Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: BKA Virus Hilfe

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 25.11.2011, 19:53   #16
mf21
 
BKA Virus Hilfe - Standard

BKA Virus Hilfe



Java hab ich schon runtergeladen

die alte version ist auch weg

ccleaner hab ich auch schon durchgeführt

Alt 25.11.2011, 19:56   #17
mf21
 
BKA Virus Hilfe - Standard

BKA Virus Hilfe



noch eine frage ist mein system soweit virenfrei?
__________________


Alt 25.11.2011, 20:03   #18
mf21
 
BKA Virus Hilfe - Standard

BKA Virus Hilfe



otl logfile also SChritt 4

Code:
ATTFilter
All processes killed
Error: Unable to interpret <Code:> in the current context!
========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c}\ not found.
C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\{76aeea42-e04a-4b62-83ab-df4b2be2541e}\searchplugin folder moved successfully.
C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\{76aeea42-e04a-4b62-83ab-df4b2be2541e}\modules folder moved successfully.
C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\{76aeea42-e04a-4b62-83ab-df4b2be2541e}\META-INF folder moved successfully.
C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\{76aeea42-e04a-4b62-83ab-df4b2be2541e}\defaults folder moved successfully.
C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\{76aeea42-e04a-4b62-83ab-df4b2be2541e}\components folder moved successfully.
C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\{76aeea42-e04a-4b62-83ab-df4b2be2541e}\chrome folder moved successfully.
C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\{76aeea42-e04a-4b62-83ab-df4b2be2541e} folder moved successfully.
C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\engine@conduit.com folder moved successfully.
C:\Users\Fahriye\AppData\Roaming\Mozilla\Firefox\Profiles\brdzo1nn.default\searchplugins\bing.xml moved successfully.
File C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll not found.
File C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll not found.
File C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll not found.
File C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll not found.
File C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll not found.
File C:\Program Files (x86)\FunWebProducts\Installr\2.bin\NPFunWeb.dll not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: AppData
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Fahriye
->Temp folder emptied: 3782374 bytes
->Temporary Internet Files folder emptied: 5572197 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 9262432 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 481 bytes
 
User: Gast
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 92031 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 18,00 mb
 
 
OTL by OldTimer - Version 3.2.31.0 log created on 11252011_195754

Files\Folders moved on Reboot...
C:\Users\Fahriye\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
         
__________________

Alt 25.11.2011, 21:48   #19
mf21
 
BKA Virus Hilfe - Standard

BKA Virus Hilfe



Zu schritt 5



Code:
ATTFilter
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 11/25/2011 at 08:17 PM

Application Version : 5.0.1136

Core Rules Database Version : 7986
Trace Rules Database Version: 5798

Scan type       : Quick Scan
Total Scan Time : 00:09:02

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned      : 783
Memory threats detected   : 0
Registry items scanned    : 60208
Registry threats detected : 0
File items scanned        : 10497
File threats detected     : 50

Adware.Tracking Cookie
	C:\Users\Fahriye\AppData\Roaming\Microsoft\Windows\Cookies\RK0PG0UM.txt [ /bs.serving-sys.com ]
	C:\Users\Fahriye\AppData\Roaming\Microsoft\Windows\Cookies\RZPCWOYE.txt [ /ad3.adfarm1.adition.com ]
	C:\Users\Fahriye\AppData\Roaming\Microsoft\Windows\Cookies\WJ2MU4M3.txt [ /invitemedia.com ]
	C:\Users\Fahriye\AppData\Roaming\Microsoft\Windows\Cookies\8WTY2CMN.txt [ /atdmt.com ]
	C:\Users\Fahriye\AppData\Roaming\Microsoft\Windows\Cookies\5P9MRRAK.txt [ /serving-sys.com ]
	C:\Users\Fahriye\AppData\Roaming\Microsoft\Windows\Cookies\E10DBK2C.txt [ /adfarm1.adition.com ]
	C:\Users\Fahriye\AppData\Roaming\Microsoft\Windows\Cookies\TX21HOS8.txt [ /doubleclick.net ]
	C:\USERS\FAHRIYE\Cookies\RK0PG0UM.txt [ Cookie:fahriye@bs.serving-sys.com/ ]
	C:\USERS\FAHRIYE\Cookies\RZPCWOYE.txt [ Cookie:fahriye@ad3.adfarm1.adition.com/ ]
	C:\USERS\FAHRIYE\Cookies\WJ2MU4M3.txt [ Cookie:fahriye@invitemedia.com/ ]
	C:\USERS\FAHRIYE\Cookies\8WTY2CMN.txt [ Cookie:fahriye@atdmt.com/ ]
	C:\USERS\FAHRIYE\Cookies\5P9MRRAK.txt [ Cookie:fahriye@serving-sys.com/ ]
	C:\USERS\FAHRIYE\Cookies\TX21HOS8.txt [ Cookie:fahriye@doubleclick.net/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\RDN5ENTB.txt [ Cookie:gast@tracking.quisma.com/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\0BP5YCMX.txt [ Cookie:gast@statse.webtrendslive.com/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\YQ4YCOTH.txt [ Cookie:gast@autoscout24.112.2o7.net/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\U3EDQ17Y.txt [ Cookie:gast@c.atdmt.com/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\LOYJJ3A3.txt [ Cookie:gast@invitemedia.com/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\gast@msnportal.112.2o7[1].txt [ Cookie:gast@msnportal.112.2o7.net/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\IEXPVTP6.txt [ Cookie:gast@liveperson.net/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\CVOZ1FCF.txt [ Cookie:gast@adfarm1.adition.com/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\1L3HIRER.txt [ Cookie:gast@ad4.adfarm1.adition.com/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\DC1PDC23.txt [ Cookie:gast@doubleclick.net/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\94AK0B09.txt [ Cookie:gast@ad1.adfarm1.adition.com/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\03GZZKYH.txt [ Cookie:gast@ich.adscale.de/adserver-ich/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\MSC84VSK.txt [ Cookie:gast@ad.adition.net/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\BRSAP3B3.txt [ Cookie:gast@traffictrack.de/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\XG73LBMS.txt [ Cookie:gast@liveperson.net/hc/85950269 ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\3ZKF7QCO.txt [ Cookie:gast@ad.yieldmanager.com/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZZZ38Q9L.txt [ Cookie:gast@tradedoubler.com/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q1A4OVQF.txt [ Cookie:gast@bs.serving-sys.com/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\gast@smartadserver[2].txt [ Cookie:gast@smartadserver.com/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\FYJ2RPK8.txt [ Cookie:gast@unitymedia.de/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\2KPAKOS3.txt [ Cookie:gast@content.yieldmanager.com/ak/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\O8KMT848.txt [ Cookie:gast@apmebf.com/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\YR22QEVU.txt [ Cookie:gast@mediaplex.com/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\gast@www.googleadservices[1].txt [ Cookie:gast@www.googleadservices.com/pagead/conversion/972874502/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\CHK0PHDS.txt [ Cookie:gast@ww251.smartadserver.com/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\8JD5U5RP.txt [ Cookie:gast@xiti.com/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\9F813X13.txt [ Cookie:gast@specificclick.net/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\gast@ad3.adfarm1.adition[2].txt [ Cookie:gast@ad3.adfarm1.adition.com/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\5LD7AUOK.txt [ Cookie:gast@ad2.adfarm1.adition.com/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\W948XYB8.txt [ Cookie:gast@adtech.de/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\5B8GWKCD.txt [ Cookie:gast@advertising.com/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\3JSJLKPJ.txt [ Cookie:gast@zanox-affiliate.de/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\QORBHWVD.txt [ Cookie:gast@serving-sys.com/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\OB0G8KOA.txt [ Cookie:gast@webmasterplan.com/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\P1JUHORA.txt [ Cookie:gast@r1-ads.ace.advertising.com/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\SII2SGJP.txt [ Cookie:gast@adviva.net/ ]
	C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\SNSIJF3D.txt [ Cookie:gast@2o7.net/ ]
         
Code:
ATTFilter
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 11/25/2011 at 09:37 PM

Application Version : 5.0.1136

Core Rules Database Version : 7986
Trace Rules Database Version: 5798

Scan type       : Complete Scan
Total Scan Time : 01:09:57

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned      : 772
Memory threats detected   : 0
Registry items scanned    : 71855
Registry threats detected : 0
File items scanned        : 71000
File threats detected     : 9

Adware.Tracking Cookie
	C:\Users\Fahriye\AppData\Roaming\Microsoft\Windows\Cookies\H80LHG03.txt [ /bs.serving-sys.com ]
	C:\Users\Fahriye\AppData\Roaming\Microsoft\Windows\Cookies\3303OHML.txt [ /serving-sys.com ]
	C:\USERS\FAHRIYE\Cookies\H80LHG03.txt [ Cookie:fahriye@bs.serving-sys.com/ ]
	C:\USERS\FAHRIYE\Cookies\3303OHML.txt [ Cookie:fahriye@serving-sys.com/ ]
	C:\USERS\GAST\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\GAST@ATDMT[1].TXT [ /ATDMT ]
	C:\USERS\GAST\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\GAST@ATDMT[2].TXT [ /ATDMT ]
	C:\USERS\GAST\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\GAST@AD.REKLAMPORT[1].TXT [ /AD.REKLAMPORT ]
	C:\USERS\GAST\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\GAST@TRACKING.MINDSHARE[1].TXT [ /TRACKING.MINDSHARE ]

Trojan.Agent/Gen-SoftonicDownloader
	C:\USERS\FAHRIYE\DOWNLOADS\SOFTONICDOWNLOADER_FUER_HIJACKTHIS.EXE
         

Alt 25.11.2011, 21:50   #20
mf21
 
BKA Virus Hilfe - Standard

BKA Virus Hilfe



USB habe ich nicht angeschlossen deshalb ist es meinerseits nicht notwendig


Alt 26.11.2011, 06:47   #21
kira
/// Helfer-Team
 
BKA Virus Hilfe - Standard

BKA Virus Hilfe



Ok, dann mach bitte ohne USB
__________________
--> BKA Virus Hilfe

Alt 26.11.2011, 18:15   #22
mf21
 
BKA Virus Hilfe - Standard

BKA Virus Hilfe



auch durchgeführt

Alt 28.11.2011, 07:52   #23
kira
/// Helfer-Team
 
BKA Virus Hilfe - Standard

BKA Virus Hilfe



► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?
__________________

Warnung!:
Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
Anhang nicht öffnen, in unserem Forum erst nachfragen!

Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
Bitte diese Warnung weitergeben, wo Du nur kannst!

Alt 28.11.2011, 15:19   #24
mf21
 
BKA Virus Hilfe - Standard

BKA Virus Hilfe



heute konnte ich mein laptop nicht hochfahren dann hab ich die starthilfe gestartet und es hat von alleine repariert aber ansonsten passiert nichts problematisches

Alt 28.11.2011, 15:56   #25
kira
/// Helfer-Team
 
BKA Virus Hilfe - Standard

BKA Virus Hilfe



läuft jetzt gut, oder hat Dein Rechner noch Probleme??

1.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

2.
Lade dir von hier -> TrendMicro™ HijackThis™/Version 2.0.4 herunter
Zitat:
Keine offenen Fenster, solang bis HijackThis läuft!!-> HijackThis starten-> "Do a system scan and save a logfile" klicken (kurz warten) -> das erhaltene Logfile "markieren" -> "kopieren"-> hier in deinem Thread (rechte Maustaste) "einfügen" (musst du im Forum eingeloggt sein!)
__________________

Warnung!:
Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
Anhang nicht öffnen, in unserem Forum erst nachfragen!

Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
Bitte diese Warnung weitergeben, wo Du nur kannst!

Alt 28.11.2011, 17:45   #26
mf21
 
BKA Virus Hilfe - Standard

BKA Virus Hilfe



ok also Schritt 1 Otl.txt
Code:
ATTFilter
OTL logfile created on: 28.11.2011 17:27:31 - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Fahriye\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 2,44 Gb Available Physical Memory | 63,20% Memory free
7,73 Gb Paging File | 5,95 Gb Available in Paging File | 76,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284,81 Gb Total Space | 180,76 Gb Free Space | 63,47% Space Free | Partition Type: NTFS
 
Computer Name: PASSIONATA | User Name: Fahriye | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.11.24 15:28:27 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Fahriye\Downloads\OTL.exe
PRC - [2011.11.11 12:40:53 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011.01.31 12:16:40 | 000,703,360 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
PRC - [2010.12.08 14:31:06 | 000,628,736 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010.11.23 17:49:24 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010.11.15 13:41:18 | 000,367,496 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe
PRC - [2010.09.14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010.09.14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010.03.09 00:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010.03.09 00:56:38 | 000,260,608 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2010.03.03 13:42:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.03.03 13:41:58 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.02.28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
PRC - [2010.02.26 07:35:04 | 001,289,296 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010.02.26 07:35:04 | 000,325,200 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010.02.26 07:35:04 | 000,288,336 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010.02.01 19:05:02 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
PRC - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2009.12.25 02:45:16 | 000,401,192 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2009.12.25 02:44:48 | 000,201,512 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2009.12.24 01:39:02 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009.10.27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009.08.28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
PRC - [2006.09.19 08:07:28 | 000,827,392 | ---- | M] () -- C:\Windows\vsnpstd3.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.11.24 21:43:24 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011.11.11 12:40:52 | 001,989,592 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.10.14 09:09:39 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll
MOD - [2011.10.14 09:09:06 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011.10.14 09:08:58 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011.10.14 09:08:34 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011.10.14 09:08:30 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011.10.14 09:08:29 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011.10.14 09:08:21 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011.01.31 12:17:32 | 000,129,408 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\plugins\nps.dll
MOD - [2011.01.31 12:15:08 | 002,551,808 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXmlPatterns4.dll
MOD - [2011.01.31 12:15:08 | 002,277,888 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtCore4.dll
MOD - [2011.01.31 12:15:08 | 000,912,384 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtNetwork4.dll
MOD - [2011.01.31 12:15:08 | 000,196,608 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\imageformats\qjpeg4.dll
MOD - [2011.01.31 12:15:08 | 000,026,624 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\imageformats\qgif4.dll
MOD - [2011.01.31 12:15:06 | 010,837,504 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtWebKit4.dll
MOD - [2011.01.31 12:15:06 | 008,151,040 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtGui4.dll
MOD - [2011.01.31 12:15:06 | 002,186,752 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtDeclarative4.dll
MOD - [2011.01.31 12:15:06 | 001,283,584 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtScript4.dll
MOD - [2011.01.31 12:15:06 | 000,675,840 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtOpenGL4.dll
MOD - [2011.01.31 12:15:06 | 000,339,456 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXml4.dll
MOD - [2011.01.31 12:15:06 | 000,266,752 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\phonon4.dll
MOD - [2011.01.31 12:15:06 | 000,190,464 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtSql4.dll
MOD - [2011.01.31 11:54:42 | 000,790,016 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Maps Service API.dll
MOD - [2011.01.31 11:52:56 | 000,345,088 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\OviShareLib.dll
MOD - [2011.01.31 11:52:56 | 000,180,104 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\noaipcclient.dll
MOD - [2011.01.31 11:52:56 | 000,028,040 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\wrtserviceipcclient.dll
MOD - [2011.01.31 11:52:00 | 000,680,448 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\CommonUpdateChecker.dll
MOD - [2010.11.15 13:41:18 | 000,367,496 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe
MOD - [2010.11.15 13:41:18 | 000,034,184 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\wrtserviceipcserver.dll
MOD - [2010.11.15 09:13:00 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\qtsecurestorage.dll
MOD - [2010.11.15 09:12:46 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\cryptodll.dll
MOD - [2010.11.15 09:12:46 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\qtsecurestorageserver.dll
MOD - [2010.11.13 01:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.09.23 17:34:40 | 008,151,040 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\QtGui4.dll
MOD - [2010.09.23 17:25:08 | 000,912,384 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\QtNetwork4.dll
MOD - [2010.09.23 17:24:02 | 000,339,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\QtXml4.dll
MOD - [2010.09.23 17:23:50 | 002,277,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\QtCore4.dll
MOD - [2010.05.31 18:58:48 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.03.09 01:18:10 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
MOD - [2010.02.28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
MOD - [2009.05.20 23:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll
MOD - [2006.09.19 08:07:28 | 000,827,392 | ---- | M] () -- C:\Windows\vsnpstd3.exe
MOD - [2005.07.20 10:48:10 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\zlib1.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.02.16 19:20:04 | 000,256,336 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe -- (Amsp)
SRV:64bit: - [2010.09.22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.01.22 18:01:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010.12.08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.09.14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010.09.14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.09 00:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010.03.03 13:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010.03.03 13:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.02.26 07:35:04 | 000,325,200 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010.02.05 19:23:06 | 000,865,824 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2010.02.01 19:04:40 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2009.12.24 01:39:04 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009.08.28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.05.04 13:19:43 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:64bit: - [2011.05.04 13:19:43 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2011.05.04 13:19:43 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:64bit: - [2011.05.04 13:19:43 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 11:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.09.22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.09.14 04:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010.09.14 04:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010.09.14 04:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010.09.14 04:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010.07.30 14:18:04 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2010.07.30 14:18:02 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010.07.30 14:18:00 | 000,026,624 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2010.07.30 14:17:56 | 000,019,456 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010.04.07 19:04:22 | 002,216,960 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.01.22 18:13:24 | 006,233,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.01.22 17:07:56 | 000,161,280 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2009.12.17 18:42:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.12.02 03:21:32 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009.10.22 05:55:06 | 000,272,432 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009.10.16 11:32:22 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2009.09.30 18:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.09.17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.20 03:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:64bit: - [2009.06.10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 21:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.03 03:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009.06.03 03:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009.06.03 03:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009.05.06 01:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.05.06 01:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2008.08.28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2007.03.27 17:18:58 | 010,550,272 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D6 A7 F6 08 D6 84 CB 01  [binary data]
IE - HKCU\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51
FF - prefs.js..extensions.enabledItems: finder@meingutscheincode.de:2.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {22C7F6C6-8D67-4534-92B5-529A0EC09405}:6.5.0.1234
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.type: 0
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.02.09 21:03:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\firefoxextension\ [2011.11.28 15:16:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.21 22:02:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.11.29 00:14:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.02.09 21:03:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\finder@meingutscheincode.de: C:\Program Files (x86)\Mein Gutscheincode Finder\Firefox [2011.05.05 12:59:35 | 000,000,000 | ---D | M]
 
[2010.10.20 16:54:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fahriye\AppData\Roaming\mozilla\Extensions
[2011.11.28 15:16:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions
[2011.09.06 19:29:05 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Fahriye\AppData\Roaming\mozilla\Firefox\Profiles\brdzo1nn.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.11.25 19:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
() (No name found) -- C:\USERS\FAHRIYE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BRDZO1NN.DEFAULT\EXTENSIONS\FINDER@MEINGUTSCHEINCODE.DE.XPI
[2011.11.11 12:40:53 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.11.24 15:16:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.11.11 12:40:50 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.11.11 12:40:50 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.11.11 12:40:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.11.11 12:40:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Babylon Chrome Plugin (Enabled) = C:\Users\Fahriye\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\BabylonChromePI.dll
CHR - plugin: Gutscheinmieze-Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npmieze.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Fun Web Products Plugin Stub (Enabled) = C:\Program Files (x86)\FunWebProducts\Installr\2.bin\NPFunWeb.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Programme\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Programme\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Programme\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Programme\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [msnmsgr] "C:\PROGRA~2\WIC4A1~1\MESSEN~1\msnmsgr.exe" /background File not found
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Fahriye\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Fahriye\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82569D03-E711-4FAB-AF8B-A274C41764BD}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Programme\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Programme\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Programme\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Programme\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.11.28 15:19:37 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{39B478AC-91DC-4801-8E8A-34B0B597647A}
[2011.11.28 15:19:10 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{CCD22800-0EA0-4376-AB7D-088EBDAB8111}
[2011.11.27 14:33:19 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{7ECD2135-93C0-46AB-8945-07A435B29E06}
[2011.11.27 14:32:50 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{02688193-7504-4B98-9E98-B9F2ED41AECC}
[2011.11.26 23:51:22 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{7DA263CA-465A-46FD-A7A8-1CA056174376}
[2011.11.26 23:50:56 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{E8FCBBD6-8199-4708-8405-29BD083722B8}
[2011.11.26 19:16:25 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\Desktop\Pınar Aylin - Hit 70`ler 2011
[2011.11.26 19:04:37 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\Desktop\Originals
[2011.11.26 11:50:04 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{46C13FBF-E138-4BDF-8AD5-9F0725FF4609}
[2011.11.26 11:49:37 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{F0DE01AB-65D2-42CE-9753-E8B27C82FF9B}
[2011.11.25 20:07:49 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Roaming\SUPERAntiSpyware.com
[2011.11.25 20:07:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011.11.25 20:07:26 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011.11.25 20:07:26 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011.11.25 10:43:28 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{D2341B06-AF2C-4518-9BDC-B8BB95D8ADEA}
[2011.11.25 10:43:01 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{976B6822-65CD-4ACB-9C0B-7CC5F263B60C}
[2011.11.24 16:40:37 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.11.24 15:17:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.11.24 15:16:42 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011.11.24 15:16:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011.11.24 15:16:41 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011.11.24 14:38:48 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{BED05D29-F1D5-4266-8481-31EB5D20FCD0}
[2011.11.24 14:38:34 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{F8D18F68-AC30-41D4-AAEB-1C4CC4908C72}
[2011.11.23 18:28:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.11.23 18:28:06 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.11.23 17:48:45 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{C15FAB69-0747-4259-BD76-2E850B7B5C9E}
[2011.11.23 17:48:20 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{0960DECD-8E56-4692-B113-785DFA1569D9}
[2011.11.22 21:41:00 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Roaming\Malwarebytes
[2011.11.22 21:40:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.11.22 21:40:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.11.22 21:40:46 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.11.22 21:40:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.11.22 14:47:32 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{0F7465F2-2E2F-498A-8557-2E8BA2060F6F}
[2011.11.22 14:47:09 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{915002DF-803A-424F-AAC4-D2B2529A5813}
[2011.11.22 10:04:44 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011.11.22 10:04:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2011.11.21 22:06:55 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{02CF42B8-571C-4AAE-A958-C5802D254E86}
[2011.11.21 22:06:41 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{7612B3EB-9B3F-404C-87A7-950D795FC9C9}
[2011.11.21 20:32:43 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{3B901C39-4455-4529-B5D7-1A5FEDCDD4AE}
[2011.11.21 20:32:24 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{AE340385-A233-4D9B-826D-E657883316E6}
[2011.11.21 19:56:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011.11.21 19:52:54 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{4FEF4D21-BF42-4D88-9C9F-82DBB069FE13}
[2011.11.21 19:52:39 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{A83C923D-D16A-4D49-9596-D6F8D246D77A}
[2011.11.20 14:20:59 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\Desktop\Bewerbung
[2011.11.20 14:13:42 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Roaming\Sun
[2011.11.20 14:07:33 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{86226CBA-CF89-494F-BBF3-5ED2E8CEFF40}
[2011.11.20 14:07:16 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{30F94CBB-70F3-43FB-8B73-1E33AD688E0A}
[2011.11.19 23:43:27 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{18FF6C68-3BB7-4B00-ADCA-1BB8A4FBDFC8}
[2011.11.19 23:43:02 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{38B9F4A6-60E2-4CA2-BEF4-AFFB0D04CE16}
[2011.11.19 11:42:11 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{A8D3A7C0-3974-4CB2-968F-8350B47EE18C}
[2011.11.19 11:41:45 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{F273D916-7803-48CE-B68D-20C6F9274A40}
[2011.11.18 14:22:04 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{5FACB273-F757-4B01-970C-372270DA123D}
[2011.11.18 14:21:50 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{B6092D4C-7B4C-40AE-9FBE-1C1D357C4081}
[2011.11.17 15:55:35 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{88B2F0A8-F250-478E-8BE9-E32D2E6532C9}
[2011.11.17 15:55:05 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{4BD2A8D4-208A-4141-B1DD-EBB051EF6F0B}
[2011.11.16 21:44:18 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{634F59A1-0C3C-4C80-9513-14C1380120BB}
[2011.11.16 21:43:52 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{1FE8CD2F-47E4-4D87-B591-4A88486534C9}
[2011.11.16 09:12:30 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{E42FA0A3-3C36-461E-B627-DD9718732A92}
[2011.11.16 09:12:16 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{6F9EB2F1-95BF-4D52-BE95-3215ACADA48F}
[2011.11.15 12:26:45 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{56C04265-7D4A-482A-894F-FAD3EA748BAB}
[2011.11.15 12:26:27 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{4ABD9D4C-A34D-484B-B22F-E3DFDB862CA6}
[2011.11.14 16:38:37 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{2100003F-EA6B-4FAE-9B8D-11CBD80BAA40}
[2011.11.14 16:38:09 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{531B4633-2A26-45C3-9847-EB6497F1714B}
[2011.11.13 12:08:58 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{A4C84184-BCA8-4F10-A7E3-135D45D032C0}
[2011.11.13 12:08:41 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{B53BC0C3-17B6-4E9F-8CAD-B095D90AA081}
[2011.11.12 22:01:39 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{27FF69C7-E5BB-4381-9F7C-9ECA36C30413}
[2011.11.12 22:01:13 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{36A59CBE-D6DA-499A-B263-673913D7FD06}
[2011.11.12 10:00:54 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{9795F9AB-7BBA-4D96-AF7E-F95414F2D077}
[2011.11.12 10:00:29 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{E93E8A45-A5B7-47A8-900F-8B26A7281ECC}
[2011.11.11 21:59:55 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{F89AC7FF-29BA-494C-85CB-D078756B3C91}
[2011.11.11 21:59:42 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{3941657D-E038-4B0B-89D9-C253AB3D30C7}
[2011.11.11 09:58:32 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{AE48CE6B-86D6-497D-8E49-3CFE8316C2E7}
[2011.11.11 09:58:16 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{C46DA3B4-947F-4F27-9848-CE9ABB7D7EE5}
[2011.11.10 21:34:13 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{5C703F63-BC12-42CF-8812-98E32000051E}
[2011.11.10 21:33:49 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{A43CF3C4-A77C-4AF5-9A4B-79880121E3B9}
[2011.11.10 15:19:51 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{3E028CB2-892B-478E-B425-D24AD599F128}
[2011.11.09 16:02:14 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{07EBA946-823D-457A-A61F-BE9C69930BD0}
[2011.11.09 16:01:53 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{ABBA271A-64A4-4F65-BD7C-2819F6F63136}
[2011.11.08 11:51:46 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{BC02946F-57BF-42FD-909F-AE45E4EB5948}
[2011.11.08 11:51:20 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{766A505D-FA89-4034-9779-43B12105290D}
[2011.11.07 15:53:26 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{C07C9686-ACF4-4125-B33F-033709323BFC}
[2011.11.07 15:52:59 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{0BE6C089-78B1-49AD-9229-8F3B3379FA20}
[2011.11.06 17:49:29 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{FF0E42B4-EBD1-4D19-9CB8-FACBE6A17772}
[2011.11.06 17:48:56 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{5AFE067A-ADFE-4769-AC55-7821C4524478}
[2011.11.05 15:46:33 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{55E51630-300D-4EC3-8B15-93BDEDDA3BDE}
[2011.11.05 15:46:17 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{5281980C-6EFD-476A-8A7E-B3136F93227A}
[2011.11.04 12:18:37 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{01C99A39-BAB4-47E9-8A92-9FC715B5CDBE}
[2011.11.04 12:18:21 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{721FA7DD-C414-4D45-ADBD-B87657BAC4DF}
[2011.11.03 18:24:34 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{DD7F3678-5D8F-4612-9A3B-B0A6AD7D66A6}
[2011.11.03 18:24:08 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{43138EFC-E8AB-4550-A234-B523E7897D0C}
[2011.11.02 17:38:54 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{61D79465-2289-4C4E-B3FA-042ADC76BB46}
[2011.11.02 17:38:41 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{5B7969C1-2687-45E7-8A8E-63B7CD70DEC4}
[2011.11.02 17:34:45 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{1680F300-40F1-40BF-B79D-E7D385B718F8}
[2011.11.02 17:31:04 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{ED911A68-ABA8-40CB-87C4-1BFF65CACD7F}
[2011.11.01 21:46:14 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{4224D90F-4222-4D6C-9F78-260A2ACC8FC4}
[2011.11.01 21:45:50 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{F0FC93C2-E303-48F8-AAC7-967A2998B735}
[2011.11.01 09:45:03 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{F6F6F366-131F-4DA0-BE09-7960DE728043}
[2011.11.01 09:44:37 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{39AF969D-9E69-47FE-91C8-09525550558E}
[2011.10.31 15:43:18 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{15FFAAED-D606-4CB2-9854-E55B1936040E}
[2011.10.31 15:42:53 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{A3D27557-BEAB-4222-AF4D-6941F09AFF50}
[2011.10.30 21:42:15 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{74770B7B-AAB4-4401-9D93-F2D39041EBBA}
[2011.10.30 21:41:51 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{6449CDFB-99E3-412F-A3B9-AEB751AC31D9}
[2011.10.30 09:41:05 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{3B5FE26A-CCBA-47AF-B4E9-DF0748190194}
[2011.10.30 09:40:51 | 000,000,000 | ---D | C] -- C:\Users\Fahriye\AppData\Local\{BC36F856-48CB-4667-ADC1-F39D73684DED}
[2010.12.09 10:15:47 | 000,172,032 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2uvc.dll
[2007.03.12 10:41:52 | 000,061,440 | ---- | C] ( ) -- C:\Windows\SysWow64\vsnpstd3.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.11.28 17:21:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.11.28 17:07:31 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.28 17:07:31 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.28 15:14:55 | 3111,518,208 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.27 22:23:53 | 003,026,158 | ---- | M] () -- C:\Users\Fahriye\Desktop\DSC03534.JPG
[2011.11.27 00:55:46 | 000,158,066 | ---- | M] () -- C:\Users\Fahriye\Desktop\IMG_1975.jpg
[2011.11.26 23:52:20 | 000,822,683 | ---- | M] () -- C:\Users\Fahriye\Desktop\DSC03533.JPG
[2011.11.26 19:07:51 | 002,102,186 | ---- | M] () -- C:\Users\Fahriye\Desktop\DSC03541.JPG
[2011.11.26 19:04:38 | 001,743,475 | ---- | M] () -- C:\Users\Fahriye\Desktop\DSC03520.JPG
[2011.11.26 13:28:24 | 003,761,278 | ---- | M] () -- C:\Users\Fahriye\Desktop\DSC03526.JPG
[2011.11.26 13:27:44 | 003,902,598 | ---- | M] () -- C:\Users\Fahriye\Desktop\DSC03525.JPG
[2011.11.26 13:27:14 | 003,903,394 | ---- | M] () -- C:\Users\Fahriye\Desktop\DSC03524.JPG
[2011.11.24 21:43:24 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.11.24 15:23:17 | 000,231,858 | ---- | M] () -- C:\Users\Fahriye\Documents\cc_20111124_152250.reg
[2011.11.24 15:16:22 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011.11.24 15:16:22 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011.11.24 15:16:22 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011.11.24 15:16:21 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011.11.23 18:57:12 | 001,561,978 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.11.23 18:57:12 | 000,677,668 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.11.23 18:57:12 | 000,639,510 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.11.23 18:57:12 | 000,137,930 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.11.23 18:57:12 | 000,114,312 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.11.23 18:28:10 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.11.22 21:40:52 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.22 11:19:42 | 000,885,090 | ---- | M] () -- C:\Users\Fahriye\AppData\Local\census.cache
[2011.11.22 11:18:51 | 000,116,521 | ---- | M] () -- C:\Users\Fahriye\AppData\Local\ars.cache
[2011.11.22 11:07:58 | 000,000,036 | ---- | M] () -- C:\Users\Fahriye\AppData\Local\housecall.guid.cache
[2011.11.22 10:04:44 | 000,002,985 | ---- | M] () -- C:\Users\Fahriye\Desktop\HiJackThis.lnk
[2011.11.22 10:02:35 | 001,402,880 | ---- | M] () -- C:\Users\Fahriye\Desktop\HiJackThis-2-04.msi
[2011.11.10 15:18:10 | 000,368,512 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.11.01 22:07:28 | 001,213,330 | ---- | M] () -- C:\Users\Fahriye\Desktop\Desktop.rar
 
========== Files Created - No Company Name ==========
 
[2011.11.27 00:55:46 | 000,158,066 | ---- | C] () -- C:\Users\Fahriye\Desktop\IMG_1975.jpg
[2011.11.26 13:36:58 | 002,102,186 | ---- | C] () -- C:\Users\Fahriye\Desktop\DSC03541.JPG
[2011.11.26 13:32:36 | 003,026,158 | ---- | C] () -- C:\Users\Fahriye\Desktop\DSC03534.JPG
[2011.11.26 13:32:10 | 000,822,683 | ---- | C] () -- C:\Users\Fahriye\Desktop\DSC03533.JPG
[2011.11.26 13:28:24 | 003,761,278 | ---- | C] () -- C:\Users\Fahriye\Desktop\DSC03526.JPG
[2011.11.26 13:27:44 | 003,902,598 | ---- | C] () -- C:\Users\Fahriye\Desktop\DSC03525.JPG
[2011.11.26 13:27:14 | 003,903,394 | ---- | C] () -- C:\Users\Fahriye\Desktop\DSC03524.JPG
[2011.11.26 13:26:10 | 001,743,475 | ---- | C] () -- C:\Users\Fahriye\Desktop\DSC03520.JPG
[2011.11.24 15:22:58 | 000,231,858 | ---- | C] () -- C:\Users\Fahriye\Documents\cc_20111124_152250.reg
[2011.11.23 18:28:10 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.11.22 21:40:52 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.22 11:19:42 | 000,885,090 | ---- | C] () -- C:\Users\Fahriye\AppData\Local\census.cache
[2011.11.22 11:18:51 | 000,116,521 | ---- | C] () -- C:\Users\Fahriye\AppData\Local\ars.cache
[2011.11.22 11:02:40 | 000,000,036 | ---- | C] () -- C:\Users\Fahriye\AppData\Local\housecall.guid.cache
[2011.11.22 10:04:44 | 000,002,985 | ---- | C] () -- C:\Users\Fahriye\Desktop\HiJackThis.lnk
[2011.11.22 10:02:30 | 001,402,880 | ---- | C] () -- C:\Users\Fahriye\Desktop\HiJackThis-2-04.msi
[2011.11.01 22:07:27 | 001,213,330 | ---- | C] () -- C:\Users\Fahriye\Desktop\Desktop.rar
[2011.04.07 13:15:27 | 000,007,606 | ---- | C] () -- C:\Users\Fahriye\AppData\Local\Resmon.ResmonCfg
[2011.02.15 22:47:25 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2011.01.09 21:06:00 | 001,588,672 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.12.09 10:15:47 | 001,749,376 | ---- | C] () -- C:\Windows\SysWow64\snp2uvc.sys
[2010.12.09 10:15:47 | 000,028,032 | ---- | C] () -- C:\Windows\SysWow64\sncduvc.sys
[2010.12.09 10:15:46 | 000,000,131 | ---- | C] () -- C:\Windows\SysWow64\PidList.ini
[2010.10.20 16:54:12 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.05.31 18:48:25 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.05.31 18:47:20 | 000,001,741 | ---- | C] () -- C:\Windows\WPatchProgress.ini
[2010.05.31 09:33:04 | 000,000,033 | ---- | C] () -- C:\Windows\LaunApp.ini
[2010.05.31 09:09:23 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.03.25 05:59:43 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010.03.25 05:57:49 | 000,000,193 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2010.03.25 05:57:49 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2010.03.25 05:57:49 | 000,000,147 | ---- | C] () -- C:\Windows\WisPriority.ini
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009.07.13 22:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009.07.13 22:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009.07.13 22:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.09.19 08:07:28 | 000,827,392 | ---- | C] () -- C:\Windows\vsnpstd3.exe
[2004.02.27 15:36:18 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini
 
========== LOP Check ==========
 
[2011.02.20 16:00:08 | 000,000,000 | ---D | M] -- C:\Users\Fahriye\AppData\Roaming\AVG10
[2011.09.25 21:15:53 | 000,000,000 | ---D | M] -- C:\Users\Fahriye\AppData\Roaming\DVDVideoSoft
[2011.04.12 10:56:27 | 000,000,000 | ---D | M] -- C:\Users\Fahriye\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.02.08 15:44:07 | 000,000,000 | ---D | M] -- C:\Users\Fahriye\AppData\Roaming\GetRightToGo
[2011.11.24 16:40:58 | 000,000,000 | ---D | M] -- C:\Users\Fahriye\AppData\Roaming\Gutscheinmieze
[2011.02.09 21:08:54 | 000,000,000 | ---D | M] -- C:\Users\Fahriye\AppData\Roaming\Nokia
[2011.02.09 21:08:55 | 000,000,000 | ---D | M] -- C:\Users\Fahriye\AppData\Roaming\Nokia Ovi Suite
[2011.05.02 20:32:14 | 000,000,000 | ---D | M] -- C:\Users\Fahriye\AppData\Roaming\OpenOffice.org
[2011.02.09 21:08:18 | 000,000,000 | ---D | M] -- C:\Users\Fahriye\AppData\Roaming\PC Suite
[2011.11.29 00:14:03 | 000,000,000 | ---D | M] -- C:\Users\Fahriye\AppData\Roaming\PhotoScape
[2011.02.21 15:02:32 | 000,000,000 | ---D | M] -- C:\Users\Fahriye\AppData\Roaming\PixelPlanet
[2011.11.29 00:13:48 | 000,000,000 | ---D | M] -- C:\Users\Fahriye\AppData\Roaming\SoftGrid Client
[2011.01.09 21:07:40 | 000,000,000 | ---D | M] -- C:\Users\Fahriye\AppData\Roaming\TP
[2011.09.25 09:18:57 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         

und hier Otl. Extras
Code:
ATTFilter
OTL Extras logfile created on: 28.11.2011 17:27:31 - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Fahriye\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 2,44 Gb Available Physical Memory | 63,20% Memory free
7,73 Gb Paging File | 5,95 Gb Available in Paging File | 76,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284,81 Gb Total Space | 180,76 Gb Free Space | 63,47% Space Free | Partition Type: NTFS
 
Computer Name: PASSIONATA | User Name: Fahriye | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{11BA2B00-1495-47B8-BFA8-D08C605AB2CC}" = Windows Live Family Safety
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8B79B3A9-6E49-5FFB-2017-A822BBDC4992}" = ATI Catalyst Install Manager
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro™ Titanium™ Internet Security
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0B97CF2-5032-A645-7FFC-BD1E39FC4E3F}" = ccc-utility64
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Adobe Flash Player Plugin 64" = Adobe Flash Player 10 Plugin 64-bit
"CCleaner" = CCleaner
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02A414EA-0E5F-CD08-61EF-E155F31DFF76}" = Catalyst Control Center Graphics Previews Vista
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{08600005-5228-4BF6-845E-E9A957AFDCB4}" = OviMPlatform
"{08938019-97FA-1C7A-19E0-0C8D56ED7CB2}" = CCC Help Hungarian
"{0A4D717B-E6E8-11FA-E7D2-385EBB1A4A85}" = CCC Help Japanese
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13BA5548-1065-4DBE-B115-681AFB77263B}" = CCC Help Swedish
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{16890D7F-1C77-733B-D8E4-F5D4315A5F93}" = Catalyst Control Center Localization All
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1CBDB473-E303-EFAE-88D1-6F741ACD5B31}" = CCC Help Czech
"{1D8912B0-343C-EB1F-28EE-B672D444C192}" = Catalyst Control Center InstallProxy
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E05CF2E-BF5F-4A43-9147-2CCBBE57BC3C}_is1" = Mein Gutscheincode Finder 1.0.0.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{28191B83-1D60-44B6-9B08-E854EF6632D5}" = Ovi Desktop Sync Engine
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2C59BF0E-66A5-681E-60FE-8D18CE6319A1}" = CCC Help German
"{2C9D4FCA-3E7F-9368-6955-EA6D65F7DC78}" = CCC Help English
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3553E875-F00E-4031-BDEC-75FB1DFEB093}" = Nokia Ovi Suite Software Updater
"{3788B9B7-C15F-4C64-D52B-3DD1BA494B7A}" = CCC Help Korean
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3D200EB9-44FC-432F-1E35-C20AB5FDCD77}" = CCC Help Thai
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3FC42713-B6E7-49AA-A553-A224FE9828A8}" = Nokia Ovi Suite
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{44D52071-5077-2839-1AE6-863563AEA269}" = CCC Help Russian
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BCBC4D0-1D88-462D-809E-506F34EA11C0}" = Catalyst Control Center - Branding
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{6030FCD7-8F1A-427D-AF05-8DD1A2EA2ABA}" = Alcor Micro USB Card Reader
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}" = Spin & Win
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87976D85-DBF6-F263-39B6-500ACB658CE0}" = Catalyst Control Center Graphics Full Existing
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{2733AA87-26FC-41B0-9D2F-3092345BC370}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90140011-0062-0407-0000-0000000FF1CE}" = Microsoft Office Home and Business 2010 - Deutsch
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{9BBB29A1-C71D-DD1D-66B1-352AAAB13FC6}" = CCC Help Danish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F4D1D9E-5542-B572-81A7-9DCB0AEED1BE}" = CCC Help French
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3EF3FAD-6ABA-1551-AD3B-D09361C5EEC9}" = CCC Help Polish
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A73FBC00-44F8-0ECF-76FB-14CF62120B55}" = ccc-core-static
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA047D7C-5E7C-4878-B75C-77589151B563}" = Acer Crystal Eye webcam
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AACEAAE9-9CC3-5715-4539-EB13CA3C67BA}" = CCC Help Spanish
"{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1" = Acer GameZone Console
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.6 MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2463AD3-1334-A30E-A523-D38E8E7B09A2}" = CCC Help Dutch
"{BA2AD7F2-55AE-87B5-00DD-9B0C6F087FD0}" = Catalyst Control Center Graphics Light
"{BC940CD7-FC71-83C5-2001-CF6FD07BA3D1}" = CCC Help Chinese Traditional
"{BF847A60-119D-6888-B2DA-EC62F1B66BBB}" = CCC Help Chinese Standard
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C97396A9-44BC-C856-0B92-93A6A417D6A8}" = Catalyst Control Center Graphics Full New
"{CA10114E-3941-E8ED-70A3-17CAA2226AFC}" = CCC Help Turkish
"{CAB89605-7C12-8082-32DF-B419C696BD12}" = Catalyst Control Center Core Implementation
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{D98C2191-0AE0-4087-9153-018A4810DF45}" = CCC Help Norwegian
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1" = Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF7D3C5E-87FC-6AE6-D986-35E0F05FEFD9}" = CCC Help Italian
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EBA8538C-F0B1-A089-D555-44DBF3A47C9F}" = CCC Help Finnish
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F22E305E-BD02-5CC1-92D0-BD7170CDFE45}" = CCC Help Portuguese
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FD4B3108-0915-31E1-5A7C-AC5B3C33846C}" = CCC Help Greek
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AP Tuner 3.08" = AP Tuner 3.08
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.11.923
"Google Chrome" = Google Chrome
"Gutscheinmieze - Toolbar" = Gutscheinmieze - Toolbar
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{6030FCD7-8F1A-427D-AF05-8DD1A2EA2ABA}" = Alcor Micro USB Card Reader
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"Nokia Ovi Suite" = Nokia Ovi Suite
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"PhotoScape" = PhotoScape
"Uninstall_is1" = Uninstall 1.0.0.1
"Veetle TV" = Veetle TV 0.9.18
"VLC media player" = VLC media player 1.1.5
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite" = Windows Live Essentials
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 16.11.2011 18:15:35 | Computer Name = Fahriye-PC | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error
 
Error - 18.11.2011 09:20:56 | Computer Name = Fahriye-PC | Source = Application Virtualization Client | ID = 6032
Description = {tid=1050:usr=Fahriye} Eine temporäre Einstellungsdatei wurde gefunden.
 Diese Datei (C:\Users\Fahriye\AppData\Local\Q$_140062.DEU_SoftGridUserSettings_settings.cp.temp)
 ist möglicherweise beschädigt und wird gelöscht.
 
Error - 19.11.2011 06:50:38 | Computer Name = Fahriye-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information.  (Patch task for {90140011-0062-0407-0000-0000000FF1CE}):
 DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar.
 Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

 
Error - 20.11.2011 09:13:01 | Computer Name = Fahriye-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 8.0.0.4325,
 Zeitstempel: 0x4eb4a91a  Name des fehlerhaften Moduls: coreclr.dll, Version: 4.0.60831.0,
 Zeitstempel: 0x4e5d6c64  Ausnahmecode: 0xc00000fd  Fehleroffset: 0x000bd80f  ID des fehlerhaften
 Prozesses: 0x18a4  Startzeit der fehlerhaften Anwendung: 0x01cca78618f72aa8  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad
 des fehlerhaften Moduls: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\coreclr.dll
Berichtskennung:
 5f5b30ce-1379-11e1-837e-00262dabb1de
 
Error - 20.11.2011 09:14:04 | Computer Name = Fahriye-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 8.0.0.4325,
 Zeitstempel: 0x4eb4a91a  Name des fehlerhaften Moduls: coreclr.dll, Version: 4.0.60831.0,
 Zeitstempel: 0x4e5d6c64  Ausnahmecode: 0xc00000fd  Fehleroffset: 0x000bca7f  ID des fehlerhaften
 Prozesses: 0x1248  Startzeit der fehlerhaften Anwendung: 0x01cca7862ee00209  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad
 des fehlerhaften Moduls: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\coreclr.dll
Berichtskennung:
 84d90f67-1379-11e1-837e-00262dabb1de
 
Error - 20.11.2011 09:59:06 | Computer Name = Fahriye-PC | Source = Windows Search Service | ID = 3007
Description = 
 
Error - 20.11.2011 10:25:04 | Computer Name = Fahriye-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 8.0.0.4325,
 Zeitstempel: 0x4eb4a91a  Name des fehlerhaften Moduls: coreclr.dll, Version: 4.0.60831.0,
 Zeitstempel: 0x4e5d6c64  Ausnahmecode: 0xc00000fd  Fehleroffset: 0x00001463  ID des fehlerhaften
 Prozesses: 0x176c  Startzeit der fehlerhaften Anwendung: 0x01cca790273ed394  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad
 des fehlerhaften Moduls: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\coreclr.dll
Berichtskennung:
 6f8a658d-1383-11e1-837e-00262dabb1de
 
Error - 20.11.2011 10:25:36 | Computer Name = Fahriye-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 8.0.0.4325,
 Zeitstempel: 0x4eb4a91a  Name des fehlerhaften Moduls: coreclr.dll, Version: 4.0.60831.0,
 Zeitstempel: 0x4e5d6c64  Ausnahmecode: 0xc00000fd  Fehleroffset: 0x00001463  ID des fehlerhaften
 Prozesses: 0x18ec  Startzeit der fehlerhaften Anwendung: 0x01cca7903f51bf02  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad
 des fehlerhaften Moduls: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\coreclr.dll
Berichtskennung:
 82d57dcf-1383-11e1-837e-00262dabb1de
 
Error - 20.11.2011 10:25:51 | Computer Name = Fahriye-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 8.0.0.4325,
 Zeitstempel: 0x4eb4a91a  Name des fehlerhaften Moduls: coreclr.dll, Version: 4.0.60831.0,
 Zeitstempel: 0x4e5d6c64  Ausnahmecode: 0xc00000fd  Fehleroffset: 0x0000bf46  ID des fehlerhaften
 Prozesses: 0xa58  Startzeit der fehlerhaften Anwendung: 0x01cca79049a1d1fa  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad
 des fehlerhaften Moduls: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\coreclr.dll
Berichtskennung:
 8bf793ab-1383-11e1-837e-00262dabb1de
 
Error - 20.11.2011 10:26:18 | Computer Name = Fahriye-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 8.0.0.4325,
 Zeitstempel: 0x4eb4a91a  Name des fehlerhaften Moduls: coreclr.dll, Version: 4.0.60831.0,
 Zeitstempel: 0x4e5d6c64  Ausnahmecode: 0xc00000fd  Fehleroffset: 0x0001e38f  ID des fehlerhaften
 Prozesses: 0x1964  Startzeit der fehlerhaften Anwendung: 0x01cca790531f76ad  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad
 des fehlerhaften Moduls: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\coreclr.dll
Berichtskennung:
 9bf8cbca-1383-11e1-837e-00262dabb1de
 
[ System Events ]
Error - 27.11.2011 07:42:13 | Computer Name = Passionata | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.    Modulpfad:
 C:\Windows\system32\athExt.dll  Fehlercode: 126  
 
Error - 27.11.2011 07:42:40 | Computer Name = Passionata | Source = DCOM | ID = 10016
Description = 
 
Error - 27.11.2011 07:43:20 | Computer Name = Passionata | Source = DCOM | ID = 10016
Description = 
 
Error - 27.11.2011 09:31:22 | Computer Name = Passionata | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.    Modulpfad:
 C:\Windows\system32\athExt.dll  Fehlercode: 126  
 
Error - 28.11.2011 10:15:07 | Computer Name = Passionata | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.    Modulpfad:
 C:\Windows\system32\athExt.dll  Fehlercode: 126  
 
Error - 28.11.2011 10:16:00 | Computer Name = Passionata | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Intel(R) Rapid Storage Technology erreicht.
 
Error - 28.11.2011 10:16:00 | Computer Name = Passionata | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Intel(R) Rapid Storage Technology" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
Error - 28.11.2011 10:17:56 | Computer Name = Passionata | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Application Virtualization Client" wurde nicht richtig
 gestartet.
 
Error - 28.11.2011 10:18:01 | Computer Name = Passionata | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Client Virtualization Handler" ist vom Dienst "Application
 Virtualization Client" abhängig, der aufgrund folgenden Fehlers nicht gestartet
 wurde:   %%1070
 
Error - 28.11.2011 12:04:30 | Computer Name = Passionata | Source = DCOM | ID = 10010
Description = 
 
 
< End of report >
         

Alt 28.11.2011, 17:48   #27
mf21
 
BKA Virus Hilfe - Standard

BKA Virus Hilfe



und hier hijackthis

Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:05:27, on 28.11.2011
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Windows\vsnpstd3.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: (no name) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [msnmsgr] "C:\PROGRA~2\WIC4A1~1\MESSEN~1\msnmsgr.exe" /background
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - Startup: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Fahriye\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix: 
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13124 bytes
         

Geändert von mf21 (28.11.2011 um 18:07 Uhr)

Alt 28.11.2011, 17:50   #28
mf21
 
BKA Virus Hilfe - Standard

BKA Virus Hilfe



so das wars dann hoffe das problem wird so schnell wie möglich gelöst !
danke

Geändert von mf21 (28.11.2011 um 18:08 Uhr)

Alt 29.11.2011, 11:02   #29
kira
/// Helfer-Team
 
BKA Virus Hilfe - Standard

BKA Virus Hilfe



1.
Schliesse alle Programme einschliesslich Internet Explorer und fixe mit Hijackthis die Einträge aus der nachfolgenden Codebox (HijackThis starten→ "Do a system scan only"→ Einträge auswählenHäckhen setzen→ "Fix checked" klicken→ PC neu aufstarten):
HijackThis erstellt ein Backup, Falls bei "Fixen" etwas schief geht, kann man unter "View the list of backups"- die Objekte wiederherstellen
Code:
ATTFilter
R3 - URLSearchHook: (no name) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - (no file)
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
         
2.
Wenn alles gut verlaufen und dein System läuft stabil,mache folgendes:
Alle Systemwiederherstellungspunkte löschen, auch den Letzten

3.
Ich würde Dir vorsichtshalber raten, dein Passwort zu ändern
z.B. Login-, Mail- oder Website-Passwörter
Tipps:
Die sichere Passwort-Wahl - (sollte man eigentlich regelmäßigen Abständen ca. alle 3-5 Monate ändern)
auch noch hier unter: Sicheres Kennwort (Password)

4.
Malwarebytes und SUPERAntiSpyware kannst deinstallieren

5.
► für Windows das Service Pack 1 bitte aufspielen!:-> - Microsoft Update hält Ihren Computer auf dem neuesten Stand!
Software wie Betriebssysteme, Browser und E-Mail Clients werden laufend weiterentwickelt. Gleichzeitig arbeiten jedoch auch Hacker daran, ständig neue Sicherheitslücken zu finden und auszunutzen. Was heute noch keine Schlupflücke für Viren und Würmer ist, kann morgen bereits zur Gefahr werden, wenn der entsprechende Schädling programmiert wurde. Das führt dazu, dass es relativ häufig zu Meldungen über neue Sicherheitsanfälligkeiten kommt, auch wenn diese noch nicht durch Hacker entdeckt wurden. Denn selbstverständlich suchen auch Sicherheitsspezialisten nach potenziellen Angriffsmöglichkeiten. Updates der Softwareentwickler sorgen dafür, dass der User immer die aktuellste und sicherste Version des Betriebssystems und der installierten Software nutzen kann.

6.
poste erneut - nach der vorgenommenen Reinigungsaktion:
TrendMicro™ HijackThis™ -Logfile - Keine offenen Fenster, solang bis HijackThis läuft!!
► Rechtsklick auf HijackThis-> "Als administrator ausführen" wählen...
__________________

Warnung!:
Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
Anhang nicht öffnen, in unserem Forum erst nachfragen!

Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
Bitte diese Warnung weitergeben, wo Du nur kannst!

Alt 29.11.2011, 12:06   #30
mf21
 
BKA Virus Hilfe - Standard

BKA Virus Hilfe



soo habe alles durchgeführt und hier das logfile
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:04:31, on 29.11.2011
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Windows\vsnpstd3.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [msnmsgr] "C:\PROGRA~2\WIC4A1~1\MESSEN~1\msnmsgr.exe" /background
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - Startup: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Fahriye\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix: 
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12979 bytes
         

Antwort

Themen zu BKA Virus Hilfe
ausgeführt, bka virus, dateien, ebenfalls, editor, gestern, malware, virus, virus hilfe




Ähnliche Themen: BKA Virus Hilfe


  1. Hilfe Virus
    Plagegeister aller Art und deren Bekämpfung - 02.08.2013 (25)
  2. AKM Virus Hilfe !
    Plagegeister aller Art und deren Bekämpfung - 02.05.2012 (3)
  3. Virus gefunden - Alureon.H Virus - brauche Hilfe
    Plagegeister aller Art und deren Bekämpfung - 10.02.2011 (1)
  4. Habe ich einen Virus?? Bitte um Hilfe - Virus userinit.exe
    Log-Analyse und Auswertung - 20.04.2010 (8)
  5. hilfe virus
    Mülltonne - 19.12.2008 (0)
  6. Batch-Virus Probleme: VIRUS ALERT! Benötige Hilfe zur vollständigen Reinigung
    Plagegeister aller Art und deren Bekämpfung - 25.08.2008 (15)
  7. Hilfe Virus! Antivir, internet usw außer gefächt!!! Bitte um Hilfe
    Mülltonne - 15.07.2008 (0)
  8. Hilfe kA ob ich virus hab
    Log-Analyse und Auswertung - 01.02.2008 (2)
  9. Oh man brauch so dringend Hilfe!!!! Virus?Spyware? Hilfe für einen Laien!Bitte!
    Log-Analyse und Auswertung - 13.06.2007 (6)
  10. Hilfe Virus
    Plagegeister aller Art und deren Bekämpfung - 19.04.2007 (2)
  11. Hilfe mit Virus
    Plagegeister aller Art und deren Bekämpfung - 10.02.2007 (2)
  12. Hilfe Virus???
    Log-Analyse und Auswertung - 03.01.2006 (2)
  13. Virus W32/Nsag.B HILFE HILFE HILFE
    Plagegeister aller Art und deren Bekämpfung - 15.09.2005 (4)
  14. Hilfe Virus!!!
    Plagegeister aller Art und deren Bekämpfung - 02.08.2005 (18)
  15. Hilfe, Hilfe, Hilfe!!! Viren, Würmer und keine Ahnung was noch alles. Hilfe, Hilfe!!!
    Plagegeister aller Art und deren Bekämpfung - 31.01.2005 (7)
  16. Hilfe! Virus?!
    Plagegeister aller Art und deren Bekämpfung - 30.01.2005 (4)
  17. Hilfe!!! Ich glaub ich hab ein Virus -bitte um Hilfe-
    Antiviren-, Firewall- und andere Schutzprogramme - 15.10.2004 (5)

Zum Thema BKA Virus Hilfe - Java hab ich schon runtergeladen die alte version ist auch weg ccleaner hab ich auch schon durchgeführt - BKA Virus Hilfe...
Archiv
Du betrachtest: BKA Virus Hilfe auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.