | C] () -- C:\Users\kappen\Desktop\Trott-war_Juni_2013.pdf [2012.11.06 20:58:05 | 000,000,018 | -HS- | C] () -- C:\Windows\WINPROD.DLL [2012.10.10 03:22:34 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012.10.10 03:22:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin [2012.10.10 03:22:20 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin [2012.02.13 21:18:27 | 000,000,600 | ---- | C] () -- C:\Users\kappen\AppData\Roaming\winscp.rnd [2012.01.27 15:57:11 | 001,804,860 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.01.15 16:56:21 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini [2011.01.12 18:02:43 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.08.21 15:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.08.21 15:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.08.21 15:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.08.17 17:13:24 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\minimalarts_temp [2012.07.08 15:25:40 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\phonostar GmbH [2012.06.22 09:08:33 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\TuneUp Software [2012.06.22 08:54:06 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\WTouch [2012.10.06 11:35:41 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\101Panda PDF Reader [2012.07.01 10:17:12 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Acronis [2012.01.15 15:37:18 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Asus WebStorage [2013.01.27 21:07:28 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Buca [2013.02.14 18:39:04 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\cef-cache [2012.04.18 18:48:00 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Drivers For Free [2012.10.15 20:50:17 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\f-secure [2013.02.14 01:30:05 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Hefi [2012.10.02 16:24:01 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\minimalarts_temp [2012.01.15 17:22:43 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Nuance [2013.02.09 00:34:14 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Party [2012.10.02 16:23:35 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\phonostar GmbH [2012.11.06 20:59:28 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Processor Expert [2012.04.18 17:25:21 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Softland [2012.03.31 15:34:05 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\TuneUp Software [2013.02.08 22:16:42 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Ubidra [2012.04.18 19:01:21 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\WTouch [2012.01.15 17:22:41 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Zeon ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:52DBE86F < End of report > auf jeden fall schon mal vielen dank für die mühe! gute arbeit! |
|
14.06.2013, 18:03
| #36 |
| /// Malware-holic | Massenemails von meinem T-Online Account das ist n neues otl log, das wollte ich aber nicht, bitte lies die anweisung von oben noch mal richtig.
__________________ --> Massenemails von meinem T-Online Account |
|
14.06.2013, 19:34
| #37 |
| | Massenemails von meinem T-Online Account es ist kein fix vorgesehen heißt es dort |
|
14.06.2013, 20:05
| #38 |
| /// Malware-holic | Massenemails von meinem T-Online Account na du musst schon meinen fix dort reinopieren.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
14.06.2013, 21:11
| #39 |
| | Massenemails von meinem T-Online Account All processes killed ========== OTL ========== Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a}\ deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{cf67755f-9265-449c-87cf-b945519e073b} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cf67755f-9265-449c-87cf-b945519e073b}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{cf67755f-9265-449c-87cf-b945519e073b} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cf67755f-9265-449c-87cf-b945519e073b}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Utility Chest Home Page Guard 64 bit deleted successfully. 64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\An OneNote s&enden\ deleted successfully. 64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Nach Microsoft E&xcel exportieren\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\An OneNote s&enden\ not found. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Nach Microsoft E&xcel exportieren\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7815BE26-237D-41A8-A98F-F7BD75F71086}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7815BE26-237D-41A8-A98F-F7BD75F71086}\ not found. C:\Program Files (x86)\UtilityChest_49\bar\1.bin folder moved successfully. C:\Program Files (x86)\UtilityChest_49\bar folder moved successfully. C:\Program Files (x86)\UtilityChest_49 folder moved successfully. ========== FILES ========== ========== COMMANDS ========== [EMPTYTEMP] User: Alex ->Temp folder emptied: 1453966 bytes ->Temporary Internet Files folder emptied: 115596956 bytes ->Java cache emptied: 1298392 bytes ->Flash cache emptied: 1506 bytes User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: kappen ->Temp folder emptied: 34677694 bytes ->Temporary Internet Files folder emptied: 1171136337 bytes ->Java cache emptied: 34114772 bytes ->FireFox cache emptied: 6306234 bytes ->Google Chrome cache emptied: 6737164 bytes ->Flash cache emptied: 65079 bytes User: Public User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 170600 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67960 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 1.308,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 06142013_211902 Files\Folders moved on Reboot... C:\Users\kappen\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\kappen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\7A7E08C8-3FF5-45F2-873D-A84D669DC82F.dat moved successfully. File move failed. C:\Users\kappen\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot... das wars oder |
|
15.06.2013, 13:40
| #40 |
| /// Malware-holic | Massenemails von meinem T-Online Account nein. lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
15.06.2013, 14:14
| #41 |
| | Massenemails von meinem T-Online Account 1. komme ich in die txt Datei nicht rein und 2. kenne ich die meisten Programme gar nicht und ich will auch nichts löschen wo eventuell wichtig aber unbekannt ist... |
|
15.06.2013, 15:17
| #42 |
| /// Malware-holic | Massenemails von meinem T-Online Account wieso solltest du nicht in die txt kommen als textdatei speichern wählen, dann doppelklicken und beschriften. meinst du wir lassen dich irgendwas löschen was wichtig ist...
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
15.06.2013, 18:59
| #43 |
| | Massenemails von meinem T-Online Account Acronis*True*Image*Home Acronis 01.07.2012 156MB 13.0.5055 Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 14.06.2013 6,00MB 11.7.700.224 Adobe Flash Player 11 Plugin Adobe Systems Incorporated 14.06.2013 6,00MB 11.7.700.224 Adobe Photoshop Elements 11 Adobe Systems Incorporated 14.06.2013 2,60GB 11.0 Alcor Micro USB Card Reader Alcor Micro Corp. 17.05.2011 2,89MB 1.8.17.26026 ASUS AI Recovery ASUS 17.05.2011 6,95MB 1.0.13 ASUS FancyStart ASUSTeK Computer Inc. 17.05.2011 12,0MB 1.1.0 ASUS LifeFrame3 ASUS 17.05.2011 30,2MB 3.0.21 ASUS Live Update ASUS 14.06.2013 2.5.9 ASUS Power4Gear Hybrid ASUS 17.05.2011 13,2MB 1.1.44 ASUS Splendid Video Enhancement Technology ASUS 17.05.2011 24,4MB 1.02.0031 ASUS Video Magic CyberLink Corp. 17.05.2011 12,0MB 6.0.4710 ASUS Virtual Camera asus 17.05.2011 3,13MB 1.0.21 ASUS WebStorage eCareme Technologies, Inc. 14.06.2013 2.0.46.1429 ASUS_Screensaver 14.06.2013 Atheros Client Installation Program Atheros 17.05.2011 7.0 ATK Package ASUS 17.05.2011 12,0MB 1.0.0008 Avira Professional Security Avira 14.06.2013 105MB 12.1.9.1580 Bamboo Wacom Technology Corp. 14.06.2013 Bluetooth Win7 Suite (64) Atheros Communications 17.05.2011 59,4MB 7.2.0.65 Bookworm Deluxe Oberon Media Inc. 14.06.2013 CCleaner Piriform 24.05.2013 4.02 Control ActiveX de Windows Live Mesh para conexiones remotas Microsoft Corporation 12.01.2011 5,37MB 15.4.5722.2 Controlo ActiveX do Windows Live Mesh para Ligações Remotas Microsoft Corporation 12.01.2011 5,38MB 15.4.5722.2 Contrôle ActiveX Windows Live Mesh pour connexions à distance Microsoft Corporation 12.01.2011 5,37MB 15.4.5722.2 CyberLink LabelPrint CyberLink Corp. 12.01.2011 137MB 2.5.1908 CyberLink MediaEspresso CyberLink Corp. 17.05.2011 164MB 6.0.1123_32710 CyberLink Power2Go CyberLink Corp. 12.01.2011 110MB 6.1.3602c CyberLink PowerDirector CyberLink Corp. 17.05.2011 553MB 8.0.3327 CyberLink PowerDVD 10 CyberLink Corp. 17.05.2011 217MB 10.0.2312.52 Drucken in PDF Annotator (novaPDF OEM 7.4 printer) Softland 18.04.2012 18,3MB ETDWare PS/2-x64 7.0.5.16_WHQL ELAN Microelectronics Corp. 18.05.2011 7.0.5.16 ExpressGate Cloud Asus 17.05.2011 459MB 2.1.88.405 Fast Boot ASUS 17.05.2011 1,46MB 1.0.9 Fresco Logic USB3.0 Host Controller Fresco Logic Inc. 17.05.2011 5,44MB 3.0.116.3 Google Chrome Google Inc. 17.11.2012 27.0.1453.110 Google Toolbar for Internet Explorer Google Inc. 14.06.2013 7.4.3607.2246 Governor of Poker Oberon Media Inc. 14.06.2013 HitmanPro 3.7 SurfRight B.V. 15.06.2013 3.7.6.201 Hotel Dash Suite Success Oberon Media Inc. 14.06.2013 Intel(R) Control Center Intel Corporation 18.05.2011 1.2.1.1007 Intel(R) Management Engine Components Intel Corporation 18.05.2011 7.0.0.1144 Intel(R) Processor Graphics Intel Corporation 25.11.2012 9.17.10.2867 Intel(R) Turbo Boost Technology Monitor 2.0 Intel 17.05.2011 13,2MB 2.1.23.0 Java 7 Update 13 (64-bit) Oracle 08.02.2013 128MB 7.0.130 Java 7 Update 17 Oracle 18.03.2013 129MB 7.0.170 Java SE Development Kit 7 Update 10 (64-bit) Oracle 10.01.2013 159MB 1.7.0.100 JavaFX 2.1.1 Oracle Corporation 08.07.2012 20,8MB 2.1.1 Malwarebytes Anti-Malware Version 1.75.0.1300 Malwarebytes Corporation 20.04.2013 19,2MB 1.75.0.1300 Microsoft .NET Framework 4 Client Profile Microsoft Corporation 27.01.2012 38,8MB 4.0.30319 Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 27.01.2012 2,93MB 4.0.30319 Microsoft .NET Framework 4 Extended Microsoft Corporation 27.01.2012 51,9MB 4.0.30319 Microsoft .NET Framework 4 Extended DEU Language Pack Microsoft Corporation 27.01.2012 10,6MB 4.0.30319 Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Corporation 27.01.2012 83,4MB 4.0.30319 Microsoft ASP.NET MVC 2 Microsoft Corporation 27.01.2012 482KB 2.0.50217.0 Microsoft ASP.NET MVC 2 - DEU Microsoft Corporation 27.01.2012 25,0KB 2.0.50331.0 Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools Microsoft Corporation 27.01.2012 2,25MB 2.0.50217.0 Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU Microsoft Corporation 27.01.2012 2,07MB 2.0.50331.0 Microsoft Help Viewer 1.0 Microsoft Corporation 27.01.2012 3,97MB 1.0.30319 Microsoft Help Viewer 1.0 Language Pack - DEU Microsoft Corporation 27.01.2012 1,95MB 1.0.30319 Microsoft Office Professional Plus 2010 Microsoft Corporation 14.06.2013 14.0.6029.1000 Microsoft Silverlight Microsoft Corporation 13.03.2013 50,6MB 5.1.20125.0 Microsoft Silverlight 3 SDK - Deutsch Microsoft Corporation 27.01.2012 32,7MB 3.0.40818.0 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 12.01.2011 1,69MB 3.1.0000 Microsoft SQL Server 2008 (64-bit) Microsoft Corporation 27.01.2012 Microsoft SQL Server 2008 Browser Microsoft Corporation 27.01.2012 8,00MB 10.1.2531.0 Microsoft SQL Server 2008 Native Client Microsoft Corporation 27.01.2012 7,07MB 10.1.2531.0 Microsoft SQL Server 2008 R2 Data-Tier Application Project Microsoft Corporation 27.01.2012 14,1MB 10.50.1447.4 Microsoft SQL Server 2008 R2 Management Objects Microsoft Corporation 27.01.2012 17,1MB 10.50.1447.4 Microsoft SQL Server 2008 R2 Management Objects (x64) Microsoft Corporation 27.01.2012 10,3MB 10.50.1447.4 Microsoft SQL Server 2008 R2 Transact-SQL Language Service Microsoft Corporation 27.01.2012 5,41MB 10.50.1447.4 Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework Microsoft Corporation 27.01.2012 379KB 10.50.1447.4 Microsoft SQL Server Compact 3.5 SP2 DEU Microsoft Corporation 27.01.2012 3,68MB 3.5.8080.0 Microsoft SQL Server Compact 3.5 SP2 x64 DEU Microsoft Corporation 27.01.2012 4,81MB 3.5.8080.0 Microsoft SQL Server Database Publishing Wizard 1.4 Microsoft Corporation 27.01.2012 10,1MB 10.1.2512.8 Microsoft SQL Server System CLR Types Microsoft Corporation 27.01.2012 2,54MB 10.50.1447.4 Microsoft SQL Server System CLR Types (x64) Microsoft Corporation 27.01.2012 832KB 10.50.1447.4 Microsoft SQL Server VSS Writer Microsoft Corporation 27.01.2012 3,59MB 10.1.2531.0 Microsoft Sync Framework Runtime v1.0 SP1 (x64) de Microsoft Corporation 27.01.2012 1,03MB 1.0.3010.0 Microsoft Sync Framework SDK v1.0 SP1 de Microsoft Corporation 27.01.2012 30,0MB 1.0.3010.0 Microsoft Sync Framework Services v1.0 SP1 (x64) de Microsoft Corporation 27.01.2012 2,89MB 1.0.3010.0 Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de Microsoft Corporation 27.01.2012 598KB 2.0.3010.0 Microsoft Team Foundation Server 2010-Objektmodell - DEU Microsoft Corporation 27.01.2012 10.0.30319 Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 27.01.2012 300KB 8.0.61001 Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 12.01.2011 620KB 8.0.61000 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 17.05.2011 596KB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 Microsoft Corporation 27.01.2012 599KB 9.0.30729.4974 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 27.01.2012 600KB 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 Microsoft Corporation 27.01.2012 310KB 10.0.30319 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 12.01.2013 13,8MB 10.0.40219 Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 Microsoft Corporation 27.01.2012 34,5MB 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 12.01.2013 16,5MB 10.0.40219 Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 Microsoft Corporation 27.01.2012 15,7MB 10.0.30319 Microsoft Visual F# 2.0 Runtime Microsoft Corporation 27.01.2012 5,81MB 10.0.30319 Microsoft Visual F# 2.0 Runtime Language Pack - DEU Microsoft Corporation 27.01.2012 1,30MB 10.0.30319 Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Corporation 27.01.2012 35,2MB 10.0.30319 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 12.01.2013 10.0.40303 Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU Microsoft Corporation 12.01.2013 10.0.40303 Microsoft Visual Studio Macro Tools Microsoft Corporation 14.06.2013 9.0.30729 Microsoft Visual Studio Macro Tools - DEU Language Pack Microsoft Corporation 14.06.2013 9.0.30729 MSXML 4.0 SP3 Parser (KB2721691) Microsoft Corporation 01.08.2012 1,53MB 4.30.2114.0 MSXML 4.0 SP3 Parser (KB2758694) Microsoft Corporation 09.01.2013 1,54MB 4.30.2117.0 MSXML 4.0 SP3 Parser (KB973685) Microsoft Corporation 12.01.2011 1,53MB 4.30.2107.0 Nuance PDF Reader Nuance Communications, Inc. 12.01.2011 47,8MB 6.00.0041 NVIDIA Grafiktreiber 306.97 NVIDIA Corporation 13.12.2012 306.97 NVIDIA Update 1.10.8 NVIDIA Corporation 13.12.2012 1.10.8 OpenVPN 2.1.3 14.06.2013 2.1.3 PartyPoker PartyGaming 14.06.2013 PDF Annotator 3.0.0.336 GRAHL software design 18.04.2012 32,0MB 3.0.0.336 phonostar-Player Version 3.02.9 17.05.2013 35,9MB Realtek Ethernet Controller Driver Realtek 17.05.2011 7.41.216.2011 Realtek High Definition Audio Driver Realtek Semiconductor Corp. 17.05.2011 6.0.1.6334 Skype™ 5.10 Skype Technologies S.A. 16.10.2012 19,4MB 5.10.116 SonicMaster Virage Logic, Corp. 17.05.2011 4,44MB 1.00.0000 syncables desktop SE syncables 12.01.2011 163MB 5.5.746.11492 TuneUp Utilities 2012 TuneUp Software 14.06.2013 12.0.3600.73 Unterstützungsdateien für Microsoft SQL Server 2008-Setup Microsoft Corporation 27.01.2012 33,7MB 10.1.2731.0 USB2.0 UVC 2M WebCam Sonix 18.05.2011 5.8.55133.207 Visual Studio 2010 Prerequisites - English Microsoft Corporation 27.01.2012 5,88MB 10.0.30319 Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU Microsoft Corporation 27.01.2012 11,1MB 4.0.8080.0 Web Deployment Tool Microsoft Corporation 27.01.2012 3,10MB 1.1.0618 WebTablet IE Plugin Wacom Technology Corp. 14.06.2013 1.1.0.4 WebTablet Netscape Plugin Wacom Technology Corp. 14.06.2013 1.1.0.3 Windows Live Essentials Microsoft Corporation 12.01.2011 15.4.3502.0922 Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Microsoft Corporation 12.01.2011 5,37MB 15.4.5722.2 Windows Live Mesh ActiveX Control for Remote Connections Microsoft Corporation 12.01.2011 5,37MB 15.4.5722.2 Windows Live Mesh ActiveX control for remote connections Microsoft Corporation 12.01.2011 5,38MB 15.4.5722.2 WinFlash ASUS 03.10.2012 856KB 2.31.1 Wireless Console 3 ASUS 17.05.2011 2,44MB 3.0.19 Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις Microsoft Corporation 12.01.2011 5,38MB 15.4.5722.2 פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים Microsoft Corporation 12.01.2011 5,37MB 15.4.5722.2 適用遠端連線的 Windows Live Mesh ActiveX 控制項 Microsoft Corporation 12.01.2011 5,56MB 15.4.5722.2 |
|
15.06.2013, 19:05
| #44 |
| /// Malware-holic | Massenemails von meinem T-Online Account Beschrfitungen fehlen
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
15.06.2013, 19:55
| #45 |
| | Massenemails von meinem T-Online Account Acronis 01.07.2012 156MB 13.0.5055 notw. Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 14.06.2013 6,00MB 11.7.700.224 notw. Adobe Flash Player 11 Plugin Adobe Systems Incorporated 14.06.2013 6,00MB 11.7.700.224 notw. Adobe Photoshop Elements 11 Adobe Systems Incorporated 14.06.2013 2,60GB 11.0 notw Alcor Micro USB Card Reader Alcor Micro Corp. 17.05.2011 2,89MB 1.8.17.26026 unbekannt ASUS AI Recovery ASUS 17.05.2011 6,95MB 1.0.13 notw ASUS FancyStart ASUSTeK Computer Inc. 17.05.2011 12,0MB 1.1.0 notw ASUS LifeFrame3 ASUS 17.05.2011 30,2MB 3.0.21 notw ASUS Live Update ASUS 14.06.2013 2.5.9 notw ASUS Power4Gear Hybrid ASUS 17.05.2011 13,2MB 1.1.44 notw ASUS Splendid Video Enhancement Technology ASUS 17.05.2011 24,4MB 1.02.0031 notw ASUS Video Magic CyberLink Corp. 17.05.2011 12,0MB 6.0.4710 notw ASUS Virtual Camera asus 17.05.2011 3,13MB 1.0.21 notw ASUS WebStorage eCareme Technologies, Inc. 14.06.2013 2.0.46.1429 notw ASUS_Screensaver 14.06.2013 notw Atheros Client Installation Program Atheros 17.05.2011 7.0 unbek ATK Package ASUS 17.05.2011 12,0MB 1.0.0008 unbek Avira Professional Security Avira 14.06.2013 105MB 12.1.9.1580 notw Bamboo Wacom Technology Corp. 14.06.2013 unbek Bluetooth Win7 Suite (64) Atheros Communications 17.05.2011 59,4MB 7.2.0.65 unbek Bookworm Deluxe Oberon Media Inc. 14.06.2013 unbek CCleaner Piriform 24.05.2013 4.02 notw Control ActiveX de Windows Live Mesh para conexiones remotas Microsoft Corporation 12.01.2011 5,37MB 15.4.5722.2 unb Controlo ActiveX do Windows Live Mesh para Ligações Remotas Microsoft Corporation 12.01.2011 5,38MB 15.4.5722.2 unb Contrôle ActiveX Windows Live Mesh pour connexions à distance Microsoft Corporation 12.01.2011 5,37MB 15.4.5722.2 unb CyberLink LabelPrint CyberLink Corp. 12.01.2011 137MB 2.5.1908 unb CyberLink MediaEspresso CyberLink Corp. 17.05.2011 164MB 6.0.1123_32710 unb CyberLink Power2Go CyberLink Corp. 12.01.2011 110MB 6.1.3602c unb CyberLink PowerDirector CyberLink Corp. 17.05.2011 553MB 8.0.3327 unb CyberLink PowerDVD 10 CyberLink Corp. 17.05.2011 217MB 10.0.2312.52 unb Drucken in PDF Annotator (novaPDF OEM 7.4 printer) Softland 18.04.2012 18,3MB unb ETDWare PS/2-x64 7.0.5.16_WHQL ELAN Microelectronics Corp. 18.05.2011 7.0.5.16 unb ExpressGate Cloud Asus 17.05.2011 459MB 2.1.88.405 unb Fast Boot ASUS 17.05.2011 1,46MB 1.0.9 unb Fresco Logic USB3.0 Host Controller Fresco Logic Inc. 17.05.2011 5,44MB 3.0.116.3 unb Google Chrome Google Inc. 17.11.2012 27.0.1453.110 notw Google Toolbar for Internet Explorer Google Inc. 14.06.2013 7.4.3607.2246 notw Governor of Poker Oberon Media Inc. 14.06.2013 unb HitmanPro 3.7 SurfRight B.V. 15.06.2013 3.7.6.201 notw Hotel Dash Suite Success Oberon Media Inc. 14.06.2013 unbek Intel(R) Control Center Intel Corporation 18.05.2011 1.2.1.1007 unb Intel(R) Management Engine Components Intel Corporation 18.05.2011 7.0.0.1144 unb Intel(R) Processor Graphics Intel Corporation 25.11.2012 9.17.10.2867 unb Intel(R) Turbo Boost Technology Monitor 2.0 Intel 17.05.2011 13,2MB 2.1.23.0 unb Java 7 Update 13 (64-bit) Oracle 08.02.2013 128MB 7.0.130 notw Java 7 Update 17 Oracle 18.03.2013 129MB 7.0.170 notw Java SE Development Kit 7 Update 10 (64-bit) Oracle 10.01.2013 159MB 1.7.0.100 notw JavaFX 2.1.1 Oracle Corporation 08.07.2012 20,8MB 2.1.1 notw Malwarebytes Anti-Malware Version 1.75.0.1300 Malwarebytes Corporation 20.04.2013 19,2MB 1.75.0.1300 notw Microsoft .NET Framework 4 Client Profile Microsoft Corporation 27.01.2012 38,8MB 4.0.30319 unb Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 27.01.2012 2,93MB 4.0.30319 unb Microsoft .NET Framework 4 Extended Microsoft Corporation 27.01.2012 51,9MB 4.0.30319 unb Microsoft .NET Framework 4 Extended DEU Language Pack Microsoft Corporation 27.01.2012 10,6MB 4.0.30319 unb Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Corporation 27.01.2012 83,4MB 4.0.30319 unb Microsoft ASP.NET MVC 2 Microsoft Corporation 27.01.2012 482KB 2.0.50217.0 unb Microsoft ASP.NET MVC 2 - DEU Microsoft Corporation 27.01.2012 25,0KB 2.0.50331.0 unb Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools Microsoft Corporation 27.01.2012 2,25MB 2.0.50217.0 unb Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU Microsoft Corporation 27.01.2012 2,07MB 2.0.50331.0 unb Microsoft Help Viewer 1.0 Microsoft Corporation 27.01.2012 3,97MB 1.0.30319 unb Microsoft Help Viewer 1.0 Language Pack - DEU Microsoft Corporation 27.01.2012 1,95MB 1.0.30319 unb Microsoft Office Professional Plus 2010 Microsoft Corporation 14.06.2013 14.0.6029.1000 unb Microsoft Silverlight Microsoft Corporation 13.03.2013 50,6MB 5.1.20125.0 unb Microsoft Silverlight 3 SDK - Deutsch Microsoft Corporation 27.01.2012 32,7MB 3.0.40818.0 unb Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 12.01.2011 1,69MB 3.1.0000 u Microsoft SQL Server 2008 (64-bit) Microsoft Corporation 27.01.2012 u Microsoft SQL Server 2008 Browser Microsoft Corporation 27.01.2012 8,00MB 10.1.2531.0 u Microsoft SQL Server 2008 Native Client Microsoft Corporation 27.01.2012 7,07MB 10.1.2531.0 u Microsoft SQL Server 2008 R2 Data-Tier Application Project Microsoft Corporation 27.01.2012 14,1MB 10.50.1447.4 u Microsoft SQL Server 2008 R2 Management Objects Microsoft Corporation 27.01.2012 17,1MB 10.50.1447.4 u Microsoft SQL Server 2008 R2 Management Objects (x64) Microsoft Corporation 27.01.2012 10,3MB 10.50.1447.4 u Microsoft SQL Server 2008 R2 Transact-SQL Language Service Microsoft Corporation 27.01.2012 5,41MB 10.50.1447.4u Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework Microsoft Corporation 27.01.2012 379KB 10.50.1447.4u Microsoft SQL Server Compact 3.5 SP2 DEU Microsoft Corporation 27.01.2012 3,68MB 3.5.8080.0 u Microsoft SQL Server Compact 3.5 SP2 x64 DEU Microsoft Corporation 27.01.2012 4,81MB 3.5.8080.0 u Microsoft SQL Server Database Publishing Wizard 1.4 Microsoft Corporation 27.01.2012 10,1MB 10.1.2512.8 u Microsoft SQL Server System CLR Types Microsoft Corporation 27.01.2012 2,54MB 10.50.1447.4 u Microsoft SQL Server System CLR Types (x64) Microsoft Corporation 27.01.2012 832KB 10.50.1447.4 u Microsoft SQL Server VSS Writer Microsoft Corporation 27.01.2012 3,59MB 10.1.2531.0 u Microsoft Sync Framework Runtime v1.0 SP1 (x64) de Microsoft Corporation 27.01.2012 1,03MB 1.0.3010.0 u Microsoft Sync Framework SDK v1.0 SP1 de Microsoft Corporation 27.01.2012 30,0MB 1.0.3010.0 u Microsoft Sync Framework Services v1.0 SP1 (x64) de Microsoft Corporation 27.01.2012 2,89MB 1.0.3010.0 u Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de Microsoft Corporation 27.01.2012 598KB 2.0.3010.0 u Microsoft Team Foundation Server 2010-Objektmodell - DEU Microsoft Corporation 27.01.2012 10.0.30319 u Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 27.01.2012 300KB 8.0.61001 u Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 12.01.2011 620KB 8.0.61000 u Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 17.05.2011 596KB 9.0.30729 u Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 Microsoft Corporation 27.01.2012 599KB 9.0.30729.4974 u Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 27.01.2012 600KB 9.0.30729.6161 u Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 Microsoft Corporation 27.01.2012 310KB 10.0.30319 u Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 12.01.2013 13,8MB 10.0.40219 u Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 Microsoft Corporation 27.01.2012 34,5MB 10.0.30319 u Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 12.01.2013 16,5MB 10.0.40219 u Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 Microsoft Corporation 27.01.2012 15,7MB 10.0.30319 u Microsoft Visual F# 2.0 Runtime Microsoft Corporation 27.01.2012 5,81MB 10.0.30319 u Microsoft Visual F# 2.0 Runtime Language Pack - DEU Microsoft Corporation 27.01.2012 1,30MB 10.0.30319 u Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Corporation 27.01.2012 35,2MB 10.0.30319 u Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 12.01.2013 10.0.40303 u Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU Microsoft Corporation 12.01.201310.0.40303 u Microsoft Visual Studio Macro Tools Microsoft Corporation 14.06.2013 9.0.30729 u Microsoft Visual Studio Macro Tools - DEU Language Pack Microsoft Corporation 14.06.2013 9.0.30729 u MSXML 4.0 SP3 Parser (KB2721691) Microsoft Corporation 01.08.2012 1,53MB 4.30.2114.0 u MSXML 4.0 SP3 Parser (KB2758694) Microsoft Corporation 09.01.2013 1,54MB 4.30.2117.0 u MSXML 4.0 SP3 Parser (KB973685) Microsoft Corporation 12.01.2011 1,53MB 4.30.2107.0 u Nuance PDF Reader Nuance Communications, Inc. 12.01.2011 47,8MB 6.00.0041 u NVIDIA Grafiktreiber 306.97 NVIDIA Corporation 13.12.2012 306.97 u NVIDIA Update 1.10.8 NVIDIA Corporation 13.12.2012 1.10.8 u OpenVPN 2.1.3 14.06.2013 2.1.3 u PartyPoker PartyGaming 14.06.2013 notw PDF Annotator 3.0.0.336 GRAHL software design 18.04.2012 32,0MB 3.0.0.336 u phonostar-Player Version 3.02.9 17.05.2013 35,9MB notw Realtek Ethernet Controller Driver Realtek 17.05.2011 7.41.216.2011 u Realtek High Definition Audio Driver Realtek Semiconductor Corp. 17.05.2011 6.0.1.6334 u Skype™ 5.10 Skype Technologies S.A. 16.10.2012 19,4MB 5.10.116 u SonicMaster Virage Logic, Corp. 17.05.2011 4,44MB 1.00.0000 u syncables desktop SE syncables 12.01.2011 163MB 5.5.746.11492 u TuneUp Utilities 2012 TuneUp Software 14.06.2013 12.0.3600.73 u Unterstützungsdateien für Microsoft SQL Server 2008-Setup Microsoft Corporation 27.01.2012 33,7MB 10.1.2731.0 u USB2.0 UVC 2M WebCam Sonix 18.05.2011 5.8.55133.207 u Visual Studio 2010 Prerequisites - English Microsoft Corporation 27.01.2012 5,88MB 10.0.30319 u Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU Microsoft Corporation 27.01.2012 11,1MB 4.0.8080.0 u Web Deployment Tool Microsoft Corporation 27.01.2012 3,10MB 1.1.0618 u WebTablet IE Plugin Wacom Technology Corp. 14.06.2013 1.1.0.4 u WebTablet Netscape Plugin Wacom Technology Corp. 14.06.2013 1.1.0.3 u Windows Live Essentials Microsoft Corporation 12.01.2011 15.4.3502.0922 u Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Microsoft Corporation 12.01.2011 5,37MB 15.4.5722.2 u Windows Live Mesh ActiveX Control for Remote Connections Microsoft Corporation 12.01.2011 5,37MB 15.4.5722.2 u Windows Live Mesh ActiveX control for remote connections Microsoft Corporation 12.01.2011 5,38MB 15.4.5722.2 u WinFlash ASUS 03.10.2012 856KB 2.31.1 u Wireless Console 3 ASUS 17.05.2011 2,44MB 3.0.19 u Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις Microsoft Corporation 12.01.2011 5,38MB 15.4.5722.2 u פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים Microsoft Corporation 12.01.2011 5,37MB 15.4.5722.2 u 適用遠端連線的 Windows Live Mesh ActiveX 控制項 Microsoft Corporation 12.01.2011 5,56MB 15.4.5722.2 u |
|
| Themen zu Massenemails von meinem T-Online Account |
| account, email, email account, emails, gesperrt, kurzem, laufe, laufen, malwarebytes, online, t-online, tonline, verschickt, was tun |
Textbox. 
Linear-Darstellung
