Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
SMTP Outlook Problem! OTL.txt hilfe BITTE um Auswertung.

SMTP Outlook Problem! OTL.txt hilfe BITTE um Auswertung.


Log-Analyse und Auswertung: SMTP Outlook Problem! OTL.txt hilfe BITTE um Auswertung.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 09.09.2013, 21:34   #1
baraboo
 
SMTP Outlook Problem! OTL.txt hilfe BITTE um Auswertung. - Standard

SMTP Outlook Problem! OTL.txt hilfe BITTE um Auswertung.


Hallo Ihr Lieben,

ich habe sei18.7 plötlich das Problem, dass bei einem Mailprogramm keine Mails mehr ausgehen. Andere Programme haben kein Problem.
Wenn man über Telnet pingt kommt auch, dass de Server nicht erreicht werden kann.
Mehr fällt mir nicht mehr ein: ach ja..ich habe die Updates Geprüft und da war keine update weder bei Microsoft (Windows 7) noch bei Avira.
Ich benutze Office Outlook 2010
Danke schonmals:9 Lieb, dass Ihr helft.


Folgende Auswertung habe ich bei OTL erhalten:
OTL logfile created on: 9/9/2013 8:40:18 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\baraboo\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3.91 Gb Total Physical Memory | 0.96 Gb Available Physical Memory | 24.50% Memory free
7.82 Gb Paging File | 3.72 Gb Available in Paging File | 47.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 657.54 Gb Total Space | 396.65 Gb Free Space | 60.32% Space Free | Partition Type: NTFS
Drive D: | 38.00 Gb Total Space | 0.01 Gb Free Space | 0.02% Space Free | Partition Type: NTFS
Drive F: | 330.25 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: baraboo-PC | User Name: baraboo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/09/09 20:39:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\baraboo\Downloads\OTL.exe
PRC - [2013/09/03 11:47:19 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013/09/03 11:47:00 | 000,347,192 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013/09/03 11:47:00 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013/07/25 18:57:36 | 000,853,800 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
PRC - [2013/07/25 18:57:08 | 000,548,136 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
PRC - [2013/07/25 18:56:22 | 001,650,472 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
PRC - [2013/07/19 10:18:15 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/05/06 11:21:24 | 000,020,248 | ---- | M] (Smartbar) -- C:\Users\baraboo\AppData\Local\Smartbar\Application\QuickShare.exe
PRC - [2013/03/28 11:32:38 | 001,106,288 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2013/03/28 11:32:34 | 000,310,640 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013/03/20 12:55:48 | 000,162,856 | ---- | M] (Geek Software GmbH) -- C:\Program Files (x86)\PDF24\pdf24.exe
PRC - [2012/11/06 12:46:46 | 003,673,728 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2011/08/04 17:08:56 | 000,593,032 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
PRC - [2011/08/04 17:06:12 | 001,612,920 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2011/02/11 21:40:00 | 000,997,712 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2011/02/11 21:39:58 | 001,304,912 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2011/02/11 21:39:54 | 000,985,424 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
PRC - [2011/02/11 21:39:54 | 000,907,600 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2011/02/07 09:56:11 | 000,138,192 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
PRC - [2011/01/15 16:48:44 | 000,452,016 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
PRC - [2010/12/16 00:23:02 | 000,207,400 | ---- | M] (Wistron) -- C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
PRC - [2010/11/17 10:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010/11/06 09:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/06/21 22:53:44 | 000,436,264 | ---- | M] (Wistron Corp.) -- C:\Program Files (x86)\Launch Manager\WButton.exe
PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009/12/12 00:18:16 | 000,348,960 | ---- | M] (Wistron Corp.) -- C:\Program Files (x86)\Launch Manager\OSD.exe
PRC - [2009/11/07 12:46:52 | 000,020,480 | ---- | M] (X10) -- C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe
PRC - [2009/11/02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/10/23 02:05:40 | 000,118,560 | ---- | M] (Wistron Corp.) -- C:\Program Files (x86)\Launch Manager\WisLMSvc.exe


========== Modules (No Company Name) ==========

MOD - [2013/09/02 22:35:56 | 000,410,576 | ---- | M] () -- C:\Users\baraboo\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
MOD - [2013/09/02 22:35:55 | 013,599,184 | ---- | M] () -- C:\Users\baraboo\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll
MOD - [2013/09/02 22:35:54 | 004,053,456 | ---- | M] () -- C:\Users\baraboo\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll
MOD - [2013/09/02 22:35:04 | 000,709,584 | ---- | M] () -- C:\Users\baraboo\AppData\Local\Google\Chrome\Application\29.0.1547.66\libglesv2.dll
MOD - [2013/09/02 22:35:03 | 000,099,792 | ---- | M] () -- C:\Users\baraboo\AppData\Local\Google\Chrome\Application\29.0.1547.66\libegl.dll
MOD - [2013/09/02 22:35:01 | 001,604,560 | ---- | M] () -- C:\Users\baraboo\AppData\Local\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll
MOD - [2013/08/17 03:35:16 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll
MOD - [2013/08/16 13:03:08 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\d23f99753f2703d5b8f68e558ca3e85c\System.Web.Services.ni.dll
MOD - [2013/08/16 13:03:03 | 011,914,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8dc1c182cd1f10cd2abcfecd01fe9eeb\System.Web.ni.dll
MOD - [2013/08/16 13:02:46 | 000,628,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5970036570c1e44e8ae0f6f94c1039aa\System.EnterpriseServices.ni.dll
MOD - [2013/08/16 13:02:45 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\4ada2213cefea889a5ed6e2fb6839b93\System.Transactions.ni.dll
MOD - [2013/08/16 13:02:43 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\764054efc88f51b54c8d7e44df26b671\System.Data.ni.dll
MOD - [2013/08/16 13:01:47 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\28ea347a952d20959ac6ae02d7457d39\System.Windows.Forms.ni.dll
MOD - [2013/08/16 13:01:34 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/16 13:00:50 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/16 13:00:36 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\8f7d83126a3cf283e5ac97f2d6d99f12\System.Configuration.ni.dll
MOD - [2013/08/16 12:59:47 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/07/24 21:18:40 | 000,744,744 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
MOD - [2013/07/19 10:18:14 | 003,285,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/07/13 16:32:44 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\de6ee26de5e4f343509de7e92ab48ba6\CustomMarshalers.ni.dll
MOD - [2013/07/13 15:31:46 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/05/06 11:21:56 | 000,019,736 | ---- | M] () -- C:\Users\baraboo\AppData\Local\Smartbar\Application\Smartbar.Resources.Utilities.dll
MOD - [2013/05/06 11:21:52 | 000,025,368 | ---- | M] () -- C:\Users\baraboo\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
MOD - [2013/05/06 11:21:52 | 000,019,736 | ---- | M] () -- C:\Users\baraboo\AppData\Local\Smartbar\Application\Smartbar.Resources.SideBySide.dll
MOD - [2013/05/06 11:21:46 | 000,050,968 | ---- | M] () -- C:\Users\baraboo\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
MOD - [2013/05/06 11:21:46 | 000,013,592 | ---- | M] () -- C:\Users\baraboo\AppData\Local\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll
MOD - [2013/05/06 11:21:44 | 000,111,896 | ---- | M] () -- C:\Users\baraboo\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
MOD - [2013/05/06 11:21:42 | 000,044,312 | ---- | M] () -- C:\Users\baraboo\AppData\Local\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll
MOD - [2013/05/06 11:21:38 | 000,016,152 | ---- | M] () -- C:\Users\baraboo\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
MOD - [2013/05/06 11:21:36 | 000,078,104 | ---- | M] () -- C:\Users\baraboo\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll
MOD - [2013/05/06 11:21:34 | 000,018,712 | ---- | M] () -- C:\Users\baraboo\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
MOD - [2013/05/06 11:21:32 | 000,057,112 | ---- | M] () -- C:\Users\baraboo\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
MOD - [2013/05/06 11:21:28 | 000,033,560 | ---- | M] () -- C:\Users\baraboo\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
MOD - [2013/05/06 11:21:28 | 000,013,592 | ---- | M] () -- C:\Users\baraboo\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
MOD - [2013/05/06 11:21:28 | 000,012,568 | ---- | M] () -- C:\Users\baraboo\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll
MOD - [2013/05/06 11:21:26 | 001,688,856 | ---- | M] () -- C:\Users\baraboo\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
MOD - [2013/05/06 11:21:26 | 000,014,104 | ---- | M] () -- C:\Users\baraboo\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll
MOD - [2013/05/06 11:21:24 | 000,654,616 | ---- | M] () -- C:\Users\baraboo\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
MOD - [2013/05/06 11:21:24 | 000,081,176 | ---- | M] () -- C:\Users\baraboo\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
MOD - [2013/05/06 11:19:46 | 000,047,384 | ---- | M] () -- C:\Users\baraboo\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
MOD - [2013/05/06 11:19:32 | 000,025,368 | ---- | M] () -- C:\Users\baraboo\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
MOD - [2013/04/07 02:40:26 | 000,911,432 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
MOD - [2013/04/07 02:40:17 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.OLE.Interop.dll
MOD - [2013/04/07 02:40:16 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll
MOD - [2011/05/31 19:49:09 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2011/03/12 20:18:30 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2010/11/21 05:24:08 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/11/21 05:24:01 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2010/11/13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009/11/02 23:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 23:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009/06/10 23:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2012/08/25 22:28:16 | 000,123,664 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV:64bit: - [2011/11/23 14:02:07 | 000,012,800 | ---- | M] (Deutsche Telekom AG) [Auto | Running] -- C:\Program Files\Telekom\Mediencenter\DTAG.Mediencenter.BackgroundService.exe -- (MCSWASVR)
SRV:64bit: - [2011/02/17 05:08:56 | 001,133,568 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2011/02/09 13:49:18 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2011/02/05 01:34:20 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011/02/05 01:24:24 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/02/05 01:19:50 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2010/09/23 04:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2008/02/19 10:12:32 | 000,565,928 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxbkcoms.exe -- (lxbk_device)
SRV - [2013/09/03 11:47:19 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/09/03 11:47:00 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013/08/22 00:36:36 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/25 18:57:36 | 000,853,800 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe -- (hshld)
SRV - [2013/07/25 18:57:08 | 000,548,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2013/07/24 04:17:10 | 000,078,512 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE -- (HssTrayService)
SRV - [2013/07/19 10:18:14 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/10/07 12:23:08 | 000,070,144 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\watchmi\TvdService.exe -- (watchmi)
SRV - [2011/02/11 21:40:00 | 000,997,712 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011/02/11 21:39:58 | 001,304,912 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011/02/11 21:39:54 | 000,907,600 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2011/02/07 09:56:11 | 000,138,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)
SRV - [2010/11/06 09:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/18 23:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/11/07 12:46:52 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe -- (x10nets)
SRV - [2009/10/23 02:05:40 | 000,118,560 | ---- | M] (Wistron Corp.) [On_Demand | Running] -- C:\Program Files (x86)\Launch Manager\WisLMSvc.exe -- (WisLMSvc)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/02/19 10:12:18 | 000,537,256 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxbkcoms.exe -- (lxbk_device)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/09/03 11:47:22 | 000,132,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013/09/03 11:47:22 | 000,105,344 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013/07/24 04:12:40 | 000,046,792 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hssdrv6.sys -- (HssDRV6)
DRV:64bit: - [2013/04/24 21:28:08 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2013/03/31 04:06:12 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013/03/07 01:33:20 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013/02/22 09:17:06 | 000,203,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013/02/22 09:17:06 | 000,102,936 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/02/22 09:16:54 | 000,188,232 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2013/02/22 09:16:54 | 000,169,288 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2013/02/22 09:16:54 | 000,038,080 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2013/02/22 09:16:54 | 000,021,320 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2012/11/25 00:26:17 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/08/26 14:56:21 | 000,138,400 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2012/08/25 22:28:14 | 000,202,632 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/26 19:49:12 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/24 20:40:20 | 008,591,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011/02/17 02:46:36 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2011/02/16 23:45:48 | 000,261,632 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2011/02/16 23:45:48 | 000,261,632 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011/02/10 15:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011/02/10 15:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011/01/27 09:57:12 | 012,273,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/01/25 21:48:04 | 000,077,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011/01/24 11:24:52 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011/01/24 11:24:50 | 000,053,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmaud.sys -- (btmaudio)
DRV:64bit: - [2011/01/24 11:22:48 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011/01/24 10:56:06 | 000,274,944 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2010/12/17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/06 09:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/29 05:07:44 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/10/21 12:20:44 | 000,299,520 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010/10/15 01:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/09/16 09:08:50 | 001,077,416 | ---- | M] (DiBcom SA) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mod77-64.sys -- (mod7764)
DRV:64bit: - [2010/09/03 14:46:48 | 001,392,688 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/05/15 16:55:14 | 000,318,152 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cbfs3.sys -- (cbfs3)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/13 21:47:44 | 000,032,792 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\x10ufx2.sys -- (XUIF)
DRV:64bit: - [2009/05/13 21:26:14 | 000,015,896 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\x10hid.sys -- (X10Hid)
DRV - [2012/08/26 14:56:21 | 000,138,400 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKLM\..\URLSearchHook: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=QuickIM&dpid=QuickIM&co=DE&userid=585edd45-2a2e-428a-84ed-2958c193e9aa&searchtype=ds&q={searchTerms}&installDate=07/04/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=QuickIM&dpid=QuickIM&co=DE&userid=585edd45-2a2e-428a-84ed-2958c193e9aa&searchtype=ds&q={searchTerms}&installDate=07/04/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snap.do/?publisher=QuickIM&dpid=QuickIM&co=DE&userid=585edd45-2a2e-428a-84ed-2958c193e9aa&searchtype=ds&q={searchTerms}&installDate=07/04/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snap.do/?publisher=QuickIM&dpid=QuickIM&co=DE&userid=585edd45-2a2e-428a-84ed-2958c193e9aa&searchtype=ds&q={searchTerms}&installDate=07/04/2013
IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=QuickIM&dpid=QuickIM&co=DE&userid=585edd45-2a2e-428a-84ed-2958c193e9aa&searchtype=ds&q={searchTerms}&installDate=07/04/2013
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "WebSearch"
FF - prefs.js..browser.search.defaultenginename,S: S", "WebSearch"
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: "hxxp://websearch.helpmefindyour.info/?pid=658&r=2013/04/08&hid=1909449697&lg=EN&cc=DE&l=1&q="
FF - prefs.js..browser.search.order.1: "WebSearch"
FF - prefs.js..browser.search.order.1,S: S", "WebSearch"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.search.selectedEngine,S: S", "WebSearch"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "hxxp://feed.snap.do/?publisher=QuickIM&dpid=QuickIM&co=DE&userid=585edd45-2a2e-428a-84ed-2958c193e9aa&searchtype=hp&installDate=07/04/2013"
FF - prefs.js..extensions.enabledAddons: %7B99B98C2C-7274-45a3-A640-D9DF1A1C8460%7D:1.4
FF - prefs.js..extensions.enabledAddons: %7Bd49a148e-817e-4025-bee3-5d541376de3b%7D:3.1
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.17
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.9.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..keyword.URL: "hxxp://feed.snap.do/?publisher=QuickIM&dpid=QuickIM&co=DE&userid=585edd45-2a2e-428a-84ed-2958c193e9aa&searchtype=ds&installDate=07/04/2013&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.10: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\baraboo\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\baraboo\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/05/05 13:56:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/07/19 10:18:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/17 21:56:39 | 000,000,000 | ---D | M]

[2011/05/31 18:49:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\baraboo\AppData\Roaming\mozilla\Extensions
[2013/09/09 19:06:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\baraboo\AppData\Roaming\mozilla\Firefox\Profiles\avm0ttg6.default\extensions
[2013/05/11 17:58:26 | 000,000,000 | ---D | M] ("QuickShare Widget") -- C:\Users\baraboo\AppData\Roaming\mozilla\Firefox\Profiles\avm0ttg6.default\extensions\{585edd45-2a2e-428a-84ed-2958c193e9aa}
[2013/07/23 14:25:12 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\baraboo\AppData\Roaming\mozilla\Firefox\Profiles\avm0ttg6.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/09/20 21:58:57 | 000,000,000 | ---D | M] (FoxClocks) -- C:\Users\baraboo\AppData\Roaming\mozilla\Firefox\Profiles\avm0ttg6.default\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
[2013/04/22 19:46:43 | 000,000,000 | ---D | M] (Brouwse2saave) -- C:\Users\baraboo\AppData\Roaming\mozilla\Firefox\Profiles\avm0ttg6.default\extensions\aw77c0@dlzh-hd.com
[2012/05/05 13:54:45 | 000,000,000 | ---D | M] (loadtbs) -- C:\Users\baraboo\AppData\Roaming\mozilla\Firefox\Profiles\avm0ttg6.default\extensions\software@loadtubes.com
[2013/09/09 19:06:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\baraboo\AppData\Roaming\mozilla\Firefox\Profiles\avm0ttg6.default\extensions\staged
[2013/04/14 22:07:10 | 000,000,000 | ---D | M] (BrowSoe2asaaveey) -- C:\Users\baraboo\AppData\Roaming\mozilla\Firefox\Profiles\avm0ttg6.default\extensions\yeap-p@slaxdbcluyu-.net
[2013/09/08 21:08:47 | 000,128,676 | ---- | M] () (No name found) -- C:\Users\baraboo\AppData\Roaming\mozilla\firefox\profiles\avm0ttg6.default\extensions\adblockpopups@jessehakanen.net.xpi
[2013/04/24 00:28:49 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\baraboo\AppData\Roaming\mozilla\firefox\profiles\avm0ttg6.default\extensions\elemhidehelper@adblockplus.org.xpi
[2013/06/15 19:43:58 | 000,094,667 | ---- | M] () (No name found) -- C:\Users\baraboo\AppData\Roaming\mozilla\firefox\profiles\avm0ttg6.default\extensions\speedanalysis02@SpeedAnalysis.com.xpi
[2011/11/27 01:11:58 | 000,030,926 | ---- | M] () (No name found) -- C:\Users\baraboo\AppData\Roaming\mozilla\firefox\profiles\avm0ttg6.default\extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi
[2012/12/28 14:31:02 | 000,036,139 | ---- | M] () (No name found) -- C:\Users\baraboo\AppData\Roaming\mozilla\firefox\profiles\avm0ttg6.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2013/08/17 17:42:26 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\baraboo\AppData\Roaming\mozilla\firefox\profiles\avm0ttg6.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/07/15 10:52:28 | 000,009,274 | ---- | M] () (No name found) -- C:\Users\baraboo\AppData\Roaming\mozilla\firefox\profiles\avm0ttg6.default\extensions\{d49a148e-817e-4025-bee3-5d541376de3b}.xpi
[2013/01/18 20:46:28 | 000,190,000 | ---- | M] () (No name found) -- C:\Users\baraboo\AppData\Roaming\mozilla\firefox\profiles\avm0ttg6.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2013/08/17 17:42:26 | 000,699,775 | ---- | M] () (No name found) -- C:\Users\baraboo\AppData\Roaming\mozilla\firefox\profiles\avm0ttg6.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
[2013/05/11 19:47:45 | 000,022,903 | ---- | M] () -- C:\Users\baraboo\AppData\Roaming\mozilla\firefox\profiles\avm0ttg6.default\searchplugins\Web Search.xml
[2013/07/19 10:18:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013/04/14 22:34:01 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/04/14 22:34:01 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files (x86)\mozilla firefox\extensions\afurladvisor@anchorfree.com
[2013/07/19 10:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013/07/19 10:18:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/07/19 10:21:09 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\afurladvisor@anchorfree.com
[2004/07/02 14:51:00 | 000,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\np32asw.dll
[2004/07/02 14:51:00 | 000,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\np32asw.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{go ogle:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{googlemniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefi xUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://websearch.helpmefindyour.info/?pid=658&r=2013/04/08&hid=1909449697&lg=EN&cc=DE
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\baraboo\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\baraboo\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\baraboo\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\baraboo\AppData\Local\Google\Chrome\User Data\Default\Extensions\emlhcngcihhbhffejfoebpgepknlobhb\10.16.330.3_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Users\baraboo\AppData\Local\Google\Chrome\User Data\Default\Extensions\emlhcngcihhbhffejfoebpgepknlobhb\10.16.330.3_0\plugins/np-cwmp.dll
CHR - plugin: Conduit Chrome Approve TB Plugin (Enabled) = C:\Users\baraboo\AppData\Local\Google\Chrome\User Data\Default\Extensions\emlhcngcihhbhffejfoebpgepknlobhb\10.16.330.3_0\plugins/ChromeApproveTBPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Authorware Web Player (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np32asw.dll
CHR - plugin: LoadTubes Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npmieze.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\baraboo\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: QuickShare Widget = C:\Users\baraboo\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\
CHR - Extension: Adblock Plus = C:\Users\baraboo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0\
CHR - Extension: Speed Analysis 2 = C:\Users\baraboo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.4_0\
CHR - Extension: FileConverter 1.3 B2 = C:\Users\baraboo\AppData\Local\Google\Chrome\User Data\Default\Extensions\emlhcngcihhbhffejfoebpgepknlobhb\10.19.2.505_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\baraboo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\baraboo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Virtual Storage Mount Notification) - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
O2:64bit: - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HotkeyApp] C:\Program Files (x86)\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LMgrVolOSD] C:\Program Files (x86)\Launch Manager\OSD.exe (Wistron Corp.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [Wbutton] C:\Program Files (x86)\Launch Manager\Wbutton.exe (Wistron Corp.)
O4 - HKCU..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [Browser Infrastructure Helper] C:\Users\baraboo\AppData\Local\Smartbar\Application\QuickShare.exe (Smartbar)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - Startup: C:\Users\baraboo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2012/01/02 21:54:25 | 000,000,000 | -H-D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B630595A-1F98-41CA-B659-BC7CD3604FEA}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~2\websea~1\sprote~1.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/30 15:10:00 | 000,000,523 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{03654c65-885e-11e0-bc6e-00262dc645f9}\Shell - "" = AutoRun
O33 - MountPoints2\{03654c65-885e-11e0-bc6e-00262dc645f9}\Shell\AutoRun\command - "" = F:\CD_Start.exe
O33 - MountPoints2\{2e28b3c2-aa11-11e0-9d3f-bc77370eab90}\Shell - "" = AutoRun
O33 - MountPoints2\{2e28b3c2-aa11-11e0-9d3f-bc77370eab90}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{5f6283eb-8ced-11e0-8f6e-bc77370eab90}\Shell - "" = AutoRun
O33 - MountPoints2\{5f6283eb-8ced-11e0-8f6e-bc77370eab90}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{73efdd54-3610-11e2-a8df-bc77370eab90}\Shell - "" = AutoRun
O33 - MountPoints2\{73efdd54-3610-11e2-a8df-bc77370eab90}\Shell\AutoRun\command - "" = F:\Start.exe -- [2008/07/22 10:29:04 | 001,992,704 | R--- | M] (Franzis Verlag GmbH)
O33 - MountPoints2\{874a9272-8ba3-11e0-abe7-bc77370eab90}\Shell - "" = AutoRun
O33 - MountPoints2\{874a9272-8ba3-11e0-abe7-bc77370eab90}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{8a7d515e-8e93-11e0-b3af-bc77370eab90}\Shell - "" = AutoRun
O33 - MountPoints2\{8a7d515e-8e93-11e0-b3af-bc77370eab90}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/09/09 17:56:44 | 000,000,000 | ---D | C] -- C:\Users\baraboo\Desktop\china 2013
[2013/09/09 17:52:33 | 000,000,000 | ---D | C] -- C:\Users\baraboo\Desktop\New York 2013
[2013/09/08 21:33:05 | 000,000,000 | ---D | C] -- C:\Users\baraboo\AppData\Local\IM
[2013/09/08 21:32:06 | 000,000,000 | ---D | C] -- C:\ProgramData\IncrediMail
[2013/09/08 21:32:06 | 000,000,000 | ---D | C] -- C:\ProgramData\IM
[2013/09/08 21:17:31 | 000,000,000 | ---D | C] -- C:\Users\baraboo\AppData\Roaming\Thunderbird
[2013/09/08 21:17:31 | 000,000,000 | ---D | C] -- C:\Users\baraboo\AppData\Local\Thunderbird
[2013/09/04 14:55:17 | 000,000,000 | ---D | C] -- C:\Users\baraboo\Desktop\board
[2013/09/03 02:20:09 | 000,000,000 | ---D | C] -- C:\Users\baraboo\Desktop\oneworldcenter
[2013/08/26 18:31:12 | 000,000,000 | ---D | C] -- C:\Users\baraboo\Desktop\silvia
[2013/08/22 16:43:52 | 000,000,000 | ---D | C] -- C:\Users\baraboo\Desktop\deckblätter
[2013/08/15 16:12:00 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/08/15 16:12:00 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/08/15 16:11:58 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/08/15 16:11:57 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/08/15 16:11:57 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/08/15 16:11:57 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/08/15 16:11:57 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/08/15 16:11:57 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/08/15 16:11:57 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/08/15 16:11:57 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/08/15 16:11:57 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/08/15 16:11:53 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/08/15 16:11:53 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/08/15 16:11:53 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/08/15 16:11:52 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/08/14 23:19:58 | 001,472,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/08/14 23:19:57 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013/08/14 23:19:56 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/08/14 23:19:32 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/08/14 23:19:31 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013/08/14 23:19:30 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2013/08/14 23:19:28 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/08/14 23:19:27 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/08/14 23:19:26 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/08/14 23:19:26 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/08/14 23:19:25 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/08/14 23:19:25 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/08/14 23:19:25 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/08/14 23:19:25 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/08/14 23:19:24 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/08/14 23:19:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/08/13 00:03:21 | 000,000,000 | ---D | C] -- C:\Users\baraboo\Desktop\pics
[2 C:\Users\baraboo\Desktop\*.tmp files -> C:\Users\baraboo\Desktop\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\baraboo\Documents\*.tmp files -> C:\Users\baraboo\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/09/09 20:36:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/09/09 20:22:48 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/09 20:22:48 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/09 20:21:29 | 000,038,241 | ---- | M] () -- C:\Users\baraboo\Desktop\telnet.JPG
[2013/09/09 20:07:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1393710205-2202028525-504932716-1000UA.job
[2013/09/09 20:04:00 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\WpsUpdateTask_baraboo.job
[2013/09/09 19:41:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/09 18:55:53 | 000,040,052 | ---- | M] () -- C:\Users\baraboo\Desktop\eb4.JPG
[2013/09/09 18:55:22 | 000,036,911 | ---- | M] () -- C:\Users\baraboo\Desktop\eb5.JPG
[2013/09/09 18:54:25 | 000,065,753 | ---- | M] () -- C:\Users\baraboo\Desktop\eb3.JPG
[2013/09/09 18:53:18 | 000,040,769 | ---- | M] () -- C:\Users\baraboo\Desktop\EB2.JPG
[2013/09/09 18:52:54 | 000,040,546 | ---- | M] () -- C:\Users\baraboo\Desktop\eb1.JPG
[2013/09/09 17:54:52 | 001,507,502 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/09/09 17:54:52 | 000,657,948 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013/09/09 17:54:52 | 000,619,184 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/09/09 17:54:52 | 000,131,288 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013/09/09 17:54:52 | 000,107,504 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/09/09 17:49:39 | 000,000,278 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2013/09/09 10:56:40 | 3148,140,544 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/08 03:07:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1393710205-2202028525-504932716-1000Core.job
[2013/09/04 16:30:27 | 000,000,286 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2013/09/03 11:47:22 | 000,132,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013/09/03 11:47:22 | 000,105,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013/09/03 11:47:22 | 000,081,112 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013/08/22 00:36:33 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/08/22 00:36:33 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/08/17 22:14:19 | 001,380,947 | ---- | M] () -- C:\Users\baraboo\Desktop\gutschein.pdf
[2013/08/14 16:33:11 | 000,267,364 | ---- | M] () -- C:\Users\baraboo\Desktop\anzeihe zeitung vlh.pdf
[2 C:\Users\baraboo\Desktop\*.tmp files -> C:\Users\baraboo\Desktop\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\baraboo\Documents\*.tmp files -> C:\Users\baraboo\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/09/09 20:21:28 | 000,038,241 | ---- | C] () -- C:\Users\baraboo\Desktop\telnet.JPG
[2013/09/09 18:55:53 | 000,040,052 | ---- | C] () -- C:\Users\baraboo\Desktop\eb4.JPG
[2013/09/09 18:55:22 | 000,036,911 | ---- | C] () -- C:\Users\baraboo\Desktop\eb5.JPG
[2013/09/09 18:54:25 | 000,065,753 | ---- | C] () -- C:\Users\baraboo\Desktop\eb3.JPG
[2013/09/09 18:53:18 | 000,040,769 | ---- | C] () -- C:\Users\baraboo\Desktop\EB2.JPG
[2013/09/09 18:52:54 | 000,040,546 | ---- | C] () -- C:\Users\baraboo\Desktop\eb1.JPG
[2013/08/17 22:14:19 | 001,380,947 | ---- | C] () -- C:\Users\baraboo\Desktop\gutschein.pdf
[2013/08/14 16:33:06 | 000,267,364 | ---- | C] () -- C:\Users\baraboo\Desktop\anzeihe zeitung vlh.pdf
[2013/07/30 00:22:33 | 000,002,829 | ---- | C] () -- C:\Users\baraboo\AppData\Local\recently-used.xbel
[2013/07/15 13:11:10 | 000,000,032 | ---- | C] () -- C:\Windows\setup.INI
[2013/04/21 23:08:57 | 000,000,106 | ---- | C] () -- C:\Windows\SeeYa! Settings.ini
[2013/04/21 23:04:36 | 000,000,050 | ---- | C] () -- C:\Windows\Illuminator Settings.ini
[2013/04/21 23:04:36 | 000,000,024 | ---- | C] () -- C:\Windows\SEEYB.ini
[2013/04/21 23:04:36 | 000,000,024 | ---- | C] () -- C:\Windows\APHIB.ini
[2013/04/21 23:04:29 | 000,000,055 | ---- | C] () -- C:\Windows\SysWow64\SeeYa! Settings.ini
[2013/04/18 22:45:15 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\cd.dat
[2013/04/18 22:16:09 | 000,002,006 | ---- | C] () -- C:\Users\baraboo\Samsung Kies (Lite).lnk
[2013/04/18 22:16:09 | 000,001,996 | ---- | C] () -- C:\Users\baraboo\Samsung Kies.lnk
[2013/04/12 02:20:29 | 000,140,652 | ---- | C] () -- C:\Users\baraboo\542810_10151274645511230_1713546683_n.jpg
[2013/04/08 23:47:00 | 000,012,223 | ---- | C] () -- C:\Users\baraboo\März Abrechnung.pdf
[2013/04/04 21:37:35 | 000,039,745 | ---- | C] () -- C:\Users\baraboo\drache.jpg
[2013/03/14 17:26:05 | 000,021,916 | ---- | C] () -- C:\Users\baraboo\AppData\Roaming\Microsoft Excel 97-2003.ADR
[2012/08/11 00:37:04 | 000,007,601 | ---- | C] () -- C:\Users\baraboo\AppData\Local\Resmon.ResmonCfg
[2012/07/24 19:06:09 | 004,503,728 | ---- | C] () -- C:\ProgramData\z7_0ytr.pad
[2012/07/07 12:39:39 | 000,002,232 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2012/07/02 23:18:39 | 004,503,728 | ---- | C] () -- C:\ProgramData\l_u0_0.pad
[2012/03/04 23:23:07 | 000,000,083 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012/01/29 00:41:44 | 000,000,109 | ---- | C] () -- C:\Windows\Lexstat.ini
[2012/01/28 20:47:07 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkserv.dll
[2012/01/28 20:47:07 | 000,991,232 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkusb1.dll
[2012/01/28 20:47:07 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkhbn3.dll
[2012/01/28 20:47:07 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkpmui.dll
[2012/01/28 20:47:07 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbklmpm.dll
[2012/01/28 20:47:07 | 000,537,256 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcoms.exe
[2012/01/28 20:47:07 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcomm.dll
[2012/01/28 20:47:07 | 000,413,696 | ---- | C] () -- C:\Windows\SysWow64\lxbkutil.dll
[2012/01/28 20:47:07 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkinpa.dll
[2012/01/28 20:47:07 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkiesc.dll
[2012/01/28 20:47:07 | 000,385,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkih.exe
[2012/01/28 20:47:07 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\LXBKinst.dll
[2012/01/28 20:47:07 | 000,180,904 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkppls.exe
[2012/01/28 20:47:07 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkprox.dll
[2012/01/28 20:47:07 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkpplc.dll
[2012/01/28 20:47:06 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcomc.dll
[2012/01/28 20:47:06 | 000,381,608 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcfg.exe
[2012/01/06 01:41:07 | 000,002,260 | ---- | C] () -- C:\Users\baraboo\Agatha Christie - Und dann gabs keines mehr.lnk
[2012/01/04 03:18:13 | 001,944,765 | ---- | C] () -- C:\Users\baraboo\Agatha das böse unter der sonne.pdf
[2012/01/04 03:17:11 | 011,365,824 | ---- | C] () -- C:\Users\baraboo\Agatha-und dann gabs...pdf
[2011/11/26 15:08:40 | 001,527,912 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/11/10 21:50:48 | 000,000,021 | ---- | C] () -- C:\Users\baraboo\AppData\Local\mc.pixel.data
[2011/05/31 20:04:40 | 000,013,312 | ---- | C] () -- C:\Users\baraboo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/04/07 16:07:40 | 000,014,601 | ---- | C] () -- C:\Program Files\Installationsanleitung.html
[2005/03/24 16:28:56 | 000,383,996 | ---- | C] () -- C:\Program Files\Photoshop Neue Funktionen.pdf
[2005/02/25 15:37:00 | 000,157,035 | ---- | C] () -- C:\Program Files\LegalNotices.pdf

========== ZeroAccess Check ==========

[2012/01/02 22:05:27 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1393710205-2202028525-504932716-1003\$R0L15E7\l
[2012/05/26 20:25:51 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1393710205-2202028525-504932716-1003\$R0L15E7\installer\l
[2012/05/26 20:26:11 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-1393710205-2202028525-504932716-1003\$R0L15E7\shellext\l
[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011/06/14 20:39:32 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\AnvSoft
[2011/10/17 17:31:54 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\Ashampoo
[2013/05/27 17:22:37 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\Avant Downloader
[2012/05/27 20:53:15 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\calibre
[2013/05/01 19:50:12 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\Canon
[2011/07/30 23:56:57 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\CommunicaEtor
[2011/11/10 21:28:43 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\Cyberduck
[2013/07/19 23:03:14 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\DAEMON Tools Lite
[2012/07/03 20:49:19 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\dpdhl.versandhelfer.baraboolap.CDA82DC3FEDD13302C6424313D9A2999F162D21A.1
[2013/07/03 20:11:52 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\Dropbox
[2013/07/17 13:52:22 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\DVDVideoSoft
[2012/12/30 17:21:10 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\DVDVideoSoftIEHelpers
[2013/04/22 23:11:22 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\File Scout
[2011/06/14 20:14:20 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\HandBrake
[2013/06/11 00:56:21 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\InterTrust
[2013/04/21 23:09:57 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\Kingsoft
[2012/02/11 09:22:50 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\Kinovea
[2012/05/27 20:59:41 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\LibreOffice
[2013/07/17 13:42:25 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\OpenCandy
[2012/07/03 20:45:27 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\Participatory Culture Foundation
[2011/06/25 23:24:42 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\PCF-VLC
[2013/04/23 00:09:40 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\PerformerSoft
[2013/04/18 22:16:40 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\Samsung
[2012/10/06 15:29:33 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\Schmap
[2013/04/22 00:06:29 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\smc
[2011/08/04 00:46:24 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\SoftMaker
[2013/04/22 23:11:35 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\SpeedAnalysis2
[2013/03/31 03:51:52 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\Spotify
[2013/07/15 13:54:42 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\Steuersoft
[2013/07/14 16:16:19 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\Systweak
[2013/09/08 21:17:31 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\Thunderbird
[2013/07/14 16:34:02 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\TweakNow RegCleaner Professional
[2012/09/21 15:41:30 | 000,000,000 | ---D | M] -- C:\Users\baraboo\AppData\Roaming\Wondershare
[2011/11/10 21:22:28 | 000,000,000 | -HSD | M] -- C:\Users\baraboo\AppData\Roaming\wyUpdate AU

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2013/09/09 17:50:05 | 096,665,497 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\諊貙˜
[2013/09/09 10:57:53 | 096,665,497 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\諊貙˜
[2013/09/06 21:54:15 | 096,470,395 | ---- | M] ()(C:\Windows\SysWow64\???C) -- C:\Windows\SysWow64\偙茔C
[2013/09/06 10:39:53 | 096,470,395 | ---- | C] ()(C:\Windows\SysWow64\???C) -- C:\Windows\SysWow64\偙茔C
[2013/09/04 21:08:07 | 095,920,262 | ---- | M] ()(C:\Windows\SysWow64\???U) -- C:\Windows\SysWow64\瀶U
[2013/09/04 21:08:07 | 095,920,262 | ---- | C] ()(C:\Windows\SysWow64\???U) -- C:\Windows\SysWow64\瀶U
[2013/09/04 14:23:31 | 095,863,165 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\앳™
[2013/09/04 02:18:21 | 095,863,165 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\앳™

========== Alternate Data Streams ==========

@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:661DFA1C

< End of report >

 

Themen zu SMTP Outlook Problem! OTL.txt hilfe BITTE um Auswertung.
adobe, canon, desktop, flash player, home, hotspot, launch, mails versenden, outlook, plug-in, problem, pup.optional.filescout.a, pup.optional.opencandy, pup.optional.quickshare.a, pup.optional.regcleanerpro, pup.optional.regcleanpro.a, pup.optional.smartbar.a, pup.optional.snapdo, pup.optional.speedanalysis.a, pup.optional.speedanalysis2.a, pup.optional.sprotector.a, pup.optional.tarma.a, pup.optional.wajam.a, registry, safer networking, samsung kies, server, smartbar, software, usb, windows


« Windows XP Update: 100% CPU durch svhost | ihavenet + TR/Crypt.XPACK.Gen in chrome.exe »


Ähnliche Themen: SMTP Outlook Problem! OTL.txt hilfe BITTE um Auswertung.


  1. Problem mit TR/Dropper.Gen? OTL-Auswertung bitte mal drüber schauen
    Plagegeister aller Art und deren Bekämpfung - 29.04.2011 (3)
  2. Bitte um HijackThis Auswertung-Problem webfetti
    Mülltonne - 11.11.2008 (0)
  3. Altbekanntes Desktop-Spyware Problem + Bediddle.de [Bitte um Auswertung]
    Log-Analyse und Auswertung - 14.09.2008 (12)
  4. Explorer Problem bitte um Auswertung (Dringend!!)
    Log-Analyse und Auswertung - 12.09.2008 (5)
  5. Kein offizielles Problem. Bitte um auswertung
    Log-Analyse und Auswertung - 01.07.2008 (7)
  6. LogFile Auswertung hab Trojaner problem !!!!!! bitte hilft mir
    Mülltonne - 20.05.2008 (0)
  7. bitte logfile-auswertung - trojaner? + windows-problem
    Log-Analyse und Auswertung - 19.05.2008 (11)
  8. Bitte um HJT Auswertung bei CID Problem
    Log-Analyse und Auswertung - 12.02.2008 (7)
  9. Viren??Würmer..HILFE! Bitte um Hilfe bei der Auswertung meines hijackthis-log
    Mülltonne - 14.11.2007 (0)
  10. IEXPLORE Problem, bitte um Hijack auswertung.
    Log-Analyse und Auswertung - 15.08.2007 (2)
  11. hatte scvhost problem, bitte um auswertung
    Log-Analyse und Auswertung - 12.04.2007 (11)
  12. Bitte um Auswertung/Hilfe
    Log-Analyse und Auswertung - 06.02.2007 (2)
  13. Office 2007 Enterprise Outlook wird beendet... Bitte um Hilfe...
    Log-Analyse und Auswertung - 28.01.2007 (2)
  14. Bitte um Hilfe für Auswertung
    Log-Analyse und Auswertung - 31.10.2006 (7)
  15. Bitte um Auswertung und Hilfe
    Log-Analyse und Auswertung - 18.09.2005 (3)
  16. Bitte um Logfile-auswertung für searchfind.info Problem
    Log-Analyse und Auswertung - 28.09.2004 (9)
  17. Großes Problem, bitte um Auswertung!
    Log-Analyse und Auswertung - 05.08.2004 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema SMTP Outlook Problem! OTL.txt hilfe BITTE um Auswertung. - Hallo Ihr Lieben, ich habe sei18.7 plötlich das Problem, dass bei einem Mailprogramm keine Mails mehr ausgehen. Andere Programme haben kein Problem. Wenn man über Telnet pingt kommt auch, dass - SMTP Outlook Problem! OTL.txt hilfe BITTE um Auswertung....
Archiv
Du betrachtest: SMTP Outlook Problem! OTL.txt hilfe BITTE um Auswertung. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131