|
Plagegeister aller Art und deren Bekämpfung: BKA Virus HilfeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
25.11.2011, 19:53 | #16 |
| BKA Virus Hilfe Java hab ich schon runtergeladen die alte version ist auch weg ccleaner hab ich auch schon durchgeführt |
25.11.2011, 19:56 | #17 |
| BKA Virus Hilfe noch eine frage ist mein system soweit virenfrei?
__________________ |
25.11.2011, 20:03 | #18 |
| BKA Virus Hilfe otl logfile also SChritt 4
__________________Code:
ATTFilter All processes killed Error: Unable to interpret <Code:> in the current context! ========== OTL ========== Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c}\ not found. C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\{76aeea42-e04a-4b62-83ab-df4b2be2541e}\searchplugin folder moved successfully. C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\{76aeea42-e04a-4b62-83ab-df4b2be2541e}\modules folder moved successfully. C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\{76aeea42-e04a-4b62-83ab-df4b2be2541e}\META-INF folder moved successfully. C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\{76aeea42-e04a-4b62-83ab-df4b2be2541e}\defaults folder moved successfully. C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\{76aeea42-e04a-4b62-83ab-df4b2be2541e}\components folder moved successfully. C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\{76aeea42-e04a-4b62-83ab-df4b2be2541e}\chrome folder moved successfully. C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\{76aeea42-e04a-4b62-83ab-df4b2be2541e} folder moved successfully. C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\engine@conduit.com\searchplugin folder moved successfully. C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\engine@conduit.com\META-INF folder moved successfully. C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\engine@conduit.com\lib folder moved successfully. C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\engine@conduit.com\DualPackage folder moved successfully. C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\engine@conduit.com\defaults folder moved successfully. C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\engine@conduit.com\components folder moved successfully. C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\engine@conduit.com\chrome folder moved successfully. C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\engine@conduit.com folder moved successfully. C:\Users\Fahriye\AppData\Roaming\Mozilla\Firefox\Profiles\brdzo1nn.default\searchplugins\bing.xml moved successfully. File C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll not found. File C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll not found. File C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll not found. File C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll not found. File C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll not found. File C:\Program Files (x86)\FunWebProducts\Installr\2.bin\NPFunWeb.dll not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: AppData User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Fahriye ->Temp folder emptied: 3782374 bytes ->Temporary Internet Files folder emptied: 5572197 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 9262432 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 481 bytes User: Gast ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 92031 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 18,00 mb OTL by OldTimer - Version 3.2.31.0 log created on 11252011_195754 Files\Folders moved on Reboot... C:\Users\Fahriye\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. Registry entries deleted on Reboot... |
25.11.2011, 21:48 | #19 |
| BKA Virus Hilfe Zu schritt 5 Code:
ATTFilter SUPERAntiSpyware Scan Log hxxp://www.superantispyware.com Generated 11/25/2011 at 08:17 PM Application Version : 5.0.1136 Core Rules Database Version : 7986 Trace Rules Database Version: 5798 Scan type : Quick Scan Total Scan Time : 00:09:02 Operating System Information Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601) UAC On - Limited User Memory items scanned : 783 Memory threats detected : 0 Registry items scanned : 60208 Registry threats detected : 0 File items scanned : 10497 File threats detected : 50 Adware.Tracking Cookie C:\Users\Fahriye\AppData\Roaming\Microsoft\Windows\Cookies\RK0PG0UM.txt [ /bs.serving-sys.com ] C:\Users\Fahriye\AppData\Roaming\Microsoft\Windows\Cookies\RZPCWOYE.txt [ /ad3.adfarm1.adition.com ] C:\Users\Fahriye\AppData\Roaming\Microsoft\Windows\Cookies\WJ2MU4M3.txt [ /invitemedia.com ] C:\Users\Fahriye\AppData\Roaming\Microsoft\Windows\Cookies\8WTY2CMN.txt [ /atdmt.com ] C:\Users\Fahriye\AppData\Roaming\Microsoft\Windows\Cookies\5P9MRRAK.txt [ /serving-sys.com ] C:\Users\Fahriye\AppData\Roaming\Microsoft\Windows\Cookies\E10DBK2C.txt [ /adfarm1.adition.com ] C:\Users\Fahriye\AppData\Roaming\Microsoft\Windows\Cookies\TX21HOS8.txt [ /doubleclick.net ] C:\USERS\FAHRIYE\Cookies\RK0PG0UM.txt [ Cookie:fahriye@bs.serving-sys.com/ ] C:\USERS\FAHRIYE\Cookies\RZPCWOYE.txt [ Cookie:fahriye@ad3.adfarm1.adition.com/ ] C:\USERS\FAHRIYE\Cookies\WJ2MU4M3.txt [ Cookie:fahriye@invitemedia.com/ ] C:\USERS\FAHRIYE\Cookies\8WTY2CMN.txt [ Cookie:fahriye@atdmt.com/ ] C:\USERS\FAHRIYE\Cookies\5P9MRRAK.txt [ Cookie:fahriye@serving-sys.com/ ] C:\USERS\FAHRIYE\Cookies\TX21HOS8.txt [ Cookie:fahriye@doubleclick.net/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\RDN5ENTB.txt [ Cookie:gast@tracking.quisma.com/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\0BP5YCMX.txt [ Cookie:gast@statse.webtrendslive.com/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\YQ4YCOTH.txt [ Cookie:gast@autoscout24.112.2o7.net/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\U3EDQ17Y.txt [ Cookie:gast@c.atdmt.com/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\LOYJJ3A3.txt [ Cookie:gast@invitemedia.com/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\gast@msnportal.112.2o7[1].txt [ Cookie:gast@msnportal.112.2o7.net/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\IEXPVTP6.txt [ Cookie:gast@liveperson.net/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\CVOZ1FCF.txt [ Cookie:gast@adfarm1.adition.com/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\1L3HIRER.txt [ Cookie:gast@ad4.adfarm1.adition.com/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\DC1PDC23.txt [ Cookie:gast@doubleclick.net/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\94AK0B09.txt [ Cookie:gast@ad1.adfarm1.adition.com/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\03GZZKYH.txt [ Cookie:gast@ich.adscale.de/adserver-ich/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\MSC84VSK.txt [ Cookie:gast@ad.adition.net/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\BRSAP3B3.txt [ Cookie:gast@traffictrack.de/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\XG73LBMS.txt [ Cookie:gast@liveperson.net/hc/85950269 ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\3ZKF7QCO.txt [ Cookie:gast@ad.yieldmanager.com/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZZZ38Q9L.txt [ Cookie:gast@tradedoubler.com/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q1A4OVQF.txt [ Cookie:gast@bs.serving-sys.com/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\gast@smartadserver[2].txt [ Cookie:gast@smartadserver.com/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\FYJ2RPK8.txt [ Cookie:gast@unitymedia.de/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\2KPAKOS3.txt [ Cookie:gast@content.yieldmanager.com/ak/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\O8KMT848.txt [ Cookie:gast@apmebf.com/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\YR22QEVU.txt [ Cookie:gast@mediaplex.com/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\gast@www.googleadservices[1].txt [ Cookie:gast@www.googleadservices.com/pagead/conversion/972874502/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\CHK0PHDS.txt [ Cookie:gast@ww251.smartadserver.com/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\8JD5U5RP.txt [ Cookie:gast@xiti.com/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\9F813X13.txt [ Cookie:gast@specificclick.net/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\gast@ad3.adfarm1.adition[2].txt [ Cookie:gast@ad3.adfarm1.adition.com/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\5LD7AUOK.txt [ Cookie:gast@ad2.adfarm1.adition.com/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\W948XYB8.txt [ Cookie:gast@adtech.de/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\5B8GWKCD.txt [ Cookie:gast@advertising.com/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\3JSJLKPJ.txt [ Cookie:gast@zanox-affiliate.de/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\QORBHWVD.txt [ Cookie:gast@serving-sys.com/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\OB0G8KOA.txt [ Cookie:gast@webmasterplan.com/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\P1JUHORA.txt [ Cookie:gast@r1-ads.ace.advertising.com/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\SII2SGJP.txt [ Cookie:gast@adviva.net/ ] C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\SNSIJF3D.txt [ Cookie:gast@2o7.net/ ] Code:
ATTFilter SUPERAntiSpyware Scan Log hxxp://www.superantispyware.com Generated 11/25/2011 at 09:37 PM Application Version : 5.0.1136 Core Rules Database Version : 7986 Trace Rules Database Version: 5798 Scan type : Complete Scan Total Scan Time : 01:09:57 Operating System Information Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601) UAC On - Limited User Memory items scanned : 772 Memory threats detected : 0 Registry items scanned : 71855 Registry threats detected : 0 File items scanned : 71000 File threats detected : 9 Adware.Tracking Cookie C:\Users\Fahriye\AppData\Roaming\Microsoft\Windows\Cookies\H80LHG03.txt [ /bs.serving-sys.com ] C:\Users\Fahriye\AppData\Roaming\Microsoft\Windows\Cookies\3303OHML.txt [ /serving-sys.com ] C:\USERS\FAHRIYE\Cookies\H80LHG03.txt [ Cookie:fahriye@bs.serving-sys.com/ ] C:\USERS\FAHRIYE\Cookies\3303OHML.txt [ Cookie:fahriye@serving-sys.com/ ] C:\USERS\GAST\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\GAST@ATDMT[1].TXT [ /ATDMT ] C:\USERS\GAST\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\GAST@ATDMT[2].TXT [ /ATDMT ] C:\USERS\GAST\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\GAST@AD.REKLAMPORT[1].TXT [ /AD.REKLAMPORT ] C:\USERS\GAST\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\GAST@TRACKING.MINDSHARE[1].TXT [ /TRACKING.MINDSHARE ] Trojan.Agent/Gen-SoftonicDownloader C:\USERS\FAHRIYE\DOWNLOADS\SOFTONICDOWNLOADER_FUER_HIJACKTHIS.EXE |
25.11.2011, 21:50 | #20 |
| BKA Virus Hilfe USB habe ich nicht angeschlossen deshalb ist es meinerseits nicht notwendig |
26.11.2011, 06:47 | #21 |
/// Helfer-Team | BKA Virus Hilfe Ok, dann mach bitte ohne USB
__________________ --> BKA Virus Hilfe |
26.11.2011, 18:15 | #22 |
| BKA Virus Hilfe auch durchgeführt |
28.11.2011, 07:52 | #23 |
/// Helfer-Team | BKA Virus Hilfe ► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
28.11.2011, 15:19 | #24 |
| BKA Virus Hilfe heute konnte ich mein laptop nicht hochfahren dann hab ich die starthilfe gestartet und es hat von alleine repariert aber ansonsten passiert nichts problematisches |
28.11.2011, 15:56 | #25 | |
/// Helfer-Team | BKA Virus Hilfe läuft jetzt gut, oder hat Dein Rechner noch Probleme?? 1. erneut einen Scan mit OTL:
2. Lade dir von hier -> TrendMicro™ HijackThis™/Version 2.0.4 herunter Zitat:
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
28.11.2011, 17:45 | #26 |
| BKA Virus Hilfe ok also Schritt 1 Otl.txt Code:
ATTFilter OTL logfile created on: 28.11.2011 17:27:31 - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Fahriye\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 2,44 Gb Available Physical Memory | 63,20% Memory free 7,73 Gb Paging File | 5,95 Gb Available in Paging File | 76,98% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 284,81 Gb Total Space | 180,76 Gb Free Space | 63,47% Space Free | Partition Type: NTFS Computer Name: PASSIONATA | User Name: Fahriye | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.11.24 15:28:27 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Fahriye\Downloads\OTL.exe PRC - [2011.11.11 12:40:53 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2011.01.31 12:16:40 | 000,703,360 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe PRC - [2010.12.08 14:31:06 | 000,628,736 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe PRC - [2010.11.23 17:49:24 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe PRC - [2010.11.15 13:41:18 | 000,367,496 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe PRC - [2010.09.14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2010.09.14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2010.03.09 00:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe PRC - [2010.03.09 00:56:38 | 000,260,608 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe PRC - [2010.03.03 13:42:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010.03.03 13:41:58 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010.02.28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe PRC - [2010.02.26 07:35:04 | 001,289,296 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2010.02.26 07:35:04 | 000,325,200 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe PRC - [2010.02.26 07:35:04 | 000,288,336 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe PRC - [2010.02.01 19:05:02 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe PRC - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe PRC - [2009.12.25 02:45:16 | 000,401,192 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe PRC - [2009.12.25 02:44:48 | 000,201,512 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe PRC - [2009.12.24 01:39:02 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2009.10.27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe PRC - [2009.08.28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe PRC - [2006.09.19 08:07:28 | 000,827,392 | ---- | M] () -- C:\Windows\vsnpstd3.exe ========== Modules (No Company Name) ========== MOD - [2011.11.24 21:43:24 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll MOD - [2011.11.11 12:40:52 | 001,989,592 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2011.10.14 09:09:39 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll MOD - [2011.10.14 09:09:06 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll MOD - [2011.10.14 09:08:58 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll MOD - [2011.10.14 09:08:34 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll MOD - [2011.10.14 09:08:30 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll MOD - [2011.10.14 09:08:29 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll MOD - [2011.10.14 09:08:21 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll MOD - [2011.01.31 12:17:32 | 000,129,408 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\plugins\nps.dll MOD - [2011.01.31 12:15:08 | 002,551,808 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXmlPatterns4.dll MOD - [2011.01.31 12:15:08 | 002,277,888 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtCore4.dll MOD - [2011.01.31 12:15:08 | 000,912,384 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtNetwork4.dll MOD - [2011.01.31 12:15:08 | 000,196,608 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\imageformats\qjpeg4.dll MOD - [2011.01.31 12:15:08 | 000,026,624 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\imageformats\qgif4.dll MOD - [2011.01.31 12:15:06 | 010,837,504 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtWebKit4.dll MOD - [2011.01.31 12:15:06 | 008,151,040 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtGui4.dll MOD - [2011.01.31 12:15:06 | 002,186,752 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtDeclarative4.dll MOD - [2011.01.31 12:15:06 | 001,283,584 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtScript4.dll MOD - [2011.01.31 12:15:06 | 000,675,840 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtOpenGL4.dll MOD - [2011.01.31 12:15:06 | 000,339,456 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXml4.dll MOD - [2011.01.31 12:15:06 | 000,266,752 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\phonon4.dll MOD - [2011.01.31 12:15:06 | 000,190,464 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtSql4.dll MOD - [2011.01.31 11:54:42 | 000,790,016 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Maps Service API.dll MOD - [2011.01.31 11:52:56 | 000,345,088 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\OviShareLib.dll MOD - [2011.01.31 11:52:56 | 000,180,104 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\noaipcclient.dll MOD - [2011.01.31 11:52:56 | 000,028,040 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\wrtserviceipcclient.dll MOD - [2011.01.31 11:52:00 | 000,680,448 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\CommonUpdateChecker.dll MOD - [2010.11.15 13:41:18 | 000,367,496 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe MOD - [2010.11.15 13:41:18 | 000,034,184 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\wrtserviceipcserver.dll MOD - [2010.11.15 09:13:00 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\qtsecurestorage.dll MOD - [2010.11.15 09:12:46 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\cryptodll.dll MOD - [2010.11.15 09:12:46 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\qtsecurestorageserver.dll MOD - [2010.11.13 01:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010.09.23 17:34:40 | 008,151,040 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\QtGui4.dll MOD - [2010.09.23 17:25:08 | 000,912,384 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\QtNetwork4.dll MOD - [2010.09.23 17:24:02 | 000,339,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\QtXml4.dll MOD - [2010.09.23 17:23:50 | 002,277,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\QtCore4.dll MOD - [2010.05.31 18:58:48 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll MOD - [2010.03.09 01:18:10 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll MOD - [2010.02.28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe MOD - [2009.05.20 23:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll MOD - [2006.09.19 08:07:28 | 000,827,392 | ---- | M] () -- C:\Windows\vsnpstd3.exe MOD - [2005.07.20 10:48:10 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\zlib1.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.02.16 19:20:04 | 000,256,336 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe -- (Amsp) SRV:64bit: - [2010.09.22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2010.01.22 18:01:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2010.12.08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010.09.14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2010.09.14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.09 00:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2010.03.03 13:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2010.03.03 13:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2010.02.26 07:35:04 | 000,325,200 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2010.02.05 19:23:06 | 000,865,824 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV - [2010.02.01 19:04:40 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService) SRV - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV - [2009.12.24 01:39:04 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2009.08.28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.05.04 13:19:43 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm) DRV:64bit: - [2011.05.04 13:19:43 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi) DRV:64bit: - [2011.05.04 13:19:43 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon) DRV:64bit: - [2011.05.04 13:19:43 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr) DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 11:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2010.09.22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2010.09.14 04:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2010.09.14 04:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2010.09.14 04:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2010.09.14 04:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2010.07.30 14:18:04 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt) DRV:64bit: - [2010.07.30 14:18:02 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:64bit: - [2010.07.30 14:18:00 | 000,026,624 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc) DRV:64bit: - [2010.07.30 14:17:56 | 000,019,456 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd) DRV:64bit: - [2010.04.07 19:04:22 | 002,216,960 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2010.01.22 18:13:24 | 006,233,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag) DRV:64bit: - [2010.01.22 17:07:56 | 000,161,280 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2009.12.17 18:42:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009.12.02 03:21:32 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor) DRV:64bit: - [2009.10.22 05:55:06 | 000,272,432 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService) DRV:64bit: - [2009.10.16 11:32:22 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM) DRV:64bit: - [2009.09.30 18:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2009.09.17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.20 03:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20) DRV:64bit: - [2009.06.10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009.06.10 21:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.06.03 03:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2009.06.03 03:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2009.06.03 03:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:64bit: - [2009.05.06 01:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2009.05.06 01:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:64bit: - [2008.08.28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:64bit: - [2007.03.27 17:18:58 | 010,550,272 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D6 A7 F6 08 D6 84 CB 01 [binary data] IE - HKCU\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - No CLSID value found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51 FF - prefs.js..extensions.enabledItems: finder@meingutscheincode.de:2.0 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {22C7F6C6-8D67-4534-92B5-529A0EC09405}:6.5.0.1234 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..network.proxy.type: 0 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.02.09 21:03:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\firefoxextension\ [2011.11.28 15:16:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.21 22:02:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.11.29 00:14:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.02.09 21:03:40 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\finder@meingutscheincode.de: C:\Program Files (x86)\Mein Gutscheincode Finder\Firefox [2011.05.05 12:59:35 | 000,000,000 | ---D | M] [2010.10.20 16:54:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fahriye\AppData\Roaming\mozilla\Extensions [2011.11.28 15:16:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions [2011.09.06 19:29:05 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.11.25 19:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions () (No name found) -- C:\USERS\FAHRIYE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BRDZO1NN.DEFAULT\EXTENSIONS\FINDER@MEINGUTSCHEINCODE.DE.XPI [2011.11.11 12:40:53 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.11.24 15:16:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011.11.11 12:40:50 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.11.11 12:40:50 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.11.11 12:40:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.11.11 12:40:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\pdf.dll CHR - plugin: Babylon Chrome Plugin (Enabled) = C:\Users\Fahriye\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\BabylonChromePI.dll CHR - plugin: Gutscheinmieze-Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npmieze.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: Fun Web Products Plugin Stub (Enabled) = C:\Program Files (x86)\FunWebProducts\Installr\2.bin\NPFunWeb.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Programme\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg.dll (Trend Micro Inc.) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Programme\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.) O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Programme\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll (Trend Micro Inc.) O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Programme\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.) O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe () O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.) O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [msnmsgr] "C:\PROGRA~2\WIC4A1~1\MESSEN~1\msnmsgr.exe" /background File not found O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Fahriye\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.) O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Fahriye\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82569D03-E711-4FAB-AF8B-A274C41764BD}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Programme\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.) O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Programme\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg.dll (Trend Micro Inc.) O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Programme\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.) O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Programme\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll (Trend Micro Inc.) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.11.28 15:19:37 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{39B478AC-91DC-4801-8E8A-34B0B597647A} [2011.11.28 15:19:10 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{CCD22800-0EA0-4376-AB7D-088EBDAB8111} [2011.11.27 14:33:19 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{7ECD2135-93C0-46AB-8945-07A435B29E06} [2011.11.27 14:32:50 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{02688193-7504-4B98-9E98-B9F2ED41AECC} [2011.11.26 23:51:22 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{7DA263CA-465A-46FD-A7A8-1CA056174376} [2011.11.26 23:50:56 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{E8FCBBD6-8199-4708-8405-29BD083722B8} [2011.11.26 19:16:25 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\Desktop\Pınar Aylin - Hit 70`ler 2011 [2011.11.26 19:04:37 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\Desktop\Originals [2011.11.26 11:50:04 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{46C13FBF-E138-4BDF-8AD5-9F0725FF4609} [2011.11.26 11:49:37 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{F0DE01AB-65D2-42CE-9753-E8B27C82FF9B} [2011.11.25 20:07:49 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Roaming\SUPERAntiSpyware.com [2011.11.25 20:07:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2011.11.25 20:07:26 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2011.11.25 20:07:26 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2011.11.25 10:43:28 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{D2341B06-AF2C-4518-9BDC-B8BB95D8ADEA} [2011.11.25 10:43:01 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{976B6822-65CD-4ACB-9C0B-7CC5F263B60C} [2011.11.24 16:40:37 | 000,000,000 | ---D | C] -- C:\_OTL [2011.11.24 15:17:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011.11.24 15:16:42 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011.11.24 15:16:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011.11.24 15:16:41 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011.11.24 14:38:48 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{BED05D29-F1D5-4266-8481-31EB5D20FCD0} [2011.11.24 14:38:34 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{F8D18F68-AC30-41D4-AAEB-1C4CC4908C72} [2011.11.23 18:28:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011.11.23 18:28:06 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011.11.23 17:48:45 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{C15FAB69-0747-4259-BD76-2E850B7B5C9E} [2011.11.23 17:48:20 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{0960DECD-8E56-4692-B113-785DFA1569D9} [2011.11.22 21:41:00 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Roaming\Malwarebytes [2011.11.22 21:40:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.11.22 21:40:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.11.22 21:40:46 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.11.22 21:40:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.11.22 14:47:32 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{0F7465F2-2E2F-498A-8557-2E8BA2060F6F} [2011.11.22 14:47:09 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{915002DF-803A-424F-AAC4-D2B2529A5813} [2011.11.22 10:04:44 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2011.11.22 10:04:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro [2011.11.21 22:06:55 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{02CF42B8-571C-4AAE-A958-C5802D254E86} [2011.11.21 22:06:41 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{7612B3EB-9B3F-404C-87A7-950D795FC9C9} [2011.11.21 20:32:43 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{3B901C39-4455-4529-B5D7-1A5FEDCDD4AE} [2011.11.21 20:32:24 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{AE340385-A233-4D9B-826D-E657883316E6} [2011.11.21 19:56:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2011.11.21 19:52:54 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{4FEF4D21-BF42-4D88-9C9F-82DBB069FE13} [2011.11.21 19:52:39 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{A83C923D-D16A-4D49-9596-D6F8D246D77A} [2011.11.20 14:20:59 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\Desktop\Bewerbung [2011.11.20 14:13:42 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Roaming\Sun [2011.11.20 14:07:33 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{86226CBA-CF89-494F-BBF3-5ED2E8CEFF40} [2011.11.20 14:07:16 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{30F94CBB-70F3-43FB-8B73-1E33AD688E0A} [2011.11.19 23:43:27 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{18FF6C68-3BB7-4B00-ADCA-1BB8A4FBDFC8} [2011.11.19 23:43:02 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{38B9F4A6-60E2-4CA2-BEF4-AFFB0D04CE16} [2011.11.19 11:42:11 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{A8D3A7C0-3974-4CB2-968F-8350B47EE18C} [2011.11.19 11:41:45 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{F273D916-7803-48CE-B68D-20C6F9274A40} [2011.11.18 14:22:04 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{5FACB273-F757-4B01-970C-372270DA123D} [2011.11.18 14:21:50 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{B6092D4C-7B4C-40AE-9FBE-1C1D357C4081} [2011.11.17 15:55:35 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{88B2F0A8-F250-478E-8BE9-E32D2E6532C9} [2011.11.17 15:55:05 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{4BD2A8D4-208A-4141-B1DD-EBB051EF6F0B} [2011.11.16 21:44:18 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{634F59A1-0C3C-4C80-9513-14C1380120BB} [2011.11.16 21:43:52 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{1FE8CD2F-47E4-4D87-B591-4A88486534C9} [2011.11.16 09:12:30 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{E42FA0A3-3C36-461E-B627-DD9718732A92} [2011.11.16 09:12:16 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{6F9EB2F1-95BF-4D52-BE95-3215ACADA48F} [2011.11.15 12:26:45 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{56C04265-7D4A-482A-894F-FAD3EA748BAB} [2011.11.15 12:26:27 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{4ABD9D4C-A34D-484B-B22F-E3DFDB862CA6} [2011.11.14 16:38:37 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{2100003F-EA6B-4FAE-9B8D-11CBD80BAA40} [2011.11.14 16:38:09 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{531B4633-2A26-45C3-9847-EB6497F1714B} [2011.11.13 12:08:58 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{A4C84184-BCA8-4F10-A7E3-135D45D032C0} [2011.11.13 12:08:41 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{B53BC0C3-17B6-4E9F-8CAD-B095D90AA081} [2011.11.12 22:01:39 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{27FF69C7-E5BB-4381-9F7C-9ECA36C30413} [2011.11.12 22:01:13 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{36A59CBE-D6DA-499A-B263-673913D7FD06} [2011.11.12 10:00:54 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{9795F9AB-7BBA-4D96-AF7E-F95414F2D077} [2011.11.12 10:00:29 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{E93E8A45-A5B7-47A8-900F-8B26A7281ECC} [2011.11.11 21:59:55 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{F89AC7FF-29BA-494C-85CB-D078756B3C91} [2011.11.11 21:59:42 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{3941657D-E038-4B0B-89D9-C253AB3D30C7} [2011.11.11 09:58:32 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{AE48CE6B-86D6-497D-8E49-3CFE8316C2E7} [2011.11.11 09:58:16 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{C46DA3B4-947F-4F27-9848-CE9ABB7D7EE5} [2011.11.10 21:34:13 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{5C703F63-BC12-42CF-8812-98E32000051E} [2011.11.10 21:33:49 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{A43CF3C4-A77C-4AF5-9A4B-79880121E3B9} [2011.11.10 15:19:51 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{3E028CB2-892B-478E-B425-D24AD599F128} [2011.11.09 16:02:14 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{07EBA946-823D-457A-A61F-BE9C69930BD0} [2011.11.09 16:01:53 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{ABBA271A-64A4-4F65-BD7C-2819F6F63136} [2011.11.08 11:51:46 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{BC02946F-57BF-42FD-909F-AE45E4EB5948} [2011.11.08 11:51:20 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{766A505D-FA89-4034-9779-43B12105290D} [2011.11.07 15:53:26 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{C07C9686-ACF4-4125-B33F-033709323BFC} [2011.11.07 15:52:59 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{0BE6C089-78B1-49AD-9229-8F3B3379FA20} [2011.11.06 17:49:29 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{FF0E42B4-EBD1-4D19-9CB8-FACBE6A17772} [2011.11.06 17:48:56 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{5AFE067A-ADFE-4769-AC55-7821C4524478} [2011.11.05 15:46:33 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{55E51630-300D-4EC3-8B15-93BDEDDA3BDE} [2011.11.05 15:46:17 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{5281980C-6EFD-476A-8A7E-B3136F93227A} [2011.11.04 12:18:37 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{01C99A39-BAB4-47E9-8A92-9FC715B5CDBE} [2011.11.04 12:18:21 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{721FA7DD-C414-4D45-ADBD-B87657BAC4DF} [2011.11.03 18:24:34 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{DD7F3678-5D8F-4612-9A3B-B0A6AD7D66A6} [2011.11.03 18:24:08 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{43138EFC-E8AB-4550-A234-B523E7897D0C} [2011.11.02 17:38:54 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{61D79465-2289-4C4E-B3FA-042ADC76BB46} [2011.11.02 17:38:41 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{5B7969C1-2687-45E7-8A8E-63B7CD70DEC4} [2011.11.02 17:34:45 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{1680F300-40F1-40BF-B79D-E7D385B718F8} [2011.11.02 17:31:04 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{ED911A68-ABA8-40CB-87C4-1BFF65CACD7F} [2011.11.01 21:46:14 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{4224D90F-4222-4D6C-9F78-260A2ACC8FC4} [2011.11.01 21:45:50 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{F0FC93C2-E303-48F8-AAC7-967A2998B735} [2011.11.01 09:45:03 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{F6F6F366-131F-4DA0-BE09-7960DE728043} [2011.11.01 09:44:37 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{39AF969D-9E69-47FE-91C8-09525550558E} [2011.10.31 15:43:18 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{15FFAAED-D606-4CB2-9854-E55B1936040E} [2011.10.31 15:42:53 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{A3D27557-BEAB-4222-AF4D-6941F09AFF50} [2011.10.30 21:42:15 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{74770B7B-AAB4-4401-9D93-F2D39041EBBA} [2011.10.30 21:41:51 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{6449CDFB-99E3-412F-A3B9-AEB751AC31D9} [2011.10.30 09:41:05 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{3B5FE26A-CCBA-47AF-B4E9-DF0748190194} [2011.10.30 09:40:51 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{BC36F856-48CB-4667-ADC1-F39D73684DED} [2010.12.09 10:15:47 | 000,172,032 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2uvc.dll [2007.03.12 10:41:52 | 000,061,440 | ---- | C] ( ) -- C:\Windows\SysWow64\vsnpstd3.dll ========== Files - Modified Within 30 Days ========== [2011.11.28 17:21:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.11.28 17:07:31 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.11.28 17:07:31 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.11.28 15:14:55 | 3111,518,208 | -HS- | M] () -- C:\hiberfil.sys [2011.11.27 22:23:53 | 003,026,158 | ---- | M] () -- C:\Users\Fahriye\Desktop\DSC03534.JPG [2011.11.27 00:55:46 | 000,158,066 | ---- | M] () -- C:\Users\Fahriye\Desktop\IMG_1975.jpg [2011.11.26 23:52:20 | 000,822,683 | ---- | M] () -- C:\Users\Fahriye\Desktop\DSC03533.JPG [2011.11.26 19:07:51 | 002,102,186 | ---- | M] () -- C:\Users\Fahriye\Desktop\DSC03541.JPG [2011.11.26 19:04:38 | 001,743,475 | ---- | M] () -- C:\Users\Fahriye\Desktop\DSC03520.JPG [2011.11.26 13:28:24 | 003,761,278 | ---- | M] () -- C:\Users\Fahriye\Desktop\DSC03526.JPG [2011.11.26 13:27:44 | 003,902,598 | ---- | M] () -- C:\Users\Fahriye\Desktop\DSC03525.JPG [2011.11.26 13:27:14 | 003,903,394 | ---- | M] () -- C:\Users\Fahriye\Desktop\DSC03524.JPG [2011.11.24 21:43:24 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2011.11.24 15:23:17 | 000,231,858 | ---- | M] () -- C:\Users\Fahriye\Documents\cc_20111124_152250.reg [2011.11.24 15:16:22 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011.11.24 15:16:22 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011.11.24 15:16:22 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011.11.24 15:16:21 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2011.11.23 18:57:12 | 001,561,978 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.11.23 18:57:12 | 000,677,668 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.11.23 18:57:12 | 000,639,510 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.11.23 18:57:12 | 000,137,930 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.11.23 18:57:12 | 000,114,312 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.11.23 18:28:10 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.11.22 21:40:52 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.11.22 11:19:42 | 000,885,090 | ---- | M] () -- C:\Users\Fahriye\AppData\Local\census.cache [2011.11.22 11:18:51 | 000,116,521 | ---- | M] () -- C:\Users\Fahriye\AppData\Local\ars.cache [2011.11.22 11:07:58 | 000,000,036 | ---- | M] () -- C:\Users\Fahriye\AppData\Local\housecall.guid.cache [2011.11.22 10:04:44 | 000,002,985 | ---- | M] () -- C:\Users\Fahriye\Desktop\HiJackThis.lnk [2011.11.22 10:02:35 | 001,402,880 | ---- | M] () -- C:\Users\Fahriye\Desktop\HiJackThis-2-04.msi [2011.11.10 15:18:10 | 000,368,512 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.11.01 22:07:28 | 001,213,330 | ---- | M] () -- C:\Users\Fahriye\Desktop\Desktop.rar ========== Files Created - No Company Name ========== [2011.11.27 00:55:46 | 000,158,066 | ---- | C] () -- C:\Users\Fahriye\Desktop\IMG_1975.jpg [2011.11.26 13:36:58 | 002,102,186 | ---- | C] () -- C:\Users\Fahriye\Desktop\DSC03541.JPG [2011.11.26 13:32:36 | 003,026,158 | ---- | C] () -- C:\Users\Fahriye\Desktop\DSC03534.JPG [2011.11.26 13:32:10 | 000,822,683 | ---- | C] () -- C:\Users\Fahriye\Desktop\DSC03533.JPG [2011.11.26 13:28:24 | 003,761,278 | ---- | C] () -- C:\Users\Fahriye\Desktop\DSC03526.JPG [2011.11.26 13:27:44 | 003,902,598 | ---- | C] () -- C:\Users\Fahriye\Desktop\DSC03525.JPG [2011.11.26 13:27:14 | 003,903,394 | ---- | C] () -- C:\Users\Fahriye\Desktop\DSC03524.JPG [2011.11.26 13:26:10 | 001,743,475 | ---- | C] () -- C:\Users\Fahriye\Desktop\DSC03520.JPG [2011.11.24 15:22:58 | 000,231,858 | ---- | C] () -- C:\Users\Fahriye\Documents\cc_20111124_152250.reg [2011.11.23 18:28:10 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.11.22 21:40:52 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.11.22 11:19:42 | 000,885,090 | ---- | C] () -- C:\Users\Fahriye\AppData\Local\census.cache [2011.11.22 11:18:51 | 000,116,521 | ---- | C] () -- C:\Users\Fahriye\AppData\Local\ars.cache [2011.11.22 11:02:40 | 000,000,036 | ---- | C] () -- C:\Users\Fahriye\AppData\Local\housecall.guid.cache [2011.11.22 10:04:44 | 000,002,985 | ---- | C] () -- C:\Users\Fahriye\Desktop\HiJackThis.lnk [2011.11.22 10:02:30 | 001,402,880 | ---- | C] () -- C:\Users\Fahriye\Desktop\HiJackThis-2-04.msi [2011.11.01 22:07:27 | 001,213,330 | ---- | C] () -- C:\Users\Fahriye\Desktop\Desktop.rar [2011.04.07 13:15:27 | 000,007,606 | ---- | C] () -- C:\Users\Fahriye\AppData\Local\Resmon.ResmonCfg [2011.02.15 22:47:25 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat [2011.01.09 21:06:00 | 001,588,672 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.12.09 10:15:47 | 001,749,376 | ---- | C] () -- C:\Windows\SysWow64\snp2uvc.sys [2010.12.09 10:15:47 | 000,028,032 | ---- | C] () -- C:\Windows\SysWow64\sncduvc.sys [2010.12.09 10:15:46 | 000,000,131 | ---- | C] () -- C:\Windows\SysWow64\PidList.ini [2010.10.20 16:54:12 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010.05.31 18:48:25 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010.05.31 18:47:20 | 000,001,741 | ---- | C] () -- C:\Windows\WPatchProgress.ini [2010.05.31 09:33:04 | 000,000,033 | ---- | C] () -- C:\Windows\LaunApp.ini [2010.05.31 09:09:23 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010.03.25 05:59:43 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe [2010.03.25 05:57:49 | 000,000,193 | ---- | C] () -- C:\Windows\Prelaunch.ini [2010.03.25 05:57:49 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini [2010.03.25 05:57:49 | 000,000,147 | ---- | C] () -- C:\Windows\WisPriority.ini [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin [2009.07.13 22:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin [2009.07.13 22:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin [2009.07.13 22:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2006.09.19 08:07:28 | 000,827,392 | ---- | C] () -- C:\Windows\vsnpstd3.exe [2004.02.27 15:36:18 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini ========== LOP Check ========== [2011.02.20 16:00:08 | 000,000,000 | ---D | M] -- C:\Users\Fahriye\AppData\Roaming\AVG10 [2011.09.25 21:15:53 | 000,000,000 | ---D | M] -- C:\Users\Fahriye\AppData\Roaming\DVDVideoSoft [2011.04.12 10:56:27 | 000,000,000 | ---D | M] -- C:\Users\Fahriye\AppData\Roaming\DVDVideoSoftIEHelpers [2011.02.08 15:44:07 | 000,000,000 | ---D | M] -- C:\Users\Fahriye\AppData\Roaming\GetRightToGo [2011.11.24 16:40:58 | 000,000,000 | ---D | M] -- C:\Users\Fahriye\AppData\Roaming\Gutscheinmieze [2011.02.09 21:08:54 | 000,000,000 | ---D | M] -- C:\Users\Fahriye\AppData\Roaming\Nokia [2011.02.09 21:08:55 | 000,000,000 | ---D | M] -- C:\Users\Fahriye\AppData\Roaming\Nokia Ovi Suite [2011.05.02 20:32:14 | 000,000,000 | ---D | M] -- C:\Users\Fahriye\AppData\Roaming\OpenOffice.org [2011.02.09 21:08:18 | 000,000,000 | ---D | M] -- C:\Users\Fahriye\AppData\Roaming\PC Suite [2011.11.29 00:14:03 | 000,000,000 | ---D | M] -- C:\Users\Fahriye\AppData\Roaming\PhotoScape [2011.02.21 15:02:32 | 000,000,000 | ---D | M] -- C:\Users\Fahriye\AppData\Roaming\PixelPlanet [2011.11.29 00:13:48 | 000,000,000 | ---D | M] -- C:\Users\Fahriye\AppData\Roaming\SoftGrid Client [2011.01.09 21:07:40 | 000,000,000 | ---D | M] -- C:\Users\Fahriye\AppData\Roaming\TP [2011.09.25 09:18:57 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > und hier Otl. Extras Code:
ATTFilter OTL Extras logfile created on: 28.11.2011 17:27:31 - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Fahriye\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 2,44 Gb Available Physical Memory | 63,20% Memory free 7,73 Gb Paging File | 5,95 Gb Available in Paging File | 76,98% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 284,81 Gb Total Space | 180,76 Gb Free Space | 63,47% Space Free | Partition Type: NTFS Computer Name: PASSIONATA | User Name: Fahriye | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{11BA2B00-1495-47B8-BFA8-D08C605AB2CC}" = Windows Live Family Safety "{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64) "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{8B79B3A9-6E49-5FFB-2017-A822BBDC4992}" = ATI Catalyst Install Manager "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver "{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller "{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 "{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64 "{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security "{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro™ Titanium™ Internet Security "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B0B97CF2-5032-A645-7FFC-BD1E39FC4E3F}" = ccc-utility64 "{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit "Adobe Flash Player Plugin 64" = Adobe Flash Player 10 Plugin 64-bit "CCleaner" = CCleaner "FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "WinRAR archiver" = WinRAR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02A414EA-0E5F-CD08-61EF-E155F31DFF76}" = Catalyst Control Center Graphics Previews Vista "{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion "{08600005-5228-4BF6-845E-E9A957AFDCB4}" = OviMPlatform "{08938019-97FA-1C7A-19E0-0C8D56ED7CB2}" = CCC Help Hungarian "{0A4D717B-E6E8-11FA-E7D2-385EBB1A4A85}" = CCC Help Japanese "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker "{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard "{13BA5548-1065-4DBE-B115-681AFB77263B}" = CCC Help Swedish "{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "{16890D7F-1C77-733B-D8E4-F5D4315A5F93}" = Catalyst Control Center Localization All "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger "{1CBDB473-E303-EFAE-88D1-6F741ACD5B31}" = CCC Help Czech "{1D8912B0-343C-EB1F-28EE-B672D444C192}" = Catalyst Control Center InstallProxy "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1E05CF2E-BF5F-4A43-9147-2CCBBE57BC3C}_is1" = Mein Gutscheincode Finder 1.0.0.0 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22 "{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29 "{28191B83-1D60-44B6-9B08-E854EF6632D5}" = Ovi Desktop Sync Engine "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{2C59BF0E-66A5-681E-60FE-8D18CE6319A1}" = CCC Help German "{2C9D4FCA-3E7F-9368-6955-EA6D65F7DC78}" = CCC Help English "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{3553E875-F00E-4031-BDEC-75FB1DFEB093}" = Nokia Ovi Suite Software Updater "{3788B9B7-C15F-4C64-D52B-3DD1BA494B7A}" = CCC Help Korean "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{3D200EB9-44FC-432F-1E35-C20AB5FDCD77}" = CCC Help Thai "{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{3FC42713-B6E7-49AA-A553-A224FE9828A8}" = Nokia Ovi Suite "{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver "{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3 "{44D52071-5077-2839-1AE6-863563AEA269}" = CCC Help Russian "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4BCBC4D0-1D88-462D-809E-506F34EA11C0}" = Catalyst Control Center - Branding "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync "{6030FCD7-8F1A-427D-AF05-8DD1A2EA2ABA}" = Alcor Micro USB Card Reader "{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic "{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}" = Spin & Win "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{87976D85-DBF6-F263-39B6-500ACB658CE0}" = Catalyst Control Center Graphics Full Existing "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007 "{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{2733AA87-26FC-41B0-9D2F-3092345BC370}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007 "{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007 "{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{90140011-0062-0407-0000-0000000FF1CE}" = Microsoft Office Home and Business 2010 - Deutsch "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit "{9BBB29A1-C71D-DD1D-66B1-352AAAB13FC6}" = CCC Help Danish "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9F4D1D9E-5542-B572-81A7-9DCB0AEED1BE}" = CCC Help French "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A3EF3FAD-6ABA-1551-AD3B-D09361C5EEC9}" = CCC Help Polish "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A73FBC00-44F8-0ECF-76FB-14CF62120B55}" = ccc-core-static "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AA047D7C-5E7C-4878-B75C-77589151B563}" = Acer Crystal Eye webcam "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AACEAAE9-9CC3-5715-4539-EB13CA3C67BA}" = CCC Help Spanish "{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1" = Acer GameZone Console "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.6 MUI "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B2463AD3-1334-A30E-A523-D38E8E7B09A2}" = CCC Help Dutch "{BA2AD7F2-55AE-87B5-00DD-9B0C6F087FD0}" = Catalyst Control Center Graphics Light "{BC940CD7-FC71-83C5-2001-CF6FD07BA3D1}" = CCC Help Chinese Traditional "{BF847A60-119D-6888-B2DA-EC62F1B66BBB}" = CCC Help Chinese Standard "{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup "{C97396A9-44BC-C856-0B92-93A6A417D6A8}" = Catalyst Control Center Graphics Full New "{CA10114E-3941-E8ED-70A3-17CAA2226AFC}" = CCC Help Turkish "{CAB89605-7C12-8082-32DF-B419C696BD12}" = Catalyst Control Center Core Implementation "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution "{D98C2191-0AE0-4087-9153-018A4810DF45}" = CCC Help Norwegian "{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support "{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1" = Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0 "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DF7D3C5E-87FC-6AE6-D986-35E0F05FEFD9}" = CCC Help Italian "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime "{EBA8538C-F0B1-A089-D555-44DBF3A47C9F}" = CCC Help Finnish "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F22E305E-BD02-5CC1-92D0-BD7170CDFE45}" = CCC Help Portuguese "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables "{FD4B3108-0915-31E1-5A7C-AC5B3C33846C}" = CCC Help Greek "{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner "Acer Registration" = Acer Registration "Acer Screensaver" = Acer ScreenSaver "Acer Welcome Center" = Welcome Center "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "AP Tuner 3.08" = AP Tuner 3.08 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.11.923 "Google Chrome" = Google Chrome "Gutscheinmieze - Toolbar" = Gutscheinmieze - Toolbar "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "Identity Card" = Identity Card "InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5 "InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "InstallShield_{6030FCD7-8F1A-427D-AF05-8DD1A2EA2ABA}" = Alcor Micro USB Card Reader "InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager "InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite "LManager" = Launch Manager "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300 "Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de) "Nokia Ovi Suite" = Nokia Ovi Suite "Office14.Click2Run" = Microsoft Office Klick-und-Los 2010 "OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch "PhotoScape" = PhotoScape "Uninstall_is1" = Uninstall 1.0.0.1 "Veetle TV" = Veetle TV 0.9.18 "VLC media player" = VLC media player 1.1.5 "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner "WinLiveSuite" = Windows Live Essentials ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 16.11.2011 18:15:35 | Computer Name = Fahriye-PC | Source = ATIeRecord | ID = 16388 Description = ATI EEU Client event error Error - 18.11.2011 09:20:56 | Computer Name = Fahriye-PC | Source = Application Virtualization Client | ID = 6032 Description = {tid=1050:usr=Fahriye} Eine temporäre Einstellungsdatei wurde gefunden. Diese Datei (C:\Users\Fahriye\AppData\Local\Q$_140062.DEU_SoftGridUserSettings_settings.cp.temp) ist möglicherweise beschädigt und wird gelöscht. Error - 19.11.2011 06:50:38 | Computer Name = Fahriye-PC | Source = CVHSVC | ID = 100 Description = Nur zur Information. (Patch task for {90140011-0062-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt. Error - 20.11.2011 09:13:01 | Computer Name = Fahriye-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 8.0.0.4325, Zeitstempel: 0x4eb4a91a Name des fehlerhaften Moduls: coreclr.dll, Version: 4.0.60831.0, Zeitstempel: 0x4e5d6c64 Ausnahmecode: 0xc00000fd Fehleroffset: 0x000bd80f ID des fehlerhaften Prozesses: 0x18a4 Startzeit der fehlerhaften Anwendung: 0x01cca78618f72aa8 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Pfad des fehlerhaften Moduls: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\coreclr.dll Berichtskennung: 5f5b30ce-1379-11e1-837e-00262dabb1de Error - 20.11.2011 09:14:04 | Computer Name = Fahriye-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 8.0.0.4325, Zeitstempel: 0x4eb4a91a Name des fehlerhaften Moduls: coreclr.dll, Version: 4.0.60831.0, Zeitstempel: 0x4e5d6c64 Ausnahmecode: 0xc00000fd Fehleroffset: 0x000bca7f ID des fehlerhaften Prozesses: 0x1248 Startzeit der fehlerhaften Anwendung: 0x01cca7862ee00209 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Pfad des fehlerhaften Moduls: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\coreclr.dll Berichtskennung: 84d90f67-1379-11e1-837e-00262dabb1de Error - 20.11.2011 09:59:06 | Computer Name = Fahriye-PC | Source = Windows Search Service | ID = 3007 Description = Error - 20.11.2011 10:25:04 | Computer Name = Fahriye-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 8.0.0.4325, Zeitstempel: 0x4eb4a91a Name des fehlerhaften Moduls: coreclr.dll, Version: 4.0.60831.0, Zeitstempel: 0x4e5d6c64 Ausnahmecode: 0xc00000fd Fehleroffset: 0x00001463 ID des fehlerhaften Prozesses: 0x176c Startzeit der fehlerhaften Anwendung: 0x01cca790273ed394 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Pfad des fehlerhaften Moduls: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\coreclr.dll Berichtskennung: 6f8a658d-1383-11e1-837e-00262dabb1de Error - 20.11.2011 10:25:36 | Computer Name = Fahriye-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 8.0.0.4325, Zeitstempel: 0x4eb4a91a Name des fehlerhaften Moduls: coreclr.dll, Version: 4.0.60831.0, Zeitstempel: 0x4e5d6c64 Ausnahmecode: 0xc00000fd Fehleroffset: 0x00001463 ID des fehlerhaften Prozesses: 0x18ec Startzeit der fehlerhaften Anwendung: 0x01cca7903f51bf02 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Pfad des fehlerhaften Moduls: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\coreclr.dll Berichtskennung: 82d57dcf-1383-11e1-837e-00262dabb1de Error - 20.11.2011 10:25:51 | Computer Name = Fahriye-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 8.0.0.4325, Zeitstempel: 0x4eb4a91a Name des fehlerhaften Moduls: coreclr.dll, Version: 4.0.60831.0, Zeitstempel: 0x4e5d6c64 Ausnahmecode: 0xc00000fd Fehleroffset: 0x0000bf46 ID des fehlerhaften Prozesses: 0xa58 Startzeit der fehlerhaften Anwendung: 0x01cca79049a1d1fa Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Pfad des fehlerhaften Moduls: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\coreclr.dll Berichtskennung: 8bf793ab-1383-11e1-837e-00262dabb1de Error - 20.11.2011 10:26:18 | Computer Name = Fahriye-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 8.0.0.4325, Zeitstempel: 0x4eb4a91a Name des fehlerhaften Moduls: coreclr.dll, Version: 4.0.60831.0, Zeitstempel: 0x4e5d6c64 Ausnahmecode: 0xc00000fd Fehleroffset: 0x0001e38f ID des fehlerhaften Prozesses: 0x1964 Startzeit der fehlerhaften Anwendung: 0x01cca790531f76ad Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Pfad des fehlerhaften Moduls: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\coreclr.dll Berichtskennung: 9bf8cbca-1383-11e1-837e-00262dabb1de [ System Events ] Error - 27.11.2011 07:42:13 | Computer Name = Passionata | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 Description = Das WLAN-Erweiterungsmodul konnte nicht gestartet werden. Modulpfad: C:\Windows\system32\athExt.dll Fehlercode: 126 Error - 27.11.2011 07:42:40 | Computer Name = Passionata | Source = DCOM | ID = 10016 Description = Error - 27.11.2011 07:43:20 | Computer Name = Passionata | Source = DCOM | ID = 10016 Description = Error - 27.11.2011 09:31:22 | Computer Name = Passionata | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 Description = Das WLAN-Erweiterungsmodul konnte nicht gestartet werden. Modulpfad: C:\Windows\system32\athExt.dll Fehlercode: 126 Error - 28.11.2011 10:15:07 | Computer Name = Passionata | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 Description = Das WLAN-Erweiterungsmodul konnte nicht gestartet werden. Modulpfad: C:\Windows\system32\athExt.dll Fehlercode: 126 Error - 28.11.2011 10:16:00 | Computer Name = Passionata | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Rapid Storage Technology erreicht. Error - 28.11.2011 10:16:00 | Computer Name = Passionata | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Intel(R) Rapid Storage Technology" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 28.11.2011 10:17:56 | Computer Name = Passionata | Source = Service Control Manager | ID = 7022 Description = Der Dienst "Application Virtualization Client" wurde nicht richtig gestartet. Error - 28.11.2011 10:18:01 | Computer Name = Passionata | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Client Virtualization Handler" ist vom Dienst "Application Virtualization Client" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1070 Error - 28.11.2011 12:04:30 | Computer Name = Passionata | Source = DCOM | ID = 10010 Description = < End of report > |
28.11.2011, 17:48 | #27 |
| BKA Virus Hilfe und hier hijackthis Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:05:27, on 28.11.2011 Platform: Unknown Windows (WinNT 6.01.3505 SP1) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe C:\Windows\vsnpstd3.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - (no file) F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup O4 - HKLM\..\Run: [msnmsgr] "C:\PROGRA~2\WIC4A1~1\MESSEN~1\msnmsgr.exe" /background O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST') O4 - Startup: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Fahriye\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O13 - Gopher Prefix: O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13124 bytes Geändert von mf21 (28.11.2011 um 18:07 Uhr) |
28.11.2011, 17:50 | #28 |
| BKA Virus Hilfe so das wars dann hoffe das problem wird so schnell wie möglich gelöst ! danke Geändert von mf21 (28.11.2011 um 18:08 Uhr) |
29.11.2011, 11:02 | #29 |
/// Helfer-Team | BKA Virus Hilfe 1. Schliesse alle Programme einschliesslich Internet Explorer und fixe mit Hijackthis die Einträge aus der nachfolgenden Codebox (HijackThis starten→ "Do a system scan only"→ Einträge auswählen→ Häckhen setzen→ "Fix checked" klicken→ PC neu aufstarten): HijackThis erstellt ein Backup, Falls bei "Fixen" etwas schief geht, kann man unter "View the list of backups"- die Objekte wiederherstellen Code:
ATTFilter R3 - URLSearchHook: (no name) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - (no file) O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST') Wenn alles gut verlaufen und dein System läuft stabil,mache folgendes: Alle Systemwiederherstellungspunkte löschen, auch den Letzten 3. Ich würde Dir vorsichtshalber raten, dein Passwort zu ändern z.B. Login-, Mail- oder Website-Passwörter Tipps: Die sichere Passwort-Wahl - (sollte man eigentlich regelmäßigen Abständen ca. alle 3-5 Monate ändern) auch noch hier unter: Sicheres Kennwort (Password) 4. Malwarebytes und SUPERAntiSpyware kannst deinstallieren 5. ► für Windows das Service Pack 1 bitte aufspielen!:-> - Microsoft Update hält Ihren Computer auf dem neuesten Stand! Software wie Betriebssysteme, Browser und E-Mail Clients werden laufend weiterentwickelt. Gleichzeitig arbeiten jedoch auch Hacker daran, ständig neue Sicherheitslücken zu finden und auszunutzen. Was heute noch keine Schlupflücke für Viren und Würmer ist, kann morgen bereits zur Gefahr werden, wenn der entsprechende Schädling programmiert wurde. Das führt dazu, dass es relativ häufig zu Meldungen über neue Sicherheitsanfälligkeiten kommt, auch wenn diese noch nicht durch Hacker entdeckt wurden. Denn selbstverständlich suchen auch Sicherheitsspezialisten nach potenziellen Angriffsmöglichkeiten. Updates der Softwareentwickler sorgen dafür, dass der User immer die aktuellste und sicherste Version des Betriebssystems und der installierten Software nutzen kann. 6. poste erneut - nach der vorgenommenen Reinigungsaktion: TrendMicro™ HijackThis™ -Logfile - Keine offenen Fenster, solang bis HijackThis läuft!! ► Rechtsklick auf HijackThis-> "Als administrator ausführen" wählen...
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
29.11.2011, 12:06 | #30 |
| BKA Virus Hilfe soo habe alles durchgeführt und hier das logfile Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:04:31, on 29.11.2011 Platform: Unknown Windows (WinNT 6.01.3505 SP1) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe C:\Windows\vsnpstd3.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup O4 - HKLM\..\Run: [msnmsgr] "C:\PROGRA~2\WIC4A1~1\MESSEN~1\msnmsgr.exe" /background O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O4 - Startup: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Fahriye\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O13 - Gopher Prefix: O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12979 bytes |
Themen zu BKA Virus Hilfe |
ausgeführt, bka virus, dateien, ebenfalls, editor, gestern, malware, virus, virus hilfe |