Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Firefox im Taskmanager, obwohl nicht geöffnet!

Firefox im Taskmanager, obwohl nicht geöffnet!


Log-Analyse und Auswertung: Firefox im Taskmanager, obwohl nicht geöffnet!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 16.12.2009, 16:17   #36
Duffman
 
Firefox im Taskmanager, obwohl nicht geöffnet! - Standard

Firefox im Taskmanager, obwohl nicht geöffnet!


PLFSetI.exe:
Code:
ATTFilter
Antivirus  	Version  	letzte aktualisierung  	Ergebnis
a-squared	4.5.0.43	2009.12.16	-
AhnLab-V3	5.0.0.2	2009.12.16	-
AntiVir	7.9.1.108	2009.12.16	-
Antiy-AVL	2.0.3.7	2009.12.16	-
Authentium	5.2.0.5	2009.12.02	-
Avast	4.8.1351.0	2009.12.16	-
AVG	8.5.0.427	2009.12.16	-
BitDefender	7.2	2009.12.16	-
CAT-QuickHeal	10.00	2009.12.16	-
ClamAV	0.94.1	2009.12.16	-
Comodo	3264	2009.12.16	-
DrWeb	5.0.0.12182	2009.12.16	-
eSafe	7.0.17.0	2009.12.16	-
eTrust-Vet	35.1.7178	2009.12.16	-
F-Prot	4.5.1.85	2009.12.15	-
F-Secure	9.0.15370.0	2009.12.16	-
Fortinet	4.0.14.0	2009.12.16	-
GData	19	2009.12.16	-
Ikarus	T3.1.1.78.0	2009.12.16	-
K7AntiVirus	7.10.922	2009.12.16	-
Kaspersky	7.0.0.125	2009.12.16	-
McAfee	5833	2009.12.15	-
McAfee+Artemis	5833	2009.12.15	-
McAfee-GW-Edition	6.8.5	2009.12.16	-
Microsoft	1.5302	2009.12.16	-
NOD32	4693	2009.12.16	-
Norman	6.04.03	2009.12.15	-
nProtect	2009.1.8.0	2009.12.16	-
Panda	10.0.2.2	2009.12.15	-
PCTools	7.0.3.5	2009.12.16	-
Prevx	3.0	2009.12.16	-
Rising	22.26.02.04	2009.12.16	-
Sophos	4.48.0	2009.12.16	-
Sunbelt	3.2.1858.2	2009.12.16	-
Symantec	1.4.4.12	2009.12.16	-
TheHacker	6.5.0.2.094	2009.12.15	-
TrendMicro	9.100.0.1001	2009.12.16	-
VBA32	3.12.12.0	2009.12.16	-
ViRobot	2009.12.16.2092	2009.12.16	-
VirusBuster	5.0.21.0	2009.12.16	-
weitere Informationen
File size: 200704 bytes
MD5...: 2ac7f8b8bf0d5d327a3a2a00453222c4
SHA1..: 801b48d7d5739038a7f293dbbf215431f77d8ee9
SHA256: f71b6cfa7f4ae2a13c8ddf296631ef26c72e7c0387d88b9701577dae133ec583
ssdeep: 3072:hBb0sexGRc3ZKmKxtAEjZoHLGIMAP0GV7UIJeIZ4yIy8o8bgCR8Z:DBc3ZK
AEjkGIFAjyC
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x9fe0
timedatestamp.....: 0x471d62d0 (Tue Oct 23 02:56:16 2007)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x2059f 0x21000 6.52 16d16d5b03dbdba19ce7a207a8c4b332
.rdata 0x22000 0x8720 0x9000 4.58 b67e7269fb7e03bb992b809f7b8b656e
.data 0x2b000 0x6348 0x3000 3.24 7180e1b25d7c9c8c1461a09f8479ffd6
.rsrc 0x32000 0x2490 0x3000 3.86 8fd26e728f6382b0e527cb04d7230d00

( 11 imports )
> KERNEL32.dll: GetStartupInfoA, GetCommandLineA, ExitProcess, TerminateProcess, HeapFree, HeapAlloc, RaiseException, HeapReAlloc, HeapSize, GetACP, GetTimeZoneInformation, LCMapStringA, LCMapStringW, UnhandledExceptionFilter, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, SetHandleCount, RtlUnwind, GetFileType, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, IsBadWritePtr, SetUnhandledExceptionFilter, GetStringTypeA, GetStringTypeW, IsBadReadPtr, IsBadCodePtr, SetStdHandle, CompareStringA, CompareStringW, SetEnvironmentVariableA, FormatMessageA, GetProfileStringA, GetTickCount, FileTimeToLocalFileTime, FileTimeToSystemTime, SetErrorMode, GetFileTime, GetFileSize, GetFileAttributesA, GetOEMCP, GetCPInfo, SizeofResource, GetProcessVersion, WritePrivateProfileStringA, GlobalFlags, TlsGetValue, LocalReAlloc, TlsSetValue, EnterCriticalSection, GlobalReAlloc, LeaveCriticalSection, TlsFree, GlobalHandle, DeleteCriticalSection, TlsAlloc, InitializeCriticalSection, LocalFree, LocalAlloc, GetThreadLocale, GetFullPathNameA, lstrcpynA, GetVolumeInformationA, FindFirstFileA, FindClose, SetEndOfFile, UnlockFile, LockFile, FlushFileBuffers, SetFilePointer, WriteFile, ReadFile, CreateFileA, GetCurrentProcess, DuplicateHandle, GetLastError, MulDiv, SetLastError, MultiByteToWideChar, lstrlenA, InterlockedIncrement, InterlockedDecrement, LoadLibraryA, FreeLibrary, GetVersion, lstrcatA, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFindAtomA, lstrcpyA, GetModuleHandleA, GetProcAddress, GlobalUnlock, GlobalFree, LockResource, FindResourceA, LoadResource, CloseHandle, GetModuleFileNameA, GlobalLock, GlobalAlloc, GlobalDeleteAtom, lstrcmpA, lstrcmpiA, GetCurrentThread, GetCurrentThreadId, lstrcpyW, WideCharToMultiByte, GetWindowsDirectoryA, Sleep, GetStdHandle, GetSystemDefaultLCID
> USER32.dll: SetRect, GetNextDlgGroupItem, MessageBeep, InvalidateRect, InflateRect, RegisterClipboardFormatA, PostThreadMessageA, GetSysColor, SetFocus, AdjustWindowRectEx, ScreenToClient, CopyRect, GetTopWindow, IsChild, GetCapture, WinHelpA, wsprintfA, GetClassInfoA, RegisterClassA, GetMenu, GetMenuItemCount, GetSubMenu, GetMenuItemID, GetWindowTextLengthA, GetWindowTextA, GetDlgCtrlID, DefWindowProcA, CreateWindowExA, GetClassLongA, SetPropA, UnhookWindowsHookEx, GetPropA, CallWindowProcA, RemovePropA, CopyAcceleratorTableA, GetMessagePos, GetClassNameA, SetForegroundWindow, SetWindowLongA, RegisterWindowMessageA, OffsetRect, IntersectRect, SystemParametersInfoA, GetWindowPlacement, GetWindowRect, MapDialogRect, SetWindowPos, GetWindow, SetWindowContextHelpId, EndDialog, SetActiveWindow, IsWindow, CreateDialogIndirectParamA, GetDlgItem, GetMenuCheckMarkDimensions, LoadBitmapA, GetMenuState, ModifyMenuA, SetMenuItemBitmaps, CheckMenuItem, EnableMenuItem, GetFocus, GetNextDlgTabItem, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, GetKeyState, CallNextHookEx, ValidateRect, IsWindowVisible, PeekMessageA, GetCursorPos, LoadIconA, SendMessageA, AppendMenuA, UnregisterClassA, HideCaret, ShowCaret, ExcludeUpdateRgn, DrawFocusRect, SetWindowsHookExA, GetParent, GetLastActivePopup, IsWindowEnabled, GetWindowLongA, MessageBoxA, SetCursor, PostQuitMessage, PostMessageA, EnableWindow, IsIconic, GetSystemMetrics, CharNextA, GetSysColorBrush, GetMessageTime, GetClientRect, DrawIcon, DefDlgProcA, IsWindowUnicode, GetSystemMenu, GetDesktopWindow, LoadCursorA, CharUpperA, GrayStringA, DrawTextA, TabbedTextOutA, EndPaint, BeginPaint, GetWindowDC, ReleaseDC, GetDC, ClientToScreen, DestroyMenu, LoadStringA, ShowWindow, MoveWindow, SetWindowTextA, IsDialogMessageA, MapWindowPoints, UpdateWindow, DestroyWindow, PtInRect, GetForegroundWindow, SendDlgItemMessageA
> GDI32.dll: SetMapMode, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, IntersectClipRect, DeleteObject, GetDeviceCaps, GetViewportExtEx, GetWindowExtEx, CreateSolidBrush, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, GetTextColor, GetBkColor, DPtoLP, LPtoDP, GetMapMode, PatBlt, SetBkMode, GetStockObject, SelectObject, RestoreDC, SaveDC, DeleteDC, GetObjectA, SetBkColor, SetTextColor, GetClipBox, CreateDIBitmap, GetTextExtentPointA, BitBlt, CreateCompatibleDC, CreateBitmap
> comdlg32.dll: GetFileTitleA
> WINSPOOL.DRV: ClosePrinter, DocumentPropertiesA, OpenPrinterA
> ADVAPI32.dll: RegCloseKey, RegSetValueExA, RegCreateKeyExA, RegQueryValueExA, RegOpenKeyExA
> COMCTL32.dll: -
> oledlg.dll: -
> ole32.dll: CoFreeUnusedLibraries, OleUninitialize, CoTaskMemAlloc, CoTaskMemFree, CreateILockBytesOnHGlobal, StgCreateDocfileOnILockBytes, StgOpenStorageOnILockBytes, CoGetClassObject, CLSIDFromString, CLSIDFromProgID, CoCreateInstance, CoInitialize, CoUninitialize, CoRegisterMessageFilter, CoRevokeClassObject, OleFlushClipboard, OleIsCurrentClipboard, OleInitialize
> OLEPRO32.DLL: -
> OLEAUT32.dll: -, -, -, -, -, -, -, -, -

( 0 exports )
RDS...: NSRL Reference Data Set
-
sigcheck:
publisher....:
copyright....: Copyright (C) 2007
product......: DefaultSettingEXE Application
description..: DefaultSettingEXE MFC Application
original name: DefaultSettingEXE.EXE
internal name: DefaultSettingEXE
file version.: 1, 0, 1, 0
comments.....:
signers......: -
signing date.: -
verified.....: Unsigned
trid..: Win64 Executable Generic (54.6%)
Win32 Executable MS Visual C++ (generic) (24.0%)
Windows Screen Saver (8.3%)
Win32 Executable Generic (5.4%)
Win32 Dynamic Link Library (generic) (4.8%)
pdfid.: -
und von SLSvc.exe:
Code:
ATTFilter
Antivirus  	Version  	letzte aktualisierung  	Ergebnis
a-squared	4.5.0.43	2009.12.16	-
AhnLab-V3	5.0.0.2	2009.12.16	-
AntiVir	7.9.1.108	2009.12.16	-
Antiy-AVL	2.0.3.7	2009.12.16	-
Authentium	5.2.0.5	2009.12.02	-
Avast	4.8.1351.0	2009.12.16	-
AVG	8.5.0.427	2009.12.16	-
BitDefender	7.2	2009.12.16	-
CAT-QuickHeal	10.00	2009.12.16	-
ClamAV	0.94.1	2009.12.16	-
Comodo	3264	2009.12.16	-
DrWeb	5.0.0.12182	2009.12.16	-
eSafe	7.0.17.0	2009.12.16	-
eTrust-Vet	35.1.7178	2009.12.16	-
F-Prot	4.5.1.85	2009.12.15	-
F-Secure	9.0.15370.0	2009.12.16	-
Fortinet	4.0.14.0	2009.12.16	-
GData	19	2009.12.16	-
Ikarus	T3.1.1.78.0	2009.12.16	-
Jiangmin	13.0.900	2009.12.16	-
K7AntiVirus	7.10.922	2009.12.16	-
Kaspersky	7.0.0.125	2009.12.16	-
McAfee	5833	2009.12.15	-
McAfee+Artemis	5833	2009.12.15	-
McAfee-GW-Edition	6.8.5	2009.12.16	-
Microsoft	1.5302	2009.12.16	-
NOD32	4693	2009.12.16	-
Norman	6.04.03	2009.12.15	-
nProtect	2009.1.8.0	2009.12.16	-
Panda	10.0.2.2	2009.12.15	-
PCTools	7.0.3.5	2009.12.16	-
Prevx	3.0	2009.12.16	-
Rising	22.26.02.04	2009.12.16	-
Sophos	4.48.0	2009.12.16	-
Sunbelt	3.2.1858.2	2009.12.16	-
Symantec	1.4.4.12	2009.12.16	-
TheHacker	6.5.0.2.094	2009.12.15	-
TrendMicro	9.100.0.1001	2009.12.16	-
VBA32	3.12.12.0	2009.12.16	-
ViRobot	2009.12.16.2092	2009.12.16	-
VirusBuster	5.0.21.0	2009.12.16	-
weitere Informationen
File size: 3408896 bytes
MD5...: 862bb4cbc05d80c5b45be430e5ef872f
SHA1..: 63a7e82d687fcc9c3bf36347ee59b7e1c388ef24
SHA256: f4961b22c93e472c8c862421aa231cdda9e40d3958741a1d666357f22cc3143d
ssdeep: 49152:yjt6nxG8ZL9fub9iSx2Rp+Xx87KfmaoeiMizm6df1OD0cIlSbTLPJRwVMX
3:QofuZqiTLzX3
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0xc5756
timedatestamp.....: 0x49e02e64 (Sat Apr 11 05:45:08 2009)
machinetype.......: 0x14c (I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.pexe 0x1000 0x480 0x600 3.88 115ae33fe1804320cb32defe931c3512
.text 0x2000 0x2a1e0c 0x2a2000 6.68 698028c8edc1e08ceb8883e9fe963ba3
.data 0x2a4000 0x71cb5 0x71e00 7.79 be7a46b9ed9803e9c0b6947b4e9bae23
.rsrc 0x316000 0x2228 0x2400 3.14 719ccdf6f401d182d8ab5aefa87e2fdb
.reloc 0x319000 0x2979c 0x29800 6.75 61d5c9ea39348836b0a57a8e80ccf464

( 8 imports )
> ADVAPI32.dll: TraceEvent, EventUnregister, EventWrite, EventEnabled, GetTraceEnableFlags, GetTraceEnableLevel, GetTraceLoggerHandle, RegisterTraceGuidsW, UnregisterTraceGuids, RegCloseKey, CloseServiceHandle, EventRegister, SetServiceStatus, NotifyServiceStatusChangeW, ControlService, QueryServiceStatus, OpenServiceW, OpenSCManagerW, RegOpenKeyExW, RegQueryValueExW, StartServiceW, RegisterServiceCtrlHandlerW, StartServiceCtrlDispatcherW, RegSetValueExW, RegCreateKeyExW, LsaClose, LsaFreeMemory, LsaQueryInformationPolicy, LsaOpenPolicy, FreeSid, CheckTokenMembership, AllocateAndInitializeSid, SystemFunction036, ConvertStringSidToSidW, RegDeleteValueW, WmiOpenBlock, WmiQueryAllDataW, WmiCloseBlock, ConvertStringSecurityDescriptorToSecurityDescriptorW, CryptReleaseContext, CryptDestroyHash, CryptHashData, CryptCreateHash, CryptAcquireContextW, CryptGetHashParam, CryptDestroyKey, CryptEncrypt, CryptDecrypt, CryptImportKey, CryptSignHashA, CryptVerifySignatureA, CryptExportKey, CryptGenKey, CryptVerifySignatureW, GetCurrentHwProfileW, DeregisterEventSource, ReportEventW, RegisterEventSourceW, ConvertSidToStringSidW, LookupAccountNameW, RegisterTraceGuidsA
> KERNEL32.dll: CreateTimerQueueTimer, CreateTimerQueue, GetSystemTimeAsFileTime, GetComputerNameExW, FileTimeToSystemTime, ChangeTimerQueueTimer, EncodePointer, GetTickCount, DeleteTimerQueueEx, ExpandEnvironmentStringsW, QueryPerformanceCounter, SystemTimeToFileTime, GetLocalTime, CompareFileTime, GetSystemInfo, IsWow64Process, MultiByteToWideChar, LCMapStringW, GetSystemFirmwareTable, GetCurrentProcessId, RegisterWaitForSingleObject, DuplicateHandle, LoadLibraryA, UnregisterWaitEx, DeleteTimerQueueTimer, DeleteTimerQueue, QueueUserWorkItem, OpenThread, SetThreadPriority, GetCurrentThreadId, GetCurrentProcess, GetProcessHeaps, HeapQueryInformation, SleepEx, InitializeCriticalSectionAndSpinCount, CreateEventW, ResetEvent, InterlockedExchange, WaitForSingleObject, HeapSetInformation, GetVersionExW, DeleteCriticalSection, InterlockedDecrement, InterlockedIncrement, CloseHandle, DecodePointer, HeapFree, GetProcessHeap, HeapAlloc, TzSpecificLocalTimeToSystemTime, WaitForMultipleObjects, GetDevicePowerState, ReleaseSemaphore, CreateSemaphoreA, InterlockedExchangeAdd, MoveFileExW, ReadFile, SetFilePointer, GetThreadPriority, GetSystemDefaultLangID, GetFileSize, CreateFileMappingW, MapViewOfFile, GetComputerNameW, GetLocaleInfoW, GetDateFormatW, GetTimeFormatW, GetVersionExA, UnmapViewOfFile, GetSystemDirectoryW, GlobalMemoryStatusEx, GetNativeSystemInfo, GetSystemTime, WideCharToMultiByte, GetPrivateProfileStringW, GetPrivateProfileSectionW, CreateDirectoryW, IsProcessorFeaturePresent, FlushFileBuffers, DeviceIoControl, GetModuleHandleExW, GetLastError, SetEvent, EnterCriticalSection, LeaveCriticalSection, InterlockedCompareExchange, LoadLibraryW, GetProcAddress, FreeLibrary, LocalAlloc, LocalFree, OpenProcess, DelayLoadFailureHook, Sleep, SetUnhandledExceptionFilter, GetModuleHandleA, TerminateProcess, UnhandledExceptionFilter, ExitProcess, VirtualAlloc, VirtualFree, GetVersion, VirtualProtect, SetLastError, GetFileAttributesW, WriteFile, CreateFileW, lstrlenW, InitializeCriticalSection, SetFileAttributesW, CopyFileW, DeleteFileW
> msvcrt.dll: _wcsnicmp, memcpy, memset, _vsnwprintf, _beginthreadex, ceil, _controlfp, _terminate@@YAXXZ, _onexit, _lock, __dllonexit, _unlock, _except_handler4_common, __set_app_type, __p__fmode, __p__commode, _CIlog10, __setusermatherr, _amsg_exit, _initterm, exit, _XcptFilter, _exit, _cexit, __wgetmainargs, free, _callnewh, malloc, _wtof, wcsncmp, _adjust_fdiv, wcsstr, _wtol, swscanf, wcschr, _wcsicmp, _purecall, sscanf, _wtoi, time, srand, rand, memmove, _ui64tow, _itow, memcpy_s, memchr, _ftol2
> ntdll.dll: NtQueryInformationThread, NtLockProductActivationKeys, NtSetInformationThread, NtQueryLicenseValue, NtQueryInformationProcess, NtSetInformationProcess, RtlLeaveCriticalSection, RtlEnterCriticalSection, RtlInitUnicodeString, ShipAssert
> RPCRT4.dll: RpcServerListen, I_RpcMapWin32Status, RpcMgmtStopServerListening, RpcServerUnregisterIf, I_RpcBindingInqLocalClientPID, RpcServerInqCallAttributesW, RpcServerRegisterIfEx, NdrServerCall2, UuidCreate, UuidToStringW, UuidFromStringW, RpcImpersonateClient, RpcRevertToSelfEx, RpcRaiseException, RpcServerRegisterIf2, RpcStringBindingComposeW, RpcBindingFromStringBindingW, I_RpcExceptionFilter, RpcStringFreeW, RpcBindingFree, RpcServerUseProtseqEpW, NdrClientCall2
> slc.dll: SLOpen
> USER32.dll: CharNextW, CharPrevW
> DNSAPI.dll: DnsModifyRecordsInSet_W, DnsQuery_W, DnsFree

( 1 exports )
_SPVersion@@3PADA
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
sigcheck:
publisher....: Microsoft Corporation
copyright....: (c) Microsoft Corporation. All rights reserved.
product......: Microsoft_ Windows_ Operating System
description..: Microsoft Software Licensing Service
original name: SLService
internal name: SLService
file version.: 6.0.6002.18005 (lh_sp2rtm.090410-1830)
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
und der log von RSIT:
Code:
ATTFilter
Logfile of random's system information tool 1.06 (written by random/random)
Run by Bönek at 2009-12-16 16:16:31
Microsoft® Windows Vista™ Home Premium  Service Pack 2
System drive C: has 94 GB (64%) free of 146 GB
Total RAM: 3066 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:16:35, on 16.12.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\mobsync.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Razer\Diamondback\razerhid.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\AOL 9.0 VRa\waol.exe
C:\Program Files\Common Files\AOL\1218900205\ee\aolsoftware.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\BNEK~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Razer\Diamondback\razertra.exe
C:\Program Files\Razer\Diamondback\razerofa.exe
C:\Program Files\AOL 9.0 VRa\shellmon.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Program Files\Internet Explorer\IELowutil.exe
C:\Users\Bönek\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Bönek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://de.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://de.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: (no name) -  - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Diamondback] C:\Program Files\Razer\Diamondback\razerhid.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.0 VRa\AOL.EXE" -b
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix: 
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate1c98c805e078ff9) (gupdate1c98c805e078ff9) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe

--
End of file - 10734 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{754E5B26-1DC0-41A1-9CB0-B96AD1E6FD40}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-07-07 1562448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-03-04 312880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-03-04 142896]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-02-22 1037608]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-04-03 13535776]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-04-03 92704]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-25 6111232]
"PLFSetI"=C:\Windows\PLFSetI.exe [2007-10-23 200704]
"eDataSecurity Loader"=C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-03-04 526896]
"ePower_DMC"=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-04-30 397312]
"CLMLServer"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [2008-04-10 167936]
"WarReg_PopUp"=C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [2008-01-29 303104]
"Diamondback"=C:\Program Files\Razer\Diamondback\razerhid.exe [2007-02-14 147456]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Skytel"=C:\Windows\Skytel.exe [2007-11-21 1826816]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-06-16 221184]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"AOL Fast Start"=C:\Program Files\AOL 9.0 VRa\AOL.EXE [2007-06-21 50480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeDeluxeAgent]
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2008-04-10 147456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray]
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-06 34040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eAudio]
C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [2008-03-07 544768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2008-04-18 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiteAdvisor]
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
C:\Windows\Skytel.exe [2007-11-21 1826816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
oobefldr.dll,ShowWelcomeCenter []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZPdtWzdVitaKey MC3000]
C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [2008-07-12 3667968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk]
C:\PROGRA~1\Acer\ACERVC~1\AcerVCM.exe [2008-03-05 1216512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AWinNotifyVitaKey MC3000]
C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll [2008-07-12 3110912]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Acer\Acer Bio Protection\PwdFilter

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{05357f28-6d1a-11dd-a7c7-00038a000015}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\RECYCLER\S-1-5-21-1482476501-3352491937-682996330-1013\svhost.exe
shell\Open\command - F:\RECYCLER\S-1-5-21-1482476501-3352491937-682996330-1013\svhost.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-12-14 21:12:38 ----A---- C:\avenger.txt
2009-12-14 17:47:50 ----D---- C:\Avenger
2009-12-14 15:43:33 ----D---- C:\rsit
2009-12-14 15:26:39 ----D---- C:\Users\Bönek\AppData\Roaming\Malwarebytes
2009-12-14 15:26:33 ----D---- C:\ProgramData\Malwarebytes
2009-12-14 15:26:33 ----D---- C:\Program Files\Malwarebytes
2009-12-14 08:44:21 ----D---- C:\Program Files\Trend Micro
2009-12-13 00:48:14 ----A---- C:\Users\Bönek\AppData\Roaming\SQLite3.dll
2009-12-09 12:04:30 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-09 12:04:29 ----A---- C:\Windows\system32\httpapi.dll
2009-12-09 10:39:15 ----A---- C:\Windows\system32\winhttp.dll
2009-12-09 10:39:13 ----A---- C:\Windows\system32\mshtml.dll
2009-12-09 10:39:12 ----A---- C:\Windows\system32\ieframe.dll
2009-12-09 10:39:11 ----A---- C:\Windows\system32\wininet.dll
2009-12-09 10:39:11 ----A---- C:\Windows\system32\urlmon.dll
2009-12-09 10:39:11 ----A---- C:\Windows\system32\occache.dll
2009-12-09 10:39:11 ----A---- C:\Windows\system32\msfeeds.dll
2009-12-09 10:39:11 ----A---- C:\Windows\system32\iertutil.dll
2009-12-09 10:39:11 ----A---- C:\Windows\system32\iedkcs32.dll
2009-12-09 10:39:10 ----A---- C:\Windows\system32\msfeedssync.exe
2009-12-09 10:39:10 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-12-09 10:39:10 ----A---- C:\Windows\system32\jsproxy.dll
2009-12-09 10:39:10 ----A---- C:\Windows\system32\ieUnatt.exe
2009-12-09 10:39:10 ----A---- C:\Windows\system32\ieui.dll
2009-12-09 10:39:10 ----A---- C:\Windows\system32\iesysprep.dll
2009-12-09 10:39:10 ----A---- C:\Windows\system32\iesetup.dll
2009-12-09 10:39:10 ----A---- C:\Windows\system32\iernonce.dll
2009-12-09 10:39:10 ----A---- C:\Windows\system32\iepeers.dll
2009-12-09 10:39:10 ----A---- C:\Windows\system32\ie4uinit.exe
2009-12-09 10:38:30 ----A---- C:\Windows\system32\rastls.dll
2009-11-25 22:16:11 ----A---- C:\Windows\system32\tzres.dll
2009-11-25 12:08:16 ----A---- C:\Windows\system32\msxml6.dll
2009-11-25 12:08:16 ----A---- C:\Windows\system32\msxml3.dll
2009-11-23 17:23:41 ----A---- C:\Windows\system32\XAudio2_5.dll
2009-11-23 17:23:41 ----A---- C:\Windows\system32\xactengine3_5.dll
2009-11-23 17:23:41 ----A---- C:\Windows\system32\d3dcsx_42.dll
2009-11-23 17:23:41 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2009-11-23 17:23:40 ----A---- C:\Windows\system32\D3DX9_42.dll
2009-11-23 17:23:40 ----A---- C:\Windows\system32\d3dx11_42.dll
2009-11-23 17:23:40 ----A---- C:\Windows\system32\d3dx10_42.dll
2009-11-23 17:23:39 ----A---- C:\Windows\system32\d3dx10_41.dll
2009-11-23 17:23:39 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2009-11-23 17:23:38 ----A---- C:\Windows\system32\D3DX9_41.dll
2009-11-23 17:23:37 ----A---- C:\Windows\system32\XAudio2_4.dll
2009-11-23 17:23:37 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2009-11-23 17:23:37 ----A---- C:\Windows\system32\xactengine3_4.dll
2009-11-23 17:23:37 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2009-11-23 17:23:36 ----A---- C:\Windows\system32\d3dx10_40.dll
2009-11-23 17:23:36 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2009-11-23 17:23:35 ----A---- C:\Windows\system32\XAudio2_2.dll
2009-11-23 17:23:35 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2009-11-23 17:23:35 ----A---- C:\Windows\system32\D3DX9_40.dll
2009-11-23 17:23:34 ----A---- C:\Windows\system32\xactengine3_2.dll
2009-11-17 16:21:29 ----D---- C:\Program Files\Windows Portable Devices
2009-11-17 12:02:41 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-11-17 12:02:41 ----A---- C:\Windows\system32\UIAnimation.dll
2009-11-17 12:02:40 ----A---- C:\Windows\system32\UIRibbon.dll
2009-11-17 12:02:18 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-11-17 12:02:18 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-11-17 12:02:18 ----A---- C:\Windows\system32\WMPhoto.dll
2009-11-17 12:02:18 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-11-17 12:02:18 ----A---- C:\Windows\system32\d3d10warp.dll
2009-11-17 12:02:18 ----A---- C:\Windows\system32\cdd.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\xpsservices.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\XpsPrint.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-11-17 12:02:17 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\OpcServices.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\FntCache.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\dxgi.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\dxdiagn.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\dxdiag.exe
2009-11-17 12:02:17 ----A---- C:\Windows\system32\DWrite.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\d3d11.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\d3d10level9.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\d3d10core.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\d3d10_1.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\d3d10.dll
2009-11-17 12:02:17 ----A---- C:\Windows\system32\d2d1.dll
2009-11-17 12:01:54 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-11-17 12:01:54 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-11-17 12:01:54 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-11-17 12:01:45 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-11-17 12:01:43 ----A---- C:\Windows\system32\WpdMtpUS.dll
2009-11-17 12:01:43 ----A---- C:\Windows\system32\WpdConns.dll
2009-11-17 12:01:42 ----A---- C:\Windows\system32\WPDSp.dll
2009-11-17 12:01:42 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-11-17 12:01:42 ----A---- C:\Windows\system32\wpdshext.dll
2009-11-17 12:01:42 ----A---- C:\Windows\system32\WpdMtp.dll
2009-11-17 12:01:42 ----A---- C:\Windows\system32\wpd_ci.dll
2009-11-17 12:01:42 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-11-17 12:01:42 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-11-17 12:01:42 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-11-17 12:01:42 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-11-17 12:00:35 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-11-17 12:00:35 ----A---- C:\Windows\system32\oleaccrc.dll
2009-11-17 12:00:35 ----A---- C:\Windows\system32\oleacc.dll

======List of files/folders modified in the last 1 months======

2009-12-16 16:16:32 ----D---- C:\Windows\Temp
2009-12-16 16:02:30 ----D---- C:\Windows\Prefetch
2009-12-16 14:03:18 ----D---- C:\Windows\System32
2009-12-16 14:03:18 ----D---- C:\Windows\inf
2009-12-16 14:03:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-12-15 14:44:15 ----SHD---- C:\System Volume Information
2009-12-15 10:13:06 ----D---- C:\Windows
2009-12-14 22:36:24 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-12-14 22:35:51 ----RD---- C:\Program Files
2009-12-14 22:35:51 ----HD---- C:\ProgramData
2009-12-14 22:35:49 ----D---- C:\Windows\system32\drivers
2009-12-14 18:56:23 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-14 16:30:29 ----D---- C:\Windows\Cursors
2009-12-14 15:12:07 ----D---- C:\Program Files\CCleaner
2009-12-14 09:31:27 ----SD---- C:\Users\Bönek\AppData\Roaming\Microsoft
2009-12-13 22:50:44 ----D---- C:\Windows\Debug
2009-12-11 23:35:36 ----D---- C:\Program Files\Common Files\Steam
2009-12-10 20:00:50 ----D---- C:\Windows\system32\catroot2
2009-12-09 12:38:45 ----D---- C:\Windows\rescache
2009-12-09 12:33:39 ----D---- C:\Windows\winsxs
2009-12-09 12:23:32 ----D---- C:\Windows\system32\catroot
2009-12-09 12:21:06 ----D---- C:\Windows\system32\migration
2009-12-09 12:21:05 ----D---- C:\Windows\system32\de-DE
2009-12-09 12:21:05 ----D---- C:\Program Files\Windows Mail
2009-12-09 12:21:05 ----D---- C:\Program Files\Internet Explorer
2009-12-06 13:00:23 ----SHD---- C:\Windows\Installer
2009-12-06 13:00:22 ----SHD---- C:\Config.Msi
2009-12-06 13:00:22 ----D---- C:\ProgramData\Microsoft Help
2009-12-06 12:32:39 ----D---- C:\Users\Bönek\AppData\Roaming\PC Suite
2009-12-05 15:44:26 ----D---- C:\Program Files\Google
2009-12-01 21:06:19 ----A---- C:\Windows\system32\mrt.exe
2009-11-28 22:59:51 ----RSD---- C:\Windows\assembly
2009-11-17 16:24:02 ----D---- C:\Windows\system32\Tasks
2009-11-17 16:21:29 ----D---- C:\Windows\system32\wbem
2009-11-17 16:21:27 ----D---- C:\Windows\system32\zh-TW
2009-11-17 16:21:27 ----D---- C:\Windows\system32\zh-HK
2009-11-17 16:21:27 ----D---- C:\Windows\system32\zh-CN
2009-11-17 16:21:27 ----D---- C:\Windows\system32\uk-UA
2009-11-17 16:21:27 ----D---- C:\Windows\system32\tr-TR
2009-11-17 16:21:27 ----D---- C:\Windows\system32\th-TH
2009-11-17 16:21:27 ----D---- C:\Windows\system32\sv-SE
2009-11-17 16:21:27 ----D---- C:\Windows\system32\sr-Latn-CS
2009-11-17 16:21:27 ----D---- C:\Windows\system32\sl-SI
2009-11-17 16:21:27 ----D---- C:\Windows\system32\sk-SK
2009-11-17 16:21:27 ----D---- C:\Windows\system32\ru-RU
2009-11-17 16:21:27 ----D---- C:\Windows\system32\ro-RO
2009-11-17 16:21:27 ----D---- C:\Windows\system32\pt-PT
2009-11-17 16:21:27 ----D---- C:\Windows\system32\pt-BR
2009-11-17 16:21:27 ----D---- C:\Windows\system32\pl-PL
2009-11-17 16:21:27 ----D---- C:\Windows\system32\nl-NL
2009-11-17 16:21:27 ----D---- C:\Windows\system32\nb-NO
2009-11-17 16:21:27 ----D---- C:\Windows\system32\lv-LV
2009-11-17 16:21:27 ----D---- C:\Windows\system32\lt-LT
2009-11-17 16:21:27 ----D---- C:\Windows\system32\ko-KR
2009-11-17 16:21:27 ----D---- C:\Windows\system32\ja-JP
2009-11-17 16:21:27 ----D---- C:\Windows\system32\it-IT
2009-11-17 16:21:27 ----D---- C:\Windows\system32\hu-HU
2009-11-17 16:21:27 ----D---- C:\Windows\system32\hr-HR
2009-11-17 16:21:27 ----D---- C:\Windows\system32\he-IL
2009-11-17 16:21:27 ----D---- C:\Windows\system32\fr-FR
2009-11-17 16:21:27 ----D---- C:\Windows\system32\fi-FI
2009-11-17 16:21:27 ----D---- C:\Windows\system32\et-EE
2009-11-17 16:21:27 ----D---- C:\Windows\system32\es-ES
2009-11-17 16:21:27 ----D---- C:\Windows\system32\en-US
2009-11-17 16:21:27 ----D---- C:\Windows\system32\el-GR
2009-11-17 16:21:27 ----D---- C:\Windows\system32\da-DK
2009-11-17 16:21:27 ----D---- C:\Windows\system32\cs-CZ
2009-11-17 16:21:27 ----D---- C:\Windows\system32\bg-BG
2009-11-17 16:21:27 ----D---- C:\Windows\system32\ar-SA

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-06-09 28520]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-04-18 61424]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-06-17 281760]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-08 56816]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2007-01-26 69632]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-21 95744]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-06-17 25888]
R2 NTIPPKernel;NTIPPKernel; \??\C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-03-04 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-03-04 60464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-03-01 1202560]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2008-05-30 146944]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-03 21264]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-25 2126688]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-31 14848]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-04-03 43552]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-04-03 7444672]
R3 Razerlow;Razerlow USB Filter Driver; C:\Windows\System32\Drivers\Razerlow.sys [2005-04-24 13225]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-02-22 198064]
R3 usbvideo;USB-Videogerät (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 wanatw;WAN Miniport (ATW); C:\Windows\system32\DRIVERS\wanatw4.sys [2006-11-01 33588]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-02-21 299008]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-12 84240]
S3 kgrdypoc;kgrdypoc; \??\C:\Users\BNEK~1\AppData\Local\Temp\kgrdypoc.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2008-01-21 30720]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-07-09 39424]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2008-03-18 13312]
R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-06-09 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-05 185089]
R2 AOL ACS;AOL Connectivity Service; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [2006-10-23 46640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 Bonjour Service;Bonjour-Dienst; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
R2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-16 81504]
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-03-04 500784]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-10-16 860160]
R2 IGBASVC;iGroupTec Service; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [2008-07-12 3517440]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-04-03 118784]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-06-23 75064]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-10-16 466944]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\Cyberlink\Shared files\RichVideo.exe [2007-01-09 272024]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2008-01-10 233472]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S2 gupdate1c98c805e078ff9;Google Update Service (gupdate1c98c805e078ff9); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-11 133104]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-12-11 321320]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2008-08-25 361216]

-----------------EOF-----------------

 

Themen zu Firefox im Taskmanager, obwohl nicht geöffnet!
agere systems, antivir, antivir guard, avira, bho, desktop, firefox, firefox.exe, gupdate, hijack, hijackthis, internet, internet explorer, local\temp, logfile, mozilla, object, plug-in, popup, prozess, registry, rundll, sekunden, senden, software, system, taskmanager, vista, windows


« Lahmender PC + Verbindung ohne offensichtlichen Grund | TR/Dropper.gen »


Ähnliche Themen: Firefox im Taskmanager, obwohl nicht geöffnet!


  1. Firefox lässt sich nicht mehr starten, obwohl in Taskmanager angezeigt
    Plagegeister aller Art und deren Bekämpfung - 24.09.2015 (3)
  2. Prozess ie.explore.exe *32 im Taskmanager ständig aktiv obwohl kein IE benutzt wird
    Log-Analyse und Auswertung - 21.01.2015 (21)
  3. Musik im Hintergrund, obwohl keine Seiten geöffnet sind
    Plagegeister aller Art und deren Bekämpfung - 05.09.2014 (16)
  4. Firefox wurde nicht geöffnet: Aktuelle Systembeschränkungen
    Plagegeister aller Art und deren Bekämpfung - 27.08.2014 (15)
  5. Sehr hoher Datentraffik im Netzwerk nachdem Firefox geöffnet wurde, obwohl nichts gedownloaded oder geladen wird
    Log-Analyse und Auswertung - 13.06.2014 (5)
  6. Startseite Google - ( Firefox 21 ) wird nicht geöffnet.
    Plagegeister aller Art und deren Bekämpfung - 28.07.2013 (5)
  7. Firefox startet nicht, Taskmanager hängt extrem
    Plagegeister aller Art und deren Bekämpfung - 06.01.2012 (20)
  8. TR/Dropper.GEN obwohl nicht geöffnet
    Mülltonne - 29.05.2011 (1)
  9. TR/Dropper.GEN gefunden obwohl nicht geöffnet
    Log-Analyse und Auswertung - 29.05.2011 (1)
  10. Becks Gold Werbung, obwohl kein Fenster geöffnet ist
    Plagegeister aller Art und deren Bekämpfung - 25.04.2011 (1)
  11. Firefox startet nicht; Antivir Guard kann nicht geöffnet werden; seltsames Computerverhalten
    Plagegeister aller Art und deren Bekämpfung - 04.03.2011 (3)
  12. Internet Explorer läuft im Hintergrung obwohl ich ihn garnicht geöffnet habe
    Log-Analyse und Auswertung - 14.12.2009 (1)
  13. Internet Explorer Popups - obwohl IE egtl. nicht geöffnet
    Plagegeister aller Art und deren Bekämpfung - 06.12.2009 (2)
  14. Firefox und Ie startet nicht (nur prozess in taskmanager)
    Log-Analyse und Auswertung - 30.10.2009 (12)
  15. IEXPLORE im TaskManager trotz nicht geöffnet
    Mülltonne - 21.12.2008 (0)
  16. IEXPLORE im TaskManager trotz nicht geöffnet
    Mülltonne - 21.12.2008 (0)
  17. IEXPLORE im TaskManager obwohl nicht geöffnet
    Plagegeister aller Art und deren Bekämpfung - 25.07.2008 (21)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Firefox im Taskmanager, obwohl nicht geöffnet! - PLFSetI.exe: Code: Alles auswählen Aufklappen ATTFilter Antivirus Version letzte aktualisierung Ergebnis a-squared 4.5.0.43 2009.12.16 - AhnLab-V3 5.0.0.2 2009.12.16 - AntiVir 7.9.1.108 2009.12.16 - Antiy-AVL 2.0.3.7 2009.12.16 - Authentium 5.2.0.5 2009.12.02 - Firefox im Taskmanager, obwohl nicht geöffnet!...
Archiv
Du betrachtest: Firefox im Taskmanager, obwohl nicht geöffnet! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19