Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Cannot load hotkey.sys UND Windows sicherheitscenter nicht zu starten (https://www.trojaner-board.de/131237-cannot-load-hotkey-sys-windows-sicherheitscenter-starten.html)

mp10088 18.02.2013 23:22
Cannot load hotkey.sys UND Windows sicherheitscenter nicht zu starten
 
Habe mir einen Virus eingefangen (der sofort eine Polizei Seite anzeigt, zur Zahlung auffordert und alls sperrt). Habe den Namen leider vergessen. Selbst im abgesicherten Modus trat der fehler auf. Bei einigen Reboot veruchen, konnte ich den installieretn 'Spyhunter' starten und die Malware wurde offensichtlich erkannt und beseitigt. Nach dem reboot lief fast alles wie sonst, außer :
1.) Es kommt die Meldung "Cannot load hotkey.sys". Was man aber mit 3x OK wegdrücken kann.
Im www habe ich keine einfache Lösung gefunden.
2.) In der Message line erscheint die Fahne mit rotem Kreuz : Das Windows Sicherheitscenter ist nicht gestartet. Und kann auch nicht gestartet werden. Die Lösung der PC Welt funktioniert leider auch nicht.
Möchte euch daher um Hilfe bitten.

Habe die logs mit OTL erstellt

markusg 18.02.2013 23:23
Hi
und wo sind sie?
+ spyhunter fundmeldungen mit Pfadangabe als text

mp10088 18.02.2013 23:26
Habe keine stelle gefunden um die logfiles einzufügen !!!
Wo finde ich die spyhunter logs ??

Jetzt der Versuch den 'Log-Text' einfach zu pasten....OTL Logfile:
Code:
OTL logfile created on: 18.02.2013 22:54:52 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\***\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,43 Gb Total Physical Memory | 2,36 Gb Available Physical Memory | 68,75% Memory free
6,85 Gb Paging File | 5,75 Gb Available in Paging File | 83,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,79 Gb Total Space | 48,07 Gb Free Space | 43,00% Space Free | Partition Type: NTFS
 
Computer Name: MANFREDPORAK-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\***\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\***\AppData\Local\Temp\OCS\Downloads\0674e23d6502b36621d489f1b4fbd22a\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe ()
PRC - C:\Users\***\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe ()
PRC - c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
PRC - c:\Programme\Microsoft Security Client\MpCmdRun.exe (Microsoft Corporation)
PRC - c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\devolo\dlan\devolonetsvc.exe (devolo AG)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.app.win32_3.5.0.20100519-1632\soffice.exe ()
PRC - C:\Programme\Launch Manager\WButton.exe (Wistron Corp.)
PRC - C:\Programme\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
PRC - C:\Programme\Launch Manager\HotkeyApp.exe (Wistron)
PRC - C:\Programme\Launch Manager\OSD.exe (Wistron Corp.)
PRC - C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Programme\Launch Manager\WisLMSvc.exe (Wistron Corp.)
PRC - C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\ProgramData\DNSErrorHelper\bho.dll ()
MOD - C:\Windows\System32\IccLibDll.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.system.win32_3.5.0.20100519-1632\udkservice1.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.system.win32_3.5.0.20100519-1632\sal3.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.system.win32_3.5.0.20100519-1632\xerces-depdom_2_6.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.system.win32_3.5.0.20100519-1632\uwinapi.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.system.win32_3.5.0.20100519-1632\vos3MSC.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.system.win32_3.5.0.20100519-1632\xslt4cMessages_1_7_0.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.system.win32_3.5.0.20100519-1632\log4pt.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.system.win32_3.5.0.20100519-1632\reg3.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.system.win32_3.5.0.20100519-1632\jvmaccess3MSC.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.system.win32_3.5.0.20100519-1632\proxyset.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.system.win32_3.5.0.20100519-1632\rmcxt3.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.system.win32_3.5.0.20100519-1632\basicservice.uno.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.system.win32_3.5.0.20100519-1632\emser645mi.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.infra.win32_3.5.0.20100519-1632\svt645mi.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.infra.win32_3.5.0.20100519-1632\ucpchelp1.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.infra.win32_3.5.0.20100519-1632\vcl645mi.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.infra.win32_3.5.0.20100519-1632\tk645mi.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.infra.win32_3.5.0.20100519-1632\so645mi.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.infra.win32_3.5.0.20100519-1632\xcr645mi.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.infra.win32_3.5.0.20100519-1632\sb645mi.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.infra.win32_3.5.0.20100519-1632\i18npool645mi.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.infra.win32_3.5.0.20100519-1632\sax.uno.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.infra.win32_3.5.0.20100519-1632\go645mi.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.framework.win32_3.5.0.20100519-1632\svx645mi.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.framework.win32_3.5.0.20100519-1632\sfx645mi.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.framework.win32_3.5.0.20100519-1632\ofa645mi.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.app.win32_3.5.0.20100519-1632\soffice.exe ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.app.win32_3.5.0.20100519-1632\desktp645mi.dll ()
MOD - C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.app.win32_3.5.0.20100519-1632\oleautobridge.uno.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AddonsHelper) -- C:\Users\***\AppData\Local\Temp\OCS\Downloads\0674e23d6502b36621d489f1b4fbd22a\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe ()
SRV - (SearchAnonymizer) -- C:\Users\***\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (DevoloNetworkService) -- C:\Programme\devolo\dlan\devolonetsvc.exe (devolo AG)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (PassThru Service) -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (Lotus Notes Diagnostics) -- C:\Programme\IBM\Lotus\Notes\nsd.exe (IBM)
SRV - (UNS) -- C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (WisLMSvc) -- C:\Programme\Launch Manager\WisLMSvc.exe (Wistron Corp.)
SRV - (IAStorDataMgrSvc) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (SeaPort) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (PSI_SVC_2) -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (MpKsl4010e772) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{40707E0F-B9BF-4C7B-84AC-C3DC9C3C2EA1}\MpKsl4010e772.sys (Microsoft Corporation)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (NPF_devolo) -- C:\Windows\System32\drivers\npf_devolo.sys (CACE Technologies)
DRV - (esgiguard) -- C:\Programme\Enigma Software Group\SpyHunter\esgiguard.sys ()
DRV - (htcnprot) -- C:\Windows\System32\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV - (rtl8192se) -- C:\Windows\System32\drivers\rtl8192se.sys (Realtek Semiconductor Corporation                          )
DRV - (Impcd) -- C:\Windows\System32\drivers\Impcd.sys (Intel Corporation)
DRV - (IntcDAud) -- C:\Windows\System32\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV - (wcndis) -- C:\Windows\System32\drivers\wcndis.sys ()
DRV - (HTCAND32) -- C:\Windows\System32\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV - (HECI) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)
DRV - (mod7700) -- C:\Windows\System32\drivers\mod7700.sys (DiBcom SA)
DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (L1C) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.)
DRV - (XUIF) -- C:\Windows\System32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
DRV - (X10Hid) -- C:\Windows\System32\drivers\x10hid.sys (X10 Wireless Technology, Inc.)
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {721061fb-eb79-4568-a03c-3ce26d68dae9}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}: "URL" = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197&type=ds2se&d
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1223179397-588410523-350287256-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
IE - HKU\S-1-5-21-1223179397-588410523-350287256-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com [binary data]
IE - HKU\S-1-5-21-1223179397-588410523-350287256-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1223179397-588410523-350287256-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ebay.de/
IE - HKU\S-1-5-21-1223179397-588410523-350287256-1000\..\SearchScopes,DefaultScope = {C974074C-D796-48BA-B11B-484090A8DF29}
IE - HKU\S-1-5-21-1223179397-588410523-350287256-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494538535243&st={searchTerms}&clid=d0d8608e-588f-424c-bd40-c082a70966b1&pid=freewarede&k=0
IE - HKU\S-1-5-21-1223179397-588410523-350287256-1000\..\SearchScopes\{C974074C-D796-48BA-B11B-484090A8DF29}: "URL" = hxxp://www.google.de.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E64652F7365617263683F713D7B7365617263685465726D737D26726C7A3D314937414446415F6465&st={searchTerms}&clid=d0d8608e-588f-424c-bd40-c082a70966b1&pid=freewarede&k=0
IE - HKU\S-1-5-21-1223179397-588410523-350287256-1000\..\SearchScopes\{D0726E46-C7B9-4ABD-920F-9D42538A0508}: "URL" = hxxp://de.wikipedia.org.anonymize-me.de/?anonymto=687474703A2F2F64652E77696B6970656469612E6F72672F772F696E6465782E7068703F7469746C653D5370657A69616C3A5375636865267365617263683D7B7365617263685465726D737D&st={searchTerms}&clid=d0d8608e-588f-424c-bd40-c082a70966b1&pid=freewarede&k=0
IE - HKU\S-1-5-21-1223179397-588410523-350287256-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.update: false
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..browser.startup.homepage: "hxxp://de.search.yahoo.com/web?fr=vc_trans_de_8197&type=ds2hp&d"
FF - prefs.js..browser.search.defaultenginename: "Search"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\dnshelp@dnshelp.com: C:\Users\***\AppData\Roaming\Helper [2013.02.18 17:27:21 | 000,000,000 | ---D | M]
 
[2011.09.12 13:58:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2012.07.10 16:42:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\1mlflynq.default\extensions
[2012.07.10 16:42:48 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\1mlflynq.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2013.02.18 17:27:21 | 000,002,080 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\1mlflynq.default\searchplugins\7614b76c-6f50-43fe-b402-04d686c3e25b.xml
[2013.02.18 17:32:56 | 000,002,080 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\1mlflynq.default\searchplugins\8771f98e-e53b-4755-a730-6081d8191ffd.xml
[2013.02.18 17:27:15 | 000,002,188 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\1mlflynq.default\searchplugins\{0EA27343-18E3-47F9-BEED-389E0571EB50}.xml
[2013.02.18 17:27:15 | 000,024,039 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\1mlflynq.default\searchplugins\{68F2A811-633B-4BB4-B751-DA1F5E0911D9}.xml
[2013.02.18 17:27:15 | 000,002,077 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\1mlflynq.default\searchplugins\{6C66445A-A433-4876-AC6A-CCB741962A38}.xml
[2013.02.18 17:27:15 | 000,001,870 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\1mlflynq.default\searchplugins\{79008563-F910-49AD-BC7C-D08116B7E909}.xml
[2013.02.18 17:27:15 | 000,002,522 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\1mlflynq.default\searchplugins\{E87CF541-A527-45A0-967B-45DB109D6C06}.xml
[2013.02.18 17:27:15 | 000,001,094 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\1mlflynq.default\searchplugins\{EAAC75F4-51B9-41A2-8D2B-FB35B9C2A2EA}.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: hxxp://de.search.yahoo.com/web?fr=vc_trans_de_8197&type=ds2hp&d
CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: No name found = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (DNS Error Helper) - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll ()
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [LMgrVolOSD] C:\Program Files\Launch Manager\OSD.exe (Wistron Corp.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Ocs_SM] C:\Users\***\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
O4 - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SODCPreLoad] C:\Program Files\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.app.win32_3.5.0.20100519-1632\preload.exe ()
O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe (Wistron Corp.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-1223179397-588410523-350287256-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-1223179397-588410523-350287256-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O8 - Extra context menu item: add to &BOM - C:\\PROGRA~1\\BIET-O~1\\\\AddToBOM.hta ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1223179397-588410523-350287256-1000\..Trusted Domains: blank ([]about in Local intranet)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/AT/Core/Player/2020PlayerAX_IKEA_Win32.cab (20-20 3D Viewer for IKEA)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{142F2D10-AFAC-4319-8B97-F2F9242E1639}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{550500B5-3829-4243-93C4-E08B690AD997}: DhcpNameServer = 61.177.7.1 218.104.32.106 168.95.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8DC2FCE8-0569-4A74-A36B-EAC50F15EC90}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9300F5B6-087D-496A-B2B7-64EACD8EE4BC}: DhcpNameServer = 192.168.42.129
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.10.24 07:27:21 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.18 19:34:13 | 000,000,000 | ---D | C] -- C:\Users\***\EasternGraphics
[2013.02.18 19:34:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\{59E3981A-853B-4024-80E5-72FC64DF4CB7}
[2013.02.18 19:33:28 | 000,000,000 | ---D | C] -- C:\Program Files\EasternGraphics
[2013.02.18 19:33:05 | 000,000,000 | ---D | C] -- C:\ProgramData\EasternGraphics
[2013.02.18 19:18:00 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Apps
[2013.02.18 17:55:39 | 000,118,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Msadodc.ocx
[2013.02.18 17:55:39 | 000,000,000 | ---D | C] -- C:\MEINHAUSPLANER
[2013.02.18 17:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BAUSET
[2013.02.18 17:55:38 | 001,046,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet35.dll
[2013.02.18 17:55:38 | 000,415,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl35.dll
[2013.02.18 17:55:38 | 000,368,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbar332.dll
[2013.02.18 17:55:38 | 000,287,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Msxbse35.dll
[2013.02.18 17:55:38 | 000,252,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x35.dll
[2013.02.18 17:55:38 | 000,250,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mspdox35.dll
[2013.02.18 17:55:38 | 000,250,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Msexcl35.dll
[2013.02.18 17:55:38 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ddao35.dll
[2013.02.18 17:55:38 | 000,166,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Msltus35.dll
[2013.02.18 17:55:38 | 000,165,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mstext35.dll
[2013.02.18 17:55:38 | 000,148,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint35.dll
[2013.02.18 17:55:38 | 000,024,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter35.dll
[2013.02.18 17:55:37 | 002,369,456 | ---- | C] (Codejock Software) -- C:\Windows\System32\Codejock.CommandBars.v13.4.2.ocx
[2013.02.18 17:55:37 | 001,370,032 | ---- | C] (Codejock Software) -- C:\Windows\System32\Codejock.ReportControl.v13.4.2.ocx
[2013.02.18 17:55:37 | 001,369,264 | ---- | C] (FarPoint Technologies, Inc.) -- C:\Windows\System32\FPSPR70.ocx
[2013.02.18 17:55:37 | 001,276,088 | ---- | C] (Codejock Software) -- C:\Windows\System32\Codejock.CommandBars.v10.1.ocx
[2013.02.18 17:55:37 | 000,882,608 | ---- | C] (Codejock Software) -- C:\Windows\System32\Codejock.TaskPanel.v13.4.2.ocx
[2013.02.18 17:55:37 | 000,598,016 | ---- | C] (Key Company) -- C:\Windows\System32\KeyTV3.ocx
[2013.02.18 17:55:37 | 000,460,984 | ---- | C] (Codejock Software) -- C:\Windows\System32\Codejock.ReportControl.v10.1.ocx
[2013.02.18 17:55:37 | 000,338,104 | ---- | C] (Codejock Software) -- C:\Windows\System32\Codejock.TaskPanel.v10.1.ocx
[2013.02.18 17:55:37 | 000,167,176 | ---- | C] (/n software inc. - www.nsoftware.com) -- C:\Windows\System32\ftps60.ocx
[2013.02.18 17:55:36 | 000,595,968 | ---- | C] (KL Group Inc.) -- C:\Windows\System32\Resizer.dll
[2013.02.18 17:55:36 | 000,220,160 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltvid12n.ocx
[2013.02.18 17:55:36 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\System32\PCDLIB32.DLL
[2013.02.18 17:55:36 | 000,187,904 | ---- | C] (KL Group Inc.) -- C:\Windows\System32\ResizerPPG.ocx
[2013.02.18 17:55:36 | 000,182,272 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltvid12n.dll
[2013.02.18 17:55:36 | 000,176,128 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltcap12n.ocx
[2013.02.18 17:55:36 | 000,160,256 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltnet12n.ocx
[2013.02.18 17:55:36 | 000,132,608 | ---- | C] (KL Group Inc.) -- C:\Windows\System32\ResizableControl.dll
[2013.02.18 17:55:36 | 000,102,400 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfmpg12n.dll
[2013.02.18 17:55:36 | 000,089,088 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfjbg12n.dll
[2013.02.18 17:55:36 | 000,084,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lffpx12n.dll
[2013.02.18 17:55:36 | 000,063,488 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\Lfplt12n.dll
[2013.02.18 17:55:36 | 000,062,464 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltnet12n.dll
[2013.02.18 17:55:36 | 000,058,880 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\Lfcgm12n.dll
[2013.02.18 17:55:36 | 000,058,880 | ---- | C] (KL Group Inc.) -- C:\Windows\System32\ResizableControlPPG.ocx
[2013.02.18 17:55:36 | 000,053,248 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltcap12n.dll
[2013.02.18 17:55:36 | 000,047,616 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\Lfdgn12n.dll
[2013.02.18 17:55:36 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfpcd12n.dll
[2013.02.18 17:55:35 | 000,482,816 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfdwf12n.dll
[2013.02.18 17:55:35 | 000,181,248 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\Lfpng12n.dll
[2013.02.18 17:55:35 | 000,141,312 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LFTIF12n.DLL
[2013.02.18 17:55:35 | 000,139,264 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\Lfdxf12n.dll
[2013.02.18 17:55:35 | 000,067,584 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfdwg12N.dll
[2013.02.18 17:55:35 | 000,060,416 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\Lfpct12n.dll
[2013.02.18 17:55:35 | 000,049,664 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\Lfwmf12n.dll
[2013.02.18 17:55:35 | 000,047,104 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfXpm12n.dll
[2013.02.18 17:55:35 | 000,046,080 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\Lfdrw12n.dll
[2013.02.18 17:55:35 | 000,045,568 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfXbm12n.dll
[2013.02.18 17:55:35 | 000,038,912 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfflc12n.dll
[2013.02.18 17:55:35 | 000,036,864 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfpsd12n.dll
[2013.02.18 17:55:35 | 000,031,744 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lflmb12n.dll
[2013.02.18 17:55:35 | 000,031,232 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LFPNM12n.dll
[2013.02.18 17:55:35 | 000,029,184 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lflma12n.dll
[2013.02.18 17:55:35 | 000,028,672 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfclp12n.dll
[2013.02.18 17:55:35 | 000,027,648 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfiff12n.dll
[2013.02.18 17:55:35 | 000,026,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfxwd12n.dll
[2013.02.18 17:55:35 | 000,026,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfpcx12n.dll
[2013.02.18 17:55:35 | 000,026,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfani12n.dll
[2013.02.18 17:55:35 | 000,021,504 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfCUT12n.dll
[2013.02.18 17:55:35 | 000,020,992 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfwpg12n.dll
[2013.02.18 17:55:35 | 000,020,992 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lftga12n.dll
[2013.02.18 17:55:35 | 000,020,992 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfimg12n.dll
[2013.02.18 17:55:35 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfwfx12n.dll
[2013.02.18 17:55:35 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfitg12n.dll
[2013.02.18 17:55:35 | 000,019,456 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfras12n.dll
[2013.02.18 17:55:35 | 000,019,456 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfmsp12n.dll
[2013.02.18 17:55:35 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfmac12n.dll
[2013.02.18 17:55:34 | 000,358,912 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LFCMP12n.DLL
[2013.02.18 17:55:34 | 000,340,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LTDLG12n.ocx
[2013.02.18 17:55:34 | 000,326,656 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltvec12n.ocx
[2013.02.18 17:55:34 | 000,307,712 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LTDLG12n.dll
[2013.02.18 17:55:34 | 000,259,584 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LTDIS12n.dll
[2013.02.18 17:55:34 | 000,215,552 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\Lvkrn12n.dll
[2013.02.18 17:55:34 | 000,208,384 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LTEFX12n.dll
[2013.02.18 17:55:34 | 000,176,128 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltlst12n.ocx
[2013.02.18 17:55:34 | 000,164,864 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LTIMG12n.dll
[2013.02.18 17:55:34 | 000,158,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\Lvdlg12n.dll
[2013.02.18 17:55:34 | 000,140,288 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lttmb12n.ocx
[2013.02.18 17:55:34 | 000,131,072 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LTFIL12n.dll
[2013.02.18 17:55:34 | 000,094,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltodb12n.ocx
[2013.02.18 17:55:34 | 000,073,728 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LFFAX12n.DLL
[2013.02.18 17:55:34 | 000,049,152 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltlst12n.dll
[2013.02.18 17:55:34 | 000,048,128 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfica12n.dll
[2013.02.18 17:55:34 | 000,037,888 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfeps12n.dll
[2013.02.18 17:55:34 | 000,035,840 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LTTWN12n.dll
[2013.02.18 17:55:34 | 000,035,840 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfcal12n.dll
[2013.02.18 17:55:34 | 000,035,328 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfgif12n.dll
[2013.02.18 17:55:34 | 000,032,256 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lttmb12n.dll
[2013.02.18 17:55:34 | 000,030,720 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfbmp12n.dll
[2013.02.18 17:55:34 | 000,023,040 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfawd12n.dll
[2013.02.18 17:55:34 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfavi12n.dll
[2013.02.18 17:55:33 | 000,848,376 | ---- | C] (APEX Software Corporation) -- C:\Windows\System32\tdbl6.ocx
[2013.02.18 17:55:33 | 000,801,464 | ---- | C] (APEX Software Corporation) -- C:\Windows\System32\tdbg6.ocx
[2013.02.18 17:55:33 | 000,630,272 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LTOCX12n.ocx
[2013.02.18 17:55:33 | 000,406,048 | ---- | C] (Xceed Software Inc        (450) 442-2626        support@xceedsoft.com        www.xceedsoft.com) -- C:\Windows\System32\XceedZip.dll
[2013.02.18 17:55:33 | 000,388,096 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LTKRN12n.dll
[2013.02.18 17:55:33 | 000,242,144 | ---- | C] (Apex Software Corporation) -- C:\Windows\System32\tdbgpp.dll
[2013.02.18 17:55:33 | 000,106,984 | ---- | C] (Apex Software Corporation) -- C:\Windows\System32\xarraydb.ocx
[2013.02.18 17:55:31 | 000,851,420 | ---- | C] (Seagate Software, Inc.) -- C:\Windows\System32\crystl32.ocx
[2013.02.18 17:55:31 | 000,270,336 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\Windows\System32\p2sodbc.dll
[2013.02.18 17:55:31 | 000,147,456 | ---- | C] (Seagate Software, Inc) -- C:\Windows\System32\p2smon.dll
[2013.02.18 17:55:31 | 000,094,208 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\Windows\System32\p2sevt.dll
[2013.02.18 17:55:31 | 000,094,208 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\Windows\System32\p2bdao.dll
[2013.02.18 17:55:31 | 000,061,440 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\Windows\System32\p2irdao.dll
[2013.02.18 17:55:31 | 000,053,248 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\Windows\System32\p2ctdao.dll
[2013.02.18 17:55:31 | 000,036,864 | ---- | C] (Seagate Software, Inc) -- C:\Windows\System32\p3smnde.dll
[2013.02.18 17:55:31 | 000,036,864 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\Windows\System32\p3sodde.dll
[2013.02.18 17:55:31 | 000,036,864 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\Windows\System32\p3sevde.dll
[2013.02.18 17:55:31 | 000,024,576 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\Windows\System32\p3rdode.dll
[2013.02.18 17:55:31 | 000,024,576 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\Windows\System32\p3ddode.dll
[2013.02.18 17:55:31 | 000,023,040 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\Windows\System32\p2bbnd.dll
[2013.02.18 17:55:31 | 000,020,480 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\Windows\System32\p3tdode.dll
[2013.02.18 17:55:31 | 000,004,096 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\Windows\System32\p3dbdde.dll
[2013.02.18 17:55:31 | 000,000,000 | ---D | C] -- C:\Windows\Crystal
[2013.02.18 17:55:30 | 005,550,080 | ---- | C] (Seagate Software, Inc.) -- C:\Windows\System32\craxdrt.dll
[2013.02.18 17:55:30 | 005,337,088 | ---- | C] (Seagate Software, Inc.) -- C:\Windows\System32\crpe32.dll
[2013.02.18 17:55:30 | 000,745,472 | ---- | C] (Seagate Software, Inc.) -- C:\Windows\System32\crpe32_res_de.dll
[2013.02.18 17:55:30 | 000,618,496 | ---- | C] (Seagate Software) -- C:\Windows\System32\crpaig80.dll
[2013.02.18 17:55:30 | 000,544,768 | ---- | C] (Seagate Software, Inc.) -- C:\Windows\System32\exlate32.dll
[2013.02.18 17:55:30 | 000,507,904 | ---- | C] (Seagate Software) -- C:\Windows\System32\crviewer.dll
[2013.02.18 17:55:30 | 000,442,368 | ---- | C] (Seagate Software, Inc) -- C:\Windows\System32\cpeaut32.dll
[2013.02.18 17:55:30 | 000,040,960 | ---- | C] (Seagate Software, Inc) -- C:\Windows\System32\cdo32.dll
[2013.02.18 17:55:29 | 000,525,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DBGrid32.ocx
[2013.02.18 17:55:29 | 000,414,944 | ---- | C] (Microsoft Corporation ) -- C:\Windows\System32\Comct332.ocx
[2013.02.18 17:55:29 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDBRPTR.DLL
[2013.02.18 17:55:29 | 000,262,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDatGrd.ocx
[2013.02.18 17:55:29 | 000,244,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsFlxGrd.ocx
[2013.02.18 17:55:29 | 000,200,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DBList32.ocx
[2013.02.18 17:55:29 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ComDlg32.ocx
[2013.02.18 17:55:29 | 000,103,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMM32.OCX
[2013.02.18 17:55:29 | 000,099,866 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB5DE.dll
[2013.02.18 17:55:29 | 000,089,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Vb5db.dll
[2013.02.18 17:55:29 | 000,082,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PicClp32.ocx
[2013.02.18 17:55:29 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSBIND.DLL
[2013.02.18 17:55:29 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FlxGdDE.dll
[2013.02.18 17:55:29 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RchTxDE.dll
[2013.02.18 17:55:29 | 000,035,328 | ---- | C] (Apex Software Corporation) -- C:\Windows\System32\DBGrdDE.dll
[2013.02.18 17:55:29 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CmDlgDE.dll
[2013.02.18 17:55:29 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DBLstDE.dll
[2013.02.18 17:55:29 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSComDE.dll
[2013.02.18 17:55:28 | 000,645,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mscomct2.ocx
[2013.02.18 17:55:28 | 000,198,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mci32.ocx
[2013.02.18 17:55:28 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mscc2de.dll
[2013.02.18 17:55:28 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC42LOC.DLL
[2013.02.18 17:27:21 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Helper
[2013.02.18 17:27:20 | 000,000,000 | ---D | C] -- C:\ProgramData\DNSErrorHelper
[2013.02.18 17:27:18 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\DesktopIconForAmazon
[2013.02.18 17:27:15 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Opera
[2013.02.18 17:27:13 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\OCS
[2013.02.15 18:27:22 | 000,000,000 | ---D | C] -- C:\Program Files\Advanced Fix 2012
[2013.02.15 17:57:58 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.02.15 17:57:57 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.02.15 17:57:56 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.02.15 17:57:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.02.15 17:57:56 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.02.15 17:57:55 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.02.15 17:57:55 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.02.15 17:57:53 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.02.15 17:55:09 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.02.15 17:55:09 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.02.15 17:55:08 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.02.15 17:55:05 | 000,187,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2013.02.15 17:55:05 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013.02.15 17:17:26 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\SpeedyPC Software
[2013.02.15 17:17:26 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\DriverCure
[2013.02.15 17:15:29 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software
[2013.02.15 16:45:23 | 000,000,000 | ---D | C] -- C:\Medion
[2013.02.14 10:34:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013.01.30 01:10:36 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2013.01.24 15:37:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\20-20 Technologies
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\***\Documents\*.tmp files -> C:\Users\***\Documents\*.tmp -> ]
[1 C:\Users\***\AppData\Roaming\*.tmp files -> C:\Users\***\AppData\Roaming\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.18 22:54:14 | 000,010,096 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.18 22:54:14 | 000,010,096 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.18 22:47:18 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.18 22:47:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.18 22:40:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.18 20:09:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.18 18:00:06 | 000,000,089 | ---- | M] () -- C:\Windows\System32\MSBII.dll
[2013.02.18 17:27:18 | 000,067,584 | ---- | M] () -- C:\Windows\System32\kbenec95.exe
[2013.02.16 13:10:17 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.02.15 18:03:22 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.02.15 18:03:22 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.02.15 18:01:32 | 000,405,040 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.02.15 17:56:19 | 000,654,400 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.02.15 17:56:19 | 000,616,242 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.02.15 17:56:19 | 000,130,240 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.02.15 17:56:19 | 000,106,622 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.02.14 00:49:28 | 000,063,999 | ---- | M] () -- C:\spyhunter.fix
[2013.02.13 23:35:19 | 095,023,320 | ---- | M] () -- C:\ProgramData\1433281.pad
[2013.01.30 11:53:21 | 000,232,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013.01.30 01:11:15 | 000,008,192 | ---- | M] () -- C:\shldr.mbr
[2013.01.30 01:10:38 | 000,002,262 | ---- | M] () -- C:\Users\***\Desktop\SpyHunter.lnk
[2013.01.20 15:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\NisDrvWFP.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\***\Documents\*.tmp files -> C:\Users\***\Documents\*.tmp -> ]
[1 C:\Users\***\AppData\Roaming\*.tmp files -> C:\Users\***\AppData\Roaming\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.02.18 18:00:06 | 000,000,089 | ---- | C] () -- C:\Windows\System32\MSBII.dll
[2013.02.18 17:55:37 | 000,204,800 | ---- | C] () -- C:\Windows\System32\NumX.ocx
[2013.02.18 17:55:37 | 000,032,768 | ---- | C] () -- C:\Windows\System32\WKAuxil.dll
[2013.02.18 17:55:36 | 000,338,944 | ---- | C] () -- C:\Windows\System32\lffpx7.dll
[2013.02.18 17:55:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\lfkodak.dll
[2013.02.18 17:55:29 | 000,017,920 | ---- | C] () -- C:\Windows\System32\implode.dll
[2013.02.18 17:55:29 | 000,005,807 | ---- | C] () -- C:\Windows\System32\MSCALDEU.TLB
[2013.02.18 17:55:28 | 003,782,416 | ---- | C] () -- C:\Windows\System32\mso97.dll
[2013.02.18 17:27:18 | 000,067,584 | ---- | C] () -- C:\Windows\System32\kbenec95.exe
[2013.02.13 23:48:28 | 000,063,999 | ---- | C] () -- C:\spyhunter.fix
[2013.02.13 23:12:34 | 095,023,320 | ---- | C] () -- C:\ProgramData\1433281.pad
[2012.10.24 15:26:20 | 000,000,000 | ---- | C] () -- C:\Windows\PhotoNow.INI
[2012.07.06 14:46:47 | 004,503,728 | ---- | C] () -- C:\ProgramData\go_0molg.pad
[2012.06.27 14:07:49 | 000,000,051 | ---- | C] () -- C:\Users\***\AppData\Roaming\blckdom.res
[2012.06.22 11:01:32 | 000,019,984 | ---- | C] () -- C:\Windows\System32\ESGScanner.sys
[2012.06.17 15:50:05 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2012.01.17 16:48:26 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2012.01.10 20:29:54 | 013,904,384 | ---- | C] () -- C:\Windows\System32\ig4icd32.dll
[2012.01.10 20:14:34 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2011.08.31 19:46:18 | 000,128,204 | ---- | C] () -- C:\Windows\System32\igcompkrng575.bin
[2011.08.31 19:46:12 | 000,105,608 | ---- | C] () -- C:\Windows\System32\igfcg575m.bin
[2011.08.31 19:46:10 | 000,867,020 | ---- | C] () -- C:\Windows\System32\igkrng575.bin
[2011.08.31 19:13:52 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2011.01.27 12:09:21 | 000,006,144 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.15 14:32:35 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.08.15 10:20:35 | 000,037,322 | ---- | C] () -- C:\Users\***\install.xml
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2010.11.19 11:59:29 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\7-PDFSplitMerge
[2010.12.26 15:11:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Acronis
[2011.06.06 15:50:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Arendi
[2013.02.18 17:27:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DesktopIconForAmazon
[2010.12.19 15:11:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Dream Aquarium
[2013.02.15 17:17:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DriverCure
[2012.07.10 16:43:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoft
[2012.07.10 16:42:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.06.17 15:33:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FreeCDRipper
[2010.11.15 12:28:54 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FreeFileSync
[2012.01.17 16:42:54 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GetRightToGo
[2012.10.23 15:14:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\hellomoto
[2011.06.06 15:57:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Itsth
[2012.06.27 14:07:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\kock
[2010.11.22 10:02:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leawo
[2012.10.25 13:33:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MAGIX
[2010.09.14 13:33:07 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mquadr.at
[2012.12.03 20:39:37 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MyPhoneExplorer
[2013.02.18 17:27:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OCS
[2013.02.18 17:27:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Opera
[2011.06.30 15:12:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Outlook
[2011.11.28 08:32:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SmartTools
[2013.02.15 17:17:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SpeedyPC Software
[2012.02.01 08:40:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software
[2012.06.27 14:13:12 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\UAs
[2012.06.27 14:07:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\xmldm
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---

markusg 18.02.2013 23:28
spyhunter nutze ich nicht, einfach mal durchklicken.
einfach die logs reinkopieren und absenden
wenn zu groß, packen und hochladen


Alle Zeitangaben in WEZ +1. Es ist jetzt 04:45 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131