Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Schädling in Firefox / Flash

Schädling in Firefox / Flash


Log-Analyse und Auswertung: Schädling in Firefox / Flash

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 24.01.2015, 21:26   #1
Danny902
 
Schädling in Firefox / Flash - Standard

Schädling in Firefox / Flash


Code:
ATTFilter
<ITEM CheckResult="-1" File="C:\Windows\system32\IcnOvrly.dll" Type="REG" Is64="1" X4="VeriFace Enc" X3="{771C7324-DA80-49D3-8017-753B0AF60951}" X2="Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\ListSvc.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\ListSvc.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\HomeGroupListener\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\Mcx2Svc.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\Mcx2Svc.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\Mcx2Svc\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\SimpleExt.dll" Type="REG" Is64="1" X4="IkeyShlExt extension" X3="{F1E551D1-822B-40e6-B4D8-A9B4A48AA07A}" X2="Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\WINSAT.EXE" Type="REG" Is64="0" X4="%SystemRoot%\system32\WINSAT.EXE" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\Microsoft-Windows-WindowsSystemAssessmentTool" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\WUDFPlatform.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\WUDFPlatform.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-DriverFrameworks-UserMode" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\Wat\WatUX.exe" Type="REG" Is64="0" X4="%SystemRoot%\system32\Wat\WatUX.exe" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\Windows Activation Technologies" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\bthserv.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\bthserv.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\bthserv\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\certprop.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\certprop.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-SCPNP" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\cofiredm.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\cofiredm.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-CorruptedFileRecovery-Client" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\cofiredm.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\cofiredm.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-CorruptedFileRecovery-Server" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\csrsrv.dll" Type="REG" Is64="0" X4="%windir%\system32\csrsrv.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-Subsys-SMSS" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\defragsvc.dll" Type="REG" Is64="0" X4="%systemroot%\system32\defragsvc.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\Microsoft-Windows-Defrag" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\dfdts.dll" Type="REG" Is64="0" X4="%windir%\system32\dfdts.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-DiskDiagnostic" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\dps.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\dps.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\DPS\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\drivers\HTTP.SYS" Type="REG" Is64="0" X4="%SystemRoot%\system32\drivers\HTTP.SYS" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-HttpEvent" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\drivers\fltmgr.sys" Type="REG" Is64="0" X4="%SystemRoot%\system32\drivers\fltmgr.sys" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-FilterManager" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\drivers\fvevol.sys" Type="REG" Is64="0" X4="%SystemRoot%\system32\drivers\fvevol.sys" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-BitLocker-Driver" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\drivers\ntfs.sys" Type="REG" Is64="0" X4="%SystemRoot%\system32\drivers\ntfs.sys" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Ntfs" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\dwm.exe" Type="REG" Is64="0" X4="%SystemRoot%\system32\dwm.exe" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\Desktop Window Manager" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\eapsvc.dll" Type="REG" Is64="0" X4="%systemroot%\system32\eapsvc.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\Microsoft-Windows-EapHost" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\fdPHost.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\fdPHost.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\fdPHost\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\fdphost.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\fdphost.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-FunctionDiscoveryHost" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\fdrespub.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\fdrespub.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\FDResPub\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\fdrespub.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\fdrespub.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-ResourcePublication" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\fveapi.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\fveapi.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-BitLocker-API" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\fxsevent.dll" Type="REG" Is64="0" X4="%systemroot%\system32\fxsevent.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\Microsoft Fax" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\gpsvc.dll" Type="REG" Is64="0" X4="%systemroot%\system32\gpsvc.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-GroupPolicy" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\ipbusenum.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\ipbusenum.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\IPBusEnum\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\ipbusenum.dll" Type="REG" Is64="0" X4="%systemroot%\system32\ipbusenum.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-IPBusEnum" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\iphlpsvc.dll" Type="REG" Is64="0" X4="%windir%\system32\iphlpsvc.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-Iphlpsvc" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\iscsiexe.dll" Type="REG" Is64="0" X4="%systemroot%\system32\iscsiexe.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\MSiSCSI\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\kmsvc.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\kmsvc.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\hkmsvc\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\lpksetup.exe" Type="REG" Is64="0" X4="%SystemRoot%\system32\lpksetup.exe" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-LanguagePackSetup" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\lsm.exe" Type="REG" Is64="0" X4="%SystemRoot%\system32\lsm.exe" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\LSM" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\lsm.exe" Type="REG" Is64="0" X4="%SystemRoot%\system32\lsm.exe" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-TerminalServices-LocalSessionManager" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\microsoft-windows-hal-events.dll" Type="REG" Is64="0" X4="%systemroot%\system32\microsoft-windows-hal-events.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-HAL" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\microsoft-windows-kernel-power-events.dll" Type="REG" Is64="0" X4="%systemroot%\system32\microsoft-windows-kernel-power-events.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-Kernel-Power" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\microsoft-windows-kernel-processor-power-events.dll" Type="REG" Is64="0" X4="%systemroot%\system32\microsoft-windows-kernel-processor-power-events.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-Kernel-Processor-Power" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\mmcss.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\mmcss.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\MMCSS\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\mmcss.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\mmcss.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\THREADORDER\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\mpssvc.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\mpssvc.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\MpsSvc\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\mpssvc.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\mpssvc.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-Firewall" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\msdtckrm.dll" Type="REG" Is64="0" X4="%systemroot%\system32\msdtckrm.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\KtmRm\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\nsisvc.dll" Type="REG" Is64="0" X4="%systemroot%\system32\nsisvc.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\nsi\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\oobe\winsetup.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\oobe\winsetup.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-Setup" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\p2psvc.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\p2psvc.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\p2psvc\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\pnrpauto.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\pnrpauto.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\PNRPAutoReg\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\pnrpsvc.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\pnrpsvc.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\p2pimsvc\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\pnrpsvc.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\pnrpsvc.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\PNRPsvc\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\profsvc.dll" Type="REG" Is64="0" X4="%systemroot%\system32\profsvc.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\ProfSvc\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\psxss.exe" Type="REG" Is64="0" X4="%SystemRoot%\system32\psxss.exe" X3="Posix" X2="System\CurrentControlSet\Control\Session Manager\SubSystems" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\qagentRT.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\qagentRT.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\napagent\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\qmgr.dll" Type="REG" Is64="0" X4="%systemroot%\system32\qmgr.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-Bits-Client" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\recovery.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\recovery.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-Recovery" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\regsvc.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\regsvc.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\RemoteRegistry\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\rpcss.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\rpcss.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\DcomLaunch\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\rpcss.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\rpcss.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\RpcSs\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\schedsvc.dll" Type="REG" Is64="0" X4="%systemroot%\system32\schedsvc.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\Schedule\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\schedsvc.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\schedsvc.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-TaskScheduler" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\sdclt.exe" Type="REG" Is64="0" X4="%SystemRoot%\system32\sdclt.exe" X3="" X2="SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\BackupPath" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\sdengin2.dll" Type="REG" Is64="0" X4="%systemroot%\system32\sdengin2.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\Windows Backup" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\seclogon.dll" Type="REG" Is64="0" X4="%windir%\system32\seclogon.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\seclogon\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\sensrsvc.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\sensrsvc.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\SensrSvc\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\services.exe" Type="REG" Is64="0" X4="%SystemRoot%\system32\services.exe" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Service Control Manager" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\sppsvc.exe" Type="REG" Is64="0" X4="%windir%\system32\sppsvc.exe" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\Software Protection Platform Service" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\sppsvc.exe" Type="REG" Is64="0" X4="%windir%\system32\sppsvc.exe" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Key Management Service\KmsRequests" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\sppuinotify.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\sppuinotify.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\sppuinotify\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\srcore.dll" Type="REG" Is64="0" X4="%systemroot%\system32\srcore.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\System Restore" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\srvsvc.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\srvsvc.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\sstpsvc.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\sstpsvc.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\SstpSvc\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\sstpsvc.dll" Type="REG" Is64="0" X4="%systemroot%\system32\sstpsvc.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\RasSstp" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\sysmain.dll" Type="REG" Is64="0" X4="%systemroot%\system32\sysmain.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\SysMain\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\sysmain.dll" Type="REG" Is64="0" X4="%systemroot%\system32\sysmain.dll" X3="Library" X2="SYSTEM\CurrentControlSet\Services\rdyboost\Performance" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\tbssvc.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\tbssvc.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-TBS" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\termsrv.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\termsrv.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-TerminalServices-RemoteConnectionManager" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\termsrv.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\termsrv.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\TermService" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\themeservice.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\themeservice.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\Themes\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\umpnpmgr.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\umpnpmgr.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\PlugPlay\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\umpnpmgr.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\umpnpmgr.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-UserPnp" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\umpo.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\umpo.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\Power\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\w32time.dll" Type="REG" Is64="0" X4="%systemroot%\system32\w32time.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\W32Time\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\w32time.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\w32time.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-Time-Service" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\w32time.dll" Type="REG" Is64="0" X4="%Systemroot%\system32\w32time.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\W32Time" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\w32time.dll" Type="REG" Is64="0" X4="%systemroot%\system32\w32time.dll" X3="DllName" X2="SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\w32time.dll" Type="REG" Is64="0" X4="%systemroot%\system32\w32time.dll" X3="DllName" X2="SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\wbem\WMIsvc.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\wbem\WMIsvc.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\Winmgmt\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\wecsvc.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\wecsvc.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\Wecsvc\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\wecsvc.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\wecsvc.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\Microsoft-Windows-EventCollector" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\wecsvc.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\wecsvc.dll" X3="DisplayNameFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\HardwareEvents" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\wecsvc.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\wecsvc.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-EventCollector" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\winlogon.exe" Type="REG" Is64="0" X4="%SystemRoot%\system32\winlogon.exe" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-Winlogon" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\winsrv.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\winsrv.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\Microsoft-Windows-Winsrv" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\wlansvc.dll" Type="REG" Is64="0" X4="%windir%\system32\wlansvc.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-WLAN-AutoConfig" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\wpdbusenum.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\wpdbusenum.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\WPDBusEnum\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\wsepno.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\wsepno.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\Windows Search Service Profile Notification" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\wuaueng.dll" Type="REG" Is64="0" X4="%systemroot%\system32\wuaueng.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\wuauserv\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="C:\Windows\system32\wuaueng.dll" Type="REG" Is64="0" X4="%systemroot%\system32\wuaueng.dll" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-WindowsUpdateClient" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM IsPE="1" MD5="79DE5E0997A94ED1D336B314005C4543" ChangeDate="30.09.2010 13:00:28" CreateDate="06.05.2014 19:20:26" Attr="rsAh" Size="139088" CheckResult="-1" File="D:\1&1 Surf-Stick\UIExec.exe" Type="REG" Is64="0" X4=""D:\\1&1 Surf-Stick\UIExec.exe"" X3="UIExec" X2="Software\Microsoft\Windows\CurrentVersion\Run" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM CheckResult="-1" File="Maker\DVDMaker.exe" Type="REG" Is64="0" X4="%ProgramFiles%\DVD Maker\DVDMaker.exe" X3="EventMessageFile" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\Dvd Maker" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

<ITEM CheckResult="-1" File="auditcse.dll" Type="REG" Is64="1" X4="auditcse.dll" X3="DLLName" X2="Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{f3ccc681-b74c-4060-9f26-cd84525dca2a}" X1="HKEY_LOCAL_MACHINE" Enabled="1"/>

<ITEM IsPE="1" Ver="25.0.14136.253" OFN="AvkCKS.exe" Product="G DATA Security Software" Vendor="G DATA Software AG" MD5="2A9DD1ECE8ACD1B74BA43CC2CB2E99B4" ChangeDate="01.07.2014 13:41:33" CreateDate="01.07.2014 13:41:33" Attr="rsah" Size="296568" CheckResult="-1" File="c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe" Type="REG" Is64="1" X4="c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe" X3="Userinit" X2="Software\Microsoft\Windows NT\CurrentVersion\Winlogon" X1="HKEY_LOCAL_MACHINE" Enabled="-1"/>

</AUTORUN>


-<BHO>

<ITEM IsPE="1" Ver="7.3.0.140" OFN="IESpeakDoc.dll" Product="Bluetooth Software" Vendor="Atheros Commnucations" MD5="2CA438EE560F8BFC4F94838D53724F38" ChangeDate="16.11.2011 10:56:52" CreateDate="16.11.2011 10:56:52" Attr="rsAh" Size="64672" LegalCopyright="Copyright (c) 2001-2011 Atheros Communications, Inc. All rights reserved." Descr="Bluetooth IE PlugIn" CheckResult="-1" File="C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll" IsDLL="1" Enabled="1" CLSID="{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}" RegKey="HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" BHOType="1"/>

<ITEM LegalCopyright="" Descr="" CheckResult="-1" File="" Enabled="1" CLSID="{2670000A-7350-4f3c-8081-5663EE0C6C49}" RegKey="HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions" BHOType="3"/>

<ITEM LegalCopyright="" Descr="" CheckResult="-1" File="" Enabled="1" CLSID="{7815BE26-237D-41A8-A98F-F7BD75F71086}" RegKey="HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions" BHOType="3"/>

<ITEM LegalCopyright="" Descr="" CheckResult="-1" File="" Enabled="1" CLSID="{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}" RegKey="HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions" BHOType="3"/>

</BHO>


-<ExplorerExt>

<ITEM LegalCopyright="" Descr="" CheckResult="-1" File="" Enabled="1" CLSID="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" ExtName="WebCheck" ExtType="1"/>

<ITEM LegalCopyright="" Descr="" CheckResult="-1" File="" Enabled="1" CLSID="{5E2121EE-0300-11D4-8D3B-444553540000}" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" ExtName="Catalyst Context Menu extension" ExtType="1"/>

<ITEM LegalCopyright="" Descr="" CheckResult="-1" File="" Enabled="1" CLSID="{B41DB860-64E4-11D2-9906-E49FADC173CA}" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" ExtName="WinRAR shell extension" ExtType="1"/>

<ITEM IsPE="1" Ver="1.0.13353.219" OFN="SOBFilesNSE.DLL" Product="G Data TotalCare" Vendor="G Data Software AG" MD5="1AAB2490C262D54B2260F687C1226949" ChangeDate="19.12.2013 03:39:50" CreateDate="19.12.2013 03:39:50" Attr="rsah" Size="210552" LegalCopyright="© G Data Software AG. All rights reserved." Descr="G Data Cloud NSE" CheckResult="-1" File="C:\Program Files (x86)\G Data\InternetSecurity\AVK\SOBFilesNSE.dll" IsDLL="1" Enabled="1" CLSID="{E5A82055-B4B3-449B-9202-C714068617F9}" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" ExtName="SOBVirtualFolder Class" ExtType="1"/>

</ExplorerExt>


-<PrintEXT>

<ITEM LegalCopyright="" Descr="" CheckResult="-1" File="hpinksts5912LM.dll" Enabled="1" RegKey="SYSTEM\CurrentControlSet\Control\Print\Monitors"/>

<ITEM LegalCopyright="" Descr="" CheckResult="-1" File="HPDiscoPM5912.dll" Enabled="1" RegKey="SYSTEM\CurrentControlSet\Control\Print\Monitors"/>

<ITEM LegalCopyright="" Descr="" CheckResult="-1" File="localspl.dll" Enabled="1" RegKey="SYSTEM\CurrentControlSet\Control\Print\Monitors"/>

<ITEM LegalCopyright="" Descr="" CheckResult="-1" File="FXSMON.DLL" Enabled="1" RegKey="SYSTEM\CurrentControlSet\Control\Print\Monitors"/>

<ITEM LegalCopyright="" Descr="" CheckResult="-1" File="hpf3lw73.dll" Enabled="1" RegKey="SYSTEM\CurrentControlSet\Control\Print\Monitors"/>

<ITEM LegalCopyright="" Descr="" CheckResult="-1" File="rc4mon64.dll" Enabled="1" RegKey="SYSTEM\CurrentControlSet\Control\Print\Monitors"/>

<ITEM LegalCopyright="" Descr="" CheckResult="-1" File="tcpmon.dll" Enabled="1" RegKey="SYSTEM\CurrentControlSet\Control\Print\Monitors"/>

<ITEM LegalCopyright="" Descr="" CheckResult="-1" File="stkMonitor.dll" Enabled="1" RegKey="SYSTEM\CurrentControlSet\Control\Print\Monitors"/>

<ITEM LegalCopyright="" Descr="" CheckResult="-1" File="usbmon.dll" Enabled="1" RegKey="SYSTEM\CurrentControlSet\Control\Print\Monitors"/>

<ITEM LegalCopyright="" Descr="" CheckResult="-1" File="WSDMon.dll" Enabled="1" RegKey="SYSTEM\CurrentControlSet\Control\Print\Monitors"/>

<ITEM LegalCopyright="" Descr="" CheckResult="-1" File="inetpp.dll" Enabled="1" RegKey="SYSTEM\CurrentControlSet\Control\Print\Providers"/>

</PrintEXT>


-<TaskScheduler>

<ITEM LegalCopyright="" Descr="" CheckResult="-1" File="C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe" Enabled="49894208" FullCmd=" "%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe" " SHPath="C:\Windows\system32\Tasks\Lenovo\" Status="23651728" JobName="Lenovo Customer Feedback Program"/>

<ITEM LegalCopyright="" Descr="" CheckResult="-1" File=" aitagent " Enabled="49894208" FullCmd=" aitagent " SHPath="C:\Windows\system32\Tasks\Microsoft\Windows\Application Experience\" Status="23650952" JobName="AitAgent"/>

<ITEM LegalCopyright="" Descr="" CheckResult="-1" File="C:\Windows\ehome\mcupdate" Enabled="49894208" FullCmd=" %SystemRoot%\ehome\mcupdate $(Arg0)" SHPath="C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\" Status="23650952" JobName="mcupdate"/>

<ITEM LegalCopyright="" Descr="" CheckResult="-1" File="C:\Windows\ehome\mcupdate" Enabled="49894208" FullCmd=" %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15" SHPath="C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\" Status="23650952" JobName="mcupdate_scheduled"/>

<ITEM LegalCopyright="" Descr="" CheckResult="-1" File="C:\Windows\ehome\ehrec" Enabled="49894208" FullCmd=" %SystemRoot%\ehome\ehrec /RestartRecording" SHPath="C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\" Status="23650952" JobName="RecordingRestart"/>

<ITEM LegalCopyright="" Descr="" CheckResult="-1" File="C:\Windows\ehome\ehrec" Enabled="49894208" FullCmd=" %SystemRoot%\ehome\ehrec /StartRecording" SHPath="C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\" Status="23650952" JobName="StartRecording"/>

<ITEM LegalCopyright="" Descr="" CheckResult="-1" File="C:\Windows\system32\OFFICEICON.vbs" Enabled="49894208" FullCmd=" C:\Windows\system32\OFFICEICON.vbs " SHPath="C:\Windows\system32\Tasks\" Status="23652116" JobName="OFFICE2010ACT"/>

</TaskScheduler>


-<SPI>

<ITEM IsPE="1" Ver="6.1.7601.18685" OFN="nlaapi.dll" Product="Microsoft® Windows® Operating System" Vendor="Microsoft Corporation" MD5="FE48346938C1CDDDF4E4097DB9B99764" ChangeDate="06.12.2014 04:50:19" CreateDate="15.01.2015 23:38:06" Attr="rsAh" Size="52224" LegalCopyright="© Microsoft Corporation. All rights reserved." Descr="Network Location Awareness 2" CheckResult="-1" File="C:\Windows\system32\NLAapi.dll" IsDLL="1" SPINaim="@%SystemRoot%\system32\nlasvc.dll,-1000" SPIType="1"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="napinsp.dll.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="0B7E85364CB878E2AD531DB7B601A9E5" ChangeDate="14.07.2009 02:16:02" CreateDate="14.07.2009 00:54:55" Attr="rsAh" Size="52224" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Descr="E-Mail-Namenshimanbieter" CheckResult="-1" File="C:\Windows\system32\napinsp.dll" IsDLL="1" SPINaim="@%SystemRoot%\system32\napinsp.dll,-1000" SPIType="1"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="pnrpnsp.dll.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="5CF640EDDB1E40A5AB1BB743BCDEC610" ChangeDate="14.07.2009 02:16:12" CreateDate="14.07.2009 00:55:50" Attr="rsAh" Size="65024" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Descr="PNRP-Namespaceanbieter" CheckResult="-1" File="C:\Windows\system32\pnrpnsp.dll" IsDLL="1" SPINaim="@%SystemRoot%\system32\pnrpnsp.dll,-1000" SPIType="1"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="pnrpnsp.dll.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="5CF640EDDB1E40A5AB1BB743BCDEC610" ChangeDate="14.07.2009 02:16:12" CreateDate="14.07.2009 00:55:50" Attr="rsAh" Size="65024" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Descr="PNRP-Namespaceanbieter" CheckResult="-1" File="C:\Windows\system32\pnrpnsp.dll" IsDLL="1" SPINaim="@%SystemRoot%\system32\pnrpnsp.dll,-1001" SPIType="1"/>

<ITEM IsPE="1" Ver="6.1.7601.18254" OFN="mswsock.dll.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="E94C583CDE2348950155F2AF2876F34D" ChangeDate="08.09.2013 03:03:58" CreateDate="21.10.2013 15:25:54" Attr="rsAh" Size="231424" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" CheckResult="-1" File="C:\Windows\System32\mswsock.dll" IsDLL="1" SPINaim="@%SystemRoot%\system32\wshtcpip.dll,-60103" SPIType="1"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="winrnr" Product="Microsoft® Windows® Operating System" Vendor="Microsoft Corporation" MD5="5DF5D8CFD9B9573FA3B2C89D9061A240" ChangeDate="14.07.2009 02:16:19" CreateDate="14.07.2009 00:37:57" Attr="rsAh" Size="20992" LegalCopyright="© Microsoft Corporation. All rights reserved." Descr="LDAP RnR Provider DLL" CheckResult="-1" File="C:\Windows\System32\winrnr.dll" IsDLL="1" SPINaim="NTDS" SPIType="1"/>

<ITEM IsPE="1" Ver="6.1.7601.17514" OFN="wshbth.dll" Product="Microsoft® Windows® Operating System" Vendor="Microsoft Corporation" MD5="AC122407B29378FF9646F03404AC7C54" ChangeDate="21.11.2010 04:24:50" CreateDate="21.11.2010 04:24:50" Attr="rsAh" Size="36352" LegalCopyright="© Microsoft Corporation. All rights reserved." Descr="Windows Sockets Helper DLL" CheckResult="-1" File="C:\Windows\system32\wshbth.dll" IsDLL="1" SPINaim="Bluetooth-Namespace" SPIType="1"/>

<ITEM IsPE="1" Ver="6.1.7601.18254" OFN="mswsock.dll.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="E94C583CDE2348950155F2AF2876F34D" ChangeDate="08.09.2013 03:03:58" CreateDate="21.10.2013 15:25:54" Attr="rsAh" Size="231424" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" CheckResult="-1" File="C:\Windows\system32\mswsock.dll" IsDLL="1" SPINaim="@%SystemRoot%\System32\wship6.dll,-60100" SPIType="3"/>

<ITEM IsPE="1" Ver="6.1.7601.18254" OFN="mswsock.dll.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="E94C583CDE2348950155F2AF2876F34D" ChangeDate="08.09.2013 03:03:58" CreateDate="21.10.2013 15:25:54" Attr="rsAh" Size="231424" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" CheckResult="-1" File="C:\Windows\system32\mswsock.dll" IsDLL="1" SPINaim="@%SystemRoot%\System32\wship6.dll,-60101" SPIType="3"/>

<ITEM IsPE="1" Ver="6.1.7601.18254" OFN="mswsock.dll.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="E94C583CDE2348950155F2AF2876F34D" ChangeDate="08.09.2013 03:03:58" CreateDate="21.10.2013 15:25:54" Attr="rsAh" Size="231424" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" CheckResult="-1" File="C:\Windows\system32\mswsock.dll" IsDLL="1" SPINaim="@%SystemRoot%\System32\wship6.dll,-60102" SPIType="3"/>

<ITEM IsPE="1" Ver="6.1.7601.18254" OFN="mswsock.dll.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="E94C583CDE2348950155F2AF2876F34D" ChangeDate="08.09.2013 03:03:58" CreateDate="21.10.2013 15:25:54" Attr="rsAh" Size="231424" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" CheckResult="-1" File="C:\Windows\system32\mswsock.dll" IsDLL="1" SPINaim="@%SystemRoot%\System32\wshtcpip.dll,-60100" SPIType="3"/>

<ITEM IsPE="1" Ver="6.1.7601.18254" OFN="mswsock.dll.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="E94C583CDE2348950155F2AF2876F34D" ChangeDate="08.09.2013 03:03:58" CreateDate="21.10.2013 15:25:54" Attr="rsAh" Size="231424" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" CheckResult="-1" File="C:\Windows\system32\mswsock.dll" IsDLL="1" SPINaim="@%SystemRoot%\System32\wshtcpip.dll,-60101" SPIType="3"/>

<ITEM IsPE="1" Ver="6.1.7601.18254" OFN="mswsock.dll.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="E94C583CDE2348950155F2AF2876F34D" ChangeDate="08.09.2013 03:03:58" CreateDate="21.10.2013 15:25:54" Attr="rsAh" Size="231424" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" CheckResult="-1" File="C:\Windows\system32\mswsock.dll" IsDLL="1" SPINaim="@%SystemRoot%\System32\wshtcpip.dll,-60102" SPIType="3"/>

<ITEM IsPE="1" Ver="6.1.7601.18254" OFN="mswsock.dll.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="E94C583CDE2348950155F2AF2876F34D" ChangeDate="08.09.2013 03:03:58" CreateDate="21.10.2013 15:25:54" Attr="rsAh" Size="231424" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" CheckResult="-1" File="C:\Windows\system32\mswsock.dll" IsDLL="1" SPINaim="@%SystemRoot%\System32\wshqos.dll,-100" SPIType="3"/>

<ITEM IsPE="1" Ver="6.1.7601.18254" OFN="mswsock.dll.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="E94C583CDE2348950155F2AF2876F34D" ChangeDate="08.09.2013 03:03:58" CreateDate="21.10.2013 15:25:54" Attr="rsAh" Size="231424" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" CheckResult="-1" File="C:\Windows\system32\mswsock.dll" IsDLL="1" SPINaim="@%SystemRoot%\System32\wshqos.dll,-101" SPIType="3"/>

<ITEM IsPE="1" Ver="6.1.7601.18254" OFN="mswsock.dll.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="E94C583CDE2348950155F2AF2876F34D" ChangeDate="08.09.2013 03:03:58" CreateDate="21.10.2013 15:25:54" Attr="rsAh" Size="231424" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" CheckResult="-1" File="C:\Windows\system32\mswsock.dll" IsDLL="1" SPINaim="@%SystemRoot%\System32\wshqos.dll,-102" SPIType="3"/>

<ITEM IsPE="1" Ver="6.1.7601.18254" OFN="mswsock.dll.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="E94C583CDE2348950155F2AF2876F34D" ChangeDate="08.09.2013 03:03:58" CreateDate="21.10.2013 15:25:54" Attr="rsAh" Size="231424" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" CheckResult="-1" File="C:\Windows\system32\mswsock.dll" IsDLL="1" SPINaim="@%SystemRoot%\System32\wshqos.dll,-103" SPIType="3"/>

<ITEM IsPE="1" Ver="6.1.7601.18254" OFN="mswsock.dll.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="E94C583CDE2348950155F2AF2876F34D" ChangeDate="08.09.2013 03:03:58" CreateDate="21.10.2013 15:25:54" Attr="rsAh" Size="231424" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" CheckResult="-1" File="C:\Windows\system32\mswsock.dll" IsDLL="1" SPINaim="MSAFD RfComm [Bluetooth]" SPIType="3"/>

</SPI>


-<PORTS>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="svchost.exe.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="54A47F6B5E09A77E61649109C6A08866" ChangeDate="14.07.2009 02:14:41" CreateDate="14.07.2009 00:19:28" Attr="rsAh" Size="20992" CheckResult="0" File="C:\Windows\system32\svchost.exe" RemoteHost="0.0.0.0" RemotePort="0" LocalPort="135" PortType="1"/>

<ITEM CheckResult="-1" File="System.exe" RemoteHost="0.0.0.0" RemotePort="0" LocalPort="139" PortType="1"/>

<ITEM CheckResult="-1" File="System.exe" RemoteHost="0.0.0.0" RemotePort="0" LocalPort="445" PortType="1"/>

<ITEM CheckResult="-1" File="wmpnetwk.exe" RemoteHost="0.0.0.0" RemotePort="0" LocalPort="554" PortType="1"/>

<ITEM CheckResult="-1" File="System.exe" RemoteHost="0.0.0.0" RemotePort="0" LocalPort="2869" PortType="1"/>

<ITEM CheckResult="-1" File="System.exe" RemoteHost="0.0.0.0" RemotePort="0" LocalPort="5357" PortType="1"/>

<ITEM CheckResult="-1" File="System.exe" RemoteHost="0.0.0.0" RemotePort="0" LocalPort="10243" PortType="1"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="WinInit.exe.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="B5C5DCAD3899512020D135600129D665" ChangeDate="14.07.2009 02:14:45" CreateDate="14.07.2009 00:36:49" Attr="rsAh" Size="96256" CheckResult="0" File="C:\Windows\system32\wininit.exe" RemoteHost="0.0.0.0" RemotePort="0" LocalPort="49152" PortType="1"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="svchost.exe.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="54A47F6B5E09A77E61649109C6A08866" ChangeDate="14.07.2009 02:14:41" CreateDate="14.07.2009 00:19:28" Attr="rsAh" Size="20992" CheckResult="0" File="C:\Windows\system32\svchost.exe" RemoteHost="0.0.0.0" RemotePort="0" LocalPort="49153" PortType="1"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="svchost.exe.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="54A47F6B5E09A77E61649109C6A08866" ChangeDate="14.07.2009 02:14:41" CreateDate="14.07.2009 00:19:28" Attr="rsAh" Size="20992" CheckResult="0" File="C:\Windows\system32\svchost.exe" RemoteHost="0.0.0.0" RemotePort="0" LocalPort="49154" PortType="1"/>

<ITEM CheckResult="-1" File="lsass.exe" RemoteHost="0.0.0.0" RemotePort="0" LocalPort="49155" PortType="1"/>

<ITEM CheckResult="-1" File="services.exe" RemoteHost="0.0.0.0" RemotePort="0" LocalPort="49157" PortType="1"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="svchost.exe.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="54A47F6B5E09A77E61649109C6A08866" ChangeDate="14.07.2009 02:14:41" CreateDate="14.07.2009 00:19:28" Attr="rsAh" Size="20992" CheckResult="0" File="C:\Windows\system32\svchost.exe" RemoteHost="0.0.0.0" RemotePort="0" LocalPort="49158" PortType="1"/>

<ITEM CheckResult="-1" File="spoolsv.exe" RemoteHost="0.0.0.0" RemotePort="0" LocalPort="49160" PortType="1"/>

<ITEM IsPE="1" Ver="1.5.14287.174" OFN="AVKProxy.exe" Product="G Data Security Software" Vendor="G Data Software AG" MD5="8DFC779658F5227019615CDF54748652" ChangeDate="14.10.2014 01:54:44" CreateDate="14.10.2014 01:54:44" Attr="rsah" Size="2250360" CheckResult="-1" File="c:\program files (x86)\common files\g data\avkproxy\avkproxy.exe" RemoteHost="0.0.0.0" RemotePort="0" LocalPort="49161" PortType="1"/>

<ITEM IsPE="1" Ver="1.5.14287.174" OFN="AVKProxy.exe" Product="G Data Security Software" Vendor="G Data Software AG" MD5="8DFC779658F5227019615CDF54748652" ChangeDate="14.10.2014 01:54:44" CreateDate="14.10.2014 01:54:44" Attr="rsah" Size="2250360" CheckResult="-1" File="c:\program files (x86)\common files\g data\avkproxy\avkproxy.exe" RemoteHost="0.0.0.0" RemotePort="0" LocalPort="49165" PortType="1"/>

<ITEM IsPE="1" Ver="1.5.14287.174" OFN="AVKProxy.exe" Product="G Data Security Software" Vendor="G Data Software AG" MD5="8DFC779658F5227019615CDF54748652" ChangeDate="14.10.2014 01:54:44" CreateDate="14.10.2014 01:54:44" Attr="rsah" Size="2250360" CheckResult="-1" File="c:\program files (x86)\common files\g data\avkproxy\avkproxy.exe" RemoteHost="0.0.0.0" RemotePort="0" LocalPort="49169" PortType="1"/>

<ITEM IsPE="1" Ver="1.5.14287.174" OFN="AVKProxy.exe" Product="G Data Security Software" Vendor="G Data Software AG" MD5="8DFC779658F5227019615CDF54748652" ChangeDate="14.10.2014 01:54:44" CreateDate="14.10.2014 01:54:44" Attr="rsah" Size="2250360" CheckResult="-1" File="c:\program files (x86)\common files\g data\avkproxy\avkproxy.exe" RemoteHost="0.0.0.0" RemotePort="0" LocalPort="49173" PortType="1"/>

<ITEM IsPE="1" Ver="1.5.14287.174" OFN="AVKProxy.exe" Product="G Data Security Software" Vendor="G Data Software AG" MD5="8DFC779658F5227019615CDF54748652" ChangeDate="14.10.2014 01:54:44" CreateDate="14.10.2014 01:54:44" Attr="rsah" Size="2250360" CheckResult="-1" File="c:\program files (x86)\common files\g data\avkproxy\avkproxy.exe" RemoteHost="0.0.0.0" RemotePort="0" LocalPort="49177" PortType="1"/>

<ITEM IsPE="1" Ver="1.5.14287.174" OFN="AVKProxy.exe" Product="G Data Security Software" Vendor="G Data Software AG" MD5="8DFC779658F5227019615CDF54748652" ChangeDate="14.10.2014 01:54:44" CreateDate="14.10.2014 01:54:44" Attr="rsah" Size="2250360" CheckResult="-1" File="c:\program files (x86)\common files\g data\avkproxy\avkproxy.exe" RemoteHost="0.0.0.0" RemotePort="0" LocalPort="49181" PortType="1"/>

<ITEM IsPE="1" Ver="1.5.14287.174" OFN="AVKProxy.exe" Product="G Data Security Software" Vendor="G Data Software AG" MD5="8DFC779658F5227019615CDF54748652" ChangeDate="14.10.2014 01:54:44" CreateDate="14.10.2014 01:54:44" Attr="rsah" Size="2250360" CheckResult="-1" File="c:\program files (x86)\common files\g data\avkproxy\avkproxy.exe" RemoteHost="0.0.0.0" RemotePort="0" LocalPort="49185" PortType="1"/>

<ITEM IsPE="1" Ver="1.5.14287.174" OFN="AVKProxy.exe" Product="G Data Security Software" Vendor="G Data Software AG" MD5="8DFC779658F5227019615CDF54748652" ChangeDate="14.10.2014 01:54:44" CreateDate="14.10.2014 01:54:44" Attr="rsah" Size="2250360" CheckResult="-1" File="c:\program files (x86)\common files\g data\avkproxy\avkproxy.exe" RemoteHost="0.0.0.0" RemotePort="0" LocalPort="49189" PortType="1"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="svchost.exe.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="54A47F6B5E09A77E61649109C6A08866" ChangeDate="14.07.2009 02:14:41" CreateDate="14.07.2009 00:19:28" Attr="rsAh" Size="20992" CheckResult="0" File="C:\Windows\system32\svchost.exe" RemoteHost="" RemotePort="0" LocalPort="68" PortType="2"/>

<ITEM CheckResult="-1" File="System.exe" RemoteHost="" RemotePort="0" LocalPort="137" PortType="2"/>

<ITEM CheckResult="-1" File="System.exe" RemoteHost="" RemotePort="0" LocalPort="138" PortType="2"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="svchost.exe.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="54A47F6B5E09A77E61649109C6A08866" ChangeDate="14.07.2009 02:14:41" CreateDate="14.07.2009 00:19:28" Attr="rsAh" Size="20992" CheckResult="0" File="C:\Windows\system32\svchost.exe" RemoteHost="" RemotePort="0" LocalPort="427" PortType="2"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="svchost.exe.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="54A47F6B5E09A77E61649109C6A08866" ChangeDate="14.07.2009 02:14:41" CreateDate="14.07.2009 00:19:28" Attr="rsAh" Size="20992" CheckResult="0" File="C:\Windows\system32\svchost.exe" RemoteHost="" RemotePort="0" LocalPort="427" PortType="2"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="svchost.exe.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="54A47F6B5E09A77E61649109C6A08866" ChangeDate="14.07.2009 02:14:41" CreateDate="14.07.2009 00:19:28" Attr="rsAh" Size="20992" CheckResult="0" File="C:\Windows\system32\svchost.exe" RemoteHost="" RemotePort="0" LocalPort="500" PortType="2"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="svchost.exe.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="54A47F6B5E09A77E61649109C6A08866" ChangeDate="14.07.2009 02:14:41" CreateDate="14.07.2009 00:19:28" Attr="rsAh" Size="20992" CheckResult="0" File="C:\Windows\system32\svchost.exe" RemoteHost="" RemotePort="0" LocalPort="1900" PortType="2"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="svchost.exe.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="54A47F6B5E09A77E61649109C6A08866" ChangeDate="14.07.2009 02:14:41" CreateDate="14.07.2009 00:19:28" Attr="rsAh" Size="20992" CheckResult="0" File="C:\Windows\system32\svchost.exe" RemoteHost="" RemotePort="0" LocalPort="1900" PortType="2"/>

<ITEM CheckResult="-1" File="HPNetworkCommunicatorCom.exe" RemoteHost="" RemotePort="0" LocalPort="3702" PortType="2"/>

<ITEM CheckResult="-1" File="HPNetworkCommunicatorCom.exe" RemoteHost="" RemotePort="0" LocalPort="3702" PortType="2"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="svchost.exe.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="54A47F6B5E09A77E61649109C6A08866" ChangeDate="14.07.2009 02:14:41" CreateDate="14.07.2009 00:19:28" Attr="rsAh" Size="20992" CheckResult="0" File="C:\Windows\system32\svchost.exe" RemoteHost="" RemotePort="0" LocalPort="3702" PortType="2"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="svchost.exe.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="54A47F6B5E09A77E61649109C6A08866" ChangeDate="14.07.2009 02:14:41" CreateDate="14.07.2009 00:19:28" Attr="rsAh" Size="20992" CheckResult="0" File="C:\Windows\system32\svchost.exe" RemoteHost="" RemotePort="0" LocalPort="3702" PortType="2"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="svchost.exe.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="54A47F6B5E09A77E61649109C6A08866" ChangeDate="14.07.2009 02:14:41" CreateDate="14.07.2009 00:19:28" Attr="rsAh" Size="20992" CheckResult="0" File="C:\Windows\system32\svchost.exe" RemoteHost="" RemotePort="0" LocalPort="3702" PortType="2"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="svchost.exe.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="54A47F6B5E09A77E61649109C6A08866" ChangeDate="14.07.2009 02:14:41" CreateDate="14.07.2009 00:19:28" Attr="rsAh" Size="20992" CheckResult="0" File="C:\Windows\system32\svchost.exe" RemoteHost="" RemotePort="0" LocalPort="3702" PortType="2"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="svchost.exe.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="54A47F6B5E09A77E61649109C6A08866" ChangeDate="14.07.2009 02:14:41" CreateDate="14.07.2009 00:19:28" Attr="rsAh" Size="20992" CheckResult="0" File="C:\Windows\system32\svchost.exe" RemoteHost="" RemotePort="0" LocalPort="3702" PortType="2"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="svchost.exe.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="54A47F6B5E09A77E61649109C6A08866" ChangeDate="14.07.2009 02:14:41" CreateDate="14.07.2009 00:19:28" Attr="rsAh" Size="20992" CheckResult="0" File="C:\Windows\system32\svchost.exe" RemoteHost="" RemotePort="0" LocalPort="3702" PortType="2"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="svchost.exe.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="54A47F6B5E09A77E61649109C6A08866" ChangeDate="14.07.2009 02:14:41" CreateDate="14.07.2009 00:19:28" Attr="rsAh" Size="20992" CheckResult="0" File="C:\Windows\system32\svchost.exe" RemoteHost="" RemotePort="0" LocalPort="4500" PortType="2"/>

<ITEM CheckResult="-1" File="wmpnetwk.exe" RemoteHost="" RemotePort="0" LocalPort="5004" PortType="2"/>

<ITEM CheckResult="-1" File="wmpnetwk.exe" RemoteHost="" RemotePort="0" LocalPort="5005" PortType="2"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="svchost.exe.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="54A47F6B5E09A77E61649109C6A08866" ChangeDate="14.07.2009 02:14:41" CreateDate="14.07.2009 00:19:28" Attr="rsAh" Size="20992" CheckResult="0" File="C:\Windows\system32\svchost.exe" RemoteHost="" RemotePort="0" LocalPort="5355" PortType="2"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="svchost.exe.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="54A47F6B5E09A77E61649109C6A08866" ChangeDate="14.07.2009 02:14:41" CreateDate="14.07.2009 00:19:28" Attr="rsAh" Size="20992" CheckResult="0" File="C:\Windows\system32\svchost.exe" RemoteHost="" RemotePort="0" LocalPort="50177" PortType="2"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="svchost.exe.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="54A47F6B5E09A77E61649109C6A08866" ChangeDate="14.07.2009 02:14:41" CreateDate="14.07.2009 00:19:28" Attr="rsAh" Size="20992" CheckResult="0" File="C:\Windows\system32\svchost.exe" RemoteHost="" RemotePort="0" LocalPort="54432" PortType="2"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="svchost.exe.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="54A47F6B5E09A77E61649109C6A08866" ChangeDate="14.07.2009 02:14:41" CreateDate="14.07.2009 00:19:28" Attr="rsAh" Size="20992" CheckResult="0" File="C:\Windows\system32\svchost.exe" RemoteHost="" RemotePort="0" LocalPort="54921" PortType="2"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="svchost.exe.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="54A47F6B5E09A77E61649109C6A08866" ChangeDate="14.07.2009 02:14:41" CreateDate="14.07.2009 00:19:28" Attr="rsAh" Size="20992" CheckResult="0" File="C:\Windows\system32\svchost.exe" RemoteHost="" RemotePort="0" LocalPort="54922" PortType="2"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="svchost.exe.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="54A47F6B5E09A77E61649109C6A08866" ChangeDate="14.07.2009 02:14:41" CreateDate="14.07.2009 00:19:28" Attr="rsAh" Size="20992" CheckResult="0" File="C:\Windows\system32\svchost.exe" RemoteHost="" RemotePort="0" LocalPort="59195" PortType="2"/>

<ITEM IsPE="1" Ver="6.1.7600.16385" OFN="svchost.exe.mui" Product="Betriebssystem Microsoft® Windows®" Vendor="Microsoft Corporation" MD5="54A47F6B5E09A77E61649109C6A08866" ChangeDate="14.07.2009 02:14:41" CreateDate="14.07.2009 00:19:28" Attr="rsAh" Size="20992" CheckResult="0" File="C:\Windows\system32\svchost.exe" RemoteHost="" RemotePort="0" LocalPort="62387" PortType="2"/>

<ITEM CheckResult="-1" File="HPNetworkCommunicatorCom.exe" RemoteHost="" RemotePort="0" LocalPort="64600" PortType="2"/>

</PORTS>

<DPF> </DPF>


-<CPL>

<ITEM IsPE="1" Ver="6.8.8.11" OFN="cjtpl.cpl" Product="REINER SCT cyberJack Base Components" Vendor=" REINER SCT" MD5="834E9C474EE36B17C1F3F205158A9A90" ChangeDate="09.11.2009 10:48:40" CreateDate="02.01.2014 16:34:42" Attr="rsAh" Size="61952" LegalCopyright="Copyright (C) REINER SCT 1999 - 2007" Descr="cyberJack Control Panel Extention" CheckResult="-1" File="C:\Windows\system32\cjtpl.cpl" IsDLL="1" Enabled="1"/>

</CPL>

<ActiveSetup> </ActiveSetup>

<HOSTS> </HOSTS>


-<ProtocolExt>

<ITEM LegalCopyright="© Microsoft Corporation. All rights reserved." Descr="Microsoft .NET Runtime Execution Engine" CheckResult="-1" File="mscoree.dll" Enabled="1" CLSID="{1E66F26B-79EE-11D2-8710-00C04F79ED0D}" RegKey="SOFTWARE\Classes\PROTOCOLS\Filter\application/octet-stream"/>

<ITEM LegalCopyright="© Microsoft Corporation. All rights reserved." Descr="Microsoft .NET Runtime Execution Engine" CheckResult="-1" File="mscoree.dll" Enabled="1" CLSID="{1E66F26B-79EE-11D2-8710-00C04F79ED0D}" RegKey="SOFTWARE\Classes\PROTOCOLS\Filter\application/x-complus"/>

<ITEM LegalCopyright="© Microsoft Corporation. All rights reserved." Descr="Microsoft .NET Runtime Execution Engine" CheckResult="-1" File="mscoree.dll" Enabled="1" CLSID="{1E66F26B-79EE-11D2-8710-00C04F79ED0D}" RegKey="SOFTWARE\Classes\PROTOCOLS\Filter\application/x-msdownload"/>

</ProtocolExt>


-<NET_SHARE>

<ITEM Name="ADMIN$" Connections="0" Path="C:\Windows"/>

<ITEM Name="C$" Connections="0" Path="C:\"/>

<ITEM Name="D$" Connections="0" Path="D:\"/>

<ITEM Name="Fax - HP Officejet Pro 8600" Connections="0" Path="Fax - HP Officejet Pro 8600,LocalsplOnly"/>

<ITEM Name="HP Officejet Pro 8600" Connections="0" Path="HP Officejet Pro 8600,LocalsplOnly"/>

<ITEM Name="IPC$" Connections="0" Path=""/>

<ITEM Name="print$" Connections="0" Path="C:\Windows\system32\spool\drivers"/>

<ITEM Name="Users" Connections="0" Path="C:\Users"/>

</NET_SHARE>


-<WMI_INFO>


-<SecurityCenter>

<AntiVirusProduct> </AntiVirusProduct>

<FireWallProduct> </FireWallProduct>

</SecurityCenter>


-<SecurityCenter2>


-<AntiVirusProduct>

<Data Name="G DATA INTERNET SECURITY" ProductState="270336" pathToSignedProductExe="C:\Program Files (x86)\G Data\InternetSecurity\AVK\avkwscpe.exe"/>

</AntiVirusProduct>


-<FireWallProduct>

<Data Name="G DATA Personal Firewall" ProductState="266256" pathToSignedProductExe="C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe"/>

</FireWallProduct>


-<AntiSpywareProduct>

<Data Name="G DATA INTERNET SECURITY" ProductState="270336" pathToSignedProductExe="C:\Program Files (x86)\G Data\InternetSecurity\AVK\avkwscpe.exe"/>

<Data Name="Windows Defender" ProductState="397568" pathToSignedProductExe="%ProgramFiles%\Windows Defender\MSASCui.exe"/>

</AntiSpywareProduct>

</SecurityCenter2>

</WMI_INFO>


-<NET_DIAG>


-<DNS>

<Host Name="yandex.ru" PingInfo="0,65,213.180.193.11" Ping="1" IP="213.180.193.11,213.180.204.11,93.158.134.11"/>

<Host Name="google.ru" PingInfo="0,327,109.193.193.44" Ping="1" IP="109.193.193.44,109.193.193.30,109.193.193.55,109.193.193.24,109.193.193.45,109.193.193.29,109.193.193.35,109.193.193.20,109.193.193.34,109.193.193.49,109.193.193.40,109.193.193.59,109.193.193.39,109.193.193.25,109.193.193.50,109.193.193.54"/>

<Host Name="google.com" PingInfo="0,26,109.193.193.54" Ping="1" IP="109.193.193.54,109.193.193.34,109.193.193.44,109.193.193.35,109.193.193.49,109.193.193.55,109.193.193.45,109.193.193.40,109.193.193.50,109.193.193.29,109.193.193.59,109.193.193.39,109.193.193.24,109.193.193.25,109.193.193.30,109.193.193.20"/>

<Host Name="www.kaspersky.com" PingInfo="0,60,93.159.228.16" Ping="1" IP="93.159.228.16"/>

<Host Name="www.kaspersky.ru" PingInfo="11010,0,0.0.0.0" Ping="0" IP="77.74.178.20"/>

<Host Name="dnl-03.geo.kaspersky.com" PingInfo="0,16,195.122.169.18" Ping="1" IP="195.122.169.18"/>

<Host Name="dnl-11.geo.kaspersky.com" PingInfo="0,17,80.239.197.100" Ping="1" IP="80.239.197.100"/>

<Host Name="activation-v2.kaspersky.com" PingInfo="11010,0,0.0.0.0" Ping="0" IP="195.27.252.50"/>

<Host Name="odnoklassniki.ru" PingInfo="0,71,217.20.147.94" Ping="1" IP="217.20.147.94"/>

<Host Name="vk.com" PingInfo="0,50,87.240.131.119" Ping="1" IP="87.240.131.119,87.240.131.120,87.240.131.97"/>

<Host Name="vkontakte.ru" PingInfo="0,51,95.213.4.246" Ping="1" IP="95.213.4.246,95.213.4.245,95.213.4.247"/>

<Host Name="twitter.com" PingInfo="0,164,199.16.156.6" Ping="1" IP="199.16.156.6,199.16.156.102,199.16.156.70,199.16.156.230"/>

<Host Name="facebook.com" PingInfo="0,131,173.252.120.6" Ping="1" IP="173.252.120.6"/>

<Host Name="ru-ru.facebook.com" PingInfo="0,12,31.13.93.3" Ping="1" IP="31.13.93.3"/>

</DNS>


-<IE_Setup>

<Key Name="AutoConfigURL" RegKey="HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" VAL=""/>

<Key Name="AutoConfigProxy" RegKey="HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" VAL="wininet.dll"/>

<Key Name="ProxyOverride" RegKey="HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" VAL=""/>

<Key Name="ProxyServer" RegKey="HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" VAL=""/>

<Key Name="" RegKey="HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies" VAL=""/>

</IE_Setup>


-<TCP_IP>

<Interface Domain="dkb-service.de" Name="LAN-Verbindung* 15" DhcpServer="255.255.255.255" NameServer="" DefaultGateway="" SubnetMask="255.255.255.128" IPAddress="10.27.254.51"/>

<Interface Domain="dkb-service.de" Name="LAN-Verbindung* 13" DhcpServer="255.255.255.255" NameServer="" DefaultGateway="" SubnetMask="255.255.255.128" IPAddress="10.27.254.85"/>

</TCP_IP>

<TCP_IP_PR> </TCP_IP_PR>

</NET_DIAG>


-<WMI_INFO>


-<SecurityCenter>

<AntiVirusProduct> </AntiVirusProduct>

<FireWallProduct> </FireWallProduct>

</SecurityCenter>


-<SecurityCenter2>


-<AntiVirusProduct>

<Data Name="G DATA INTERNET SECURITY" ProductState="270336" pathToSignedProductExe="C:\Program Files (x86)\G Data\InternetSecurity\AVK\avkwscpe.exe"/>

</AntiVirusProduct>


-<FireWallProduct>

<Data Name="G DATA Personal Firewall" ProductState="266256" pathToSignedProductExe="C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe"/>

</FireWallProduct>


-<AntiSpywareProduct>

<Data Name="G DATA INTERNET SECURITY" ProductState="270336" pathToSignedProductExe="C:\Program Files (x86)\G Data\InternetSecurity\AVK\avkwscpe.exe"/>

<Data Name="Windows Defender" ProductState="397568" pathToSignedProductExe="%ProgramFiles%\Windows Defender\MSASCui.exe"/>

</AntiSpywareProduct>

</SecurityCenter2>

</WMI_INFO>


-<NET_DIAG>


-<DNS>

<Host Name="yandex.ru" PingInfo="0,65,213.180.193.11" Ping="1" IP="213.180.193.11,93.158.134.11,213.180.204.11"/>

<Host Name="google.ru" PingInfo="0,10,109.193.193.30" Ping="1" IP="109.193.193.30,109.193.193.20,109.193.193.40,109.193.193.29,109.193.193.55,109.193.193.25,109.193.193.54,109.193.193.34,109.193.193.50,109.193.193.59,109.193.193.24,109.193.193.44,109.193.193.39,109.193.193.49,109.193.193.45,109.193.193.35"/>

<Host Name="google.com" PingInfo="0,9,109.193.193.40" Ping="1" IP="109.193.193.40,109.193.193.49,109.193.193.20,109.193.193.45,109.193.193.55,109.193.193.29,109.193.193.50,109.193.193.25,109.193.193.54,109.193.193.39,109.193.193.59,109.193.193.44,109.193.193.34,109.193.193.30,109.193.193.35,109.193.193.24"/>

<Host Name="www.kaspersky.com" PingInfo="0,14,195.27.252.18" Ping="1" IP="195.27.252.18"/>

<Host Name="www.kaspersky.ru" PingInfo="0,14,195.27.252.110" Ping="1" IP="195.27.252.110"/>

<Host Name="dnl-03.geo.kaspersky.com" PingInfo="0,21,212.73.221.199" Ping="1" IP="212.73.221.199"/>

<Host Name="dnl-11.geo.kaspersky.com" PingInfo="0,12,80.239.169.132" Ping="1" IP="80.239.169.132"/>

<Host Name="activation-v2.kaspersky.com" PingInfo="11010,0,0.0.0.0" Ping="0" IP="195.27.252.50"/>

<Host Name="odnoklassniki.ru" PingInfo="0,62,217.20.147.94" Ping="1" IP="217.20.147.94"/>

<Host Name="vk.com" PingInfo="0,50,87.240.143.241" Ping="1" IP="87.240.143.241,87.240.131.99,87.240.131.117"/>

<Host Name="vkontakte.ru" PingInfo="0,48,95.213.4.248" Ping="1" IP="95.213.4.248,95.213.4.247,95.213.4.246"/>

<Host Name="twitter.com" PingInfo="0,129,199.16.156.102" Ping="1" IP="199.16.156.102,199.16.156.198,199.16.156.70,199.16.156.230"/>

<Host Name="facebook.com" PingInfo="0,115,173.252.120.6" Ping="1" IP="173.252.120.6"/>

<Host Name="ru-ru.facebook.com" PingInfo="0,12,31.13.93.3" Ping="1" IP="31.13.93.3"/>

</DNS>


-<IE_Setup>

<Key Name="AutoConfigURL" RegKey="HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" VAL=""/>

<Key Name="AutoConfigProxy" RegKey="HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" VAL="wininet.dll"/>

<Key Name="ProxyOverride" RegKey="HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" VAL=""/>

<Key Name="ProxyServer" RegKey="HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" VAL=""/>

<Key Name="" RegKey="HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies" VAL=""/>

</IE_Setup>


-<TCP_IP>

<Interface Domain="dkb-service.de" Name="LAN-Verbindung* 15" DhcpServer="255.255.255.255" NameServer="" DefaultGateway="" SubnetMask="255.255.255.128" IPAddress="10.27.254.51"/>

<Interface Domain="dkb-service.de" Name="LAN-Verbindung* 13" DhcpServer="255.255.255.255" NameServer="" DefaultGateway="" SubnetMask="255.255.255.128" IPAddress="10.27.254.85"/>

</TCP_IP>

<TCP_IP_PR> </TCP_IP_PR>

</NET_DIAG>


-<IPU>

<ITEM X2="Remotedesktopdienste" X1="TermService" Code="1"/>

<ITEM X2="SSDP-Suche" X1="SSDPSRV" Code="1"/>

<ITEM X2="Aufgabenplanung" X1="Schedule" Code="1"/>

<ITEM Code="2"/>

<ITEM Code="3"/>

<ITEM Code="5"/>

<ITEM X1="1" Code="8"/>

<ITEM X2="Remotedesktopdienste" X1="TermService" Code="1"/>

<ITEM X2="SSDP-Suche" X1="SSDPSRV" Code="1"/>

<ITEM X2="Aufgabenplanung" X1="Schedule" Code="1"/>

<ITEM Code="2"/>

<ITEM Code="3"/>

<ITEM Code="5"/>

<ITEM X1="1" Code="8"/>

</IPU>


-<WIZARD-TSW>

<ITEM Fixed="0" Level="3" ID="58"/>

<ITEM Fixed="0" Level="3" ID="59"/>

<ITEM Fixed="0" Level="2" ID="61"/>

</WIZARD-TSW>

</AVZ>[/

Antwort

Themen zu Schädling in Firefox / Flash
antiviren, bereits, checken, einiger, firefox, flash, formatiere, formatieren, g-data, gen, guten, hoffe, kleine, logfiles, meldungen, probleme, programme, schei, schädling, schädlinge, stark, starte, superantispyware, virenmeldungen, vorhanden


« dllhost.exe poppt alle 10-20 Sekunden auf | TR/Dldr.Agent.1169920.6 »


Ähnliche Themen: Schädling in Firefox / Flash


  1. Win7_Rechner hängt/Internet langsam/ständig Meldung: Plug-in (Shockwave Flash / oder Flash Player) hängt oder reagiert nicht
    Plagegeister aller Art und deren Bekämpfung - 15.11.2014 (19)
  2. Pop ups von Flash Player Updates etc. + Flash Player funktioniert nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 24.07.2014 (8)
  3. Explorer.exe, FireFox & Flash instabil - ProgDVB Setup startet Automatisch
    Log-Analyse und Auswertung - 29.06.2014 (5)
  4. Zufällige Flash-Werbung auf beliebigen Seiten (Firefox/Chrome)
    Log-Analyse und Auswertung - 23.09.2013 (9)
  5. Schädling der String Wert in Firefox about:config erstellt - was bewirkt der Eintrag?
    Plagegeister aller Art und deren Bekämpfung - 12.08.2013 (5)
  6. Weisses Flash-Popup in Firefox
    Log-Analyse und Auswertung - 28.07.2013 (13)
  7. Downloads wie Flash, Java oder Firefox Updates laden sehr langsam. Unbekannte Downloads laden jedoch schnell.
    Plagegeister aller Art und deren Bekämpfung - 19.01.2013 (7)
  8. Fragen zu Updates Browser FireFox und Adobe Flash Player!
    Diskussionsforum - 02.10.2012 (3)
  9. Startfenster.com nach Flash / Shockwave Update, Flash Plugin stürzt dauernd ab
    Log-Analyse und Auswertung - 26.09.2012 (41)
  10. Firefox / plugin-container.exe - Absturz/ adobe flash player --> Problem
    Plagegeister aller Art und deren Bekämpfung - 24.02.2012 (8)
  11. FireFox friert beim Abspielen von Flash-Inhalten ein
    Alles rund um Windows - 24.01.2012 (3)
  12. Flash-Cookies im Griff: Adobe veröffentlicht Flash 10.3
    Nachrichten - 13.05.2011 (0)
  13. Firefox hilft Millionen Anwendern beim Schließen von Flash-Lücken
    Nachrichten - 17.09.2009 (0)
  14. Firefox 3 - Probleme mit neuster Flash Version
    Alles rund um Windows - 02.02.2009 (9)
  15. Flash Player lässt sich nicht für Firefox (nur für Opera) installieren!
    Alles rund um Windows - 06.07.2008 (1)
  16. Schädling oder nicht Schädling ?!?
    Plagegeister aller Art und deren Bekämpfung - 07.05.2004 (0)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Schädling in Firefox / Flash - Code: Alles auswählen Aufklappen ATTFilter <ITEM CheckResult="-1" File="C:\Windows\system32\IcnOvrly.dll" Type="REG" Is64="1" X4="VeriFace Enc" X3="{771C7324-DA80-49D3-8017-753B0AF60951}" X2="Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" X1="HKEY_LOCAL_MACHINE" Enabled="1"/> <ITEM CheckResult="-1" File="C:\Windows\system32\ListSvc.dll" Type="REG" Is64="0" X4="%SystemRoot%\system32\ListSvc.dll" X3="ServiceDll" X2="SYSTEM\CurrentControlSet\Services\HomeGroupListener\Parameters" X1="HKEY_LOCAL_MACHINE" Enabled="1"/> <ITEM CheckResult="-1" File="C:\Windows\system32\Mcx2Svc.dll" - Schädling in Firefox / Flash...
Archiv
Du betrachtest: Schädling in Firefox / Flash auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19