Firefox im Taskmanager, obwohl nicht geöffnet!

Duffman · 16.12.2009, 16:17

PLFSetI.exe:

Code:

ATTFilter

Antivirus  	Version  	letzte aktualisierung  	Ergebnis
a-squared	4.5.0.43	2009.12.16	-
AhnLab-V3	5.0.0.2	2009.12.16	-
AntiVir	7.9.1.108	2009.12.16	-
Antiy-AVL	2.0.3.7	2009.12.16	-
Authentium	5.2.0.5	2009.12.02	-
Avast	4.8.1351.0	2009.12.16	-
AVG	8.5.0.427	2009.12.16	-
BitDefender	7.2	2009.12.16	-
CAT-QuickHeal	10.00	2009.12.16	-
ClamAV	0.94.1	2009.12.16	-
Comodo	3264	2009.12.16	-
DrWeb	5.0.0.12182	2009.12.16	-
eSafe	7.0.17.0	2009.12.16	-
eTrust-Vet	35.1.7178	2009.12.16	-
F-Prot	4.5.1.85	2009.12.15	-
F-Secure	9.0.15370.0	2009.12.16	-
Fortinet	4.0.14.0	2009.12.16	-
GData	19	2009.12.16	-
Ikarus	T3.1.1.78.0	2009.12.16	-
K7AntiVirus	7.10.922	2009.12.16	-
Kaspersky	7.0.0.125	2009.12.16	-
McAfee	5833	2009.12.15	-
McAfee+Artemis	5833	2009.12.15	-
McAfee-GW-Edition	6.8.5	2009.12.16	-
Microsoft	1.5302	2009.12.16	-
NOD32	4693	2009.12.16	-
Norman	6.04.03	2009.12.15	-
nProtect	2009.1.8.0	2009.12.16	-
Panda	10.0.2.2	2009.12.15	-
PCTools	7.0.3.5	2009.12.16	-
Prevx	3.0	2009.12.16	-
Rising	22.26.02.04	2009.12.16	-
Sophos	4.48.0	2009.12.16	-
Sunbelt	3.2.1858.2	2009.12.16	-
Symantec	1.4.4.12	2009.12.16	-
TheHacker	6.5.0.2.094	2009.12.15	-
TrendMicro	9.100.0.1001	2009.12.16	-
VBA32	3.12.12.0	2009.12.16	-
ViRobot	2009.12.16.2092	2009.12.16	-
VirusBuster	5.0.21.0	2009.12.16	-
weitere Informationen
File size: 200704 bytes
MD5...: 2ac7f8b8bf0d5d327a3a2a00453222c4
SHA1..: 801b48d7d5739038a7f293dbbf215431f77d8ee9
SHA256: f71b6cfa7f4ae2a13c8ddf296631ef26c72e7c0387d88b9701577dae133ec583
ssdeep: 3072:hBb0sexGRc3ZKmKxtAEjZoHLGIMAP0GV7UIJeIZ4yIy8o8bgCR8Z:DBc3ZK
AEjkGIFAjyC
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x9fe0
timedatestamp.....: 0x471d62d0 (Tue Oct 23 02:56:16 2007)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x2059f 0x21000 6.52 16d16d5b03dbdba19ce7a207a8c4b332
.rdata 0x22000 0x8720 0x9000 4.58 b67e7269fb7e03bb992b809f7b8b656e
.data 0x2b000 0x6348 0x3000 3.24 7180e1b25d7c9c8c1461a09f8479ffd6
.rsrc 0x32000 0x2490 0x3000 3.86 8fd26e728f6382b0e527cb04d7230d00

( 11 imports )
> KERNEL32.dll: GetStartupInfoA, GetCommandLineA, ExitProcess, TerminateProcess, HeapFree, HeapAlloc, RaiseException, HeapReAlloc, HeapSize, GetACP, GetTimeZoneInformation, LCMapStringA, LCMapStringW, UnhandledExceptionFilter, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, SetHandleCount, RtlUnwind, GetFileType, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, IsBadWritePtr, SetUnhandledExceptionFilter, GetStringTypeA, GetStringTypeW, IsBadReadPtr, IsBadCodePtr, SetStdHandle, CompareStringA, CompareStringW, SetEnvironmentVariableA, FormatMessageA, GetProfileStringA, GetTickCount, FileTimeToLocalFileTime, FileTimeToSystemTime, SetErrorMode, GetFileTime, GetFileSize, GetFileAttributesA, GetOEMCP, GetCPInfo, SizeofResource, GetProcessVersion, WritePrivateProfileStringA, GlobalFlags, TlsGetValue, LocalReAlloc, TlsSetValue, EnterCriticalSection, GlobalReAlloc, LeaveCriticalSection, TlsFree, GlobalHandle, DeleteCriticalSection, TlsAlloc, InitializeCriticalSection, LocalFree, LocalAlloc, GetThreadLocale, GetFullPathNameA, lstrcpynA, GetVolumeInformationA, FindFirstFileA, FindClose, SetEndOfFile, UnlockFile, LockFile, FlushFileBuffers, SetFilePointer, WriteFile, ReadFile, CreateFileA, GetCurrentProcess, DuplicateHandle, GetLastError, MulDiv, SetLastError, MultiByteToWideChar, lstrlenA, InterlockedIncrement, InterlockedDecrement, LoadLibraryA, FreeLibrary, GetVersion, lstrcatA, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFindAtomA, lstrcpyA, GetModuleHandleA, GetProcAddress, GlobalUnlock, GlobalFree, LockResource, FindResourceA, LoadResource, CloseHandle, GetModuleFileNameA, GlobalLock, GlobalAlloc, GlobalDeleteAtom, lstrcmpA, lstrcmpiA, GetCurrentThread, GetCurrentThreadId, lstrcpyW, WideCharToMultiByte, GetWindowsDirectoryA, Sleep, GetStdHandle, GetSystemDefaultLCID
> USER32.dll: SetRect, GetNextDlgGroupItem, MessageBeep, InvalidateRect, InflateRect, RegisterClipboardFormatA, PostThreadMessageA, GetSysColor, SetFocus, AdjustWindowRectEx, ScreenToClient, CopyRect, GetTopWindow, IsChild, GetCapture, WinHelpA, wsprintfA, GetClassInfoA, RegisterClassA, GetMenu, GetMenuItemCount, GetSubMenu, GetMenuItemID, GetWindowTextLengthA, GetWindowTextA, GetDlgCtrlID, DefWindowProcA, CreateWindowExA, GetClassLongA, SetPropA, UnhookWindowsHookEx, GetPropA, CallWindowProcA, RemovePropA, CopyAcceleratorTableA, GetMessagePos, GetClassNameA, SetForegroundWindow, SetWindowLongA, RegisterWindowMessageA, OffsetRect, IntersectRect, SystemParametersInfoA, GetWindowPlacement, GetWindowRect, MapDialogRect, SetWindowPos, GetWindow, SetWindowContextHelpId, EndDialog, SetActiveWindow, IsWindow, CreateDialogIndirectParamA, GetDlgItem, GetMenuCheckMarkDimensions, LoadBitmapA, GetMenuState, ModifyMenuA, SetMenuItemBitmaps, CheckMenuItem, EnableMenuItem, GetFocus, GetNextDlgTabItem, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, GetKeyState, CallNextHookEx, ValidateRect, IsWindowVisible, PeekMessageA, GetCursorPos, LoadIconA, SendMessageA, AppendMenuA, UnregisterClassA, HideCaret, ShowCaret, ExcludeUpdateRgn, DrawFocusRect, SetWindowsHookExA, GetParent, GetLastActivePopup, IsWindowEnabled, GetWindowLongA, MessageBoxA, SetCursor, PostQuitMessage, PostMessageA, EnableWindow, IsIconic, GetSystemMetrics, CharNextA, GetSysColorBrush, GetMessageTime, GetClientRect, DrawIcon, DefDlgProcA, IsWindowUnicode, GetSystemMenu, GetDesktopWindow, LoadCursorA, CharUpperA, GrayStringA, DrawTextA, TabbedTextOutA, EndPaint, BeginPaint, GetWindowDC, ReleaseDC, GetDC, ClientToScreen, DestroyMenu, LoadStringA, ShowWindow, MoveWindow, SetWindowTextA, IsDialogMessageA, MapWindowPoints, UpdateWindow, DestroyWindow, PtInRect, GetForegroundWindow, SendDlgItemMessageA
> GDI32.dll: SetMapMode, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, IntersectClipRect, DeleteObject, GetDeviceCaps, GetViewportExtEx, GetWindowExtEx, CreateSolidBrush, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, GetTextColor, GetBkColor, DPtoLP, LPtoDP, GetMapMode, PatBlt, SetBkMode, GetStockObject, SelectObject, RestoreDC, SaveDC, DeleteDC, GetObjectA, SetBkColor, SetTextColor, GetClipBox, CreateDIBitmap, GetTextExtentPointA, BitBlt, CreateCompatibleDC, CreateBitmap
> comdlg32.dll: GetFileTitleA
> WINSPOOL.DRV: ClosePrinter, DocumentPropertiesA, OpenPrinterA
> ADVAPI32.dll: RegCloseKey, RegSetValueExA, RegCreateKeyExA, RegQueryValueExA, RegOpenKeyExA
> COMCTL32.dll: -
> oledlg.dll: -
> ole32.dll: CoFreeUnusedLibraries, OleUninitialize, CoTaskMemAlloc, CoTaskMemFree, CreateILockBytesOnHGlobal, StgCreateDocfileOnILockBytes, StgOpenStorageOnILockBytes, CoGetClassObject, CLSIDFromString, CLSIDFromProgID, CoCreateInstance, CoInitialize, CoUninitialize, CoRegisterMessageFilter, CoRevokeClassObject, OleFlushClipboard, OleIsCurrentClipboard, OleInitialize
> OLEPRO32.DLL: -
> OLEAUT32.dll: -, -, -, -, -, -, -, -, -

( 0 exports )
RDS...: NSRL Reference Data Set
-
sigcheck:
publisher....:
copyright....: Copyright (C) 2007
product......: DefaultSettingEXE Application
description..: DefaultSettingEXE MFC Application
original name: DefaultSettingEXE.EXE
internal name: DefaultSettingEXE
file version.: 1, 0, 1, 0
comments.....:
signers......: -
signing date.: -
verified.....: Unsigned
trid..: Win64 Executable Generic (54.6%)
Win32 Executable MS Visual C++ (generic) (24.0%)
Windows Screen Saver (8.3%)
Win32 Executable Generic (5.4%)
Win32 Dynamic Link Library (generic) (4.8%)
pdfid.: -

und von SLSvc.exe:

Code:

ATTFilter

Antivirus  	Version  	letzte aktualisierung  	Ergebnis
a-squared	4.5.0.43	2009.12.16	-
AhnLab-V3	5.0.0.2	2009.12.16	-
AntiVir	7.9.1.108	2009.12.16	-
Antiy-AVL	2.0.3.7	2009.12.16	-
Authentium	5.2.0.5	2009.12.02	-
Avast	4.8.1351.0	2009.12.16	-
AVG	8.5.0.427	2009.12.16	-
BitDefender	7.2	2009.12.16	-
CAT-QuickHeal	10.00	2009.12.16	-
ClamAV	0.94.1	2009.12.16	-
Comodo	3264	2009.12.16	-
DrWeb	5.0.0.12182	2009.12.16	-
eSafe	7.0.17.0	2009.12.16	-
eTrust-Vet	35.1.7178	2009.12.16	-
F-Prot	4.5.1.85	2009.12.15	-
F-Secure	9.0.15370.0	2009.12.16	-
Fortinet	4.0.14.0	2009.12.16	-
GData	19	2009.12.16	-
Ikarus	T3.1.1.78.0	2009.12.16	-
Jiangmin	13.0.900	2009.12.16	-
K7AntiVirus	7.10.922	2009.12.16	-
Kaspersky	7.0.0.125	2009.12.16	-
McAfee	5833	2009.12.15	-
McAfee+Artemis	5833	2009.12.15	-
McAfee-GW-Edition	6.8.5	2009.12.16	-
Microsoft	1.5302	2009.12.16	-
NOD32	4693	2009.12.16	-
Norman	6.04.03	2009.12.15	-
nProtect	2009.1.8.0	2009.12.16	-
Panda	10.0.2.2	2009.12.15	-
PCTools	7.0.3.5	2009.12.16	-
Prevx	3.0	2009.12.16	-
Rising	22.26.02.04	2009.12.16	-
Sophos	4.48.0	2009.12.16	-
Sunbelt	3.2.1858.2	2009.12.16	-
Symantec	1.4.4.12	2009.12.16	-
TheHacker	6.5.0.2.094	2009.12.15	-
TrendMicro	9.100.0.1001	2009.12.16	-
VBA32	3.12.12.0	2009.12.16	-
ViRobot	2009.12.16.2092	2009.12.16	-
VirusBuster	5.0.21.0	2009.12.16	-
weitere Informationen
File size: 3408896 bytes
MD5...: 862bb4cbc05d80c5b45be430e5ef872f
SHA1..: 63a7e82d687fcc9c3bf36347ee59b7e1c388ef24
SHA256: f4961b22c93e472c8c862421aa231cdda9e40d3958741a1d666357f22cc3143d
ssdeep: 49152:yjt6nxG8ZL9fub9iSx2Rp+Xx87KfmaoeiMizm6df1OD0cIlSbTLPJRwVMX
3:QofuZqiTLzX3
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0xc5756
timedatestamp.....: 0x49e02e64 (Sat Apr 11 05:45:08 2009)
machinetype.......: 0x14c (I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.pexe 0x1000 0x480 0x600 3.88 115ae33fe1804320cb32defe931c3512
.text 0x2000 0x2a1e0c 0x2a2000 6.68 698028c8edc1e08ceb8883e9fe963ba3
.data 0x2a4000 0x71cb5 0x71e00 7.79 be7a46b9ed9803e9c0b6947b4e9bae23
.rsrc 0x316000 0x2228 0x2400 3.14 719ccdf6f401d182d8ab5aefa87e2fdb
.reloc 0x319000 0x2979c 0x29800 6.75 61d5c9ea39348836b0a57a8e80ccf464

( 8 imports )
> ADVAPI32.dll: TraceEvent, EventUnregister, EventWrite, EventEnabled, GetTraceEnableFlags, GetTraceEnableLevel, GetTraceLoggerHandle, RegisterTraceGuidsW, UnregisterTraceGuids, RegCloseKey, CloseServiceHandle, EventRegister, SetServiceStatus, NotifyServiceStatusChangeW, ControlService, QueryServiceStatus, OpenServiceW, OpenSCManagerW, RegOpenKeyExW, RegQueryValueExW, StartServiceW, RegisterServiceCtrlHandlerW, StartServiceCtrlDispatcherW, RegSetValueExW, RegCreateKeyExW, LsaClose, LsaFreeMemory, LsaQueryInformationPolicy, LsaOpenPolicy, FreeSid, CheckTokenMembership, AllocateAndInitializeSid, SystemFunction036, ConvertStringSidToSidW, RegDeleteValueW, WmiOpenBlock, WmiQueryAllDataW, WmiCloseBlock, ConvertStringSecurityDescriptorToSecurityDescriptorW, CryptReleaseContext, CryptDestroyHash, CryptHashData, CryptCreateHash, CryptAcquireContextW, CryptGetHashParam, CryptDestroyKey, CryptEncrypt, CryptDecrypt, CryptImportKey, CryptSignHashA, CryptVerifySignatureA, CryptExportKey, CryptGenKey, CryptVerifySignatureW, GetCurrentHwProfileW, DeregisterEventSource, ReportEventW, RegisterEventSourceW, ConvertSidToStringSidW, LookupAccountNameW, RegisterTraceGuidsA
> KERNEL32.dll: CreateTimerQueueTimer, CreateTimerQueue, GetSystemTimeAsFileTime, GetComputerNameExW, FileTimeToSystemTime, ChangeTimerQueueTimer, EncodePointer, GetTickCount, DeleteTimerQueueEx, ExpandEnvironmentStringsW, QueryPerformanceCounter, SystemTimeToFileTime, GetLocalTime, CompareFileTime, GetSystemInfo, IsWow64Process, MultiByteToWideChar, LCMapStringW, GetSystemFirmwareTable, GetCurrentProcessId, RegisterWaitForSingleObject, DuplicateHandle, LoadLibraryA, UnregisterWaitEx, DeleteTimerQueueTimer, DeleteTimerQueue, QueueUserWorkItem, OpenThread, SetThreadPriority, GetCurrentThreadId, GetCurrentProcess, GetProcessHeaps, HeapQueryInformation, SleepEx, InitializeCriticalSectionAndSpinCount, CreateEventW, ResetEvent, InterlockedExchange, WaitForSingleObject, HeapSetInformation, GetVersionExW, DeleteCriticalSection, InterlockedDecrement, InterlockedIncrement, CloseHandle, DecodePointer, HeapFree, GetProcessHeap, HeapAlloc, TzSpecificLocalTimeToSystemTime, WaitForMultipleObjects, GetDevicePowerState, ReleaseSemaphore, CreateSemaphoreA, InterlockedExchangeAdd, MoveFileExW, ReadFile, SetFilePointer, GetThreadPriority, GetSystemDefaultLangID, GetFileSize, CreateFileMappingW, MapViewOfFile, GetComputerNameW, GetLocaleInfoW, GetDateFormatW, GetTimeFormatW, GetVersionExA, UnmapViewOfFile, GetSystemDirectoryW, GlobalMemoryStatusEx, GetNativeSystemInfo, GetSystemTime, WideCharToMultiByte, GetPrivateProfileStringW, GetPrivateProfileSectionW, CreateDirectoryW, IsProcessorFeaturePresent, FlushFileBuffers, DeviceIoControl, GetModuleHandleExW, GetLastError, SetEvent, EnterCriticalSection, LeaveCriticalSection, InterlockedCompareExchange, LoadLibraryW, GetProcAddress, FreeLibrary, LocalAlloc, LocalFree, OpenProcess, DelayLoadFailureHook, Sleep, SetUnhandledExceptionFilter, GetModuleHandleA, TerminateProcess, UnhandledExceptionFilter, ExitProcess, VirtualAlloc, VirtualFree, GetVersion, VirtualProtect, SetLastError, GetFileAttributesW, WriteFile, CreateFileW, lstrlenW, InitializeCriticalSection, SetFileAttributesW, CopyFileW, DeleteFileW
> msvcrt.dll: _wcsnicmp, memcpy, memset, _vsnwprintf, _beginthreadex, ceil, _controlfp, _terminate@@YAXXZ, _onexit, _lock, __dllonexit, _unlock, _except_handler4_common, __set_app_type, __p__fmode, __p__commode, _CIlog10, __setusermatherr, _amsg_exit, _initterm, exit, _XcptFilter, _exit, _cexit, __wgetmainargs, free, _callnewh, malloc, _wtof, wcsncmp, _adjust_fdiv, wcsstr, _wtol, swscanf, wcschr, _wcsicmp, _purecall, sscanf, _wtoi, time, srand, rand, memmove, _ui64tow, _itow, memcpy_s, memchr, _ftol2
> ntdll.dll: NtQueryInformationThread, NtLockProductActivationKeys, NtSetInformationThread, NtQueryLicenseValue, NtQueryInformationProcess, NtSetInformationProcess, RtlLeaveCriticalSection, RtlEnterCriticalSection, RtlInitUnicodeString, ShipAssert
> RPCRT4.dll: RpcServerListen, I_RpcMapWin32Status, RpcMgmtStopServerListening, RpcServerUnregisterIf, I_RpcBindingInqLocalClientPID, RpcServerInqCallAttributesW, RpcServerRegisterIfEx, NdrServerCall2, UuidCreate, UuidToStringW, UuidFromStringW, RpcImpersonateClient, RpcRevertToSelfEx, RpcRaiseException, RpcServerRegisterIf2, RpcStringBindingComposeW, RpcBindingFromStringBindingW, I_RpcExceptionFilter, RpcStringFreeW, RpcBindingFree, RpcServerUseProtseqEpW, NdrClientCall2
> slc.dll: SLOpen
> USER32.dll: CharNextW, CharPrevW
> DNSAPI.dll: DnsModifyRecordsInSet_W, DnsQuery_W, DnsFree

( 1 exports )
_SPVersion@@3PADA
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
sigcheck:
publisher....: Microsoft Corporation
copyright....: (c) Microsoft Corporation. All rights reserved.
product......: Microsoft_ Windows_ Operating System
description..: Microsoft Software Licensing Service
original name: SLService
internal name: SLService
file version.: 6.0.6002.18005 (lh_sp2rtm.090410-1830)
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

und der log von RSIT:

Code:

ATTFilter

Logfile of random's system information tool 1.06 (written by random/random)
Run by Bönek at 2009-12-16 16:16:31
Microsoft® Windows Vista™ Home Premium  Service Pack 2
System drive C: has 94 GB (64%) free of 146 GB
Total RAM: 3066 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:16:35, on 16.12.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\mobsync.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Razer\Diamondback\razerhid.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\AOL 9.0 VRa\waol.exe
C:\Program Files\Common Files\AOL\1218900205\ee\aolsoftware.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\BNEK~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Razer\Diamondback\razertra.exe
C:\Program Files\Razer\Diamondback\razerofa.exe
C:\Program Files\AOL 9.0 VRa\shellmon.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Program Files\Internet Explorer\IELowutil.exe
C:\Users\Bönek\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Bönek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://de.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://de.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: (no name) -  - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Diamondback] C:\Program Files\Razer\Diamondback\razerhid.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.0 VRa\AOL.EXE" -b
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix: 
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate1c98c805e078ff9) (gupdate1c98c805e078ff9) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe

--
End of file - 10734 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{754E5B26-1DC0-41A1-9CB0-B96AD1E6FD40}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-07-07 1562448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-03-04 312880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-03-04 142896]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-02-22 1037608]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-04-03 13535776]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-04-03 92704]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-25 6111232]
"PLFSetI"=C:\Windows\PLFSetI.exe [2007-10-23 200704]
"eDataSecurity Loader"=C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-03-04 526896]
"ePower_DMC"=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-04-30 397312]
"CLMLServer"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [2008-04-10 167936]
"WarReg_PopUp"=C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [2008-01-29 303104]
"Diamondback"=C:\Program Files\Razer\Diamondback\razerhid.exe [2007-02-14 147456]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Skytel"=C:\Windows\Skytel.exe [2007-11-21 1826816]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-06-16 221184]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"AOL Fast Start"=C:\Program Files\AOL 9.0 VRa\AOL.EXE [2007-06-21 50480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeDeluxeAgent]
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2008-04-10 147456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray]
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-06 34040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eAudio]
C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [2008-03-07 544768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2008-04-18 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiteAdvisor]
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
C:\Windows\Skytel.exe [2007-11-21 1826816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
oobefldr.dll,ShowWelcomeCenter []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZPdtWzdVitaKey MC3000]
C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [2008-07-12 3667968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk]
C:\PROGRA~1\Acer\ACERVC~1\AcerVCM.exe [2008-03-05 1216512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AWinNotifyVitaKey MC3000]
C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll [2008-07-12 3110912]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Acer\Acer Bio Protection\PwdFilter

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{05357f28-6d1a-11dd-a7c7-00038a000015}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\RECYCLER\S-1-5-21-1482476501-3352491937-682996330-1013\svhost.exe
shell\Open\command - F:\RECYCLER\S-1-5-21-1482476501-3352491937-682996330-1013\svhost.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-12-14 21:12:38 ----A---- C:\avenger.txt
2009-12-14 17:47:50 ----D---- C:\Avenger
2009-12-14 15:43:33 ----D---- C:\rsit
2009-12-14 15:26:39 ----D---- C:\Users\Bönek\AppData\Roaming\Malwarebytes
2009-12-14 15:26:33 ----D---- C:\ProgramData\Malwarebytes
2009-12-14 15:26:33 ----D---- C:\Program Files\Malwarebytes
2009-12-14 08:44:21 ----D---- C:\Program Files\Trend Micro
2009-12-13 00:48:14 ----A---- C:\Users\Bönek\AppData\Roaming\SQLite3.dll
2009-12-09 12:04:30 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-09 12:04:29 ----A---- C:\Windows\system32\httpapi.dll
2009-12-09 10:39:15 ----A---- C:\Windows\system32\winhttp.dll
2009-12-09 10:39:13 ----A---- C:\Windows\system32\mshtml.dll
2009-12-09 10:39:12 ----A---- C:\Windows\system32\ieframe.dll
2009-12-09 10:39:11 ----A---- C:\Windows\system32\wininet.dll
2009-12-09 10:39:11 ----A---- C:\Windows\system32\urlmon.dll
2009-12-09 10:39:11 ----A---- C:\Windows\system32\occache.dll
2009-12-09 10:39:11 ----A---- C:\Windows\system32\msfeeds.dll
2009-12-09 10:39:11 ----A---- C:\Windows\system32\iertutil.dll
2009-12-09 10:39:11 ----A---- C:\Windows\system32\iedkcs32.dll
2009-12-09 10:39:10 ----A---- C:\Windows\system32\msfeedssync.exe
2009-12-09 10:39:10 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-12-09 10:39:10 ----A---- C:\Windows\system32\jsproxy.dll
2009-12-09 10:39:10 ----A---- C:\Windows\system32\ieUnatt.exe
2009-12-09 10:39:10 ----A---- C:\Windows\system32\ieui.dll
2009-12-09 10:39:10 ----A---- C:\Windows\system32\iesysprep.dll
2009-12-09 10:39:10 ----A---- C:\Windows\system32\iesetup.dll
2009-12-09 10:39:10 ----A---- C:\Windows\system32\iernonce.dll
2009-12-09 10:39:10 ----A---- C:\Windows\system32\iepeers.dll
2009-12-09 10:39:10 ----A---- C:\Windows\system32\ie4uinit.exe
2009-12-09 10:38:30 ----A---- C:\Windows\system32\rastls.dll
2009-11-25 22:16:11 ----A---- C:\Windows\system32\tzres.dll
2009-11-25 12:08:16 ----A---- C:\Windows\system32\msxml6.dll
2009-11-25 12:08:16 ----A---- C:\Windows\system32\msxml3.dll
2009-11-23 17:23:41 ----A---- C:\Windows\system32\XAudio2_5.dll
2009-11-23 17:23:41 ----A---- C:\Windows\system32\xactengine3_5.dll
2009-11-23 17:23:41 ----A---- C:\Windows\system32\d3dcsx_42.dll
2009-11-23 17:23:41 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2009-11-23 17:23:40 ----A---- C:\Windows\system32\D3DX9_42.dll
2009-11-23 17:23:40 ----A---- C:\Windows\system32\d3dx11_42.dll
2009-11-23 17:23:40 ----A---- C:\Windows\system32\d3dx10_42.dll
2009-11-23 17:23:39 ----A---- C:\Windows\system32\d3dx10_41.dll
2009-11-23 17:23:39 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2009-11-23 17:23:38 ----A---- C:\Windows\system32\D3DX9_41.dll
2009-11-23 17:23:37 ----A---- C:\Windows\system32\XAudio2_4.dll
2009-11-23 17:23:37 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2009-11-23 17:23:37 ----A---- C:\Windows\system32\xactengine3_4.dll
2009-11-23 17:23:37 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2009-11-23 17:23:36 ----A---- C:\Windows\system32\d3dx10_40.dll
2009-11-23 17:23:36 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2009-11-23 17:23:35 ----A---- C:\Windows\system32\XAudio2_2.dll
2009-11-23 17:23:35 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2009-11-23 17:23:35 ----A---- C:\Windows\system32\D3DX9_40.dll
2009-11-23 17:23:34 ----A---- C:\Windows\system32\xactengine3_2.dll
2009-11-17 16:21:29 ----D---- C:\Program Files\Windows Portable Devices
2009-11-17 12:02:41 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-11-17 12:02:41 ----A---- C:\Windows\system32\UIAnimation.dll
2009-11-17 12:02:40 ----A---- C:\Windows\system32\UIRibbon.dll
2009-11-17 12:02:18 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-11-17 12:02:18 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-11-17 12:02:18 ----A---- C:\Windows\system32\WMPhoto.dll
2009-11-17 12:02:18 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-11-17 12:02:18 ----A---- C:\Windows\system32\d3d10warp.dll
2009-11-17 12:02:18 ----A---- C:\Windows\system32\cdd.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\xpsservices.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\XpsPrint.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-11-17 12:02:17 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\OpcServices.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\FntCache.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\dxgi.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\dxdiagn.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\dxdiag.exe
2009-11-17 12:02:17 ----A---- C:\Windows\system32\DWrite.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\d3d11.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\d3d10level9.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\d3d10core.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\d3d10_1.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\d3d10.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\d2d1.dll
2009-11-17 12:01:54 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-11-17 12:01:54 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-11-17 12:01:54 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-11-17 12:01:45 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-11-17 12:01:43 ----A---- C:\Windows\system32\WpdMtpUS.dll
2009-11-17 12:01:43 ----A---- C:\Windows\system32\WpdConns.dll
2009-11-17 12:01:42 ----A---- C:\Windows\system32\WPDSp.dll
2009-11-17 12:01:42 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-11-17 12:01:42 ----A---- C:\Windows\system32\wpdshext.dll
2009-11-17 12:01:42 ----A---- C:\Windows\system32\WpdMtp.dll
2009-11-17 12:01:42 ----A---- C:\Windows\system32\wpd_ci.dll
2009-11-17 12:01:42 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-11-17 12:01:42 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-11-17 12:01:42 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-11-17 12:01:42 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-11-17 12:00:35 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-11-17 12:00:35 ----A---- C:\Windows\system32\oleaccrc.dll
2009-11-17 12:00:35 ----A---- C:\Windows\system32\oleacc.dll

======List of files/folders modified in the last 1 months======

2009-12-16 16:16:32 ----D---- C:\Windows\Temp
2009-12-16 16:02:30 ----D---- C:\Windows\Prefetch
2009-12-16 14:03:18 ----D---- C:\Windows\System32
2009-12-16 14:03:18 ----D---- C:\Windows\inf
2009-12-16 14:03:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-12-15 14:44:15 ----SHD---- C:\System Volume Information
2009-12-15 10:13:06 ----D---- C:\Windows
2009-12-14 22:36:24 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-12-14 22:35:51 ----RD---- C:\Program Files
2009-12-14 22:35:51 ----HD---- C:\ProgramData
2009-12-14 22:35:49 ----D---- C:\Windows\system32\drivers
2009-12-14 18:56:23 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-14 16:30:29 ----D---- C:\Windows\Cursors
2009-12-14 15:12:07 ----D---- C:\Program Files\CCleaner
2009-12-14 09:31:27 ----SD---- C:\Users\Bönek\AppData\Roaming\Microsoft
2009-12-13 22:50:44 ----D---- C:\Windows\Debug
2009-12-11 23:35:36 ----D---- C:\Program Files\Common Files\Steam
2009-12-10 20:00:50 ----D---- C:\Windows\system32\catroot2
2009-12-09 12:38:45 ----D---- C:\Windows\rescache
2009-12-09 12:33:39 ----D---- C:\Windows\winsxs
2009-12-09 12:23:32 ----D---- C:\Windows\system32\catroot
2009-12-09 12:21:06 ----D---- C:\Windows\system32\migration
2009-12-09 12:21:05 ----D---- C:\Windows\system32\de-DE
2009-12-09 12:21:05 ----D---- C:\Program Files\Windows Mail
2009-12-09 12:21:05 ----D---- C:\Program Files\Internet Explorer
2009-12-06 13:00:23 ----SHD---- C:\Windows\Installer
2009-12-06 13:00:22 ----SHD---- C:\Config.Msi
2009-12-06 13:00:22 ----D---- C:\ProgramData\Microsoft Help
2009-12-06 12:32:39 ----D---- C:\Users\Bönek\AppData\Roaming\PC Suite
2009-12-05 15:44:26 ----D---- C:\Program Files\Google
2009-12-01 21:06:19 ----A---- C:\Windows\system32\mrt.exe
2009-11-28 22:59:51 ----RSD---- C:\Windows\assembly
2009-11-17 16:24:02 ----D---- C:\Windows\system32\Tasks
2009-11-17 16:21:29 ----D---- C:\Windows\system32\wbem
2009-11-17 16:21:27 ----D---- C:\Windows\system32\zh-TW
2009-11-17 16:21:27 ----D---- C:\Windows\system32\zh-HK
2009-11-17 16:21:27 ----D---- C:\Windows\system32\zh-CN
2009-11-17 16:21:27 ----D---- C:\Windows\system32\uk-UA
2009-11-17 16:21:27 ----D---- C:\Windows\system32\tr-TR
2009-11-17 16:21:27 ----D---- C:\Windows\system32\th-TH
2009-11-17 16:21:27 ----D---- C:\Windows\system32\sv-SE
2009-11-17 16:21:27 ----D---- C:\Windows\system32\sr-Latn-CS
2009-11-17 16:21:27 ----D---- C:\Windows\system32\sl-SI
2009-11-17 16:21:27 ----D---- C:\Windows\system32\sk-SK
2009-11-17 16:21:27 ----D---- C:\Windows\system32\ru-RU
2009-11-17 16:21:27 ----D---- C:\Windows\system32\ro-RO
2009-11-17 16:21:27 ----D---- C:\Windows\system32\pt-PT
2009-11-17 16:21:27 ----D---- C:\Windows\system32\pt-BR
2009-11-17 16:21:27 ----D---- C:\Windows\system32\pl-PL
2009-11-17 16:21:27 ----D---- C:\Windows\system32\nl-NL
2009-11-17 16:21:27 ----D---- C:\Windows\system32\nb-NO
2009-11-17 16:21:27 ----D---- C:\Windows\system32\lv-LV
2009-11-17 16:21:27 ----D---- C:\Windows\system32\lt-LT
2009-11-17 16:21:27 ----D---- C:\Windows\system32\ko-KR
2009-11-17 16:21:27 ----D---- C:\Windows\system32\ja-JP
2009-11-17 16:21:27 ----D---- C:\Windows\system32\it-IT
2009-11-17 16:21:27 ----D---- C:\Windows\system32\hu-HU
2009-11-17 16:21:27 ----D---- C:\Windows\system32\hr-HR
2009-11-17 16:21:27 ----D---- C:\Windows\system32\he-IL
2009-11-17 16:21:27 ----D---- C:\Windows\system32\fr-FR
2009-11-17 16:21:27 ----D---- C:\Windows\system32\fi-FI
2009-11-17 16:21:27 ----D---- C:\Windows\system32\et-EE
2009-11-17 16:21:27 ----D---- C:\Windows\system32\es-ES
2009-11-17 16:21:27 ----D---- C:\Windows\system32\en-US
2009-11-17 16:21:27 ----D---- C:\Windows\system32\el-GR
2009-11-17 16:21:27 ----D---- C:\Windows\system32\da-DK
2009-11-17 16:21:27 ----D---- C:\Windows\system32\cs-CZ
2009-11-17 16:21:27 ----D---- C:\Windows\system32\bg-BG
2009-11-17 16:21:27 ----D---- C:\Windows\system32\ar-SA

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-06-09 28520]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-04-18 61424]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-06-17 281760]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-08 56816]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2007-01-26 69632]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-21 95744]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-06-17 25888]
R2 NTIPPKernel;NTIPPKernel; \??\C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-03-04 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-03-04 60464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-03-01 1202560]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2008-05-30 146944]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-03 21264]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-25 2126688]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-31 14848]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-04-03 43552]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-04-03 7444672]
R3 Razerlow;Razerlow USB Filter Driver; C:\Windows\System32\Drivers\Razerlow.sys [2005-04-24 13225]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-02-22 198064]
R3 usbvideo;USB-Videogerät (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 wanatw;WAN Miniport (ATW); C:\Windows\system32\DRIVERS\wanatw4.sys [2006-11-01 33588]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-02-21 299008]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-12 84240]
S3 kgrdypoc;kgrdypoc; \??\C:\Users\BNEK~1\AppData\Local\Temp\kgrdypoc.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2008-01-21 30720]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-07-09 39424]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2008-03-18 13312]
R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-06-09 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-05 185089]
R2 AOL ACS;AOL Connectivity Service; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [2006-10-23 46640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 Bonjour Service;Bonjour-Dienst; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
R2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-16 81504]
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-03-04 500784]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-10-16 860160]
R2 IGBASVC;iGroupTec Service; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [2008-07-12 3517440]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-04-03 118784]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-06-23 75064]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-10-16 466944]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\Cyberlink\Shared files\RichVideo.exe [2007-01-09 272024]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2008-01-10 233472]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S2 gupdate1c98c805e078ff9;Google Update Service (gupdate1c98c805e078ff9); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-11 133104]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-12-11 321320]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2008-08-25 361216]

-----------------EOF-----------------

cosinus · 16.12.2009, 16:24

Da taucht nur der Schlüssel auf, wo svhost vorkommt:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{05357f28-6d1a-11dd-a7c7-00038a000015}]

Bitte mit regedit löschen.

Duffman · 16.12.2009, 16:38

Ist gelöscht! Und nu?

16.12.2009, 16:24	#2
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Firefox im Taskmanager, obwohl nicht geöffnet! Da taucht nur der Schlüssel auf, wo svhost vorkommt: [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{05357f28-6d1a-11dd-a7c7-00038a000015}] Bitte mit regedit löschen. __________________ __________________

Firefox im Taskmanager, obwohl nicht geöffnet!

Log-Analyse und Auswertung: Firefox im Taskmanager, obwohl nicht geöffnet!

Firefox im Taskmanager, obwohl nicht geöffnet!

Firefox im Taskmanager, obwohl nicht geöffnet!

Firefox im Taskmanager, obwohl nicht geöffnet!

Ähnliche Themen: Firefox im Taskmanager, obwohl nicht geöffnet!

16.12.2009, 16:38	#3
Duffman	Firefox im Taskmanager, obwohl nicht geöffnet! Ist gelöscht! Und nu? __________________