| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Browser öffnet 98uj8.de/s3brsn5ba66mgfzeinrum#noadWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
01.08.2014, 00:45
| #1 |
 |  Browser öffnet 98uj8.de/s3brsn5ba66mgfzeinrum#noad Hallo, heute Abend hat mein Browser (Opera) probiert, oben genannte Seite mehrfach zu öffnen. Das habe ich dann damit unterbunden, indem ich den PC heruntergefahren habe. Nach dem Hochfahren wollte ich erstmal einen Scan mit Malwarebytes machen, leider hat sich wieder diese Seite geöffnet (aber erst, nachdem der PC so eine halbe Stunde wieder an war)... Darum wende ich mich wieder an diese Seite, hier wurde mir schon einmal super geholfen.  Hier sind Logs, die ich habe: defogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 01:11 on 01/08/2014 (Sebastian)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:31-07-2014 02
Ran by Sebastian (administrator) on PC-22 on 01-08-2014 01:13:18
Running from C:\Users\Sebastian\Desktop
Platform: Microsoft Windows 7 Home Premium (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
() C:\Users\Sebastian\AppData\Local\temp\OCS\Downloads\471dda038bf3cfdcce6f34b54d3cfb53\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corp.) C:\Program Files\Broadcom\BPowMon\BPowMon.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
() C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(Microsoft) C:\dell\DBRM\Reminder\DbrmTrayicon.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\ipmgui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Opera Software) C:\Program Files\Opera\20.0.1387.82\opera.exe
() C:\Program Files\Opera\20.0.1387.82\opera_crashreporter.exe
() C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Opera Software) C:\Program Files\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files\Opera\20.0.1387.82\opera.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Opera Software) C:\Program Files\Opera\20.0.1387.82\opera.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Opera Software) C:\Program Files\Opera\20.0.1387.82\opera.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-2359546455-2944345457-3885489924-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WG111v3 Setup-Assistent.lnk
ShortcutTarget: NETGEAR WG111v3 Setup-Assistent.lnk -> C:\Program Files\NETGEAR\WG111v3\WG111v3.exe ()
Startup: C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0677337437DACE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
SearchScopes: HKLM - DefaultScope {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKCU - DefaultScope {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKCU - {24408C1E-C980-413B-BCA8-79DF804C2358} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=aaf9a38e-ab1c-48ef-a907-48c1b260d8c3&pid=icqt&mode=bounce&k=0
SearchScopes: HKCU - {28FFCE4B-2F52-456B-8E62-A3228FE0F12D} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=aaf9a38e-ab1c-48ef-a907-48c1b260d8c3&pid=icqt&mode=bounce&k=0
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKCU - {D0B51842-A86C-4630-A4F2-DA6FF2479E55} URL =
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> c:\Program Files\Trend Micro\Client Server Security Agent\bho\1035\TmIEPlg.dll No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\Program Files\Trend Micro\Client Server Security Agent\bho\1035\TmIEPlg.dll No File
Winsock: Catalog9 000000000100 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000101 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000102 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000103 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000104 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000105 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000106 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000107 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000108 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000109 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000110 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000111 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000112 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000113 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000114 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000115 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000116 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000117 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000118 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000119 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000120 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000121 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000122 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000123 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000124 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000125 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000126 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000127 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000128 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000129 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000130 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000131 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000132 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000133 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000134 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000135 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000136 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000137 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000138 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000139 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000140 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000141 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000142 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000143 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000144 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000145 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000146 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000147 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000148 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000149 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000150 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000151 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000152 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000153 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000154 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000155 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000156 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000157 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000158 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000159 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000160 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000161 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000162 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000163 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000164 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000165 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000166 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000167 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000168 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000169 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000170 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000171 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000172 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000173 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000174 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000175 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000176 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000177 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000178 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000179 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000180 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000181 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000182 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000183 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000184 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000185 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000186 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000187 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000188 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000189 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000190 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000191 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000192 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000193 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000194 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000195 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000196 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000197 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000198 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000199 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000200 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000201 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000202 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000203 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000204 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000205 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000206 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000207 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000208 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000209 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000210 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000211 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000212 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000213 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000214 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000215 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000216 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000217 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000218 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000219 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000220 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000221 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000222 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000223 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000224 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000225 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000226 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000227 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000228 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000229 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000230 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000231 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000232 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000233 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000234 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000235 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000236 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000237 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000238 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000239 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000240 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000241 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000242 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000243 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000244 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000245 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000246 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000247 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000248 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000249 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000250 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000251 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000252 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000253 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000254 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000255 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000256 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000257 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000258 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000259 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000260 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000261 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000262 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000263 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000264 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000265 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000266 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000267 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000268 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000269 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000270 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000271 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000272 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000273 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000274 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000275 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000276 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000277 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000278 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000279 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000280 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000281 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000282 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000283 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000284 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000285 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000286 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000287 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000288 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000289 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000290 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000291 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000292 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000293 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000294 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000295 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000296 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000297 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000298 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000299 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000300 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000301 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000302 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000303 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000304 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000305 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000306 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000307 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000308 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000309 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000310 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000311 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000312 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000313 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000314 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000315 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000316 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000317 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000318 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000319 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000320 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000321 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000322 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000323 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000324 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000325 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000326 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000327 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000328 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000329 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000330 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000331 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000332 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000333 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000334 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000335 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000336 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000337 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000338 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000339 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000340 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000341 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000342 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000343 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000344 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000345 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000346 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000347 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000348 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000349 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000350 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000351 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000352 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000353 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000354 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000355 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000356 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000357 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000358 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000359 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000360 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000361 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000362 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000363 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000364 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000365 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000366 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000367 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000368 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000369 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000370 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000371 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000372 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000373 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000374 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000375 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000376 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000377 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000378 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000379 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000380 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000381 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000382 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000383 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000384 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000385 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000386 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000387 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000388 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Sebastian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - c:\Program Files\Trend Micro\Client Server Security Agent\bho\1035\FirefoxExtension
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AddonsHelper; C:\Users\Sebastian\AppData\Local\Temp\OCS\Downloads\471dda038bf3cfdcce6f34b54d3cfb53\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe [896512 2013-11-23] () [File not signed]
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1028688 2014-07-03] (Avira Operations GmbH & Co. KG)
S4 NOBU; C:\Program Files\Dell\Dell Datasafe Online\NOBuAgent.exe [2075480 2010-08-25] (Dell, Inc.)
S3 RoxMediaDB12OEM; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [1116656 2010-09-04] (Sonic Solutions)
S2 RoxWatch12; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [219632 2010-09-04] (Sonic Solutions)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-02-14] (Avira Operations GmbH & Co. KG)
S3 DrvAgent32; C:\Windows\system32\Drivers\DrvAgent32.sys [23456 2012-12-10] (Phoenix Technologies) [File not signed]
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-08-01] (Malwarebytes Corporation)
R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [347136 2009-07-14] (Realtek Semiconductor Corporation )
S3 SCR3XX2K; C:\Windows\System32\DRIVERS\SCR3XX2K.sys [59776 2011-09-07] (SCM Microsystems Inc.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-02-14] (Avira GmbH)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 MEMSWEEP2; \??\C:\Windows\system32\F09B.tmp [X]
S3 PCDSRVC{E9D79540-57D5953E-06020101}_0; \??\c:\program files\dell support center\pcdsrvc.pkms [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-01 01:13 - 2014-08-01 01:14 - 00042404 _____ () C:\Users\Sebastian\Desktop\FRST.txt
2014-08-01 01:13 - 2014-08-01 01:13 - 00000000 ____D () C:\FRST
2014-08-01 01:12 - 2014-08-01 01:12 - 01084928 _____ (Farbar) C:\Users\Sebastian\Desktop\FRST.exe
2014-08-01 01:11 - 2014-08-01 01:11 - 00000480 _____ () C:\Users\Sebastian\Desktop\defogger_disable.log
2014-08-01 01:11 - 2014-08-01 01:11 - 00000000 _____ () C:\Users\Sebastian\defogger_reenable
2014-08-01 01:10 - 2014-08-01 01:10 - 00050477 _____ () C:\Users\Sebastian\Desktop\Defogger.exe
2014-08-01 01:08 - 2014-08-01 01:08 - 00000035 _____ () C:\Users\Sebastian\Desktop\Link.txt
2014-07-31 01:43 - 2014-07-31 01:43 - 00000000 ____D () C:\Windows\system32\SPReview
2014-07-29 20:49 - 2014-07-31 11:50 - 00000683 _____ () C:\Users\Sebastian\Desktop\ThreadKielerJung.txt
2014-07-26 16:37 - 2014-07-26 16:39 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-07-26 01:32 - 2014-07-26 01:32 - 00015110 _____ () C:\Users\Sebastian\Desktop\Judge_Roles.xlsx
2014-07-09 16:54 - 2014-07-09 16:54 - 04220562 _____ () C:\Users\Sebastian\Desktop\Einf_SketchUp_2014.pptx
2014-07-09 14:27 - 2014-07-09 14:27 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-09 07:19 - 2014-07-01 03:38 - 00402944 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 07:19 - 2014-07-01 03:35 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-01 01:14 - 2014-08-01 01:13 - 00042404 _____ () C:\Users\Sebastian\Desktop\FRST.txt
2014-08-01 01:13 - 2014-08-01 01:13 - 00000000 ____D () C:\FRST
2014-08-01 01:12 - 2014-08-01 01:12 - 01084928 _____ (Farbar) C:\Users\Sebastian\Desktop\FRST.exe
2014-08-01 01:11 - 2014-08-01 01:11 - 00000480 _____ () C:\Users\Sebastian\Desktop\defogger_disable.log
2014-08-01 01:11 - 2014-08-01 01:11 - 00000000 _____ () C:\Users\Sebastian\defogger_reenable
2014-08-01 01:11 - 2011-01-05 18:43 - 00000000 ____D () C:\Users\Sebastian
2014-08-01 01:11 - 2009-07-14 06:34 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-01 01:11 - 2009-07-14 06:34 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-01 01:10 - 2014-08-01 01:10 - 00050477 _____ () C:\Users\Sebastian\Desktop\Defogger.exe
2014-08-01 01:09 - 2012-08-02 14:27 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-01 01:09 - 2011-01-06 00:30 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Skype
2014-08-01 01:08 - 2014-08-01 01:08 - 00000035 _____ () C:\Users\Sebastian\Desktop\Link.txt
2014-08-01 01:07 - 2009-07-14 06:55 - 01656338 _____ () C:\Windows\WindowsUpdate.log
2014-08-01 01:02 - 2014-04-14 07:54 - 00000000 ___RD () C:\Users\Sebastian\Dropbox
2014-08-01 01:02 - 2014-04-14 07:52 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\DropboxMaster
2014-08-01 01:02 - 2014-01-27 12:03 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Dropbox
2014-08-01 00:59 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-01 00:59 - 2009-07-14 06:39 - 00314817 _____ () C:\Windows\setupact.log
2014-08-01 00:45 - 2013-08-03 19:44 - 00000000 ____D () C:\Users\Sebastian\Desktop\Ebay
2014-08-01 00:44 - 2012-09-28 21:04 - 00000000 ____D () C:\Users\Sebastian\Desktop\Wichtige Programme
2014-08-01 00:21 - 2014-07-01 00:46 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-31 14:39 - 2013-03-26 22:06 - 00000000 ____D () C:\Program Files\Steam
2014-07-31 11:50 - 2014-07-29 20:49 - 00000683 _____ () C:\Users\Sebastian\Desktop\ThreadKielerJung.txt
2014-07-31 11:34 - 2011-01-14 12:37 - 00000000 ____D () C:\Users\Sebastian\Documents\TrackMania
2014-07-31 11:23 - 2011-01-14 12:38 - 00000000 ____D () C:\ProgramData\TrackMania
2014-07-31 10:22 - 2013-03-26 22:07 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-07-31 10:18 - 2011-01-05 18:45 - 00000422 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2014-07-31 10:09 - 2013-01-31 01:15 - 00000000 ____D () C:\Users\Sebastian\Desktop\Judgekram
2014-07-31 10:04 - 2011-01-05 21:16 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Adobe
2014-07-31 01:43 - 2014-07-31 01:43 - 00000000 ____D () C:\Windows\system32\SPReview
2014-07-31 00:36 - 2013-09-15 19:34 - 01828864 ___SH () C:\Users\Sebastian\Desktop\Thumbs.db
2014-07-31 00:00 - 2014-04-15 22:03 - 00000000 ____D () C:\Users\Sebastian\Desktop\WoTReplays
2014-07-30 13:50 - 2014-01-20 16:24 - 00000000 ____D () C:\Program Files\DevPro
2014-07-27 09:29 - 2010-12-30 21:32 - 00000000 ____D () C:\ProgramData\Sonic
2014-07-26 16:39 - 2014-07-26 16:37 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-07-26 01:32 - 2014-07-26 01:32 - 00015110 _____ () C:\Users\Sebastian\Desktop\Judge_Roles.xlsx
2014-07-24 18:01 - 2010-12-30 21:37 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 17:46 - 2010-12-30 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-21 08:49 - 2011-01-05 18:45 - 00000564 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-07-20 16:25 - 2011-03-09 17:39 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\TS3Client
2014-07-19 13:27 - 2011-03-09 17:39 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-07-14 13:38 - 2010-12-30 21:28 - 01855564 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-10 15:15 - 2014-02-28 20:42 - 00035848 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-09 16:54 - 2014-07-09 16:54 - 04220562 _____ () C:\Users\Sebastian\Desktop\Einf_SketchUp_2014.pptx
2014-07-09 14:27 - 2014-07-09 14:27 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-09 08:33 - 2013-07-13 01:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 08:31 - 2011-03-10 21:15 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 07:06 - 2009-07-14 06:53 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-09 00:09 - 2012-04-03 16:13 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-09 00:09 - 2011-11-08 20:28 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-03 20:19 - 2014-02-28 14:39 - 00097648 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-03 18:27 - 2014-04-14 07:54 - 00001030 _____ () C:\Users\Sebastian\Desktop\Dropbox.lnk
2014-07-03 18:27 - 2014-04-14 07:52 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-02 19:24 - 2011-05-08 09:23 - 00000000 ____D () C:\Users\Sebastian\Desktop\Studium Geographie
Files to move or delete:
====================
C:\Users\Sebastian\WoT_internet_install_eu.exe
Some content of TEMP:
====================
C:\Users\Sebastian\AppData\Local\temp\0a50e25a83046228c11dcaa7eeed09bb.exe
C:\Users\Sebastian\AppData\Local\temp\AskSLib.dll
C:\Users\Sebastian\AppData\Local\temp\avgnt.exe
C:\Users\Sebastian\AppData\Local\temp\DevPro CardManager.exe
C:\Users\Sebastian\AppData\Local\temp\devpro.dll
C:\Users\Sebastian\AppData\Local\temp\DevPro.exe
C:\Users\Sebastian\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpair9ij.dll
C:\Users\Sebastian\AppData\Local\temp\icqsetup.exe
C:\Users\Sebastian\AppData\Local\temp\IcqUpdater.exe
C:\Users\Sebastian\AppData\Local\temp\ICSharpCode.SharpZipLib.dll
C:\Users\Sebastian\AppData\Local\temp\jna2162589126552495114.dll
C:\Users\Sebastian\AppData\Local\temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Sebastian\AppData\Local\temp\msvcp120.dll
C:\Users\Sebastian\AppData\Local\temp\msvcr120.dll
C:\Users\Sebastian\AppData\Local\temp\SkypeSetup.exe
C:\Users\Sebastian\AppData\Local\temp\SRLDetectionLibrary6314724087267001777.dll
C:\Users\Sebastian\AppData\Local\temp\YgoUpdater.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2010-12-30 21:17
==================== End Of Log ============================
|
|
01.08.2014, 00:46
| #2 |
| | Browser öffnet 98uj8.de/s3brsn5ba66mgfzeinrum#noad FRST-ADDITION (wurde ebenfalls erstellt)
__________________Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:31-07-2014 02
Ran by Sebastian at 2014-08-01 01:15:00
Running from C:\Users\Sebastian\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{90120000-0019-0000-0000-0000000FF1CE}_PUBLISHER_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
ACDSee Foto-Manager 2009 (HKLM\...\{300578F9-9EFF-4B93-9AB1-C0E5707EF463}) (Version: 11.0.113 - ACD Systems International)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.2.8870 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.2.8870 - Adobe Systems Inc.) Hidden
Adobe Creative Cloud (HKLM\...\Adobe Creative Cloud) (Version: 2.5.0.367 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Illustrator CC (HKLM\...\{F2321021-08A2-44D6-B1DF-BDB415F23EC3}) (Version: 17.0 - Adobe Systems Incorporated)
Age of Mythology - The Titans Expansion (HKLM\...\Age of Mythology Expansion Pack 1.0) (Version: - )
Age of Mythology (HKLM\...\Age of Mythology 1.0) (Version: - )
AIDA64 Extreme Edition v2.60 (HKLM\...\AIDA64 Extreme Edition_is1) (Version: 2.60 - FinalWire Ltd.)
All Out Race (HKLM\...\All Out Race) (Version: - )
Amnesia: The Dark Descent (HKLM\...\Steam App 57300) (Version: - )
ArcGIS Desktop (HKLM\...\ArcGIS Desktop) (Version: 9.3.1770 - Environmental Systems Research Institute, Inc.)
ArcGIS Desktop (Version: 9.3.1770 - Environmental Systems Research Institute, Inc.) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.5.464 - Avira)
Broadcom Gigabit NetLink Controller (HKLM\...\{A325B368-A9EC-40EF-A95C-9DEAD3683AE3}) (Version: 12.33.02 - Broadcom Corporation)
Broadcom Management Programs (HKLM\...\{5DB87A63-9420-48CC-9F9A-B8801D38D6B5}) (Version: 12.35.01 - Broadcom Corporation)
City Racing (HKLM\...\City Racing_is1) (Version: 1.0 - Media Contact LLC)
CPUID CPU-Z 1.61.5 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Cry of Fear (HKLM\...\Steam App 223710) (Version: - Team Psykskallar)
Dark Souls: Prepare to Die Edition (HKLM\...\Steam App 211420) (Version: - FromSoftware)
Dead Space (HKLM\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
Dell Backup and Recovery Manager (HKLM\...\{4688EB75-28E2-4731-9BCB-55E624F7CD45}) (Version: 1.3 - Dell Inc.)
Dell DataSafe Online (HKLM\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.0.5621.01 - Dell Inc.)
Dell Support Center (Version: 3.0.5621.01 - PC-Doctor, Inc.) Hidden
Desktop Icon für Amazon (HKLM\...\DesktopIconAmazon) (Version: 1.0.1 (de) - )
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden
DriverAgent by eSupport.com (HKLM\...\DriverAgent.exe) (Version: - )
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Fatal Racing, CD-Rip (DOS, 1995) (HKLM\...\{ED67D93D-1676-4615-99F1-CFA54CB9A3A1}_is1) (Version: 2.05 - DJ OldGames)
FLV Player 2.0 (build 25) (HKLM\...\FLV Player) (Version: 2.0 (build 25) - Martijn de Visser)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.1995 - Intel Corporation)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
ManiaPlanet (HKLM\...\ManiaPlanet_is1) (Version: - Nadeo)
Mantis (HKLM\...\{BFD1742D-FBB1-4DA2-B187-4DFBFF1E8629}) (Version: 3.0.27.4 - The Upper Deck Company)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0019-0000-0000-0000000FF1CE}_PUBLISHER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 (HKLM\...\EXCEL) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint 2007 (HKLM\...\POWERPOINT) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher 2007 (HKLM\...\PUBLISHER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Publisher 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word 2007 (HKLM\...\WORD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NETGEAR WG111v3 wireless USB 2.0 adapter (HKLM\...\InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}) (Version: 1.01.10 - NETGEAR)
NETGEAR WG111v3 wireless USB 2.0 adapter (Version: 1.01.10 - NETGEAR) Hidden
NWZ-B170 WALKMAN Guide (HKLM\...\{B91B14D5-B817-4C79-BEF6-0A7A23FE6C61}) (Version: 2.1.0.33220 - Sony Corporation)
Opera Stable 20.0.1387.82 (HKLM\...\Opera 20.0.1387.82) (Version: 20.0.1387.82 - Opera Software ASA)
Origin (HKLM\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
PDF Settings CC (Version: 12.0 - Adobe Systems Incorporated) Hidden
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.212.0 - Tracker Software Products Ltd)
PhotoShowExpress (Version: 2.0.028 - Sonic Solutions) Hidden
Project64 1.6 (HKLM\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
Python 2.5 numpy-1.0.3 (HKLM\...\numpy-py2.5) (Version: - )
Python 2.5 numpy-1.0.3 (HKLM\...\Python 2.5 numpy-1.0.3) (Version: - )
Python 2.5.1 (HKLM\...\Python 2.5.1) (Version: - )
QuickTime (HKLM\...\{C78EAC6F-7A73-452E-8134-DBB2165C5A68}) (Version: 7.62.14.0 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5936 - )
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
RootKit Hook Analyzer 3.02 (HKLM\...\HookAnalyzer_is1) (Version: - Resplendence Software Projects Sp.)
Roxio Activation Module (Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (Version: 1.3.3 - Roxio) Hidden
Roxio Burn (Version: 1.6 - Roxio) Hidden
Roxio Creator Starter (HKLM\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.40.0 - Roxio)
Roxio Creator Starter (Version: 1.0.311 - Roxio) Hidden
Roxio Creator Starter (Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
RUBICon (HKLM\...\{5A1084A3-79B7-480C-9275-D8AA0CCEFA52}) (Version: 2.0.24 - RUB)
SCR3xxx Smart Card Reader (HKLM\...\{9C411EF9-6EBA-46E3-8132-EDADF1CC0B16}) (Version: 8.41 - SCM Microsystems)
Security Task Manager 1.8d (HKLM\...\Security Task Manager) (Version: 1.8d - Neuber Software)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden
Sophos Anti-Rootkit 1.5.0 (HKLM\...\Sophos-AntiRootkit) (Version: 1.5.0 - Sophos Plc)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab CYRI (HKLM\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Takatis - A Tribute To Manfred Trenz (HKLM\...\Takatis - A Tribute To Manfred Trenz) (Version: - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
The Binding of Isaac (HKLM\...\Steam App 113200) (Version: - )
TmNationsForever (HKLM\...\TmNationsForever_is1) (Version: - Nadeo)
Tomb Raider: Underworld 1.1 (HKLM\...\Tomb Raider: Underworld) (Version: - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0019-0000-0000-0000000FF1CE}_PUBLISHER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0019-0000-0000-0000000FF1CE}_PUBLISHER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0019-0000-0000-0000000FF1CE}_PUBLISHER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0019-0000-0000-0000000FF1CE}_PUBLISHER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_EXCEL_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_POWERPOINT_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_WORD_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Visual Basic for Applications (R) Core - English (Version: 6.5.10.32 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core (Version: 6.5.10.32 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
World of Tanks (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version: - Wargaming.net)
WoT Statistics (HKLM\...\WoT Statistics_is1) (Version: 2.0.6.63 - Nick Saaiman)
YGOPro DevPro Version 1.9.8 r9 (HKLM\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.9.8 r9 - YGOPro DevPro Online)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{00370489-B3A0-3B0E-9AF4-CD50E8EF9F58}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{09375100-C865-3528-881F-F6456A0489AF}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{12FB900A-7CC2-38C1-BFA9-F071C604C0CF}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{187A4591-BD21-33D9-BDD3-8AEA1183CF8E}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{1DC5B0B2-6625-3CD5-AD95-422C5E50AEB4}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{20102C67-3DAC-30EB-A48D-C951D43F87DD}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{2B5EC5D0-A186-3081-803D-A52C24FADEB4}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{2C571B02-7361-3801-889E-DB312FD5F9DF}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{34C285D0-FB92-3A4C-A06C-EBE47A65A729}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{39D0949A-FF1D-34C7-91E4-A21F226E2A16}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{3D6BE8CF-93FF-3927-8C73-BB2924B7C3BA}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{43A810AC-434C-384B-BFFF-E140D7F5F5DB}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Sebastian\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{4E1F4C50-95A1-3B3C-88C9-784793EA83E9}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{590097C7-EF0A-3E1D-AC8B-0AFE5D6A4914}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{632E5D73-94E1-3EC8-80B6-3BD6C97B686C}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{64FAB7F6-81A1-37BF-8268-703EDF6572B1}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{67F3DFF8-25D1-3120-A27B-3410FE4EA2AA}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{7F2C5E7B-5403-3BFD-9C92-65D8AEE9D207}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{8250AAC3-30FC-3641-AB5A-0FC5B8E7C14F}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{89091BF8-D999-397C-8532-F000B67B08F2}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{97D6C494-E0F5-38C2-9FB9-5BBBD24E4AEF}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{994B05F6-D609-3C82-A60A-8F629779E7B3}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{A1596465-2332-3617-922D-FBA433F0DC28}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{A661F2DD-2FD6-3A55-AF96-3DCE9337CADF}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{AD8A28A5-623C-39DD-92DC-63055611D30C}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{B7977E7C-8401-37CC-BFA1-C9E46B656261}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{C4890885-29CD-3098-82D2-B5D962DA9EDE}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{C5F731DF-0E00-344B-86DE-82DD41BEB3F7}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{CA588435-9714-33B3-ABB1-EB2DFD1EF360}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{CB579C9B-5732-3751-9A3B-D2F626AFC912}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{CFC474D2-AEB5-38F3-91A6-5FB20AFCFF73}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{D3C91135-8AF3-330C-99CB-6C35982CA819}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{E71EE793-1D5C-348C-9F2F-30A106DDC7D4}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{E7ED6653-4EB5-3555-889A-85B310FE1819}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{E8D396E6-AD17-3F46-A750-6C6B84E97C00}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{EA8BAFC5-7B19-384D-8D01-4DC8286569F5}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{F31280C8-7261-31D0-8E32-224FEFE8B897}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{F413B64D-16A1-3663-8D8A-E541024248AF}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{F5837D97-8512-3CE2-A787-16322293DD52}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{F616D756-DE23-33E2-9D28-79F5F9E58DE3}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{F8A1016B-9E8C-335D-9FA5-5418157FFA02}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2359546455-2944345457-3885489924-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Restore Points =========================
28-07-2014 00:01:58 Windows 7 Service Pack 1
28-07-2014 13:44:47 Windows Update
29-07-2014 01:01:07 Windows Update
30-07-2014 15:25:59 Windows Update
30-07-2014 23:40:58 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2013-06-12 14:25 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0E563EE9-836A-4A7B-B24C-6519BE2D9310} - System32\Tasks\AdobeAAMUpdater-1.0-PC-22-Sebastian => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {2120B040-F503-48B9-A223-DCBBC4E1377C} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2010-08-06] ()
Task: {35EADEC0-AD51-4DC1-8E95-BAE11FF8BA0B} - System32\Tasks\{4309B8BD-8C3E-4707-93BF-09B0E356B90B} => C:\Program Files\NETGEAR\WG111v3\WG111v3.exe [2008-06-13] ()
Task: {431EA57A-761C-448E-80A5-E80F32398EF1} - System32\Tasks\{523ED7CF-04D3-410B-8F4E-F269EEEB0E90} => C:\Program Files\NETGEAR\WG111v3\WG111v3.exe [2008-06-13] ()
Task: {46DD9482-9196-45E9-BB45-E5FD5D6E5931} - System32\Tasks\{40908DCE-C33A-4DF0-A51C-057E4F79186B} => C:\Users\Sebastian\Desktop\easytoolz\EasyToolz.exe
Task: {7D4737C4-C335-4DA1-8017-1CD33941549D} - System32\Tasks\{1EFC8E02-CCFF-458F-BAB7-EBE9DF99AC5D} => C:\Program Files\Skype\\Phone\Skype.exe [2014-05-08] (Skype Technologies S.A.)
Task: {89550F74-66C7-4311-9858-64273F44D8AD} - System32\Tasks\{BB48A044-3C70-48A8-9591-137804C365C2} => C:\Program Files\NETGEAR\WG111v3\WG111v3.exe [2008-06-13] ()
Task: {B0652DAB-BD67-45EF-9E98-856D01102CB3} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2010-08-06] (PC-Doctor, Inc.)
Task: {C8ACBED5-18D7-40E5-ABBD-9B59EC281431} - System32\Tasks\{024AB47C-2A0A-4293-8A90-205ADF411EEE} => C:\Program Files\NETGEAR\WG111v3\WG111v3.exe [2008-06-13] ()
Task: {E2005960-7199-4A78-90E9-3987DC981B8B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {F54B8AB8-BBD0-4FCA-B301-B677C6C37FA8} - System32\Tasks\DSite => C:\Users\SEBAST~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {FBBDE411-5A06-4323-B3CC-6A85F04B3410} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\pcdrcui.exe [2010-08-06] (PC-Doctor, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\pcdrcui.exe
==================== Loaded Modules (whitelisted) =============
2013-11-23 22:46 - 2013-11-23 22:46 - 00896512 _____ () C:\Users\Sebastian\AppData\Local\Temp\OCS\Downloads\471dda038bf3cfdcce6f34b54d3cfb53\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe
2014-03-20 11:23 - 2014-03-20 11:23 - 00691360 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll
2011-01-26 22:08 - 2010-03-15 12:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2010-09-03 02:28 - 2010-09-03 02:28 - 00518640 _____ () C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
2010-08-30 04:34 - 2010-08-30 04:34 - 00375280 _____ () c:\program files\common files\roxio shared\dllshared\SQLite352.dll
2014-03-18 23:22 - 2014-03-18 23:22 - 32733088 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2008-06-13 16:24 - 2008-06-13 16:24 - 02109440 _____ () C:\Program Files\NETGEAR\WG111v3\wg111v3.exe
2014-04-02 10:01 - 2014-03-19 11:59 - 01380704 _____ () C:\Program Files\Opera\20.0.1387.82\opera_crashreporter.exe
2014-03-20 11:24 - 2014-03-20 11:24 - 05288608 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-04-02 10:01 - 2014-03-19 11:59 - 00908640 _____ () C:\Program Files\Opera\20.0.1387.82\libglesv2.dll
2014-04-02 10:01 - 2014-03-19 11:59 - 00108896 _____ () C:\Program Files\Opera\20.0.1387.82\libegl.dll
2014-04-02 10:01 - 2014-03-19 11:59 - 00895328 _____ () C:\Program Files\Opera\20.0.1387.82\ffmpegsumo.dll
2014-07-09 00:09 - 2014-07-09 00:09 - 17029808 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: NOBU => 2
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/31/2014 10:10:30 AM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (5060) Asapi: (10:10:30:9570)(5060) Asapi.State - Error -- 123 Plugin S3LogPusher.dll failed to load.
Error: (07/31/2014 10:10:30 AM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (5060) Asapi: (10:10:30:6520)(5060) libAsapi.DynamicLoadedPlugin - Error -- 64 Unable to load library 'S3LogPusher.dll'
Error: (07/31/2014 10:00:40 AM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (5416) Asapi: (10:00:40:7030)(5416) Asapi.State - Error -- 123 Plugin S3LogPusher.dll failed to load.
Error: (07/31/2014 10:00:40 AM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (5416) Asapi: (10:00:40:5930)(5416) libAsapi.DynamicLoadedPlugin - Error -- 64 Unable to load library 'S3LogPusher.dll'
Error: (07/30/2014 10:10:16 AM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2480) Asapi: (10:10:16:3020)(2480) Asapi.State - Error -- 123 Plugin S3LogPusher.dll failed to load.
Error: (07/30/2014 10:10:16 AM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (2480) Asapi: (10:10:16:1650)(2480) libAsapi.DynamicLoadedPlugin - Error -- 64 Unable to load library 'S3LogPusher.dll'
Error: (07/30/2014 10:01:13 AM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (3804) Asapi: (10:01:13:0450)(3804) Asapi.State - Error -- 123 Plugin S3LogPusher.dll failed to load.
Error: (07/30/2014 10:01:12 AM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (3804) Asapi: (10:01:12:7650)(3804) libAsapi.DynamicLoadedPlugin - Error -- 64 Unable to load library 'S3LogPusher.dll'
Error: (07/29/2014 10:00:09 AM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (5980) Asapi: (10:00:09:7120)(5980) Asapi.State - Error -- 123 Plugin S3LogPusher.dll failed to load.
Error: (07/29/2014 10:00:09 AM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (5980) Asapi: (10:00:09:5860)(5980) libAsapi.DynamicLoadedPlugin - Error -- 64 Unable to load library 'S3LogPusher.dll'
System errors:
=============
Error: (08/01/2014 01:05:15 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (08/01/2014 01:02:28 AM) (Source: NetBT) (EventID: 4307) (User: )
Description: Initialisierung fehlgeschlagen, da die Transportschicht das Öffnen der Anfangsadressen verweigerte.
Error: (08/01/2014 01:01:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (08/01/2014 01:01:22 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Presentation Foundation-Schriftartcache 3.0.0.0 erreicht.
Error: (08/01/2014 00:59:26 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 01.08.2014 um 00:58:32 unerwartet heruntergefahren.
Error: (08/01/2014 00:22:39 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (08/01/2014 00:14:42 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 01.08.2014 um 00:13:15 unerwartet heruntergefahren.
Error: (07/31/2014 10:22:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (07/31/2014 10:22:29 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (07/31/2014 01:47:55 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8000ffff fehlgeschlagen: Windows 7 Service Pack 1 (KB976932)
Microsoft Office Sessions:
=========================
Error: (02/17/2014 11:56:50 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 10 seconds with 0 seconds of active time. This session ended with a crash.
Error: (01/10/2011 06:51:44 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 152 seconds with 120 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Percentage of memory in use: 51%
Total physical RAM: 3036.8 MB
Available physical RAM: 1461.09 MB
Total Pagefile: 6071.89 MB
Available Pagefile: 4193.32 MB
Total Virtual: 2047.88 MB
Available Virtual: 1897.68 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:220.56 GB) (Free:91.5 GB) NTFS
Drive d: (NEU) (CDROM) (Total:0.52 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 40000000)
Partition 1: (Not Active) - (Size=118 MB) - (Type=DE)
Partition 2: (Active) - (Size=12 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=221 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-08-01 01:33:41
Windows 6.1.7600 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD2500AAJS-75M0A0 rev.02.03E02 232,83GB
Running: Gmer-19357.exe; Driver: C:\Users\SEBAST~1\AppData\Local\Temp\kxldapob.sys
---- System - GMER 2.1 ----
SSDT 92D8A73E ZwCreateSection
SSDT 92D8A748 ZwRequestWaitReplyPort
SSDT 92D8A743 ZwSetContextThread
SSDT 92D8A74D ZwSetSecurityObject
SSDT 92D8A752 ZwSystemDebugControl
SSDT 92D8A6DF ZwTerminateProcess
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwRollbackTransaction + 13F9 8327F829 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 832A4132 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!RtlSidHashLookup + 350 832ABA30 4 Bytes [3E, A7, D8, 92]
.text ntkrnlpa.exe!RtlSidHashLookup + 6AC 832ABD8C 4 Bytes [48, A7, D8, 92]
.text ntkrnlpa.exe!RtlSidHashLookup + 6F0 832ABDD0 4 Bytes [43, A7, D8, 92]
.text ntkrnlpa.exe!RtlSidHashLookup + 76C 832ABE4C 4 Bytes [4D, A7, D8, 92]
.text ntkrnlpa.exe!RtlSidHashLookup + 7C0 832ABEA0 4 Bytes [52, A7, D8, 92]
.text ...
---- Devices - GMER 2.1 ----
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Bind ????16???????????????????????????i???x??????????????????????????????????????????????????? ?????????????????????????????????????????????????s????????????LegacyDriver????????????????????????????????????????????????????????????????????PROCEXP113??????????????????????Microsoft-6zu4-Adapter #107??????????????b??????{4d36e96f-e325-11ce-bfc1-08002be10318}\0001??????????????}?????sAC??Microsoft-6zu4-Adapter #110?????? p????????????U??????N???????????D?????????????????????????86???????????????????N??86????8??????8??????"????????????e??ad??? p????????????(??????$LAN-Verbindung* 19???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????4Microsoft-6zu4-Adapter #10????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Export ???????????????????????s?????????????????????????????????????a??????os??t????????l??{4d36e972-e325-11ce-bfc1-08002be10318}??????? p??????????????e???????B??{4d36e972-e325-11ce-bfc1-08002be10318}\0062?s???USBSTOR???????????????????????????????.?????????16???????????i??os??????????????????????????????????????????Microsoft-6zu4-Adapter #70?03-??????????????? ?????????????????????-????????N????????????j?o??????p??????????????????????????????p?????t?u??? ???????v?????y?z??v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files\maniaplanet\maniaplanet.exe|Name=ManiaPlanet|Desc=ManiaPlanet|Defer=User|?et|?????????????????????@volsnap.inf,%msft%;Microsoft????????B??????D????}????????????????????N????????????D?????????????????????????????6??7????????B???????????????????v???????????????y??????????1-??text?/????????????????????????????????8Drahtlosnetzwerkverbindung 3????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager@PendingFileRenameOperations ?????&???????????????t??Hewlett-Packard?????????????? ?????????????????????1????????????????????MSAFD NetBIOS [\Device\NetBT_Tcpip6_{BA4DFC1D-58C4-4CEE-86DF-2AD6C61B8529}] SEQPACKET 90?1??? ???????}???????????n????????"?????????????32??Standardvolume??????????????????????????? ???????????????????????????????????????????????????3??Fi???????????r??er??????????????????? ???????????????????????????????????????????????????n???????????????????????????v??????? ???????}???????????n????????"?????????????????????????????????????????????????USBPRINT\HPDeskjet_5900_serie984A?HPDeskjet_5900_serie984A??????Boot Bus Extender???????LocalSystem??l???K ??-?????????????????????????????????????????k?????????????z?????????????s????????????????????? ??????????????????\GLOBAL??\TeredoTun????????????????????s?????k???g??????????????????????????????? ?????????????????????1????????????????????? ??????????????????? ?????????????????????1????????????????????? ?????????????????????1????????????????????????????????????????????????????Bas
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Bind ?????????????????????????????????6??.1???????????????????????????????????B??????????????4m??????*6to4mp?ei??{80ABB620-4E21-4B74-BF84-4DB0B324CBA1}???????????????????????????????I??ll??nettun.inf???????????????????????????????????j?????????d????? ???n???????????e??????????tu??????????????????????????SCRAWPDO_Install????nettun.inf:Microsoft.NTx86:6to4mp.ndi:6.1.7600.16385:*6to4mp??????N???????????D??????e?f?j?j?????????????????u???u??????????????????Microsoft-6zu4-Adapter #8????????????l???????????????????e???e??Net????????h?????????????????????????????????????????????????d???d????X??????????t??????????6.1.7600.16385?P-A???????????????????z???e????????????????????H??????a??????ve???????????????????????????????n????????J???????????????????0??????T??\0????6??????_???????????????????.????????????????????????????????X??????s???t??@volume.inf,%msft%;Microsoft?????????.????8??????????????????????????????e??????????????????????????t???6to4mp.ndi???h??scrawpdo.inf??????X??????????t??Microsoft-6zu4-Adapter #81????????X
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Route ?????l???????}??????????????????????-2???????????p???l???????????????t???????????????????4??????54??? p?????????????????????????????E}???????z???????c??Laufwerk?v??@nettun.inf,%msft%;Microsoft?A??? ??????????????xS???????????f???????????????????e???????????????2??????? <??????????????????????????????????????????U???????????????????????????????????????????????????????????????k???k??{4d36e972-e325-11ce-bfc1-08002be10318}?C13?????????????????s??????z?????????????nettun.inf???????????????????????????????????g?}???}?????}??????????? p??????/?????/?/??????????????86??? V???????????????????????X??????v???t???????.??????????????tunnel???????? ??????v???u????????????????????????????N????????????D????????????????????????????????????????????????????????????????? ????????????.??????????????????????????????s???h??Typ?????tunnel?2B}??*6to4mp??????????????u??????Microsoft-6zu4-Adapter???????????????f???e??@msmouse.inf,%hid.mousedevice%;HID-konforme Maus??????????????????????,?????????????*6to4mp??&????N??????d?????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Export ????????????s???????????????\\?\Root#*6TO4MP#0127#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{E4BC578E-D906-4CA1-9BB0-E9176373F9A8}???????6???????????????????????????N??????.??????????????????????s???\\?\USB#VID_0846&PID_4260#00223FEE51F4#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{40A08364-7561-4EDD-853F-3B34E3A4119D}?0???????????????????????????????????????????????????B???????????????????????????????????????????????????????????????????????????????i????????????????????????????????????????????N??????.?????????????????????????????????s?????????h???0??De??????????????????\\?\HDAUDIO#FUNC_01&VEN_10EC&DEV_0662&SUBSYS_1028043E&REV_1001#4&32649f93&0&0201#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\RtNotifyWave????\\?\Root#*6TO4MP#0142#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{4D4FC3DF-6081-4C7A-8A61-6BCE4410ACC8}?????\\?\Root#*6TO4MP#0143#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{B611C57C-04C3-49C7-8ADF-74703B6E1AA6}?????\\?\Root#*6TO4MP#0024#{cac88484-7515-4c03-82e6-71a87abac361}?u??? ???e???6????????????z?????? ???????????z?????
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Bind ?????.??????????????tunnel???????? ??????v???u????????????????????????????N????????????D????????????????????????????????????????????????????????????????? ????????????.??????????????????????????????s???h??Typ?????tunnel?2B}??*6to4mp??????????????u??????Microsoft-6zu4-Adapter???????????????f???e??@msmouse.inf,%hid.mousedevice%;HID-konforme Maus??????????????????????,?????????????*6to4mp??&????N??????d???????????????????5??96??????????{09c28a9e-654c-546b-967b-c0e0289fa446}???T??????????????????????????????????????Microsoft?????N?????????????????????????? ??De??@nettun.inf,%msft%;Microsoft?a??????????????tB??Unknown Device??????????????????????????????????????????????????????nettun.inf?????????????????h???|????????????????11??????????????????????int?os??????????????????????????????????????????????????????????6-21-2006????????????????v???o??Net?D2??11?nel????N????????????D????????7???????????????6to4mp.ndi?g?V???????????????????????????????e???????s??? ??????????????????????????????n????????????????????z???e???5?
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Route ????iv??????\l??????? ???????|???????????j?:????????????&???????????????????????@nettun.inf,%6to4mp.displayname%;Microsoft-6zu4-Adapter???????N????????????Dx6??{4d36e972-e325-11ce-bfc1-08002be10318}\0132?????{4d36e972-e325-11ce-bfc1-08002be10318}??C2??C2?????????7?????????????????????????????????????????????????????????????????????????????????????p???t??????????? ??????Microsoft-6zu4-Adapter #123?????????????????????????????????????????????? D??????3?????4d2??????????? ???t???????????????????????????????????????????f???e??? ?????????????????????1?????????????????????v?????p????????????????????????Microsoft-6zu4-Adaptertreiber???{4d36e972-e325-11ce-bfc1-08002be10318}\0104?????@nettun.inf,%6to4mp.displayname%;Microsoft-6zu4-Adapter?????@nettun.inf,%6to4mp.displayname%;Microsoft-6zu4-Adapter?so??{4d36e972-e325-11ce-bfc1-08002be10318}\0112??z??????????????????.NT?????????????????????{4d36e972-e325-11ce-bfc1-08002be10318}\0113??????????????d??????????Microsoft-6zu4-Adapter #125??2??????ce?????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Export ?????????????s??????????t???? ???????U??????????? ?????????????????????1????????????????????????????????????????????????????? ???????o?????te.????(??????S??????Boot Bus Extender???? l???????????????????????????????????J?????????????.NT?????v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=fdphost|Name=@FirewallAPI.dll,-30822|Desc=@FirewallAPI.dll,-30823|EmbedCtxt=@FirewallAPI.dll,-30752|???C:\Windows\INF\usb.inf???????????????d???d??????????????????????????????????nettun.inf:Microsoft.NTx86:6to4mp.ndi:6.1.7600.16385:*6to4mp?e???????????e??un??? ???????????????????f?1??????????????????????????????????????????????????????:?????????????? ?????????????????????-????????N???????????{4d36e972-e325-11ce-bfc1-08002be10318}??????v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=Ssdpsrv|Name=@FirewallAPI.dll,-30753|Desc=@FirewallAPI.dll,-30756|EmbedCtxt=@Firewa
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Bind ????t????????????4?????????????????????????????W????????????????????????????????????????????????????????????????????????????nettun.inf????????????????X??????????t??????????????????????????????Microsoft???Net?or??sA??????????????????????????????Net??????u??????????????ta???????????????????????????????T??????????????11?nel??*ISATAP??u??????????????s???????????Microsoft-6zu4-Adapter???????????????_??????????????????????????????????????????????????????????????????????????????????????????????Microsoft-6zu4-Adapter?????????|????????????????????6.1.7600.16385?l????Microsoft???????????????????????????????????????????text????????????? ??????????????????????WPD?????Microsoft-6zu4-Adapter???????????????????????????????s????????????.?????????????E:\??u???????????????????????????????1??12???????????????????????y?z????????(????????????????????????????????????????????2??12??Net?????????????????????????????????6-21-2006????????????????????????????.??FF??Microsoft-6zu4-Adapter???????????????????????????????????????o??co?????
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Route ????????? ?????????????????????-???????????????????????.?.??? .??????j???????e??? ?????????????????????-?????????????????f??? ?????????????????????1??L????????? ??????/?/??????????????????????? ?????????????????????1????????????&????????????????????p??? ?????????????????????1????????????????????? ?????????????????????1????????z???????????? ?????????????????????,????????????'????????????????????}??? P??????T??????????? ?????????????????????1????????????&????????????????????.??????????????? ?????????????????????1????????????????????? ?????????????????????1????????????????????TCPIP6TUNNEL?Tcpip6????????????????????????????????????????g????Microsoft???\Device\{81C67A53-5CE3-4F77-BFAD-F3AFC2435715}??7|??? ??????????????????????????????<??????i6-??}???????????? ?????eas??? ??????????????????????????????`???????????? ??????????????????????????????<???????????Microsoft-6zu4-Adaptertreiber???? ??????????????????????????????"??? ??????_{4??????????? ?????????????????????-???????????????????????t????? ?????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Export ?????-???????????-??????????????????text?/??????????????USBSTOR\Disk?USBSTOR\RAW?????????????????|??ti??? ??L???????????x????????????????????.???????????e???e???????????????????y???????????????????????????????????????"??????????Microsoft-6zu4-Adapter?(????????????????????????????2d??????????????2d????????????????????m?????6to4mp.ndi??s ???????????????????????????????????n??tu???????????????????????????????????i???????????????????o??\*???????????e???e??????of??????????????????????wpdfs.inf???6-21-2006???? ??a????d??????????Microsoft????????t??????????? ???????????????????????????i??????????????????????????????nettun.inf:Microsoft.NTx86:6to4mp.ndi:6.1.7600.16385:*6to4mp????Microsoft-6zu4-Adapter??????nettun.inf????????????????????????m?????nettun.inf:Microsoft.NTx86:6to4mp.ndi:6.1.7600.16385:*6to4mp????? ??R???? ??????????Microsoft-6zu4-Adapter??????Microsoft-6zu4-Adapter??????Microsoft-6zu4-Adapter??????6to4mp.ndi??????? ??d???????????x?????N??????f?????D?s??6to4mp.ndi?TAP?????????????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Bind ????????? ?????????????????????-?????????????????f??????????????????{8251e10e-3dba-5dec-bff8-a26c920810c1}??????? ?????????????????????1????????????????????????\\?\Root#*6TO4MP#0158#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{0B818F0C-29AB-4097-88CD-395CB72AAA6A}?????? ?????????????????????????????????e????????????{36fc9e60-c465-11cf-8056-444553540000}\0010?????? ?????????????????????1????????2???????????? ?????????????????????1????????????????????? ???????}???????????v????????"?????????????????????? ?????????????????????1????????????????????{4d36e965-e325-11ce-bfc1-08002be10318}?M 2??????????Microsoft???????????wpdbusenum\fs???{00000000-0000-0000-FFFF-FFFFFFFFFFFF}??????????????????????0????????????????t????0????? ????????????????????? ?????????????????????????????????????avgntflt????cdrom.inf:cdrom_device.NTx86:cdrom_install:6.1.7600.16385:gencdrom?.?.????2??????l?????nng??ienst???? ???????}???????????v????????"?????????????????????????? ???????j?????????????????????????????????????????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Route ????????????????????????6.1.7600.16385????????:????????g????@nettun.inf,%msft%;Microsoft?5????`?????????????????????????????????? ?????????????????????1????????????????????? ?????????????????????1?????????????????????????????????????d??te???????????u??in??*6to4mp?di??? ?????????????????????1????????????????????? ?????????????????????1?????????????????????????????????????????????????????d??{4??? ?????????????????????1????????????&???????????????????????????????os??? ?????????????????????1????????????????????? ?????????????????????1????????????????????? ?????????????????????1????????????????????? ?????????????????????1????????????????????? ?????????????????????1????????????????????? ?????????????????????1????????????????????? ?????????????????????1????????????????????????????????????????????? P?????????????????{81E94905-2CDC-40D4-9EE4-789D5AC6E8DC}????????*?????????????????TCPIP6TUNNEL?Tcpip6?????\Device\{81E94905-2CDC-40D4-9EE4-789D5AC6E8DC}???????????????-???????????????????e??????????????#???TCPIP6TUNNEL?Tc
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Export ?????????????????????????|??????????????????????Microsoft-6zu4-Adapter????????????????????????m?tu???????????????????????????????????????m????????????????????????????????????????????????????????????????????????????m?*i?????????????????????????????u????????????????????????????????????????????????????tunnel???????????????????t??????????????????????????*6to4mp??o???????????????????????????????????i???e??????????????????????????????????????????????????????????????sp???????????0??????????????????????????????????????????????????????Microsoft-6zu4-Adapter???????????????d????????????????????????m???????????????????????????????????????m??????????????????????????????"??#*??????B5????????????.?????????????????????????????????????????????????????????????????????l,??Microsoft-6zu4-Adapter??????Microsoft-6zu4-Adapter???????????????????????????????????1??11???????????4??5????????????????????????????????????????????????????????????f???????????????????????B???B???????????????????????0?1CF????????????????????????????m?tu?????
Reg HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Bind ????????????????????????? ?????????????????????1???????????????????????? ?9?????int?????? ???????d??????????????????nettun.inf??????6to4mp.ndi?g?A??? ?????????????????????1????????????????????Basic_Install???int?????Microsoft???? ?????????????????????1????????????????????? ?????????????????????1????????????????????? ???????????????????z?,????????????'????????????????????}??????????? ?????????????????????1????????????????????? ???????:?????????????:??????????O?&???????????????????????? ??????????????????????????????????????Microsoft????????????????t??????? ??????????????????????????????<??????i?????????????d??????????????????????????? ??????????????????????????????"??? ???????????? ???????????????????z?,????????????'????????????????????}??? ??????????????????????????????????????????? ?????????????????????????????? ???????????????? ?????????????????????1????????????????????? ?????????????????????1????????????????????? ?????????????????????1????????????????????? ?????????????????????1????????????????????tunnel?
Reg HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Route ????????? ???????:?????????????:??????????\?&????????????????????3??? ?????????????????????1????????????????????? ?????????????????????1????????????????????????{00000000-0000-0000-FFFF-FFFFFFFFFFFF}??????? ???????1?????????????,????????$?M?<?????????????????????????????????????$?????????????????Root\*6TO4MP\0076???? ???????1?????????????,??N?????$?K?<????????????????????????????????:??? ??????????????????????????????????????? ?????????????????????-?????????????????f????N??????b?????D?5??????????? ?????????????????????1????????????????????????????? ?????????????????????,????????????'????????????????????}???????????3??????-1??????????????????????????????????? ?????????????????????1????????????????????????????? ???????1?????????????,??N?????$?M?<????????????????????????????????i??? ?????????????????????,????????????'????????????????????}???????????????????.??\\?\Root#*6TO4MP#0076#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{B8887358-3573-49F4-AF8E-ABB63DAC4E59}?????????????? ?????????????????????1???????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Export ?????????????????_???e???????????????????s??{08BB73B2-49B5-4901-92F4-519D9E858B17}??AT??int??h??????????????????????? .?????????????????? ?????????????????????-??????????????????????s?????Root\*6TO4MP\0106???? ?????????????????????-?????????????????f??? ?????????????????????1??L????????? ???????????????????????????????? ?????????????????????1????????????&???????????????????????? ?????????????????????1????????????????????? ?????????????????????1????????z???????????\Device\{E87D3A44-260F-464A-A108-757A3F7604A0}??t???*6to4mp?????? ?????????????????????1????????????&????????????????????e??? ?????????????????????1????????????????????? ?????????????????????1?????????????????????????????i???e??????????{4d36e972-e325-11ce-bfc1-08002be10318}?apt??????????????????? ??????????????????????????? P???????????????????*??????o????don ??Microsoft-6zu4-Adapter???????????????C???e??? ??????????????????????????????<???????????nettun.inf??????? .?????????????????????? ???????@????????????????????$?N?G??????????????????????????s?
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Linkage@Bind ????????? ??????????????????????????????`????????e??{E9828495-AD02-4D0D-9FCB-B3DBF2C67801}??T_??TCPIP6TUNNEL?Tcpip6?????\Device\{E9828495-AD02-4D0D-9FCB-B3DBF2C67801}??????? ??????????????????????????????<??????i?-???????????????e??tunnel?e"?????<??????;??????Microsoft-6zu4-Adaptertreiber???????????????? ??????????????????????????????"??? ???????????? ???????7??????????tunnel??e}??? "????????????ata??ndis5_ip6_tunnel????? ???????????????????????????????????????6??????????????? ?????????????????????????????? ????????????9???? ?????????????????Netzwerkadresse?DC???????????????????? ??????????e??text????????????? ??????????????????????????????????????&????????????????????6??Typ??????????????5???t???????????????????A??????int??????????????B??{906CA567-4326-4FDE-8891-E88D6EBDF534}??????TCPIP6TUNNEL?Tcpip6?????\Device\{906CA567-4326-4FDE-8891-E88D6EBDF534}??????MSAFD NetBIOS [\Device\NetBT_Tcpip6_{8A5516C8-1244-406C-A003-3C2C6D6FF750}] SEQPACKET 49?O??? ??????????????????????????????????? ?????????????????????1???
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Linkage@Export ?????????????????????????????????????t???????????p???t??Microsoft???? ?????????????????????1????????????????????? ??????????????????6-21-2006???6to4mp.ndi?e????????????\Device\{BA4DFC1D-58C4-4CEE-86DF-2AD6C61B8529}??????6-21-2006???????????????????????????l???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????MSAFD NetBIOS [\Device\NetBT_Tcpip6_{0B818F0C-29AB-4097-88CD-395CB72AAA6A}] DATAGRAM 168????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????l???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????MSAFD NetBIOS [\Device\NetBT_Tcpip6_{688FA6F2-E953-4FC4-A9C1-AF76B4460D49}] SEQPACKET 170??????????????????????????????????????????????????????????
Reg HKLM\SYSTEM\ControlSet002\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Bind ???'?-????P?????????????%SystemRoot%\System32\setupapi.dll,-10????????@????????????2????SysClass.Dll,ScsiClassInstaller?????????????????????????????????????????s????&P?????????????????????????????SysClass.Dll,CriticalDeviceCoInstaller???????? ??????????????n??TAPE???????????????4???????????????????? ???????????????????s???????????????????? ??????????????????????????????T?4?&???????????????????????SDHost????????????T???????????c?????@%SystemRoot%\System32\SysClass.Dll,-3012?????"?????????SD host adapters?tem32\SysClass.Dll,-3012???? ?????????????????????1???????????? ?????????????????????P?????????????%SystemRoot%\System32\setupapi.dll,-39???????????????????&P?????????????????????????????SysClass.Dll,CriticalDeviceCoInstaller??????? ??????????????????????????????P?$?&????????????????????????? ?????????s???SmartCardReader???????*???????????c?????@StorProp.dll,-17002??????&?????????Smart card readers?2????? ?????????????????????1????????\??? ?????????????????????P?????????????%systemroot%\system32\setupapi.dll,
Reg HKLM\SYSTEM\ControlSet002\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Export ???5?????????????????????????????????????????????d??? ???????.?????8?????/?-??(???$????????????????.?&???????. ???????????r78x???/?g?.??PCI\VEN_8086&DEV_27CA&SUBSYS_043E1028&REV_01?PCI\VEN_8086&DEV_27CA&SUBSYS_043E1028?PCI\VEN_8086&DEV_27CA&CC_0C0300?PCI\VEN_8086&DEV_27CA&CC_0C03????? ???.???x???????.??usbuhci??/????????????????????,??5????????????s?????atapi???Volume??????hdc?????{00000000-0000-0000-ffff-ffffffffffff}????????N??.????????D??????????.???t???e???.??PCI\VEN_8086&DEV_27CA&REV_01?PCI\VEN_8086&DEV_27CA?PCI\VEN_8086&CC_0C0300?PCI\VEN_8086&CC_0C03?PCI\VEN_8086?PCI\CC_0C0300?PCI\CC_0C03????.????N??.????????Dsat?????4???4???4???4?????"???????????????????????????????g?g????????E????????U??????????????{36fc9e60-c465-11cf-8056-444553540000}???????????????????????.???????.???s???e???.??{00000000-0000-0000-ffff-ffffffffffff}???.??{36fc9e60-c465-11cf-8056-444553540000}???????????????-?????s1D?????4???.???5???8???3????????????????????????????? ???9???.?????.?.???????????????????7?8?6???.?????????????????????
Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Bind ???k?m???k???k???k???????k???????????k???k??WUDFRd?-4F???k???k???? ??k???k???e???????????????k???????e???k????????????????????????b??????2?g?3??????????????????????????????????RDP_KBD??&??? l??k???????????????????????k?k??????????????*??k?????????????????????k?o???k???k???k??? ???????k?????k?????i?-???????????? ???????????????????????????????? ???????k???????????n?-????????N????????????????k???-??25??????lA?????k?????k??????????????????????????????????????????????Microsoft??????k?&??????????????s????k???????????k???????????????????????????????????????k??SCR3XX2K?????????&???k???k???????????????s?????k?&??{71a27cdd-812a-11d0-bec7-08002be2092f}???????????e???6??d-???k???????`??? ??????????????????t????k???????????????????,???????/??{4d36e972-e325-11ce-bfc1-08002be10318}?Tra????X??????&???&???k?k?k??Microsoft????k??????IO???l?l@????k???????k??????????????usbprint?????????????{?{?{???k???k?k?&??@%SystemRoot%\system32\drivers\partmgr.sys,-100?????tunnel???????l?lKB???k???????k??Microsoft???? ???????k?????k?????j?
Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Route ???k?o???k???k???k??? ???????k?????k?????i?-???????????? ???????????????????????????????? ???????k???????????n?-????????N????????????????k???-??25??????lA?????k?????k??????????????????????????????????????????????Microsoft??????k?&??????????????s????k???????????k???????????????????????????????????????k??SCR3XX2K?????????&???k???k???????????????s?????k?&??{71a27cdd-812a-11d0-bec7-08002be2092f}???????????e???6??d-???k???????`??? ??????????????????t????k???????????????????,???????/??{4d36e972-e325-11ce-bfc1-08002be10318}?Tra????X??????&???&???k?k?k??Microsoft????k??????IO???l?l@????k???????k??????????????usbprint?????????????{?{?{???k???k?k?&??@%SystemRoot%\system32\drivers\partmgr.sys,-100?????tunnel???????l?lKB???k???????k??Microsoft???? ???????k?????k?????j?-???????????????????C????LegacyDriver????????? ???????k???????????h?-????????Z????????????????????????????????????????k?????k?&???????o???????g???s???????????????????k??? ??nt??6&13a6b838&0?7??? ??????????????x????k?k?&????8??o????????h??????????p?????????
Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Export ???k?????k??????????????????????????????????????????????Microsoft??????k?&??????????????s????k???????????k???????????????????????????????????????k??SCR3XX2K?????????&???k???k???????????????s?????k?&??{71a27cdd-812a-11d0-bec7-08002be2092f}???????????e???6??d-???k???????`??? ??????????????????t????k???????????????????,???????/??{4d36e972-e325-11ce-bfc1-08002be10318}?Tra????X??????&???&???k?k?k??Microsoft????k??????IO???l?l@????k???????k??????????????usbprint?????????????{?{?{???k???k?k?&??@%SystemRoot%\system32\drivers\partmgr.sys,-100?????tunnel???????l?lKB???k???????k??Microsoft???? ???????k?????k?????j?-???????????????????C????LegacyDriver????????? ???????k???????????h?-????????Z????????????????????????????????????????k?????k?&???????o???????g???s???????????????????k??? ??nt??6&13a6b838&0?7??? ??????????????x????k?k?&????8??o????????h??????????p???????????????a?????????????????????????e?????????l????????????????????????$??k??????????????? ???????k?????k?????j?-?????????????????????E?????k?&??*6to4mp??7??? ?
Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Bind ???g?n???????\?????????????????? ????5??????? ???????????????????????????5??????s-???5?g?i??*PNP09FF????tunnel?z?z???????\???/??????????Monitor?????? P??5???B?????\De????*??5???}????dPAC??? ^??????E?????SYS???5????&??5???/??????LAN-Verbindung* 69????????N???????????????????N??????*???????0??6.1.7600.16385?zro??Net???????N??????n???????2??Net?????????????????0????????5???????????5????P??8??????NF???6?6?6???????T???~???????~?????????????????s?6??NDIS????Monitor?????NDIS?;??????????Net??????????.??????s????????/???z??????????Net?????????????????????????USB\VID_0846&PID_4260\001E2A436E9D??????Psched???0????:??????o??????.NTx86??????? >??U???N?????&DE??monitor?\C???????e???????e???5??????????????streamci.dll,SwEnumCoInstaller??32??? ???????5?????5???????1?????????????????????????5???6???????9?9?????6?6?6?????????5?5??@compositebus.inf,%compositebus.devicedesc%;Busenumerator f?r Verbundger?te?????? ???????3???????????/?3???????????????????????t60?????5???????5?????5???????????????????????? ????(??????P????????????
Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Route ???g?o??????????????????????? ???????g???????????f?-??????$???????????????sT_0???????????T??ip??????ce??? ???????g???????????`?-??????"??????????f???????g???????????g?gce??{4d36e972-e325-11ce-bfc1-08002be10318}????????X???????????????H??i???????????g?g?7????2??????.?g?.???i?h?i???????????/?????????/??????h??g ???????????rriv???????????t??.0??? ???????g?????g???????1??L????????? ??????.16?????g???g???g???g????? ???????g?????g???????1????????????&???????????????????????? ???????g?????g???????1????????????????????? ???????g???????????`?1????????????????????6.1.7600.16385?????????g????? ???????g?????g???????1????????????????????? ???????g???????????f?1????????????????????mshdc.inf????????????????????0???????????????????g?g???????g????? ???????g?????g???????1??????????????????????N??h????????D???????N??h?????????D?.???g?h?/???????g??????p????g??????????????SmartCard????????8??????s????????z??????AC??????`????5??????0F???????????.??l,??*PNP09FF???????g????? ???????g?????g???????1????????????????????Monitor??u??? ?
Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Export ???i??????????????????????|??i??????????hal.inf:GENDEV_SYS.NTx86:ACPIAPIC_HAL:6.1.7600.16385:acpiapic????????????????????????i???3???????????????????????????????????????????i???????????????????i?i?i???????????????????????i??????????6.1.7600.16385???????i?i?i????????????????????,??i??????????ACPI x86-basierter PC????i?i?i???????????????????????i??????????hal.inf??????i?i?i???????????????????????i???3??????ACPIAPIC_HAL?H???i?i?i???????????????????????i??????????acpiapic?????i?i?i???????????????????????i??????????Microsoft????i?i?i???????????????????????i??????????HAL??????i?i?i???????????????????????????????????i?i?i???l?l?i??? ???0???e?????leG???????i???0???2???k?k?k??@compositebus.inf,%msft%;Microsoft?????????? ????M?????sur????<??i????????h??????????????????????????????????????????i???V??00??????????????t?????:??????????{??.NT??????????????????l??????????????????????t????????????????????i?i????LegacyDriver????????????????????????????????MEMSWEEP2???? ???i??????????????STORAGE\VolumeSnapshot?????????????????
Reg HKLM\SYSTEM\ControlSet002\services\NetBIOS\Linkage@Bind ???h?????????????i?i?h??PCI\VEN_8086&DEV_2E30&SUBSYS_043E1028&REV_03?PCI\VEN_8086&DEV_2E30&SUBSYS_043E1028?PCI\VEN_8086&DEV_2E30&CC_060000?PCI\VEN_8086&DEV_2E30&CC_0600????PCI\VEN_8086&DEV_2E30&REV_03?PCI\VEN_8086&DEV_2E30?PCI\VEN_8086&CC_060000?PCI\VEN_8086&CC_0600?PCI\VEN_8086?PCI\CC_060000?PCI\CC_0600???????? ???l???/???????????j?j????? ???????????????????k?k?k???????8???????????????????????d??????????????????????t????????h???????????????g???4???4???h?????????????????h???h???h????????? ???????h?????h???????-??"???&???????????????????????d??i???????????h?h??????????????8??n????????h?????{00000000-0000-0000-ffff-ffffffffffff}???.????N??????????????i??*6to4mp?????IDE-Kanal???????????????????????????Broadcom?????h?h???????h????????????{4d36e97d-e325-11ce-bfc1-08002be10318}???????????????a??se??kbdclass?????????????????p??{00000000-0000-0000-ffff-ffffffffffff}???????i?i?i???h??? ???????h?????h???????-??????????????????????s?????? ???????h?????????????-?????????????????t??? ???????h?????????????-???????????????
Reg HKLM\SYSTEM\ControlSet002\services\NetBIOS\Linkage@Route ?????????????????.??????????????????MS??????????????-2??@machine.inf,%gendev_mfg%;(Standardsystemger?te)?.??? p???????????????????6?????????????16??? ???}???0???????????????????????g???_??????????????????????? ??????????Microsoft-6zu4-Adapter #93?6?2??????????????????????????@nettun.inf,%msft%;Microsoft?7??????-2???$??????????????????????????????????-2??????????????????????????????????????????????PNP_TDI???????????????????????:????????g"???Microsoft????????????????????A??y???????????????????????????????Pa???????o???2??6???????$???4????? ??????? ????????????????????????? ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????(????????????????????????????????????????????????????????????????????????????????????????????????&??????????$???4????? ??????? ??????????????? ?????????????????????????????????????????????????????????????????????????????????????H?????????????????????????????????????????????????????????????????????????????????(????
Reg HKLM\SYSTEM\ControlSet002\services\NetBIOS\Linkage@Export ?????????????????.???????????????????k??????????????? ???????????????????k????????&???J?%???????????????????????????????????????????C:\PROGRA~1\COMMON~1\SYSTEM\OLEDB~1\MSDMINE.DLL?????????????????????????? ??????????????t:??? ?????????????????????-???????????????????????????????????????????????????????????????????????????????s????? ?????????????????????-?????????????????f??? 0??????5??????vo??STORAGE\VolumeSnapshot??e_????N??????s?????D.1???????????:????????????X?????????d/????N???????????D?????{533c5b84-ec70-11d2-9505-00c04f79deaf}??????? ???????????????????????????? ?:?????????????X?????????????{533c5b84-ec70-11d2-9505-00c04f79deaf}\0011? ???????????????????? ???????/??????????????????????`???Z??????????????????????????????????????????????Act??? ????????????????????????????????????#c|L??????#?????`??????S???????A??STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT12?e|???????????|??????Fi??\\?\STORAGE#VOLUMESNAPSHOT#HARDDISKVOLUMESNAPSHOT12#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}???????????????????h??volsnap.inf
Reg HKLM\SYSTEM\ControlSet002\services\NetBT\Linkage@Bind ???i?????l?l?1??? ???k??????????????????????????????????????????????s??????i????{36fc9e60-c465-11cf-8056-444553540000}????????X??k??????????@system32\DRIVERS\pci.sys,#65536;PCI bus %1, device %2, function %3;(0,31,2)?C??Security Driver?????{4d36e96a-e325-11ce-bfc1-08002be10318}?-A5??{00000000-0000-0000-ffff-ffffffffffff}??di???????????????????????????t??????|P????2??l????????h??????l?l?1??????????????????PCI\VEN_8086&DEV_27C0&SUBSYS_043E1028&REV_01?PCI\VEN_8086&DEV_27C0&SUBSYS_043E1028?PCI\VEN_8086&DEV_27C0&CC_01018F?PCI\VEN_8086&DEV_27C0&CC_0101?????????????????e???????j ??e?????????.?.???????????????9???9???????????????????`???????????????i???m?m?????i?il????????b???????????????b???????????????????????????k?l????LegacyDriver???????????i????@oem31.inf,%pci\ven_8086&dev_27c0.devicedesc%;Intel(R) N10/ICH7 Family Serial ATA Storage Controller - 27C0??h????N??z????????D?????? ???????i?????????????-???????????????????????.?&??? ???????i?????????????-?????????????????f??????????f???? ???????i?????i???????1??L????
Reg HKLM\SYSTEM\ControlSet002\services\NetBT\Linkage@Route ?????????????????????A??@nettun.inf,%msft%;Microsoft? ??? b?????????????????????86????.?????????????????????????? ???/???~??????????????????? ???/???B??????????????????????? ???/???b??????????????????? ???/???????????????????????V?W???h?????g????6?????????????????? ???n??????????`?????6?????????????"?????N?????????????????cdrom.inf???????????????????1???????????????????????????LegacyDriver?????????????$??????????????????????????????@nettun.inf,%msft%;Microsoft????? ???~???s??????????????????????? ???????????????????1??85??USB Mouse?????8?????????????????????????????????????????????????????????????????????????????????@nettun.inf,%msft%;Microsoft???????5???t?????t????????????8??????_??????????LegacyDriver?2????????????????????????????m?????HID-konforme Maus???s?????8??????C????????????????????????????????????????????????????????????????????????????0??????0??8C??{4d36e972-e325-11ce-bfc1-08002be10318}???????????????_??6_????????????8???????????????????????????????????????????:????????????????????????????????????
Reg HKLM\SYSTEM\ControlSet002\services\NetBT\Linkage@Export ?????????????????????????????????????????N???????????????????????????????????????y??????????????????????????? ???}???_?????l?????????????s???????????o????????????????????m???????:??????i?g?T???????00??????&??????????????????????????????????@?????????????????????????8?????????????????????????????????????????????????????????????????????????????????????????????????????????????1}???????????????????a??ab???????o??? ???z???{?????DB8???????????5???????????????????????????v??????????????Mo??????????????????? ???????d???????????$??????? ??????????????????????Microsoft-6zu4-Adapter #78?p?o????X?????????????Microsoft????????????????????i??????????$???4????? ??????? ??????????????????ENTVERSION\RUNONCEEX?SCHEMES????????????????? ?????????????????????????????????????????????????????????????????????????????????????????????H?????????????D??????????????????????????????????????????????????????????????????????????????????????????$??????????????????????????????{4d36e972-e325-11ce-bfc1-08002be10318}?????????????????????????????
Reg HKLM\SYSTEM\ControlSet002\services\Smb\Linkage@Bind ???5??????F??e???\??\D???e?f??????|??f??????????Keyboard? ???$H??d???????????????????????????????W??????????RDPCDD?0?0???p?p?v???e??????????????????$???4????? ??????? ??????????????? ????????????????????????????????????????? ??????????? ??????????? ???IS\0000??????$???e???????????????????????????$???e???????????????????????????$???e????????????????????????????X?????????????????$???4????? ??????? ??????????????? ????????????????????????????????????????? ??????????? ??????????? ???IS\0000??????$???e???????????????????????????$???e???????????????????????????$???e??????????????????????????? $??e??????????????????$???4????? ??????? ????????(??????P?????????????????????????@?????????????????????????????????????????? ??? ??????????????????????????????? ????????????????????????????? ????????????????? ????????????????????????????? ??? ????????????????? ????????????????????????????? ???????????$???e???????????????????????????$???e??????????????????????????????????????s???MONITOR\DEL7001??????????W??????????????$???4??
Reg HKLM\SYSTEM\ControlSet002\services\Smb\Linkage@Route ???l?m???l???????k??????????????????????????????{4d36e97d-e325-11ce-bfc1-08002be10318}?5????{00000000-0000-0000-FFFF-FFFFFFFFFFFF}???????l???????p???????????????????l?l??????$??l???l???????t???k???l?l?????????????????????Z???????????????????????l?l????? ???????k?????k?????k?-??????????&??????????R????N??k?????????D????? ???????k???????????z?-????????b???????????????????????????????.NT?AC???l?l???????k?&??????????????????????ms_l2tpminiport??c??????????????s?????N???????????D?????????????????????@netrasa.inf,%msft%;Microsoft????????????D?????sLe???????????0???e???????????3???????????f?????????????n????? l??????????????????????????s??in??? ???????k?????k?????k?-??????????)? ???????B???? h??l???2?????2?2??? ???????k???????????j?-????????P???????????Volume????????N??l?????????D?????l?????k?&???k?m?????????????????????????????????}????????????N????????????????????????????g??????X??????????e???????????l???????l????????????X??????v???_?????????????????s????? \??????t?????ect?????l?&???????h??????????? ???????k?????
Reg HKLM\SYSTEM\ControlSet002\services\Smb\Linkage@Export ???l?????????????????o??????????machine.inf??5???????????5???????????????????.??? t?????????????????? ???????k?????l?????k?-??????????2?????????????Microsoft???.NT?????? ???????l?????????????-????????N??????????????l?&???????????s???????l?lRO?????????l?&???????????????????????????????????l?l????????s???? ??????????????x????????l???s??t????l?l????????????6&376289b7&0??????D????????g?????????????????????????l???N????????8??p????????h?????????????????? ???????k?????l?????k?-??????????3??????????1???l?l????*6to4mp?????? ???????l???????????i?-????????N???????00????X?????????????????????Microsoft??????l?&????????????????????????????????????????????????????????$??n???/???????5??? 0??l???????????,??volume_install???????????????/??????????????????????????????????????????????????????????????? ???????k?????l?????k?-??????????4??????????????m?m?l???|??????28??? ???????l???????????j?-????????X????????????? ????????????????????????????????l?&??MSSMBIOS_DRV?5????X??????????????l?l????????????{00000000-0000-0000-FFFF-FFFFFF
Reg HKLM\SYSTEM\ControlSet002\services\TCPIP6\Linkage@Bind ???5?j???????/???????????????????????5???z???e??*6to4mp?????? "??5??????????????Root\*6TO4MP\0014???Net??????[?[28???????5???????e??????????????t????????/???v??s???tunnel?????????????????5?????5??? ?????????????????????9?????????????????e??????????????t???? ?????????????5???????1????????????&????????????????????c??? ???????5???????????-?1??????*?D??? ??????OBA???????????u????????????????????????????????????D?????????????ndis5_ip6_tunnel?????????????????????????????p???????7???????????????????5???,??????????????????t???USB?me???/?/?/?/?/?/?/?/?5?/?0?5?/?5?5?5?5?5?5?5????TCPIP6TUNNEL?Tcpip6????????8???8????Net??????[?_28????N??i?????????D????volsnap?????SCM??????5??Root\*6TO4MP\0022????5???????T???????????5??Net???????X??g??????????? 4??b??????????e???kbdhid??????NDIS?~??\\?\USB#VID_04E6&PID_5116#5&3029f02f&0&2#{a5dcbf10-6530-11d2-901f-00c04fb951ed}???????$??5????????????????$??5???}???????????????7??????????????Root\*6TO4MP\0023????5???????5??????????????????? ???????/???????????-??????????`????????e??{9050C6
Reg HKLM\SYSTEM\ControlSet002\services\TCPIP6\Linkage@Export ???U???????g????? ???????g?????g???????1??????????????????????B??z??????????????? ???????g???????????e?1????????0????????????????????????????????????????????????.????N??g????????D????????g????? ???????g?????g???????1?????????????????????????????:???:???g?g?-??????????????????? ???????g???????????e?1????????~???????????machine.inf:GENDEV_SYS.NTx86:NO_DRV_MBRES:6.1.7600.16385:*pnp0c02????????f???????????????f???9???9????H??g ???????????r??.???g??????????????? ???????g???????????e?1?????????????????????????????/?????????????????g????? ???????g?????g???????1??????????????????????>????????g?????????????????:??? ???????g???????????e?1?????????????????????????????}?????s?????????/???v???e?????g????? ???????g?????g???????1????????????????????? ???????g???????????e?1?????????????????????????g???????????????????????????????g?????????????g????? ???????g?????g???????1????????????????????? ???????g???????????e?1????????????????????? ???g???????????????????????????g???????:??MBRES??????g????? ???????g?????g???????1???????
Reg HKLM\SOFTWARE\Microsoft\Windows Search\UsnNotifier\Windows\Catalogs\SystemIndex@{72F0175A-1449-11E0-B469-806E6F6E6963} 110418422104
Reg HKCU\Software\Microsoft\Windows Live\Companion\sebastianru@aol.com@4d3ef3271806a5a566ec6cdef2a6fdb4\r\n 0x78 0x61 0xF5 0xF3 ...
---- EOF - GMER 2.1 ----
Ich sehe aber, dass einige andere das Problem derzeit auch haben. Mein Java hat sich auch gemeldet, weil es geupdatet werden wollte. Das habe ich aber noch nicht durchgeführt. Werde ich aber tun, wenn das hier geklärt ist. Danke schonmal im Voraus! P.S. Habe mal zwei Posts draus gemacht, da es zu lang wurde. |
|
02.08.2014, 20:15
| #3 |
| /// the machine /// TB-Ausbilder    | Browser öffnet 98uj8.de/s3brsn5ba66mgfzeinrum#noad hi,
__________________Scan mit Combofix
__________________ |
|
02.08.2014, 20:50
| #4 |
| | Browser öffnet 98uj8.de/s3brsn5ba66mgfzeinrum#noad Danke erstmal für die Antwort! Hier wäre die entsprechende Logdatei: Code:
ATTFilter ComboFix 14-08-02.02 - Sebastian 02.08.2014 21:30:35.3.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.49.1031.18.3037.2041 [GMT 2:00]
ausgeführt von:: c:\users\Sebastian\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\DNSErrorHelper\bhO.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-07-02 bis 2014-08-02 ))))))))))))))))))))))))))))))
.
.
2014-08-02 19:45 . 2014-08-02 19:45 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-08-02 19:45 . 2014-08-02 19:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-02 19:37 . 2014-08-02 19:37 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{13B0F946-E831-4B60-9131-B0865BD688A0}\offreg.dll
2014-08-02 06:57 . 2014-08-02 06:57 -------- d-----w- c:\windows\system32\SPReview
2014-08-01 23:40 . 2014-07-02 03:11 8217224 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{13B0F946-E831-4B60-9131-B0865BD688A0}\mpengine.dll
2014-07-31 23:13 . 2014-07-31 23:15 -------- d-----w- C:\FRST
2014-07-09 12:27 . 2014-07-09 12:27 -------- d-s---w- c:\windows\system32\CompatTel
2014-07-09 05:19 . 2014-07-01 01:38 402944 ----a-w- c:\windows\system32\aepdu.dll
2014-07-09 05:19 . 2014-07-01 01:35 303104 ----a-w- c:\windows\system32\aeinv.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-31 22:21 . 2014-06-30 22:46 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-10 13:15 . 2014-02-28 18:42 35848 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2014-07-08 22:09 . 2012-04-03 14:13 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-07-08 22:09 . 2011-11-08 18:28 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-07-03 18:19 . 2014-02-28 12:39 97648 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-06-22 10:43 . 2009-08-18 09:30 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2014-06-22 10:43 . 2009-08-18 09:24 23264 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-06-03 15:55 . 2014-02-28 12:39 136216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-05-12 05:26 . 2014-06-30 22:45 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-05-12 05:25 . 2014-06-30 22:45 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-05-12 05:25 . 2012-08-20 17:18 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-03-20 09:23 691360 ----a-w- c:\program files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-03-20 09:23 691360 ----a-w- c:\program files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-03-20 09:23 691360 ----a-w- c:\program files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-05-08 21444224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-09-12 7739936]
"Dell DataSafe Online"="c:\program files\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-25 927576]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-09-04 240112]
"Desktop Disc Tool"="c:\program files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-09-03 518640]
"DBRMTray"="c:\dell\DBRM\Reminder\DbrmTrayIcon.exe" [2010-05-20 206336]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2014-07-03 750160]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-02-27 558496]
"Adobe Creative Cloud"="c:\program files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2014-03-21 2691480]
.
c:\users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Sebastian\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-5-20 33322312]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NETGEAR WG111v3 Setup-Assistent.lnk - c:\program files\NETGEAR\WG111v3\WG111v3.exe [2008-6-13 2109440]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 AddonsHelper;AddonsHelper;c:\users\Sebastian\AppData\Local\Temp\OCS\Downloads\471dda038bf3cfdcce6f34b54d3cfb53\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe [x]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-09-04 219632]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2012-12-10 23456]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-07-31 110296]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\F09B.tmp [x]
R3 PCDSRVC{E9D79540-57D5953E-06020101}_0;PCDSRVC{E9D79540-57D5953E-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc.pkms [2010-07-30 21744]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-09-04 1116656]
R3 SCR3XX2K;SCR3xx USB SmartCardReader;c:\windows\system32\DRIVERS\SCR3XX2K.sys [2011-09-07 59776]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys [x]
R4 NOBU;Dell DataSafe Online;c:\program files\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2014-02-14 37352]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSrv.exe [2009-03-31 81920]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2014-07-03 430160]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2014-07-03 1028688]
S2 BPowMon;Broadcom Power monitoring service;c:\program files\Broadcom\BPowMon\BPowMon.exe [2009-08-17 79168]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2009-08-21 273960]
S3 RTL8187B;RTL8187B Drahtlos-802.11b/g-USB 2.0-Netzwerkadapter (54 MBit/s) von Realtek;c:\windows\system32\DRIVERS\RTL8187B.sys [2009-07-13 347136]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-08-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 22:09]
.
2014-07-21 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2010-08-05 23:47]
.
2014-08-02 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\pcdrcui.exe [2010-08-05 23:47]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://start.icq.com/
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\F09B.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{E9D79540-57D5953E-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc.pkms"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.032"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.abr"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.ani"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.arw"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.bay"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.bmp"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.bw"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.cr2"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.crw"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.cs1"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.cur"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.dcr"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.dcx"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.dib"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.djv"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.djvu"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.dng"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.emf"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.eps"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.erf"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.fff"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.fpx"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.gif"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.hdr"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.icl"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.icn"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.iff"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.ilbm"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.int"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.inta"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.iw4"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.j2c"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.j2k"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.jbr"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.jfif"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.jif"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.jp2"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.jpc"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.jpe"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.jpeg"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.jpg"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.jpk"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.jpx"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.kdc"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.lbm"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.mef"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.mos"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.mrw"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.nef"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.orf"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.pbm"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.pbr"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.pcd"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.pct"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.pcx"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.pef"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.pgm"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.pic"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.pict"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.pix"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.png"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.ppm"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.psd"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.psp"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.pspbrush"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.pspimage"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.raf"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.ras"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.raw"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.rgb"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.rgba"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.rle"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.rsb"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.rw2"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.sgi"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.sr2"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.srf"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.tga"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.thm"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.tif"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.tiff"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.ttc"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.ttf"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.v11o"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.v11p"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.v11pf"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.wbm"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.wbmp"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.wmf"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.xbm"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.xif"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.xmp"
.
[HKEY_USERS\S-1-5-21-2359546455-2944345457-3885489924-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 2009.xpm"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-08-02 21:47:58
ComboFix-quarantined-files.txt 2014-08-02 19:47
.
Vor Suchlauf: 21 Verzeichnis(se), 104.276.668.416 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 104.913.416.192 Bytes frei
.
- - End Of File - - FE2E769E4469E4B42FE74A55E7F502DE
A36C5E4F47E84449FF07ED3517B43A31
|
|
03.08.2014, 07:04
| #5 |
| /// the machine /// TB-Ausbilder | Browser öffnet 98uj8.de/s3brsn5ba66mgfzeinrum#noad Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.08.2014, 10:32
| #6 |
| | Browser öffnet 98uj8.de/s3brsn5ba66mgfzeinrum#noad So, dann mal ein paar Logs: MBAM: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 03.08.2014 Suchlauf-Zeit: 10:24:02 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.08.03.02 Rootkit Datenbank: v2014.08.01.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 CPU: x86 Dateisystem: NTFS Benutzer: Sebastian Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 308807 Verstrichene Zeit: 41 Min, 12 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.302 - Bericht erstellt am 03/08/2014 um 11:12:29
# Aktualisiert 30/07/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium (32 bits)
# Benutzername : Sebastian - PC-22
# Gestartet von : C:\Users\Sebastian\Desktop\adwcleaner_3.302.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : AddonsHelper
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\DNSErrorHelper
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\Program Files\ICQ6Toolbar
Ordner Gelöscht : C:\Users\Sebastian\AppData\Local\eSupport.com
Ordner Gelöscht : C:\Users\Sebastian\AppData\Roaming\DesktopIconForAmazon
Datei Gelöscht : C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\searchplugins\icqplugin.xml
***** [ Tasks ] *****
Task Gelöscht : DSite
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\iMeshV11.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_dosbox_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_dosbox_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_icq-banner-remover_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_icq-banner-remover_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_ideas_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_ideas_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_windows-live-messenger_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_windows-live-messenger_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{721061FB-EB79-4568-A03C-3CE26D68DAE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{721061FB-EB79-4568-A03C-3CE26D68DAE9}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Schlüssel Gelöscht : HKCU\Software\anchorfree
Schlüssel Gelöscht : HKCU\Software\Ciuvo
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\Software\Speedchecker Limited
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DesktopIconAmazon
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
***** [ Browser ] *****
-\\ Internet Explorer v9.0.8112.16476
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v
[ Datei : C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\prefs.js ]
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://start.icq.com/");
Zeile gelöscht : user_pref("icqtoolbar.installsource", "1");
Zeile gelöscht : user_pref("icqtoolbar.installsource", "1");
*************************
AdwCleaner[R0].txt - [4965 octets] - [03/08/2014 11:11:38]
AdwCleaner[S0].txt - [4815 octets] - [03/08/2014 11:12:29]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4875 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x86
Ran by Sebastian on 03.08.2014 at 11:25:32,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.08.2014 at 11:27:38,22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:31-07-2014 02
Ran by Sebastian (administrator) on PC-22 on 03-08-2014 11:28:16
Running from C:\Users\Sebastian\Desktop
Platform: Microsoft Windows 7 Home Premium (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corp.) C:\Program Files\Broadcom\BPowMon\BPowMon.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
() C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(Microsoft) C:\dell\DBRM\Reminder\DbrmTrayicon.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Opera Software) C:\Program Files\Opera\20.0.1387.82\opera.exe
() C:\Program Files\Opera\20.0.1387.82\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files\Opera\20.0.1387.82\opera.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-2359546455-2944345457-3885489924-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WG111v3 Setup-Assistent.lnk
ShortcutTarget: NETGEAR WG111v3 Setup-Assistent.lnk -> C:\Program Files\NETGEAR\WG111v3\WG111v3.exe ()
Startup: C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0677337437DACE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKCU - {24408C1E-C980-413B-BCA8-79DF804C2358} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=aaf9a38e-ab1c-48ef-a907-48c1b260d8c3&pid=icqt&mode=bounce&k=0
SearchScopes: HKCU - {28FFCE4B-2F52-456B-8E62-A3228FE0F12D} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=aaf9a38e-ab1c-48ef-a907-48c1b260d8c3&pid=icqt&mode=bounce&k=0
SearchScopes: HKCU - {D0B51842-A86C-4630-A4F2-DA6FF2479E55} URL =
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> c:\Program Files\Trend Micro\Client Server Security Agent\bho\1035\TmIEPlg.dll No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\Program Files\Trend Micro\Client Server Security Agent\bho\1035\TmIEPlg.dll No File
Winsock: Catalog9 000000000100 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000101 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000102 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000103 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000104 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000105 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000106 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000107 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000108 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000109 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000110 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000111 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000112 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000113 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000114 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000115 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000116 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000117 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000118 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000119 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000120 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000121 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000122 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000123 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000124 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000125 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000126 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000127 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000128 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000129 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000130 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000131 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000132 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000133 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000134 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000135 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000136 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000137 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000138 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000139 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000140 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000141 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000142 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000143 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000144 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000145 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000146 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000147 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000148 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000149 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000150 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000151 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000152 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000153 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000154 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000155 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000156 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000157 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000158 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000159 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000160 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000161 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000162 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000163 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000164 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000165 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000166 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000167 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000168 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000169 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000170 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000171 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000172 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000173 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000174 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000175 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000176 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000177 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000178 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000179 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000180 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000181 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000182 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000183 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000184 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000185 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000186 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000187 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000188 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000189 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000190 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000191 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000192 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000193 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000194 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000195 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000196 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000197 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000198 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000199 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000200 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000201 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000202 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000203 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000204 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000205 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000206 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000207 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000208 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000209 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000210 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000211 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000212 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000213 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000214 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000215 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000216 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000217 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000218 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000219 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000220 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000221 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000222 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000223 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000224 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000225 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000226 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000227 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000228 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000229 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000230 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000231 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000232 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000233 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000234 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000235 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000236 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000237 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000238 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000239 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000240 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000241 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000242 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000243 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000244 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000245 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000246 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000247 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000248 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000249 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000250 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000251 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000252 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000253 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000254 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000255 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000256 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000257 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000258 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000259 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000260 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000261 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000262 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000263 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000264 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000265 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000266 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000267 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000268 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000269 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000270 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000271 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000272 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000273 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000274 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000275 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000276 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000277 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000278 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000279 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000280 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000281 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000282 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000283 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000284 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000285 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000286 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000287 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000288 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000289 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000290 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000291 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000292 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000293 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000294 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000295 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000296 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000297 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000298 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000299 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000300 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000301 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000302 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000303 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000304 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000305 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000306 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000307 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000308 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000309 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000310 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000311 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000312 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000313 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000314 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000315 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000316 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000317 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000318 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000319 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000320 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000321 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000322 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000323 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000324 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000325 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000326 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000327 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000328 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000329 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000330 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000331 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000332 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000333 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000334 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000335 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000336 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000337 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000338 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000339 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000340 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000341 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000342 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000343 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000344 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000345 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000346 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000347 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000348 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000349 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000350 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000351 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000352 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000353 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000354 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000355 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000356 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000357 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000358 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000359 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000360 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000361 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000362 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000363 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000364 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000365 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000366 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000367 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000368 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000369 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000370 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000371 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000372 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000373 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000374 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000375 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000376 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000377 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000378 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000379 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000380 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000381 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000382 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000383 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000384 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000385 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000386 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Sebastian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - c:\Program Files\Trend Micro\Client Server Security Agent\bho\1035\FirefoxExtension
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1028688 2014-07-03] (Avira Operations GmbH & Co. KG)
S4 NOBU; C:\Program Files\Dell\Dell Datasafe Online\NOBuAgent.exe [2075480 2010-08-25] (Dell, Inc.)
S3 RoxMediaDB12OEM; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [1116656 2010-09-04] (Sonic Solutions)
S2 RoxWatch12; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [219632 2010-09-04] (Sonic Solutions)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-02-14] (Avira Operations GmbH & Co. KG)
S3 DrvAgent32; C:\Windows\system32\Drivers\DrvAgent32.sys [23456 2012-12-10] (Phoenix Technologies) [File not signed]
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [347136 2009-07-14] (Realtek Semiconductor Corporation )
S3 SCR3XX2K; C:\Windows\System32\DRIVERS\SCR3XX2K.sys [59776 2011-09-07] (SCM Microsystems Inc.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-02-14] (Avira GmbH)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\SEBAST~1\AppData\Local\Temp\catchme.sys [X]
S3 MEMSWEEP2; \??\C:\Windows\system32\F09B.tmp [X]
S3 PCDSRVC{E9D79540-57D5953E-06020101}_0; \??\c:\program files\dell support center\pcdsrvc.pkms [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-03 11:27 - 2014-08-03 11:27 - 00000629 _____ () C:\Users\Sebastian\Desktop\JRT2.txt
2014-08-03 11:27 - 2014-08-03 11:27 - 00000629 _____ () C:\Users\Sebastian\Desktop\JRT.txt
2014-08-03 11:21 - 2014-08-03 11:21 - 01016261 _____ (Thisisu) C:\Users\Sebastian\Desktop\JRT.exe
2014-08-03 11:15 - 2014-08-03 11:15 - 00004955 _____ () C:\Users\Sebastian\Desktop\AdwCleaner[S0].txt
2014-08-03 11:11 - 2014-08-03 11:12 - 00000000 ____D () C:\AdwCleaner
2014-08-03 11:10 - 2014-08-03 11:10 - 01361309 _____ () C:\Users\Sebastian\Desktop\adwcleaner_3.302.exe
2014-08-03 11:09 - 2014-08-03 11:09 - 00001145 _____ () C:\Users\Sebastian\Desktop\mbam.txt
2014-08-03 10:22 - 2014-08-03 10:22 - 00000000 ____D () C:\Windows\system32\SPReview
2014-08-03 10:18 - 2014-08-03 10:19 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sebastian\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-02 21:47 - 2014-08-02 21:47 - 00030359 _____ () C:\ComboFix.txt
2014-08-02 21:27 - 2014-08-02 21:48 - 00000000 ____D () C:\Qoobox
2014-08-02 21:27 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-02 21:27 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-02 21:27 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-02 21:27 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-02 21:27 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-02 21:27 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-02 21:27 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-02 21:27 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-02 21:25 - 2014-08-02 21:26 - 05566616 ____R (Swearware) C:\Users\Sebastian\Desktop\ComboFix.exe
2014-08-01 01:33 - 2014-08-01 01:33 - 00049693 _____ () C:\Users\Sebastian\Desktop\GMER.log
2014-08-01 01:17 - 2014-08-01 01:17 - 00380416 _____ () C:\Users\Sebastian\Desktop\Gmer-19357.exe
2014-08-01 01:15 - 2014-08-01 01:15 - 00039818 _____ () C:\Users\Sebastian\Desktop\Addition.txt
2014-08-01 01:13 - 2014-08-03 11:28 - 00040302 _____ () C:\Users\Sebastian\Desktop\FRST.txt
2014-08-01 01:13 - 2014-08-03 11:28 - 00000000 ____D () C:\FRST
2014-08-01 01:12 - 2014-08-01 01:12 - 01084928 _____ (Farbar) C:\Users\Sebastian\Desktop\FRST.exe
2014-08-01 01:11 - 2014-08-01 01:11 - 00000480 _____ () C:\Users\Sebastian\Desktop\defogger_disable.log
2014-08-01 01:11 - 2014-08-01 01:11 - 00000000 _____ () C:\Users\Sebastian\defogger_reenable
2014-08-01 01:10 - 2014-08-01 01:10 - 00050477 _____ () C:\Users\Sebastian\Desktop\Defogger.exe
2014-08-01 01:08 - 2014-08-01 01:08 - 00000035 _____ () C:\Users\Sebastian\Desktop\Link.txt
2014-07-29 20:49 - 2014-07-31 11:50 - 00000683 _____ () C:\Users\Sebastian\Desktop\ThreadKielerJung.txt
2014-07-26 16:37 - 2014-07-26 16:39 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-07-26 01:32 - 2014-07-26 01:32 - 00015110 _____ () C:\Users\Sebastian\Desktop\Judge_Roles.xlsx
2014-07-09 16:54 - 2014-07-09 16:54 - 04220562 _____ () C:\Users\Sebastian\Desktop\Einf_SketchUp_2014.pptx
2014-07-09 14:27 - 2014-07-09 14:27 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-09 07:19 - 2014-07-01 03:38 - 00402944 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 07:19 - 2014-07-01 03:35 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-03 11:29 - 2014-08-01 01:13 - 00040302 _____ () C:\Users\Sebastian\Desktop\FRST.txt
2014-08-03 11:28 - 2014-08-01 01:13 - 00000000 ____D () C:\FRST
2014-08-03 11:27 - 2014-08-03 11:27 - 00000629 _____ () C:\Users\Sebastian\Desktop\JRT2.txt
2014-08-03 11:27 - 2014-08-03 11:27 - 00000629 _____ () C:\Users\Sebastian\Desktop\JRT.txt
2014-08-03 11:24 - 2009-07-14 06:34 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-03 11:24 - 2009-07-14 06:34 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-03 11:21 - 2014-08-03 11:21 - 01016261 _____ (Thisisu) C:\Users\Sebastian\Desktop\JRT.exe
2014-08-03 11:19 - 2011-01-06 00:30 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Skype
2014-08-03 11:19 - 2010-12-30 21:32 - 00000000 ____D () C:\ProgramData\Sonic
2014-08-03 11:15 - 2014-08-03 11:15 - 00004955 _____ () C:\Users\Sebastian\Desktop\AdwCleaner[S0].txt
2014-08-03 11:14 - 2010-12-30 21:17 - 00490044 _____ () C:\Windows\PFRO.log
2014-08-03 11:14 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-03 11:14 - 2009-07-14 06:39 - 00315265 _____ () C:\Windows\setupact.log
2014-08-03 11:13 - 2009-07-14 06:55 - 01802867 _____ () C:\Windows\WindowsUpdate.log
2014-08-03 11:12 - 2014-08-03 11:11 - 00000000 ____D () C:\AdwCleaner
2014-08-03 11:10 - 2014-08-03 11:10 - 01361309 _____ () C:\Users\Sebastian\Desktop\adwcleaner_3.302.exe
2014-08-03 11:09 - 2014-08-03 11:09 - 00001145 _____ () C:\Users\Sebastian\Desktop\mbam.txt
2014-08-03 11:09 - 2012-08-02 14:27 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-03 10:38 - 2011-01-05 18:45 - 00000422 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2014-08-03 10:23 - 2014-07-01 00:46 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-03 10:22 - 2014-08-03 10:22 - 00000000 ____D () C:\Windows\system32\SPReview
2014-08-03 10:21 - 2014-07-01 00:45 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-08-03 10:21 - 2013-05-05 12:59 - 00001066 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-03 10:19 - 2014-08-03 10:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sebastian\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-03 10:13 - 2014-04-14 07:52 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\DropboxMaster
2014-08-03 02:00 - 2011-01-05 21:16 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Adobe
2014-08-03 00:52 - 2014-04-15 22:03 - 00000000 ____D () C:\Users\Sebastian\Desktop\WoTReplays
2014-08-02 21:48 - 2014-08-02 21:27 - 00000000 ____D () C:\Qoobox
2014-08-02 21:47 - 2014-08-02 21:47 - 00030359 _____ () C:\ComboFix.txt
2014-08-02 21:46 - 2009-07-14 04:04 - 00000248 _____ () C:\Windows\system.ini
2014-08-02 21:27 - 2013-06-12 14:10 - 00000000 ____D () C:\Windows\erdnt
2014-08-02 21:26 - 2014-08-02 21:25 - 05566616 ____R (Swearware) C:\Users\Sebastian\Desktop\ComboFix.exe
2014-08-02 20:44 - 2011-03-09 17:39 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\TS3Client
2014-08-02 20:28 - 2013-09-15 19:34 - 01847808 ___SH () C:\Users\Sebastian\Desktop\Thumbs.db
2014-08-01 01:35 - 2010-12-30 21:28 - 01855564 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-01 01:33 - 2014-08-01 01:33 - 00049693 _____ () C:\Users\Sebastian\Desktop\GMER.log
2014-08-01 01:17 - 2014-08-01 01:17 - 00380416 _____ () C:\Users\Sebastian\Desktop\Gmer-19357.exe
2014-08-01 01:15 - 2014-08-01 01:15 - 00039818 _____ () C:\Users\Sebastian\Desktop\Addition.txt
2014-08-01 01:12 - 2014-08-01 01:12 - 01084928 _____ (Farbar) C:\Users\Sebastian\Desktop\FRST.exe
2014-08-01 01:11 - 2014-08-01 01:11 - 00000480 _____ () C:\Users\Sebastian\Desktop\defogger_disable.log
2014-08-01 01:11 - 2014-08-01 01:11 - 00000000 _____ () C:\Users\Sebastian\defogger_reenable
2014-08-01 01:11 - 2011-01-05 18:43 - 00000000 ____D () C:\Users\Sebastian
2014-08-01 01:10 - 2014-08-01 01:10 - 00050477 _____ () C:\Users\Sebastian\Desktop\Defogger.exe
2014-08-01 01:08 - 2014-08-01 01:08 - 00000035 _____ () C:\Users\Sebastian\Desktop\Link.txt
2014-08-01 01:02 - 2014-04-14 07:54 - 00000000 ___RD () C:\Users\Sebastian\Dropbox
2014-08-01 01:02 - 2014-01-27 12:03 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Dropbox
2014-08-01 00:45 - 2013-08-03 19:44 - 00000000 ____D () C:\Users\Sebastian\Desktop\Ebay
2014-08-01 00:44 - 2012-09-28 21:04 - 00000000 ____D () C:\Users\Sebastian\Desktop\Wichtige Programme
2014-07-31 14:39 - 2013-03-26 22:06 - 00000000 ____D () C:\Program Files\Steam
2014-07-31 11:50 - 2014-07-29 20:49 - 00000683 _____ () C:\Users\Sebastian\Desktop\ThreadKielerJung.txt
2014-07-31 11:34 - 2011-01-14 12:37 - 00000000 ____D () C:\Users\Sebastian\Documents\TrackMania
2014-07-31 11:23 - 2011-01-14 12:38 - 00000000 ____D () C:\ProgramData\TrackMania
2014-07-31 10:22 - 2013-03-26 22:07 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-07-31 10:09 - 2013-01-31 01:15 - 00000000 ____D () C:\Users\Sebastian\Desktop\Judgekram
2014-07-30 13:50 - 2014-01-20 16:24 - 00000000 ____D () C:\Program Files\DevPro
2014-07-26 16:39 - 2014-07-26 16:37 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-07-26 01:32 - 2014-07-26 01:32 - 00015110 _____ () C:\Users\Sebastian\Desktop\Judge_Roles.xlsx
2014-07-24 18:01 - 2010-12-30 21:37 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 17:46 - 2010-12-30 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-21 08:49 - 2011-01-05 18:45 - 00000564 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-07-19 13:27 - 2011-03-09 17:39 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-07-10 15:15 - 2014-02-28 20:42 - 00035848 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-09 16:54 - 2014-07-09 16:54 - 04220562 _____ () C:\Users\Sebastian\Desktop\Einf_SketchUp_2014.pptx
2014-07-09 14:27 - 2014-07-09 14:27 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-09 08:33 - 2013-07-13 01:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 08:31 - 2011-03-10 21:15 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 07:06 - 2009-07-14 06:53 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-09 00:09 - 2012-04-03 16:13 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-09 00:09 - 2011-11-08 20:28 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
Files to move or delete:
====================
C:\Users\Sebastian\WoT_internet_install_eu.exe
Some content of TEMP:
====================
C:\Users\Sebastian\AppData\Local\temp\avgnt.exe
C:\Users\Sebastian\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnbqdj9.dll
C:\Users\Sebastian\AppData\Local\temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2010-12-30 21:17
==================== End Of Log ============================
|
|
03.08.2014, 17:01
| #7 |
| /// the machine /// TB-Ausbilder | Browser öffnet 98uj8.de/s3brsn5ba66mgfzeinrum#noadESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.08.2014, 20:30
| #8 |
| | Browser öffnet 98uj8.de/s3brsn5ba66mgfzeinrum#noad ESET ist durch, ich habe bei SecurityCheck allerdings folgende Meldung bekommen: UNSUPPORTED OPERATING SYSTEM! ABORTED! |
|
04.08.2014, 10:58
| #9 |
| /// the machine /// TB-Ausbilder | Browser öffnet 98uj8.de/s3brsn5ba66mgfzeinrum#noad SecurityCheck ignorieren. Logs von oben bitte posten
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.08.2014, 11:21
| #10 |
| | Browser öffnet 98uj8.de/s3brsn5ba66mgfzeinrum#noad Alles klar. ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=a72f3cdf4cee3e4a9f64118acc76fc3c
# engine=19479
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-08-03 07:22:38
# local_time=2014-08-03 09:22:38 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7600 NT
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 18306 14725313 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 85516 158724949 0 0
# scanned=411230
# found=0
# cleaned=0
# scan_time=11335
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:31-07-2014 02
Ran by Sebastian (administrator) on PC-22 on 04-08-2014 12:15:49
Running from C:\Users\Sebastian\Desktop
Platform: Microsoft Windows 7 Home Premium (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corp.) C:\Program Files\Broadcom\BPowMon\BPowMon.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
() C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(Microsoft) C:\dell\DBRM\Reminder\DbrmTrayicon.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
() C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-2359546455-2944345457-3885489924-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WG111v3 Setup-Assistent.lnk
ShortcutTarget: NETGEAR WG111v3 Setup-Assistent.lnk -> C:\Program Files\NETGEAR\WG111v3\WG111v3.exe ()
Startup: C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0677337437DACE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKCU - {24408C1E-C980-413B-BCA8-79DF804C2358} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=aaf9a38e-ab1c-48ef-a907-48c1b260d8c3&pid=icqt&mode=bounce&k=0
SearchScopes: HKCU - {28FFCE4B-2F52-456B-8E62-A3228FE0F12D} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=aaf9a38e-ab1c-48ef-a907-48c1b260d8c3&pid=icqt&mode=bounce&k=0
SearchScopes: HKCU - {D0B51842-A86C-4630-A4F2-DA6FF2479E55} URL =
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> c:\Program Files\Trend Micro\Client Server Security Agent\bho\1035\TmIEPlg.dll No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\Program Files\Trend Micro\Client Server Security Agent\bho\1035\TmIEPlg.dll No File
Winsock: Catalog9 000000000100 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000101 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000102 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000103 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000104 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000105 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000106 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000107 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000108 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000109 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000110 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000111 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000112 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000113 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000114 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000115 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000116 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000117 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000118 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000119 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000120 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000121 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000122 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000123 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000124 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000125 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000126 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000127 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000128 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000129 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000130 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000131 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000132 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000133 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000134 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000135 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000136 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000137 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000138 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000139 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000140 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000141 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000142 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000143 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000144 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000145 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000146 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000147 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000148 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000149 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000150 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000151 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000152 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000153 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000154 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000155 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000156 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000157 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000158 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000159 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000160 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000161 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000162 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000163 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000164 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000165 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000166 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000167 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000168 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000169 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000170 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000171 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000172 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000173 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000174 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000175 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000176 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000177 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000178 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000179 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000180 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000181 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000182 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000183 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000184 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000185 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000186 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000187 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000188 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000189 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000190 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000191 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000192 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000193 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000194 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000195 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000196 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000197 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000198 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000199 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000200 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000201 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000202 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000203 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000204 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000205 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000206 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000207 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000208 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000209 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000210 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000211 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000212 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000213 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000214 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000215 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000216 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000217 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000218 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000219 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000220 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000221 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000222 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000223 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000224 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000225 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000226 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000227 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000228 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000229 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000230 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000231 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000232 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000233 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000234 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000235 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000236 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000237 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000238 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000239 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000240 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000241 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000242 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000243 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000244 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000245 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000246 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000247 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000248 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000249 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000250 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000251 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000252 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000253 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000254 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000255 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000256 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000257 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000258 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000259 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000260 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000261 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000262 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000263 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000264 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000265 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000266 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000267 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000268 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000269 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000270 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000271 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000272 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000273 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000274 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000275 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000276 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000277 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000278 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000279 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000280 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000281 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000282 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000283 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000284 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000285 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000286 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000287 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000288 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000289 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000290 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000291 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000292 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000293 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000294 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000295 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000296 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000297 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000298 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000299 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000300 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000301 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000302 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000303 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000304 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000305 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000306 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000307 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000308 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000309 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000310 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000311 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000312 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000313 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000314 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000315 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000316 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000317 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000318 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000319 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000320 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000321 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000322 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000323 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000324 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000325 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000326 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000327 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000328 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000329 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000330 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000331 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000332 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000333 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000334 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000335 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000336 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000337 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000338 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000339 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000340 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000341 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000342 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000343 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000344 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000345 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000346 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000347 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000348 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000349 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000350 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000351 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000352 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000353 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000354 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000355 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000356 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000357 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000358 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000359 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000360 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000361 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000362 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000363 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000364 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000365 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000366 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000367 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000368 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000369 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000370 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000371 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000372 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000373 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000374 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000375 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000376 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000377 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000378 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000379 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000380 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000381 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000382 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000383 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000384 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000385 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000386 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000387 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Winsock: Catalog9 000000000388 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Sebastian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - c:\Program Files\Trend Micro\Client Server Security Agent\bho\1035\FirefoxExtension
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1028688 2014-07-03] (Avira Operations GmbH & Co. KG)
S4 NOBU; C:\Program Files\Dell\Dell Datasafe Online\NOBuAgent.exe [2075480 2010-08-25] (Dell, Inc.)
S3 RoxMediaDB12OEM; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [1116656 2010-09-04] (Sonic Solutions)
S2 RoxWatch12; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [219632 2010-09-04] (Sonic Solutions)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-02-14] (Avira Operations GmbH & Co. KG)
S3 DrvAgent32; C:\Windows\system32\Drivers\DrvAgent32.sys [23456 2012-12-10] (Phoenix Technologies) [File not signed]
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [347136 2009-07-14] (Realtek Semiconductor Corporation )
S3 SCR3XX2K; C:\Windows\System32\DRIVERS\SCR3XX2K.sys [59776 2011-09-07] (SCM Microsystems Inc.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-02-14] (Avira GmbH)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\SEBAST~1\AppData\Local\Temp\catchme.sys [X]
S3 MEMSWEEP2; \??\C:\Windows\system32\F09B.tmp [X]
R3 PCDSRVC{E9D79540-57D5953E-06020101}_0; \??\c:\program files\dell support center\pcdsrvc.pkms [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-04 09:44 - 2014-08-04 09:42 - 00035840 _____ () C:\Users\Sebastian\Desktop\Eingabe_KZ-Erfassung.xls
2014-08-04 03:03 - 2014-08-04 03:03 - 00000000 ____D () C:\Windows\system32\SPReview
2014-08-03 21:29 - 2014-08-03 21:29 - 00854390 _____ () C:\Users\Sebastian\Desktop\SecurityCheck.exe
2014-08-03 18:08 - 2014-08-03 18:08 - 02347384 _____ (ESET) C:\Users\Sebastian\Desktop\esetsmartinstaller_deu.exe
2014-08-03 11:30 - 2014-08-03 11:30 - 00051944 _____ () C:\Users\Sebastian\Desktop\FRST2.txt
2014-08-03 11:27 - 2014-08-03 11:27 - 00000629 _____ () C:\Users\Sebastian\Desktop\JRT2.txt
2014-08-03 11:27 - 2014-08-03 11:27 - 00000629 _____ () C:\Users\Sebastian\Desktop\JRT.txt
2014-08-03 11:21 - 2014-08-03 11:21 - 01016261 _____ (Thisisu) C:\Users\Sebastian\Desktop\JRT.exe
2014-08-03 11:15 - 2014-08-03 11:15 - 00004955 _____ () C:\Users\Sebastian\Desktop\AdwCleaner[S0].txt
2014-08-03 11:11 - 2014-08-03 11:12 - 00000000 ____D () C:\AdwCleaner
2014-08-03 11:10 - 2014-08-03 11:10 - 01361309 _____ () C:\Users\Sebastian\Desktop\adwcleaner_3.302.exe
2014-08-03 11:09 - 2014-08-03 11:09 - 00001145 _____ () C:\Users\Sebastian\Desktop\mbam.txt
2014-08-03 10:18 - 2014-08-03 10:19 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sebastian\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-02 21:47 - 2014-08-02 21:47 - 00030359 _____ () C:\ComboFix.txt
2014-08-02 21:27 - 2014-08-02 21:48 - 00000000 ____D () C:\Qoobox
2014-08-02 21:27 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-02 21:27 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-02 21:27 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-02 21:27 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-02 21:27 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-02 21:27 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-02 21:27 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-02 21:27 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-02 21:25 - 2014-08-02 21:26 - 05566616 ____R (Swearware) C:\Users\Sebastian\Desktop\ComboFix.exe
2014-08-01 01:33 - 2014-08-01 01:33 - 00049693 _____ () C:\Users\Sebastian\Desktop\GMER.log
2014-08-01 01:17 - 2014-08-01 01:17 - 00380416 _____ () C:\Users\Sebastian\Desktop\Gmer-19357.exe
2014-08-01 01:15 - 2014-08-01 01:15 - 00039818 _____ () C:\Users\Sebastian\Desktop\Addition.txt
2014-08-01 01:13 - 2014-08-04 12:16 - 00000000 ____D () C:\FRST
2014-08-01 01:13 - 2014-08-04 12:15 - 00039795 _____ () C:\Users\Sebastian\Desktop\FRST.txt
2014-08-01 01:12 - 2014-08-01 01:12 - 01084928 _____ (Farbar) C:\Users\Sebastian\Desktop\FRST.exe
2014-08-01 01:11 - 2014-08-01 01:11 - 00000480 _____ () C:\Users\Sebastian\Desktop\defogger_disable.log
2014-08-01 01:11 - 2014-08-01 01:11 - 00000000 _____ () C:\Users\Sebastian\defogger_reenable
2014-08-01 01:10 - 2014-08-01 01:10 - 00050477 _____ () C:\Users\Sebastian\Desktop\Defogger.exe
2014-08-01 01:08 - 2014-08-01 01:08 - 00000035 _____ () C:\Users\Sebastian\Desktop\Link.txt
2014-07-29 20:49 - 2014-07-31 11:50 - 00000683 _____ () C:\Users\Sebastian\Desktop\ThreadKielerJung.txt
2014-07-26 16:37 - 2014-07-26 16:39 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-07-26 01:32 - 2014-07-26 01:32 - 00015110 _____ () C:\Users\Sebastian\Desktop\Judge_Roles.xlsx
2014-07-09 16:54 - 2014-07-09 16:54 - 04220562 _____ () C:\Users\Sebastian\Desktop\Einf_SketchUp_2014.pptx
2014-07-09 14:27 - 2014-07-09 14:27 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-09 07:19 - 2014-07-01 03:38 - 00402944 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 07:19 - 2014-07-01 03:35 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-04 12:16 - 2014-08-01 01:13 - 00039795 _____ () C:\Users\Sebastian\Desktop\FRST.txt
2014-08-04 12:16 - 2014-08-01 01:13 - 00000000 ____D () C:\FRST
2014-08-04 12:09 - 2012-08-02 14:27 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-04 12:04 - 2011-01-06 00:30 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Skype
2014-08-04 10:45 - 2013-03-26 22:06 - 00000000 ____D () C:\Program Files\Steam
2014-08-04 10:02 - 2011-01-05 18:45 - 00000422 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2014-08-04 09:47 - 2013-03-26 22:07 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-08-04 09:44 - 2010-12-30 21:28 - 01855564 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-04 09:42 - 2014-08-04 09:44 - 00035840 _____ () C:\Users\Sebastian\Desktop\Eingabe_KZ-Erfassung.xls
2014-08-04 09:41 - 2009-07-14 06:34 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-04 09:41 - 2009-07-14 06:34 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-04 09:34 - 2010-12-30 21:32 - 00000000 ____D () C:\ProgramData\Sonic
2014-08-04 09:32 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-04 09:32 - 2009-07-14 06:39 - 00315377 _____ () C:\Windows\setupact.log
2014-08-04 09:31 - 2010-12-30 21:17 - 00490826 _____ () C:\Windows\PFRO.log
2014-08-04 04:16 - 2009-07-14 06:55 - 01850417 _____ () C:\Windows\WindowsUpdate.log
2014-08-04 03:03 - 2014-08-04 03:03 - 00000000 ____D () C:\Windows\system32\SPReview
2014-08-04 02:00 - 2011-01-05 21:16 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Adobe
2014-08-03 21:29 - 2014-08-03 21:29 - 00854390 _____ () C:\Users\Sebastian\Desktop\SecurityCheck.exe
2014-08-03 18:08 - 2014-08-03 18:08 - 02347384 _____ (ESET) C:\Users\Sebastian\Desktop\esetsmartinstaller_deu.exe
2014-08-03 11:30 - 2014-08-03 11:30 - 00051944 _____ () C:\Users\Sebastian\Desktop\FRST2.txt
2014-08-03 11:27 - 2014-08-03 11:27 - 00000629 _____ () C:\Users\Sebastian\Desktop\JRT2.txt
2014-08-03 11:27 - 2014-08-03 11:27 - 00000629 _____ () C:\Users\Sebastian\Desktop\JRT.txt
2014-08-03 11:21 - 2014-08-03 11:21 - 01016261 _____ (Thisisu) C:\Users\Sebastian\Desktop\JRT.exe
2014-08-03 11:15 - 2014-08-03 11:15 - 00004955 _____ () C:\Users\Sebastian\Desktop\AdwCleaner[S0].txt
2014-08-03 11:12 - 2014-08-03 11:11 - 00000000 ____D () C:\AdwCleaner
2014-08-03 11:12 - 2011-01-05 20:43 - 00000000 ____D () C:\ProgramData\ICQ
2014-08-03 11:10 - 2014-08-03 11:10 - 01361309 _____ () C:\Users\Sebastian\Desktop\adwcleaner_3.302.exe
2014-08-03 11:09 - 2014-08-03 11:09 - 00001145 _____ () C:\Users\Sebastian\Desktop\mbam.txt
2014-08-03 10:23 - 2014-07-01 00:46 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-03 10:21 - 2014-07-01 00:45 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-08-03 10:21 - 2013-05-05 12:59 - 00001066 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-03 10:19 - 2014-08-03 10:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sebastian\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-03 10:13 - 2014-04-14 07:52 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\DropboxMaster
2014-08-03 00:52 - 2014-04-15 22:03 - 00000000 ____D () C:\Users\Sebastian\Desktop\WoTReplays
2014-08-02 21:48 - 2014-08-02 21:27 - 00000000 ____D () C:\Qoobox
2014-08-02 21:47 - 2014-08-02 21:47 - 00030359 _____ () C:\ComboFix.txt
2014-08-02 21:46 - 2009-07-14 04:04 - 00000248 _____ () C:\Windows\system.ini
2014-08-02 21:27 - 2013-06-12 14:10 - 00000000 ____D () C:\Windows\erdnt
2014-08-02 21:26 - 2014-08-02 21:25 - 05566616 ____R (Swearware) C:\Users\Sebastian\Desktop\ComboFix.exe
2014-08-02 20:44 - 2011-03-09 17:39 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\TS3Client
2014-08-02 20:28 - 2013-09-15 19:34 - 01847808 ___SH () C:\Users\Sebastian\Desktop\Thumbs.db
2014-08-01 01:33 - 2014-08-01 01:33 - 00049693 _____ () C:\Users\Sebastian\Desktop\GMER.log
2014-08-01 01:17 - 2014-08-01 01:17 - 00380416 _____ () C:\Users\Sebastian\Desktop\Gmer-19357.exe
2014-08-01 01:15 - 2014-08-01 01:15 - 00039818 _____ () C:\Users\Sebastian\Desktop\Addition.txt
2014-08-01 01:12 - 2014-08-01 01:12 - 01084928 _____ (Farbar) C:\Users\Sebastian\Desktop\FRST.exe
2014-08-01 01:11 - 2014-08-01 01:11 - 00000480 _____ () C:\Users\Sebastian\Desktop\defogger_disable.log
2014-08-01 01:11 - 2014-08-01 01:11 - 00000000 _____ () C:\Users\Sebastian\defogger_reenable
2014-08-01 01:11 - 2011-01-05 18:43 - 00000000 ____D () C:\Users\Sebastian
2014-08-01 01:10 - 2014-08-01 01:10 - 00050477 _____ () C:\Users\Sebastian\Desktop\Defogger.exe
2014-08-01 01:08 - 2014-08-01 01:08 - 00000035 _____ () C:\Users\Sebastian\Desktop\Link.txt
2014-08-01 01:02 - 2014-04-14 07:54 - 00000000 ___RD () C:\Users\Sebastian\Dropbox
2014-08-01 01:02 - 2014-01-27 12:03 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Dropbox
2014-08-01 00:45 - 2013-08-03 19:44 - 00000000 ____D () C:\Users\Sebastian\Desktop\Ebay
2014-08-01 00:44 - 2012-09-28 21:04 - 00000000 ____D () C:\Users\Sebastian\Desktop\Wichtige Programme
2014-07-31 11:50 - 2014-07-29 20:49 - 00000683 _____ () C:\Users\Sebastian\Desktop\ThreadKielerJung.txt
2014-07-31 11:34 - 2011-01-14 12:37 - 00000000 ____D () C:\Users\Sebastian\Documents\TrackMania
2014-07-31 11:23 - 2011-01-14 12:38 - 00000000 ____D () C:\ProgramData\TrackMania
2014-07-31 10:09 - 2013-01-31 01:15 - 00000000 ____D () C:\Users\Sebastian\Desktop\Judgekram
2014-07-30 13:50 - 2014-01-20 16:24 - 00000000 ____D () C:\Program Files\DevPro
2014-07-26 16:39 - 2014-07-26 16:37 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-07-26 01:32 - 2014-07-26 01:32 - 00015110 _____ () C:\Users\Sebastian\Desktop\Judge_Roles.xlsx
2014-07-24 18:01 - 2010-12-30 21:37 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 17:46 - 2010-12-30 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-21 08:49 - 2011-01-05 18:45 - 00000564 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-07-19 13:27 - 2011-03-09 17:39 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-07-10 15:15 - 2014-02-28 20:42 - 00035848 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-09 16:54 - 2014-07-09 16:54 - 04220562 _____ () C:\Users\Sebastian\Desktop\Einf_SketchUp_2014.pptx
2014-07-09 14:27 - 2014-07-09 14:27 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-09 08:33 - 2013-07-13 01:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 08:31 - 2011-03-10 21:15 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 07:06 - 2009-07-14 06:53 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-09 00:09 - 2012-04-03 16:13 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-09 00:09 - 2011-11-08 20:28 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
Files to move or delete:
====================
C:\Users\Sebastian\WoT_internet_install_eu.exe
Some content of TEMP:
====================
C:\Users\Sebastian\AppData\Local\temp\avgnt.exe
C:\Users\Sebastian\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqorcfd.dll
C:\Users\Sebastian\AppData\Local\temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2010-12-30 21:17
==================== End Of Log ============================
|
|
05.08.2014, 04:30
| #11 |
| /// the machine /// TB-Ausbilder | Browser öffnet 98uj8.de/s3brsn5ba66mgfzeinrum#noad Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.08.2014, 18:34
| #12 |
| | Browser öffnet 98uj8.de/s3brsn5ba66mgfzeinrum#noad Danke dir! Das Öffnen der Tabs hat zwar schon aufgehört, als ich hier gepostet habe, allerdings ists gut, dass wir jetzt durch sind damit. Danke für die Hilfe, Thema ist somit abgeschlossen! |
|
06.08.2014, 15:18
| #13 |
| /// the machine /// TB-Ausbilder | Browser öffnet 98uj8.de/s3brsn5ba66mgfzeinrum#noad Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Browser öffnet 98uj8.de/s3brsn5ba66mgfzeinrum#noad |
| administrator, adobe, antivir, avira, browser, explorer, flash player, home, netgear, opera, realtek, registry, rundll, scan, security, server, services.exe, software, super, svchost.exe, system, teamspeak, temp, tracker, windows, winlogon.exe, öffnet |
WARNUNG an die MITLESER: 
Linear-Darstellung
