| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Nod32 zeigt virus an (C:cleansweep.exe/cleansweep.exe) was ist das und wie bekomme ich es weg?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
19.06.2010, 20:42
| #16 |
 |  Nod32 zeigt virus an (C:cleansweep.exe/cleansweep.exe) was ist das und wie bekomme ich es weg? virustotal: Antivirus Version letzte aktualisierung Ergebnis a-squared 5.0.0.26 2010.06.18 - AhnLab-V3 2010.06.18.05 2010.06.18 - AntiVir 8.2.2.6 2010.06.18 - Antiy-AVL 2.0.3.7 2010.06.18 - Authentium 5.2.0.5 2010.06.18 - Avast 4.8.1351.0 2010.06.18 - Avast5 5.0.332.0 2010.06.18 - AVG 9.0.0.787 2010.06.18 - BitDefender 7.2 2010.06.18 - CAT-QuickHeal 10.00 2010.06.18 - ClamAV 0.96.0.3-git 2010.06.18 - Comodo 5143 2010.06.18 - DrWeb 5.0.2.03300 2010.06.18 - eSafe 7.0.17.0 2010.06.17 - eTrust-Vet 36.1.7646 2010.06.18 - F-Prot 4.6.1.107 2010.06.17 - F-Secure 9.0.15370.0 2010.06.18 - Fortinet 4.1.133.0 2010.06.18 - GData 21 2010.06.18 - Ikarus T3.1.1.84.0 2010.06.18 - Jiangmin 13.0.900 2010.06.15 - Kaspersky 7.0.0.125 2010.06.18 - McAfee 5.400.0.1158 2010.06.18 - McAfee-GW-Edition 2010.1 2010.06.18 - Microsoft 1.5902 2010.06.18 - NOD32 5207 2010.06.18 - Norman 6.05.06 2010.06.17 - nProtect 2010-06-18.01 2010.06.18 - Panda 10.0.2.7 2010.06.18 - PCTools 7.0.3.5 2010.06.18 - Prevx 3.0 2010.06.18 - Rising 22.52.04.04 2010.06.18 - Sophos 4.54.0 2010.06.18 - Sunbelt 6467 2010.06.18 - Symantec 20101.1.0.89 2010.06.18 - TheHacker 6.5.2.0.300 2010.06.18 - TrendMicro 9.120.0.1004 2010.06.18 - TrendMicro-HouseCall 9.120.0.1004 2010.06.18 - VBA32 3.12.12.5 2010.06.18 - ViRobot 2010.6.14.3884 2010.06.18 - VirusBuster 5.0.27.0 2010.06.18 - weitere Informationen File size: 1015256 bytes MD5 : c04d65c3c95ea9df14bae7aca8cfb960 SHA1 : 19898e323877c76a4921abed0e073f65e21997a6 SHA256: ae1fde9da320be1cd322209419f3f8cbe527058aed1a678bc07bc7c64ee4b360 PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x7E980 timedatestamp.....: 0x4BB4B686 (Thu Apr 1 17:06:46 2010) machinetype.......: 0x14C (Intel I386) ( 4 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0xDDD2C 0xDDE00 6.64 b0153bcb835b1c8568f74f3df549c974 .rdata 0xDF000 0xD24F 0xD400 5.85 92c8a35b6b29eb05e4ae03bd4d0efb0b .data 0xED000 0x5BF4 0x5000 4.50 848c01b09dc8156c0d454a7931436b99 .reloc 0xF3000 0x6032 0x6200 6.16 201ee5e0158bda4146a232cb0a07cc7c ( 4 imports ) > kernel32.dll: GetCurrentProcess, InterlockedCompareExchange, Sleep, InterlockedExchange, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, VirtualQuery, VirtualProtect, VirtualAlloc, VirtualFree, EnterCriticalSection, SetCriticalSectionSpinCount, LeaveCriticalSection, GetCurrentProcessId, GetCurrentThreadId, GetTickCount, DebugBreak, QueryPerformanceCounter, QueryPerformanceFrequency, DeleteCriticalSection, GetSystemTimeAsFileTime, InitializeCriticalSectionAndSpinCount, GetSystemTimeAdjustment > mozcrt19.dll: memset, memcpy, floor, _CIlog, _CIasin, _CIacos, _CItan, _CIsqrt, _CIcos, _CIsin, _CIatan, memmove, malloc, strncmp, _finite, realloc, fclose, fopen, __3@YAXPAX@Z, __iob_func, _isnan, isspace, free, __2@YAPAXI@Z, _fpclass, _CIfmod, isdigit, isalpha, _errno, posix_memalign, _copysign, ceil, localeconv, _HUGE, strchr, _CIlog10, ___U@YAPAXI@Z, ___V@YAXPAX@Z, sprintf, memmove_s, isxdigit, tolower, getc, ungetc, exit, fprintf, _set_invalid_parameter_handler, _tzset, _localtime64, strstr, _mktime64, strftime, getenv, _unlock, __dllonexit, _encode_pointer, _lock, _onexit, _decode_pointer, _malloc_crt, _encoded_null, _initterm, _initterm_e, _amsg_exit, _adjust_fdiv, __CppXcptFilter, _crt_debugger_hook, _except_handler4_common, __clean_type_info_names_internal, _CIpow, _CIexp, _CIatan2, calloc, isprint > nspr4.dll: PR_CallOnce, PR_CreateThread, PR_JoinThread, PR_IntervalToMilliseconds, PR_IntervalNow, PR_NotifyAllCondVar, PR_GetCurrentThread, PR_AtomicIncrement, PR_NewLock, PR_WaitCondVar, PR_Unlock, PR_AtomicDecrement, PR_DestroyCondVar, PR_NewCondVar, PR_Lock, PR_NotifyCondVar, PR_DestroyLock, PR_AtomicSet > winmm.dll: timeEndPeriod, timeBeginPeriod ( 1 exports ) > _js_DeepBail@@YAXPAUJSContext@@@Z, _js_GetErrorMessage@@YAPBUJSErrorFormatString@@PAXPBDI@Z, _js_NextActiveContext@@YAPAUJSContext@@PAUJSRuntime@@PAU1@@Z, _js_ReportErrorAgain@@YAXPAUJSContext@@PBDPAUJSErrorReport@@@Z, _js_SetTraceableNativeFailed@@YAXPAUJSContext@@@Z, _js_obj_defineGetter@@YAHPAUJSContext@@IPAH@Z, _js_obj_defineSetter@@YAHPAUJSContext@@IPAH@Z, _resolving_MatchEntry@@YAHPAUJSDHashTable@@PBUJSDHashEntryHdr@@PBX@Z, @JS_DHashTableOperate@12, @js_CloseIterator@8, JS_AddArgumentFormatter, JS_AddExternalStringFinalizer, JS_AddNamedRoot, JS_AddNamedRootRT, JS_AddRoot, JS_AliasElement, JS_AliasProperty, JS_AlreadyHasOwnElement, JS_AlreadyHasOwnProperty, JS_AlreadyHasOwnPropertyById, JS_AlreadyHasOwnUCProperty, JS_ArenaAllocate, JS_ArenaFinish, JS_ArenaGrow, JS_ArenaRealloc, JS_ArenaRelease, JS_ArenaShutDown, JS_Assert, JS_BeginJSONParse, JS_BeginRequest, JS_BufferIsCompilableUnit, JS_CStringsAreUTF8, JS_CallFunction, JS_CallFunctionName, JS_CallFunctionValue, JS_CallTracer, JS_CeilingLog2, JS_CheckAccess, JS_ClearAllTraps, JS_ClearAllWatchPoints, JS_ClearContextDebugHooks, JS_ClearContextThread, JS_ClearInterrupt, JS_ClearNewbornRoots, JS_ClearPendingException, JS_ClearRegExpRoots, JS_ClearRegExpStatics, JS_ClearScope, JS_ClearScriptTraps, JS_ClearTrap, JS_ClearWatchPoint, JS_ClearWatchPointsForObject, JS_CloneFunctionObject, JS_CommenceRuntimeShutDown, JS_CompareStrings, JS_CompareValues, JS_CompileFile, JS_CompileFileHandle, JS_CompileFileHandleForPrincipals, JS_CompileFunction, JS_CompileFunctionForPrincipals, JS_CompileScript, JS_CompileScriptForPrincipals, JS_CompileUCFunction, JS_CompileUCFunctionForPrincipals, JS_CompileUCScript, JS_CompileUCScriptForPrincipals, JS_ComputeThis, JS_ConcatStrings, JS_ConstructObject, JS_ConstructObjectWithArguments, JS_ConsumeJSONText, JS_ContextIterator, JS_ConvertArguments, JS_ConvertArgumentsVA, JS_ConvertStub, JS_ConvertValue, JS_DHashAllocTable, JS_DHashClearEntryStub, JS_DHashFinalizeStub, JS_DHashFreeStringKey, JS_DHashFreeTable, JS_DHashGetStubOps, JS_DHashMatchEntryStub, JS_DHashMatchStringKey, JS_DHashMoveEntryStub, JS_DHashStringKey, JS_DHashTableDestroy, JS_DHashTableEnumerate, JS_DHashTableFinish, JS_DHashTableInit, JS_DHashTableRawRemove, JS_DHashTableSetAlphaBounds, JS_DHashVoidPtrKeyStub, JS_DecodeBytes, JS_DecompileFunction, JS_DecompileFunctionBody, JS_DecompileScript, JS_DefineConstDoubles, JS_DefineElement, JS_DefineFunction, JS_DefineFunctions, JS_DefineObject, JS_DefineProperties, JS_DefineProperty, JS_DefinePropertyById, JS_DefinePropertyWithTinyId, JS_DefineUCFunction, JS_DefineUCProperty, JS_DefineUCPropertyWithTinyId, JS_DeleteElement, JS_DeleteElement2, JS_DeleteProperty, JS_DeleteProperty2, JS_DeletePropertyById, JS_DeletePropertyById2, JS_DeleteUCProperty2, JS_DestroyContext, JS_DestroyContextMaybeGC, JS_DestroyContextNoGC, JS_DestroyIdArray, JS_DestroyScript, JS_DropExceptionState, JS_DropPrincipals, JS_EncodeCharacters, JS_EncodeString, JS_EndRequest, JS_EnterLocalRootScope, JS_Enumerate, JS_EnumerateResolvedStandardClasses, JS_EnumerateStandardClasses, JS_EnumerateStub, JS_ErrorFromException, JS_EvalFramePrincipals, JS_EvaluateInStackFrame, JS_EvaluateScript, JS_EvaluateScriptForPrincipals, JS_EvaluateUCInStackFrame, JS_EvaluateUCScript, JS_EvaluateUCScriptForPrincipals, JS_ExecuteScript, JS_ExecuteScriptPart, JS_FinalizeStub, JS_Finish, JS_FinishArenaPool, JS_FinishJSONParse, JS_FlagScriptFilenamePrefix, JS_FloorLog2, JS_FlushCaches, JS_ForgetLocalRoot, JS_FrameIterator, JS_FreeArenaPool, JS_GC, JS_GetArrayLength, JS_GetClass, JS_GetClassObject, JS_GetConstructor, JS_GetContextPrivate, JS_GetContextThread, JS_GetElement, JS_GetEmptyStringValue, JS_GetExternalStringGCType, JS_GetFrameAnnotation, JS_GetFrameCallObject, JS_GetFrameCalleeObject, JS_GetFrameFunction, JS_GetFrameFunctionObject, JS_GetFrameObject, JS_GetFramePC, JS_GetFramePrincipalArray, JS_GetFrameReturnValue, JS_GetFrameScopeChain, JS_GetFrameScript, JS_GetFrameThis, JS_GetFunctionArity, JS_GetFunctionFastNative, JS_GetFunctionFlags, JS_GetFunctionId, JS_GetFunctionName, JS_GetFunctionNative, JS_GetFunctionObject, JS_GetFunctionScript, JS_GetFunctionTotalSize, JS_GetGCParameter, JS_GetGCParameterForThread, JS_GetGlobalDebugHooks, JS_GetGlobalForObject, JS_GetGlobalObject, JS_GetImplementationVersion, JS_GetInstancePrivate, JS_GetLocaleCallbacks, JS_GetMethod, JS_GetMethodById, JS_GetNaNValue, JS_GetNegativeInfinityValue, JS_GetObjectId, JS_GetObjectTotalSize, JS_GetOperationCallback, JS_GetOptions, JS_GetParent, JS_GetPendingException, JS_GetPositiveInfinityValue, JS_GetPrivate, JS_GetProperty, JS_GetPropertyAttributes, JS_GetPropertyAttrsGetterAndSetter, JS_GetPropertyAttrsGetterAndSetterById, JS_GetPropertyById, JS_GetPropertyDesc, JS_GetPropertyDescArray, JS_GetPropertyDescriptorById, JS_GetPrototype, JS_GetReservedSlot, JS_GetRuntime, JS_GetRuntimePrivate, JS_GetRuntimeSecurityCallbacks, JS_GetScopeChain, JS_GetScriptBaseLineNumber, JS_GetScriptFilename, JS_GetScriptFilenameFlags, JS_GetScriptLineExtent, JS_GetScriptObject, JS_GetScriptPrincipals, JS_GetScriptTotalSize, JS_GetScriptVersion, JS_GetScriptedCaller, JS_GetSecurityCallbacks, JS_GetStringBytes, JS_GetStringChars, JS_GetStringLength, JS_GetTopScriptFilenameFlags, JS_GetTrapOpcode, JS_GetTypeName, JS_GetUCProperty, JS_GetUCPropertyAttributes, JS_GetUCPropertyAttrsGetterAndSetter, JS_GetVersion, JS_HandleTrap, JS_HasArrayLength, JS_HasElement, JS_HasInstance, JS_HasProperty, JS_HasPropertyById, JS_HasUCProperty, JS_HashString, JS_HashTableAdd, JS_HashTableDestroy, JS_HashTableDump, JS_HashTableEnumerateEntries, JS_HashTableLookup, JS_HashTableRawAdd, JS_HashTableRawLookup, JS_HashTableRawRemove, JS_HashTableRemove, JS_HoldPrincipals, JS_IdToValue, JS_Init, JS_InitArenaPool, JS_InitClass, JS_InitStandardClasses, JS_InstanceOf, JS_InternString, JS_InternUCString, JS_InternUCStringN, JS_IsAboutToBeFinalized, JS_IsArrayObject, JS_IsAssigning, JS_IsConstructing, JS_IsConstructorFrame, JS_IsDebuggerFrame, JS_IsExceptionPending, JS_IsGCMarkingTracer, JS_IsNativeFrame, JS_IsRunning, JS_IsSystemObject, JS_LeaveLocalRootScope, JS_LeaveLocalRootScopeWithResult, JS_LineNumberToPC, JS_Lock, JS_LockGCThing, JS_LockGCThingRT, JS_LookupElement, JS_LookupProperty, JS_LookupPropertyById, JS_LookupPropertyWithFlags, JS_LookupPropertyWithFlagsById, JS_LookupUCProperty, JS_MakeStringImmutable, JS_MapGCRoots, JS_MarkGCThing, JS_MaybeGC, JS_NewArrayObject, JS_NewContext, JS_NewDHashTable, JS_NewDependentString, JS_NewDouble, JS_NewDoubleValue, JS_NewExternalString, JS_NewFunction, JS_NewGrowableString, JS_NewHashTable, JS_NewNumberValue, JS_NewObject, JS_NewObjectWithGivenProto, JS_NewPropertyIterator, JS_NewRegExpObject, JS_NewScriptObject, JS_NewString, JS_NewStringCopyN, JS_NewStringCopyZ, JS_NewSystemObject, JS_NewUCRegExpObject, JS_NewUCString, JS_NewUCStringCopyN, JS_NewUCStringCopyZ, JS_NextProperty, JS_Now, JS_ObjectIsFunction, JS_PCToLineNumber, JS_PopArguments, JS_PropertyIterator, JS_PropertyStub, JS_PushArguments, JS_PushArgumentsVA, JS_PutPropertyDescArray, JS_RemoveArgumentFormatter, JS_RemoveExternalStringFinalizer, JS_RemoveRoot, JS_RemoveRootRT, JS_ReportAllocationOverflow, JS_ReportError, JS_ReportErrorFlagsAndNumber, JS_ReportErrorFlagsAndNumberUC, JS_ReportErrorNumber, JS_ReportErrorNumberUC, JS_ReportOutOfMemory, JS_ReportPendingException, JS_ReportWarning, JS_ResolveStandardClass, JS_ResolveStub, JS_RestoreExceptionState, JS_RestoreFrameChain, JS_ResumeRequest, JS_SameValue, JS_SaveExceptionState, JS_SaveFrameChain, JS_SealObject, JS_SetArrayLength, JS_SetCStringsAreUTF8, JS_SetCallHook, JS_SetCallReturnValue2, JS_SetContextCallback, JS_SetContextDebugHooks, JS_SetContextPrivate, JS_SetContextSecurityCallbacks, JS_SetContextThread, JS_SetDebugErrorHook, JS_SetDebuggerHandler, JS_SetDestroyScriptHookProc, JS_SetElement, JS_SetErrorReporter, JS_SetExecuteHook, JS_SetExtraGCRoots, JS_SetFrameAnnotation, JS_SetFrameReturnValue, JS_SetGCCallback, JS_SetGCCallbackRT, JS_SetGCParameter, JS_SetGCParameterForThread, JS_SetGlobalObject, JS_SetInterrupt, JS_SetLocaleCallbacks, JS_SetNewScriptHookProc, JS_SetObjectHook, JS_SetOperationCallback, JS_SetOptions, JS_SetParent, JS_SetPendingException, JS_SetPrivate, JS_SetProperty, JS_SetPropertyAttributes, JS_SetPropertyById, JS_SetPrototype, JS_SetRegExpInput, JS_SetReservedSlot, JS_SetRuntimePrivate, JS_SetRuntimeSecurityCallbacks, JS_SetScriptStackQuota, JS_SetSourceHandler, JS_SetThreadStackLimit, JS_SetThrowHook, JS_SetTrap, JS_SetUCProperty, JS_SetUCPropertyAttributes, JS_SetVersion, JS_SetWatchPoint, JS_ShutDown, JS_StackFramePrincipals, JS_StrictlyEqual, JS_StringToVersion, JS_Stringify, JS_SuspendRequest, JS_ThrowReportedError, JS_ThrowStopIteration, JS_ToggleOptions, JS_TraceChildren, JS_TraceRuntime, JS_TriggerAllOperationCallbacks, JS_TriggerOperationCallback, JS_TryJSON, JS_TypeOfValue, JS_UndependString, JS_Unlock, JS_UnlockGCThing, JS_UnlockGCThingRT, JS_ValueToBoolean, JS_ValueToConstructor, JS_ValueToECMAInt32, JS_ValueToECMAUint32, JS_ValueToFunction, JS_ValueToId, JS_ValueToInt32, JS_ValueToNumber, JS_ValueToObject, JS_ValueToSource, JS_ValueToString, JS_ValueToUint16, JS_VersionToString, JS_XDRBytes, JS_XDRCString, JS_XDRCStringOrNull, JS_XDRDestroy, JS_XDRDouble, JS_XDRFindClassById, JS_XDRFindClassIdByName, JS_XDRInitBase, JS_XDRMemDataLeft, JS_XDRMemGetData, JS_XDRMemResetData, JS_XDRMemSetData, JS_XDRNewMem, JS_XDRRegisterClass, JS_XDRScript, JS_XDRString, JS_XDRStringOrNull, JS_XDRUint16, JS_XDRUint32, JS_XDRUint8, JS_XDRValue, JS_YieldRequest, JS_dtobasestr, JS_dtostr, JS_free, JS_malloc, JS_realloc, JS_smprintf, JS_smprintf_free, JS_snprintf, JS_sprintf_append, JS_strdup, JS_strtod, JS_sxprintf, JS_vsmprintf, JS_vsnprintf, JS_vsprintf_append, JS_vsxprintf, js_AllocStack, js_AnyNameClass, js_AttributeNameClass, js_CallClass, js_CallDestroyScriptHook, js_CallIteratorNext, js_CallNewScriptHook, js_CheckUndeclaredVarAssignment, js_CoerceArrayToCanvasImageData, js_DateGetDate, js_DateGetHours, js_DateGetMinutes, js_DateGetMonth, js_DateGetMsecSinceEpoch, js_DateGetSeconds, js_DateGetYear, js_DateIsValid, js_DateSetDate, js_DateSetHours, js_DateSetMinutes, js_DateSetMonth, js_DateSetSeconds, js_DateSetYear, js_FindProperty, js_FinishDtoa, js_FreeStack, js_FunctionClass, js_GeneratorClass, js_GetGCThingTraceKind, js_GetLocalNameArray, js_GetScriptLineExtent, js_GetSlotThreadSafe, js_GetSrcNoteOffset, js_GetterOnlyPropertyStub, js_InitDtoa, js_IntervalNow, js_Invoke, js_LookupProperty, js_MapKeywords, js_NamespaceClass, js_NewArrayObjectWithCapacity, js_NewDateObject, js_NewDateObjectMsec, js_ObjectOps, js_QNameClass, js_RestoreRegExpStatics, js_SaveAndClearRegExpStatics, js_ScriptClass, js_SrcNoteLength, js_SrcNoteSpec, js_TraceContext, js_ValueToCharBuffer, js_ValueToIterator, js_ValueToPrintable, js_ValueToSource, js_ValueToString, js_WithObjectOps, js_XMLClass, js_XMLObjectOps, js_fgets TrID : File type identification Win32 Executable Generic (68.0%) Generic Win/DOS Executable (15.9%) DOS Executable Generic (15.9%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) ssdeep: 24576:3aDnX0KubaFZsjj0TPhViCq3fnzt5XIlOLjfngUqq7W:IkKubyZ2jsYzfjfnlW sigcheck: publisher....: n/a copyright....: n/a product......: n/a description..: n/a original name: n/a internal name: n/a file version.: n/a comments.....: n/a signers......: Mozilla Corporation Thawte Code Signing CA Thawte Premium Server CA signing date.: 7:57 PM 4/1/2010 verified.....: - PEiD : - RDS : NSRL Reference Data Set - rest kommt noch Geändert von merling (19.06.2010 um 20:59 Uhr) |
|
19.06.2010, 20:44
| #17 |
| /// Selecta Jahrusso   | Nod32 zeigt virus an (C:cleansweep.exe/cleansweep.exe) was ist das und wie bekomme ich es weg? Kannst Du das mit dem Table Tags bitte unterlassen ?
__________________
__________________ |
|
19.06.2010, 21:00
| #18 |
| | Nod32 zeigt virus an (C:cleansweep.exe/cleansweep.exe) was ist das und wie bekomme ich es weg? jap
__________________...das mit dem vollständigem scan dauert voll ...schon 39 min nur so nebenbei... kennt vieleicht jemand den server anbieter kasserver.com und sone sicherheitszeug wie lambdanet.net ...antwortet mir per pn Geändert von merling (19.06.2010 um 21:14 Uhr) |
|
19.06.2010, 21:22
| #19 |
| | Nod32 zeigt virus an (C:cleansweep.exe/cleansweep.exe) was ist das und wie bekomme ich es weg? hier von maleware(mba): Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4213 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 19.06.2010 22:20:54 mbam-log-2010-06-19 (22-20-54).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Durchsuchte Objekte: 326870 Laufzeit: 58 Minute(n), 33 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 1 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 3 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: C:\Program Files\js3250.dll (Spyware.OnlineGames) -> No action taken. Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: C:\Users\Merling\AppData\Roaming\Microsoft\Addon\Microsoft.exe (Trojan.Dialer.Gen) -> No action taken. C:\Users\Windows 7 (System)\Desktop\Alles rein\gdx-anno1404trn.exe (Malware.Packer) -> No action taken. C:\Program Files\js3250.dll (Spyware.OnlineGames) -> No action taken. achso und gdx-anno1404trn.exe ist nen trainer der auch geht |
|
19.06.2010, 21:52
| #20 |
| | Nod32 zeigt virus an (C:cleansweep.exe/cleansweep.exe) was ist das und wie bekomme ich es weg? logfiles von javara: 1 1910 ...etwas komisch dass es so wenig ist |
|
19.06.2010, 21:57
| #21 |
| | Nod32 zeigt virus an (C:cleansweep.exe/cleansweep.exe) was ist das und wie bekomme ich es weg? otl.txt : OTL Logfile: Code:
ATTFilter OTL logfile created on: 19.06.2010 22:49:31 - Run 5 OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Windows 7 (System)\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 80,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 450,16 Gb Total Space | 317,77 Gb Free Space | 70,59% Space Free | Partition Type: NTFS Drive D: | 1,88 Gb Total Space | 1,87 Gb Free Space | 99,85% Space Free | Partition Type: FAT E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: METALLBAU-PC Current User Name: Windows 7 (System) Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\Windows 7 (System)\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Google\Update\1.2.183.29\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET) PRC - C:\Program Files\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) PRC - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - C:\Program Files (x86)\Launch Manager\LManager.EXE (Dritek System Inc.) PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.) PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\Acer Bio Protection\BASVC.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated) PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) PRC - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated) PRC - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) PRC - C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer) PRC - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.) PRC - C:\Program Files (x86)\funkwerk WIN-Tools\Eumex 401 WIN-Tools V1.00\ControlCenter.exe (Funkwerk Enterprise Communications GmbH) PRC - C:\Windows\PLFSetI.exe () PRC - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions) PRC - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe (Sonic Solutions) ========== Modules (SafeList) ========== MOD - C:\Users\Windows 7 (System)\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (EhttpSrv) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET) SRV:64bit: - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET) SRV:64bit: - (ePowerSvc) -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated) SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation) SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation) SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation) SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation) SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation) SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation) SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation) SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation) SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation) SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation) SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation) SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation) SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation) SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation) SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation) SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation) SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation) SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation) SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation) SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation) SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation) SRV:64bit: - (Updater Service) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer) SRV - (Akamai) -- c:\program files (x86)\common files\akamai\rswin_3697.dll () SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe () SRV - (Hamachi2Svc) -- C:\MT2\Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.) SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe () SRV - (IGBASVC) -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe (Egis Technology Inc.) SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated) SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) SRV - (VSS) -- C:\Windows\Vss [2009.07.14 05:20:14 | 000,000,000 | ---D | M] SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2009.07.14 05:20:14 | 000,000,000 | ---D | M] SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation) SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation) SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof () SRV - (RS_Service) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) SRV - (NTISchedulerSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.) SRV - (NTIBackupSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.) SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys () DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys () DRV:64bit: - (vmm) -- C:\Windows\SysNative\Treiber\VMM.sys (Microsoft Corporation) DRV:64bit: - (epfwwfpr) -- C:\Windows\SysNative\drivers\epfwwfpr.sys (ESET) DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET) DRV:64bit: - (eamonm) -- C:\Windows\SysNative\drivers\eamonm.sys (ESET) DRV:64bit: - (KSecPkg) -- C:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (fvevol) -- C:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (FPSensor) EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys) -- C:\Windows\SysNative\drivers\FPSensor.sys (EgisTec) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (NETw5s64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation) DRV:64bit: - (nuvotoncir) -- C:\Windows\SysNative\drivers\nuvotoncir.sys (Nuvoton Technology Corporation) DRV:64bit: - (johci) -- C:\Windows\SysNative\drivers\johci.sys (JMicron ) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (hwpolicy) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation) DRV:64bit: - (FsDepends) -- C:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (WIMMount) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation) DRV:64bit: - (vhdmp) -- C:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation) DRV:64bit: - (vdrvroot) -- C:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (rdyboost) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation) DRV:64bit: - (pcw) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation) DRV:64bit: - (CNG) -- C:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation) DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation) DRV:64bit: - (rdpbus) -- C:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation) DRV:64bit: - (RDPREFMP) -- C:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation) DRV:64bit: - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation) DRV:64bit: - (usbrndis6) -- C:\Windows\SysNative\drivers\usb80236.sys (Microsoft Corporation) DRV:64bit: - (WfpLwf) -- C:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation) DRV:64bit: - (RMCAST) -- C:\Windows\SysNative\drivers\rmcast.sys (Microsoft Corporation) DRV:64bit: - (NdisCap) -- C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation) DRV:64bit: - (vwifimp) -- C:\Windows\SysNative\drivers\vwifimp.sys (Microsoft Corporation) DRV:64bit: - (vwififlt) -- C:\Windows\SysNative\drivers\vwififlt.sys (Microsoft Corporation) DRV:64bit: - (vwifibus) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation) DRV:64bit: - (1394ohci) -- C:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation) DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation) DRV:64bit: - (usbvideo) USB Video Device (WDM) -- C:\Windows\SysNative\drivers\usbvideo.sys (Microsoft Corporation) DRV:64bit: - (BthPan) Bluetooth-Gerät (PAN) -- C:\Windows\SysNative\drivers\bthpan.sys (Microsoft Corporation) DRV:64bit: - (BTHPORT) -- C:\Windows\SysNative\drivers\bthport.sys (Microsoft Corporation) DRV:64bit: - (RFCOMM) Bluetooth-Gerät (RFCOMM-Protokoll-TDI) -- C:\Windows\SysNative\drivers\rfcomm.sys (Microsoft Corporation) DRV:64bit: - (BthEnum) -- C:\Windows\SysNative\drivers\bthenum.sys (Microsoft Corporation) DRV:64bit: - (BTHUSB) -- C:\Windows\SysNative\drivers\BTHUSB.SYS (Microsoft Corporation) DRV:64bit: - (UmPass) -- C:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation) DRV:64bit: - (WinUsb) -- C:\Windows\SysNative\drivers\winusb.sys (Microsoft Corporation) DRV:64bit: - (mshidkmdf) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation) DRV:64bit: - (WudfPf) -- C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation) DRV:64bit: - (MTConfig) -- C:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation) DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation) DRV:64bit: - (Beep) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation) DRV:64bit: - (AppID) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation) DRV:64bit: - (scfilter) -- C:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation) DRV:64bit: - (discache) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation) DRV:64bit: - (HidBatt) -- C:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation) DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation) DRV:64bit: - (AcpiPmi) -- C:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation) DRV:64bit: - (AmdPPM) -- C:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation) DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (k57nd60a) Broadcom NetLink (TM) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation) DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.) DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.) DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.) DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation) DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5v64.sys (Intel Corporation) DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.) DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (int15.sys) -- C:\Windows\SysNative\OEM\factory\int15.sys (Acer, Inc.) DRV:64bit: - (VPCNetS2) -- C:\Windows\SysNative\drivers\VMNetSrv.sys (Microsoft Corporation) DRV:64bit: - (RxFilter) -- C:\Windows\SysNative\drivers\RxFilter.sys (Sonic Solutions) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\SysWOW64\winusb.dll (Microsoft Corporation) DRV - (NetBIOS) -- C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation) DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof () DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof () DRV - (mwlPSDVDisk) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlPSDVdisk.sys (Egis Technology Inc.) DRV - (mwlPSDFilter) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlPSDFilter.sys (Egis Technology Inc.) DRV - (mwlPSDNServ) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlPSDNServ.sys (Egis Technology Inc.) DRV - (DKbFltr) Dritek Keyboard Filter Driver (64-bit) -- C:\Windows\SysWOW64\drivers\DKbFltr.sys (Dritek System Inc.) DRV - (RxFilter) -- C:\Windows\SysWOW64\drivers\RxFilter.sys (Sonic Solutions) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8940g&r=273602108006l0343z175t4882y803 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8940g&r=273602108006l0343z175t4882y803 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8940g&r=273602108006l0343z175t4882y803 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8940g&r=273602108006l0343z175t4882y803 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8940g&r=273602108006l0343z175t4882y803 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8940g&r=273602108006l0343z175t4882y803 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\components [2010.06.18 23:00:44 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\plugins [2010.06.19 21:26:01 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.05.03 22:38:12 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2010.06.18 20:37:02 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.06.18 19:54:14 | 000,000,000 | ---D | M] [2010.05.31 21:09:28 | 000,000,000 | ---D | M] -- C:\Users\Windows 7 (System)\AppData\Roaming\mozilla\Extensions [2010.05.31 21:09:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Windows 7 (System)\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010.06.19 21:17:52 | 000,000,000 | ---D | M] -- C:\Users\Windows 7 (System)\AppData\Roaming\mozilla\Firefox\Profiles\ifxymu3v.default\extensions [2010.06.18 20:37:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Windows 7 (System)\AppData\Roaming\mozilla\Firefox\Profiles\ifxymu3v.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} O1 HOSTS File: ([2010.06.18 22:44:32 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg64.dll (Google Inc.) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.) O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\HypreCam Toolbar\tbcore3.dll () O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (HypreCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\HypreCam Toolbar\tbcore3.dll () O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (HypreCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\HypreCam Toolbar\tbcore3.dll () O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.) O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [XeroxEndeavorBackgroundTask] C:\Windows\SysNative\xrWCbgnd.dll (Xerox Corporation) O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe File not found O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation) O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions) O4 - HKLM..\Run: [VitaKeyPdtWzd] C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.) O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation) O4 - HKCU..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll (Google Inc.) O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll (Google Inc.) O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.) O9:64bit: - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.) O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.) O9 - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.) O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.06.19 22:48:44 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2010.06.19 22:48:44 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2010.06.19 22:48:44 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2010.06.19 22:48:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2010.06.19 21:26:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2010.06.19 21:26:01 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2010.06.18 23:00:44 | 000,000,000 | ---D | C] -- C:\Program Files\searchplugins [2010.06.18 22:49:47 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Malwarebytes [2010.06.18 22:49:34 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.06.18 22:49:32 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010.06.18 22:49:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010.06.18 22:49:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.06.18 22:42:50 | 000,000,000 | ---D | C] -- C:\_OTL [2010.06.18 21:40:36 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Users\Windows 7 (System)\Desktop\OTL.exe [2010.06.18 20:39:18 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\Desktop\Alles rein [2010.06.18 20:37:03 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Foxit [2010.06.18 20:37:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software [2010.06.18 20:33:41 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys [2010.06.18 19:57:52 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\ESET [2010.06.18 19:54:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET [2010.06.18 19:54:13 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2010.06.17 16:31:26 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\skypePM [2010.06.17 16:29:12 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Skype [2010.06.17 16:28:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\extensions [2010.06.17 16:28:30 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2010.06.17 16:28:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2010.06.17 16:28:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2010.06.15 22:07:31 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Windows Server [2010.06.15 15:37:32 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Roxio [2010.06.15 15:35:51 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio [2010.06.15 15:35:47 | 000,121,856 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\cdrtc.dll [2010.06.15 15:35:47 | 000,096,256 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\cdral.dll [2010.06.15 15:35:47 | 000,058,880 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\RxFilter.sys [2010.06.15 15:35:46 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield [2010.06.15 15:35:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic [2010.06.15 15:34:47 | 000,052,664 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\PxHlpa64.sys [2010.06.15 15:34:47 | 000,003,584 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys [2010.06.15 15:34:47 | 000,003,584 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys [2010.06.15 15:34:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio [2010.06.15 15:34:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared [2010.06.15 15:34:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio [2010.06.15 15:33:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared [2010.06.14 19:17:46 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\PowerCinema [2010.06.14 19:17:44 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\PowerCinema [2010.06.14 16:39:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\gta san andreas [2010.06.13 16:20:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\plugins [2010.06.12 18:15:17 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Ubisoft [2010.06.12 18:00:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Tages [2010.06.12 17:49:34 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Diagnostics [2010.06.12 16:27:26 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll [2010.06.12 16:27:26 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll [2010.06.12 16:27:26 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll [2010.06.12 16:27:26 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll [2010.06.12 16:27:25 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll [2010.06.12 16:27:25 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll [2010.06.12 16:27:25 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll [2010.06.12 16:27:25 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll [2010.06.12 16:27:25 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll [2010.06.12 16:27:25 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll [2010.06.12 16:27:25 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll [2010.06.12 16:27:25 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll [2010.06.12 16:27:25 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll [2010.06.12 16:27:25 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll [2010.06.12 16:27:25 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll [2010.06.12 16:27:25 | 000,069,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll [2010.06.12 16:27:25 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll [2010.06.12 16:27:25 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll [2010.06.12 16:27:24 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll [2010.06.12 16:27:24 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll [2010.06.12 16:27:24 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll [2010.06.12 16:27:24 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll [2010.06.12 16:27:24 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll [2010.06.12 16:27:24 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll [2010.06.12 16:27:24 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll [2010.06.12 16:27:23 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll [2010.06.12 16:27:23 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2010.06.12 16:27:23 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll [2010.06.12 16:27:23 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll [2010.06.12 16:27:23 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll [2010.06.12 16:27:23 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2010.06.12 16:27:23 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll [2010.06.12 16:27:23 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll [2010.06.12 16:27:23 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll [2010.06.12 16:27:23 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll [2010.06.12 16:27:23 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll [2010.06.12 16:27:23 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll [2010.06.12 16:27:22 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll [2010.06.12 16:27:22 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2010.06.12 16:27:22 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll [2010.06.12 16:27:22 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll [2010.06.12 16:27:22 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll [2010.06.12 16:27:22 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll [2010.06.12 16:27:22 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll [2010.06.12 16:27:22 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll [2010.06.12 16:27:22 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll [2010.06.12 16:27:22 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll [2010.06.12 16:27:22 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll [2010.06.12 16:27:22 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll [2010.06.12 16:27:22 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll [2010.06.12 16:27:22 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll [2010.06.12 16:27:21 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll [2010.06.12 16:27:21 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll [2010.06.12 16:27:21 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll [2010.06.12 16:27:21 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll [2010.06.12 16:27:21 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll [2010.06.12 16:27:21 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll [2010.06.12 16:27:20 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll [2010.06.12 16:27:20 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll [2010.06.12 16:27:20 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll [2010.06.12 16:27:20 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll [2010.06.12 16:27:20 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll [2010.06.12 16:27:20 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll [2010.06.12 16:27:20 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll [2010.06.12 16:27:20 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll [2010.06.12 16:21:26 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\Documents\NFS Most Wanted Backups [2010.06.12 16:21:26 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\Documents\NFS Most Wanted [2010.06.12 15:58:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Counter-Strike 1.6 [2010.06.12 15:55:54 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll [2010.06.11 14:16:59 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\gtk-2.0 [2010.06.10 22:54:47 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\.thumbnails [2010.06.10 22:40:56 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\Documents\gegl-0.0 [2010.06.10 22:40:56 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\.gimp-2.6 [2010.06.10 22:40:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIMP-2.0 [2010.06.10 22:29:07 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\PhotoFiltre [2010.06.10 22:29:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoFiltre [2010.06.07 16:57:57 | 000,000,000 | ---D | C] -- C:\Windows\San Andreas Mod Installer [2010.06.06 00:14:13 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\CyberLink [2010.06.06 00:14:10 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\PlayMovie [2010.06.05 23:21:53 | 000,000,000 | -H-D | C] -- C:\MyWinLockerData [2010.06.05 22:34:28 | 000,000,000 | R-SD | C] -- C:\Users\Windows 7 (System)\Documents\My Stationery [2010.06.05 12:23:40 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\LogMeIn Hamachi [2010.06.03 22:54:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Grand Theft Auto San Andreas [2010.06.03 22:43:38 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\Documents\GTA San Andreas User Files [2010.06.03 20:56:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CSS-Editor [2010.06.02 21:11:57 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Broadcom [2010.06.02 21:11:57 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\Documents\Bluetooth-Exchange-Ordner [2010.06.02 17:19:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared [2010.05.31 21:09:25 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Thunderbird [2010.05.31 21:09:25 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Thunderbird [2010.05.31 19:36:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Carrera Streckenplaner [2010.05.31 18:58:42 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Adobe [2010.05.30 09:03:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64 [2010.05.30 09:03:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Scan [2010.05.30 09:03:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton [2010.05.30 09:03:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64\0207030.022 [2010.05.30 09:03:22 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller [2010.05.30 09:03:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller [2010.05.29 16:49:01 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\DivX [2010.05.29 16:48:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2010.05.29 16:48:53 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2010.05.29 16:48:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared [2010.05.29 16:46:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX [2010.05.29 16:45:51 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2010.05.29 15:43:50 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Apple Computer [2010.05.29 10:29:24 | 001,498,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100d.dll [2010.05.29 10:29:19 | 000,761,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll [2010.05.29 09:44:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Combat Arms EU [2010.05.29 02:13:31 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2010.05.28 15:18:40 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Microsoft Games [2010.05.27 19:44:16 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\WinRAR [2010.05.26 21:53:56 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Google [2010.05.26 21:53:55 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Google [2010.05.26 18:45:41 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Apple Computer [2010.05.25 18:55:13 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Adobe [2010.05.25 18:54:24 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Mozilla [2010.05.25 18:54:24 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Mozilla [2010.05.25 18:53:48 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Macromedia [2010.05.25 18:53:47 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\EgisTec [2010.05.25 18:52:13 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Searches [2010.05.25 18:52:05 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Identities [2010.05.25 18:52:03 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Contacts [2010.05.25 18:52:01 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\VirtualStore [2010.05.25 18:51:58 | 000,000,000 | --SD | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Microsoft [2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Videos [2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Saved Games [2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Pictures [2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Music [2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Links [2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Favorites [2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Downloads [2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Documents [2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Desktop [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Vorlagen [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\AppData\Local\Verlauf [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\AppData\Local\Temporary Internet Files [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Startmenü [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\SendTo [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Recent [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Netzwerkumgebung [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Lokale Einstellungen [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Documents\Eigene Videos [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Documents\Eigene Musik [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Eigene Dateien [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Documents\Eigene Bilder [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Druckumgebung [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Cookies [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\AppData\Local\Anwendungsdaten [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Anwendungsdaten [2010.05.25 18:51:58 | 000,000,000 | -H-D | C] -- C:\Users\Windows 7 (System)\AppData [2010.05.25 18:51:58 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Temp [2010.05.25 18:51:58 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Microsoft Help [2010.05.25 18:51:58 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Microsoft [2010.05.25 18:51:58 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Media Center Programs [2010.05.21 15:33:08 | 000,000,000 | ---D | C] -- C:\Nexon [2010.05.21 15:33:05 | 000,421,888 | ---- | C] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe [2006.09.14 11:32:20 | 000,028,672 | R--- | C] ( ) -- C:\Windows\SysWow64\DivXGraphBuilderCallback.dll ========== Files - Modified Within 30 Days ========== [2010.06.19 22:51:51 | 000,656,010 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.06.19 22:51:51 | 000,616,632 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.06.19 22:51:51 | 000,131,874 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.06.19 22:51:51 | 000,108,268 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.06.19 22:51:50 | 001,501,000 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.06.19 22:51:07 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.06.19 22:51:07 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.06.19 22:50:17 | 002,097,152 | -HS- | M] () -- C:\Users\Windows 7 (System)\NTUSER.DAT [2010.06.19 22:48:36 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2010.06.19 22:48:35 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2010.06.19 22:48:35 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2010.06.19 22:48:35 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2010.06.19 22:44:10 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.06.19 22:43:54 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.06.19 22:43:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.06.19 22:43:43 | 3212,234,752 | -HS- | M] () -- C:\hiberfil.sys [2010.06.19 22:41:32 | 006,429,992 | -H-- | M] () -- C:\Users\Windows 7 (System)\AppData\Local\IconCache.db [2010.06.19 22:14:06 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.06.19 21:56:51 | 000,007,619 | ---- | M] () -- C:\Users\Windows 7 (System)\AppData\Local\Resmon.ResmonCfg [2010.06.19 21:07:52 | 000,000,502 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Merling.job [2010.06.19 01:25:50 | 002,442,400 | ---- | M] () -- C:\Users\Windows 7 (System)\Desktop\TENNY TAG.pptx [2010.06.19 00:07:21 | 000,324,148 | ---- | M] () -- C:\Users\Windows 7 (System)\Desktop\himmel_licht_strahl.jpg [2010.06.18 23:00:47 | 000,001,484 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.06.18 22:49:36 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.06.18 22:44:32 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts [2010.06.18 21:40:44 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Windows 7 (System)\Desktop\OTL.exe [2010.06.18 19:34:49 | 000,097,384 | ---- | M] () -- C:\Users\Windows 7 (System)\AppData\Local\GDIPFONTCACHEV1.DAT [2010.06.18 19:34:21 | 000,388,496 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010.06.17 16:31:27 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat [2010.06.16 11:18:16 | 000,002,863 | R-S- | M] () -- C:\Users\Windows 7 (System)\AppData\Roaming\usernt.dat [2010.06.15 15:37:32 | 000,000,000 | ---- | M] () -- C:\Users\Windows 7 (System)\AppData\Local\rx_image.Cache [2010.06.14 16:58:37 | 3630,059,453 | ---- | M] () -- C:\Users\Windows 7 (System)\Desktop\gta san andreas.rar [2010.06.13 12:32:42 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2010.06.12 17:55:48 | 000,000,441 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics [2010.06.12 17:43:24 | 000,000,000 | -H-- | M] () -- C:\Users\Windows 7 (System)\Documents\Default.rdp [2010.06.12 16:27:28 | 000,314,016 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys [2010.06.12 16:27:28 | 000,043,680 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys [2010.06.11 14:38:42 | 000,141,141 | ---- | M] () -- C:\Users\Windows 7 (System)\Desktop\6-468fb3e909eff8632127632b608d9fd5.jpg [2010.06.11 14:27:53 | 000,000,880 | ---- | M] () -- C:\Users\Windows 7 (System)\.recently-used.xbel [2010.06.06 13:30:07 | 000,000,963 | ---- | M] () -- C:\Users\Windows 7 (System)\Desktop\Downloads - Verknüpfung.lnk [2010.06.05 13:00:31 | 000,000,780 | ---- | M] () -- C:\Users\Windows 7 (System)\Desktop\gta_sa - Verknüpfung.lnk [2010.05.30 09:03:23 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NSSx64\0207030.022\isolate.ini [2010.05.29 10:29:32 | 001,498,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100d.dll [2010.05.29 10:29:24 | 000,761,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll [2010.05.27 09:24:13 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2010.05.27 08:34:09 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2010.05.27 06:11:32 | 000,366,080 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2010.05.27 05:49:37 | 000,293,888 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2010.05.25 22:14:40 | 000,524,288 | -HS- | M] () -- C:\Users\Windows 7 (System)\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2010.05.25 22:14:40 | 000,524,288 | -HS- | M] () -- C:\Users\Windows 7 (System)\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2010.05.25 22:14:40 | 000,065,536 | -HS- | M] () -- C:\Users\Windows 7 (System)\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2010.05.25 18:51:58 | 000,000,020 | -HS- | M] () -- C:\Users\Windows 7 (System)\ntuser.ini [2010.05.21 15:33:05 | 000,421,888 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe [2010.05.21 07:52:30 | 001,192,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll [2010.05.21 07:47:27 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsproxy.dll [2010.05.21 07:18:06 | 000,977,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll [2010.05.21 07:14:50 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll ========== Files Created - No Company Name ========== [2010.06.19 21:56:51 | 000,007,619 | ---- | C] () -- C:\Users\Windows 7 (System)\AppData\Local\Resmon.ResmonCfg [2010.06.19 01:26:16 | 002,442,400 | ---- | C] () -- C:\Users\Windows 7 (System)\Desktop\TENNY TAG.pptx [2010.06.19 00:04:58 | 000,324,148 | ---- | C] () -- C:\Users\Windows 7 (System)\Desktop\himmel_licht_strahl.jpg [2010.06.18 23:00:39 | 001,015,256 | ---- | C] () -- C:\Program Files\js3250.dll [2010.06.18 22:49:36 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.06.17 16:31:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.06.16 11:18:15 | 000,002,863 | R-S- | C] () -- C:\Users\Windows 7 (System)\AppData\Roaming\usernt.dat [2010.06.15 15:37:32 | 000,000,000 | ---- | C] () -- C:\Users\Windows 7 (System)\AppData\Local\rx_image.Cache [2010.06.14 16:40:53 | 3630,059,453 | ---- | C] () -- C:\Users\Windows 7 (System)\Desktop\gta san andreas.rar [2010.06.12 17:53:12 | 001,112,950 | ---- | C] () -- C:\Windows\SysNative\hw.dll [2010.06.12 17:43:24 | 000,000,000 | -H-- | C] () -- C:\Users\Windows 7 (System)\Documents\Default.rdp [2010.06.12 16:27:28 | 000,314,016 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys [2010.06.12 16:27:28 | 000,043,680 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys [2010.06.11 14:27:53 | 000,000,880 | ---- | C] () -- C:\Users\Windows 7 (System)\.recently-used.xbel [2010.06.10 22:29:31 | 000,141,141 | ---- | C] () -- C:\Users\Windows 7 (System)\Desktop\6-468fb3e909eff8632127632b608d9fd5.jpg [2010.06.06 13:30:07 | 000,000,963 | ---- | C] () -- C:\Users\Windows 7 (System)\Desktop\Downloads - Verknüpfung.lnk [2010.06.05 13:00:31 | 000,000,780 | ---- | C] () -- C:\Users\Windows 7 (System)\Desktop\gta_sa - Verknüpfung.lnk [2010.05.30 09:03:25 | 000,000,502 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for Merling.job [2010.05.30 09:03:23 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSSx64\0207030.022\isolate.ini [2010.05.25 18:51:58 | 002,097,152 | -HS- | C] () -- C:\Users\Windows 7 (System)\NTUSER.DAT [2010.05.25 18:51:58 | 000,524,288 | -HS- | C] () -- C:\Users\Windows 7 (System)\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2010.05.25 18:51:58 | 000,524,288 | -HS- | C] () -- C:\Users\Windows 7 (System)\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2010.05.25 18:51:58 | 000,262,144 | -HS- | C] () -- C:\Users\Windows 7 (System)\ntuser.dat.LOG1 [2010.05.25 18:51:58 | 000,065,536 | -HS- | C] () -- C:\Users\Windows 7 (System)\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2010.05.25 18:51:58 | 000,000,020 | -HS- | C] () -- C:\Users\Windows 7 (System)\ntuser.ini [2010.05.25 18:51:58 | 000,000,000 | -HS- | C] () -- C:\Users\Windows 7 (System)\ntuser.dat.LOG2 [2010.05.14 14:18:02 | 000,000,118 | ---- | C] () -- C:\Windows\wininit.ini [2010.05.07 17:51:17 | 001,531,462 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.04.24 11:26:11 | 000,000,046 | ---- | C] () -- C:\Windows\hmview.ini [2010.04.01 18:40:03 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll [2010.02.22 16:43:21 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI [2009.09.22 01:13:30 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll [2009.09.22 01:13:30 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2006.11.20 18:23:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\px.ini [2006.10.26 23:02:40 | 000,520,192 | ---- | C] () -- C:\Windows\SysWow64\CddbPlaylist2Roxio.dll [2006.10.26 23:02:40 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\CddbFileTaggerRoxio.dll [2005.07.15 20:35:56 | 000,831,488 | ---- | C] () -- C:\Windows\SysWow64\libeay32.dll [2005.07.15 20:35:56 | 000,159,744 | ---- | C] () -- C:\Windows\SysWow64\ssleay32.dll [2005.07.15 20:35:24 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 76 bytes -> C:\Users\Windows 7 (System)\Desktop\himmel_licht_strahl.jpg:Roxio EMC Stream < End of report > |
|
19.06.2010, 21:58
| #22 |
| | Nod32 zeigt virus an (C:cleansweep.exe/cleansweep.exe) was ist das und wie bekomme ich es weg? otl.txt : OTL Logfile: Code:
ATTFilter OTL logfile created on: 19.06.2010 22:49:31 - Run 5 OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Windows 7 (System)\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 80,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 450,16 Gb Total Space | 317,77 Gb Free Space | 70,59% Space Free | Partition Type: NTFS Drive D: | 1,88 Gb Total Space | 1,87 Gb Free Space | 99,85% Space Free | Partition Type: FAT E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: METALLBAU-PC Current User Name: Windows 7 (System) Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\Windows 7 (System)\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Google\Update\1.2.183.29\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET) PRC - C:\Program Files\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) PRC - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - C:\Program Files (x86)\Launch Manager\LManager.EXE (Dritek System Inc.) PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.) PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\Acer Bio Protection\BASVC.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated) PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) PRC - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated) PRC - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) PRC - C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer) PRC - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.) PRC - C:\Program Files (x86)\funkwerk WIN-Tools\Eumex 401 WIN-Tools V1.00\ControlCenter.exe (Funkwerk Enterprise Communications GmbH) PRC - C:\Windows\PLFSetI.exe () PRC - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions) PRC - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe (Sonic Solutions) ========== Modules (SafeList) ========== MOD - C:\Users\Windows 7 (System)\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (EhttpSrv) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET) SRV:64bit: - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET) SRV:64bit: - (ePowerSvc) -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated) SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation) SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation) SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation) SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation) SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation) SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation) SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation) SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation) SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation) SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation) SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation) SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation) SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation) SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation) SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation) SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation) SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation) SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation) SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation) SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation) SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation) SRV:64bit: - (Updater Service) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer) SRV - (Akamai) -- c:\program files (x86)\common files\akamai\rswin_3697.dll () SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe () SRV - (Hamachi2Svc) -- C:\MT2\Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.) SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe () SRV - (IGBASVC) -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe (Egis Technology Inc.) SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated) SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) SRV - (VSS) -- C:\Windows\Vss [2009.07.14 05:20:14 | 000,000,000 | ---D | M] SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2009.07.14 05:20:14 | 000,000,000 | ---D | M] SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation) SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation) SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof () SRV - (RS_Service) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) SRV - (NTISchedulerSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.) SRV - (NTIBackupSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.) SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys () DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys () DRV:64bit: - (vmm) -- C:\Windows\SysNative\Treiber\VMM.sys (Microsoft Corporation) DRV:64bit: - (epfwwfpr) -- C:\Windows\SysNative\drivers\epfwwfpr.sys (ESET) DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET) DRV:64bit: - (eamonm) -- C:\Windows\SysNative\drivers\eamonm.sys (ESET) DRV:64bit: - (KSecPkg) -- C:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (fvevol) -- C:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (FPSensor) EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys) -- C:\Windows\SysNative\drivers\FPSensor.sys (EgisTec) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (NETw5s64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation) DRV:64bit: - (nuvotoncir) -- C:\Windows\SysNative\drivers\nuvotoncir.sys (Nuvoton Technology Corporation) DRV:64bit: - (johci) -- C:\Windows\SysNative\drivers\johci.sys (JMicron ) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (hwpolicy) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation) DRV:64bit: - (FsDepends) -- C:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (WIMMount) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation) DRV:64bit: - (vhdmp) -- C:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation) DRV:64bit: - (vdrvroot) -- C:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (rdyboost) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation) DRV:64bit: - (pcw) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation) DRV:64bit: - (CNG) -- C:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation) DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation) DRV:64bit: - (rdpbus) -- C:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation) DRV:64bit: - (RDPREFMP) -- C:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation) DRV:64bit: - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation) DRV:64bit: - (usbrndis6) -- C:\Windows\SysNative\drivers\usb80236.sys (Microsoft Corporation) DRV:64bit: - (WfpLwf) -- C:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation) DRV:64bit: - (RMCAST) -- C:\Windows\SysNative\drivers\rmcast.sys (Microsoft Corporation) DRV:64bit: - (NdisCap) -- C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation) DRV:64bit: - (vwifimp) -- C:\Windows\SysNative\drivers\vwifimp.sys (Microsoft Corporation) DRV:64bit: - (vwififlt) -- C:\Windows\SysNative\drivers\vwififlt.sys (Microsoft Corporation) DRV:64bit: - (vwifibus) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation) DRV:64bit: - (1394ohci) -- C:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation) DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation) DRV:64bit: - (usbvideo) USB Video Device (WDM) -- C:\Windows\SysNative\drivers\usbvideo.sys (Microsoft Corporation) DRV:64bit: - (BthPan) Bluetooth-Gerät (PAN) -- C:\Windows\SysNative\drivers\bthpan.sys (Microsoft Corporation) DRV:64bit: - (BTHPORT) -- C:\Windows\SysNative\drivers\bthport.sys (Microsoft Corporation) DRV:64bit: - (RFCOMM) Bluetooth-Gerät (RFCOMM-Protokoll-TDI) -- C:\Windows\SysNative\drivers\rfcomm.sys (Microsoft Corporation) DRV:64bit: - (BthEnum) -- C:\Windows\SysNative\drivers\bthenum.sys (Microsoft Corporation) DRV:64bit: - (BTHUSB) -- C:\Windows\SysNative\drivers\BTHUSB.SYS (Microsoft Corporation) DRV:64bit: - (UmPass) -- C:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation) DRV:64bit: - (WinUsb) -- C:\Windows\SysNative\drivers\winusb.sys (Microsoft Corporation) DRV:64bit: - (mshidkmdf) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation) DRV:64bit: - (WudfPf) -- C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation) DRV:64bit: - (MTConfig) -- C:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation) DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation) DRV:64bit: - (Beep) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation) DRV:64bit: - (AppID) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation) DRV:64bit: - (scfilter) -- C:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation) DRV:64bit: - (discache) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation) DRV:64bit: - (HidBatt) -- C:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation) DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation) DRV:64bit: - (AcpiPmi) -- C:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation) DRV:64bit: - (AmdPPM) -- C:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation) DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (k57nd60a) Broadcom NetLink (TM) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation) DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.) DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.) DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.) DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation) DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5v64.sys (Intel Corporation) DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.) DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (int15.sys) -- C:\Windows\SysNative\OEM\factory\int15.sys (Acer, Inc.) DRV:64bit: - (VPCNetS2) -- C:\Windows\SysNative\drivers\VMNetSrv.sys (Microsoft Corporation) DRV:64bit: - (RxFilter) -- C:\Windows\SysNative\drivers\RxFilter.sys (Sonic Solutions) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\SysWOW64\winusb.dll (Microsoft Corporation) DRV - (NetBIOS) -- C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation) DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof () DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof () DRV - (mwlPSDVDisk) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlPSDVdisk.sys (Egis Technology Inc.) DRV - (mwlPSDFilter) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlPSDFilter.sys (Egis Technology Inc.) DRV - (mwlPSDNServ) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlPSDNServ.sys (Egis Technology Inc.) DRV - (DKbFltr) Dritek Keyboard Filter Driver (64-bit) -- C:\Windows\SysWOW64\drivers\DKbFltr.sys (Dritek System Inc.) DRV - (RxFilter) -- C:\Windows\SysWOW64\drivers\RxFilter.sys (Sonic Solutions) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8940g&r=273602108006l0343z175t4882y803 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8940g&r=273602108006l0343z175t4882y803 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8940g&r=273602108006l0343z175t4882y803 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8940g&r=273602108006l0343z175t4882y803 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8940g&r=273602108006l0343z175t4882y803 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8940g&r=273602108006l0343z175t4882y803 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\components [2010.06.18 23:00:44 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\plugins [2010.06.19 21:26:01 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.05.03 22:38:12 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2010.06.18 20:37:02 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.06.18 19:54:14 | 000,000,000 | ---D | M] [2010.05.31 21:09:28 | 000,000,000 | ---D | M] -- C:\Users\Windows 7 (System)\AppData\Roaming\mozilla\Extensions [2010.05.31 21:09:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Windows 7 (System)\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010.06.19 21:17:52 | 000,000,000 | ---D | M] -- C:\Users\Windows 7 (System)\AppData\Roaming\mozilla\Firefox\Profiles\ifxymu3v.default\extensions [2010.06.18 20:37:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Windows 7 (System)\AppData\Roaming\mozilla\Firefox\Profiles\ifxymu3v.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} O1 HOSTS File: ([2010.06.18 22:44:32 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg64.dll (Google Inc.) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.) O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\HypreCam Toolbar\tbcore3.dll () O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (HypreCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\HypreCam Toolbar\tbcore3.dll () O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (HypreCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\HypreCam Toolbar\tbcore3.dll () O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.) O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [XeroxEndeavorBackgroundTask] C:\Windows\SysNative\xrWCbgnd.dll (Xerox Corporation) O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe File not found O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation) O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions) O4 - HKLM..\Run: [VitaKeyPdtWzd] C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.) O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation) O4 - HKCU..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll (Google Inc.) O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll (Google Inc.) O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.) O9:64bit: - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.) O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.) O9 - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.) O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.06.19 22:48:44 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2010.06.19 22:48:44 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2010.06.19 22:48:44 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2010.06.19 22:48:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2010.06.19 21:26:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2010.06.19 21:26:01 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2010.06.18 23:00:44 | 000,000,000 | ---D | C] -- C:\Program Files\searchplugins [2010.06.18 22:49:47 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Malwarebytes [2010.06.18 22:49:34 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.06.18 22:49:32 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010.06.18 22:49:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010.06.18 22:49:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.06.18 22:42:50 | 000,000,000 | ---D | C] -- C:\_OTL [2010.06.18 21:40:36 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Users\Windows 7 (System)\Desktop\OTL.exe [2010.06.18 20:39:18 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\Desktop\Alles rein [2010.06.18 20:37:03 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Foxit [2010.06.18 20:37:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software [2010.06.18 20:33:41 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys [2010.06.18 19:57:52 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\ESET [2010.06.18 19:54:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET [2010.06.18 19:54:13 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2010.06.17 16:31:26 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\skypePM [2010.06.17 16:29:12 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Skype [2010.06.17 16:28:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\extensions [2010.06.17 16:28:30 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2010.06.17 16:28:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2010.06.17 16:28:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2010.06.15 22:07:31 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Windows Server [2010.06.15 15:37:32 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Roxio [2010.06.15 15:35:51 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio [2010.06.15 15:35:47 | 000,121,856 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\cdrtc.dll [2010.06.15 15:35:47 | 000,096,256 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\cdral.dll [2010.06.15 15:35:47 | 000,058,880 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\RxFilter.sys [2010.06.15 15:35:46 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield [2010.06.15 15:35:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic [2010.06.15 15:34:47 | 000,052,664 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\PxHlpa64.sys [2010.06.15 15:34:47 | 000,003,584 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys [2010.06.15 15:34:47 | 000,003,584 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys [2010.06.15 15:34:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio [2010.06.15 15:34:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared [2010.06.15 15:34:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio [2010.06.15 15:33:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared [2010.06.14 19:17:46 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\PowerCinema [2010.06.14 19:17:44 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\PowerCinema [2010.06.14 16:39:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\gta san andreas [2010.06.13 16:20:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\plugins [2010.06.12 18:15:17 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Ubisoft [2010.06.12 18:00:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Tages [2010.06.12 17:49:34 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Diagnostics [2010.06.12 16:27:26 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll [2010.06.12 16:27:26 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll [2010.06.12 16:27:26 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll [2010.06.12 16:27:26 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll [2010.06.12 16:27:25 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll [2010.06.12 16:27:25 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll [2010.06.12 16:27:25 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll [2010.06.12 16:27:25 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll [2010.06.12 16:27:25 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll [2010.06.12 16:27:25 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll [2010.06.12 16:27:25 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll [2010.06.12 16:27:25 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll [2010.06.12 16:27:25 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll [2010.06.12 16:27:25 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll [2010.06.12 16:27:25 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll [2010.06.12 16:27:25 | 000,069,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll [2010.06.12 16:27:25 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll [2010.06.12 16:27:25 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll [2010.06.12 16:27:24 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll [2010.06.12 16:27:24 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll [2010.06.12 16:27:24 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll [2010.06.12 16:27:24 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll [2010.06.12 16:27:24 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll [2010.06.12 16:27:24 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll [2010.06.12 16:27:24 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll [2010.06.12 16:27:23 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll [2010.06.12 16:27:23 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2010.06.12 16:27:23 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll [2010.06.12 16:27:23 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll [2010.06.12 16:27:23 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll [2010.06.12 16:27:23 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2010.06.12 16:27:23 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll [2010.06.12 16:27:23 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll [2010.06.12 16:27:23 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll [2010.06.12 16:27:23 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll [2010.06.12 16:27:23 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll [2010.06.12 16:27:23 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll [2010.06.12 16:27:22 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll [2010.06.12 16:27:22 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2010.06.12 16:27:22 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll [2010.06.12 16:27:22 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll [2010.06.12 16:27:22 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll [2010.06.12 16:27:22 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll [2010.06.12 16:27:22 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll [2010.06.12 16:27:22 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll [2010.06.12 16:27:22 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll [2010.06.12 16:27:22 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll [2010.06.12 16:27:22 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll [2010.06.12 16:27:22 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll [2010.06.12 16:27:22 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll [2010.06.12 16:27:22 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll [2010.06.12 16:27:21 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll [2010.06.12 16:27:21 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll [2010.06.12 16:27:21 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll [2010.06.12 16:27:21 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll [2010.06.12 16:27:21 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll [2010.06.12 16:27:21 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll [2010.06.12 16:27:20 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll [2010.06.12 16:27:20 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll [2010.06.12 16:27:20 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll [2010.06.12 16:27:20 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll [2010.06.12 16:27:20 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll [2010.06.12 16:27:20 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll [2010.06.12 16:27:20 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll [2010.06.12 16:27:20 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll [2010.06.12 16:21:26 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\Documents\NFS Most Wanted Backups [2010.06.12 16:21:26 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\Documents\NFS Most Wanted [2010.06.12 15:58:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Counter-Strike 1.6 [2010.06.12 15:55:54 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll [2010.06.11 14:16:59 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\gtk-2.0 [2010.06.10 22:54:47 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\.thumbnails [2010.06.10 22:40:56 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\Documents\gegl-0.0 [2010.06.10 22:40:56 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\.gimp-2.6 [2010.06.10 22:40:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIMP-2.0 [2010.06.10 22:29:07 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\PhotoFiltre [2010.06.10 22:29:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoFiltre [2010.06.07 16:57:57 | 000,000,000 | ---D | C] -- C:\Windows\San Andreas Mod Installer [2010.06.06 00:14:13 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\CyberLink [2010.06.06 00:14:10 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\PlayMovie [2010.06.05 23:21:53 | 000,000,000 | -H-D | C] -- C:\MyWinLockerData [2010.06.05 22:34:28 | 000,000,000 | R-SD | C] -- C:\Users\Windows 7 (System)\Documents\My Stationery [2010.06.05 12:23:40 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\LogMeIn Hamachi [2010.06.03 22:54:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Grand Theft Auto San Andreas [2010.06.03 22:43:38 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\Documents\GTA San Andreas User Files [2010.06.03 20:56:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CSS-Editor [2010.06.02 21:11:57 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Broadcom [2010.06.02 21:11:57 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\Documents\Bluetooth-Exchange-Ordner [2010.06.02 17:19:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared [2010.05.31 21:09:25 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Thunderbird [2010.05.31 21:09:25 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Thunderbird [2010.05.31 19:36:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Carrera Streckenplaner [2010.05.31 18:58:42 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Adobe [2010.05.30 09:03:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64 [2010.05.30 09:03:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Scan [2010.05.30 09:03:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton [2010.05.30 09:03:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64\0207030.022 [2010.05.30 09:03:22 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller [2010.05.30 09:03:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller [2010.05.29 16:49:01 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\DivX [2010.05.29 16:48:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2010.05.29 16:48:53 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2010.05.29 16:48:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared [2010.05.29 16:46:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX [2010.05.29 16:45:51 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2010.05.29 15:43:50 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Apple Computer [2010.05.29 10:29:24 | 001,498,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100d.dll [2010.05.29 10:29:19 | 000,761,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll [2010.05.29 09:44:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Combat Arms EU [2010.05.29 02:13:31 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2010.05.28 15:18:40 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Microsoft Games [2010.05.27 19:44:16 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\WinRAR [2010.05.26 21:53:56 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Google [2010.05.26 21:53:55 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Google [2010.05.26 18:45:41 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Apple Computer [2010.05.25 18:55:13 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Adobe [2010.05.25 18:54:24 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Mozilla [2010.05.25 18:54:24 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Mozilla [2010.05.25 18:53:48 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Macromedia [2010.05.25 18:53:47 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\EgisTec [2010.05.25 18:52:13 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Searches [2010.05.25 18:52:05 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Identities [2010.05.25 18:52:03 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Contacts [2010.05.25 18:52:01 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\VirtualStore [2010.05.25 18:51:58 | 000,000,000 | --SD | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Microsoft [2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Videos [2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Saved Games [2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Pictures [2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Music [2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Links [2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Favorites [2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Downloads [2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Documents [2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Desktop [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Vorlagen [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\AppData\Local\Verlauf [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\AppData\Local\Temporary Internet Files [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Startmenü [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\SendTo [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Recent [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Netzwerkumgebung [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Lokale Einstellungen [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Documents\Eigene Videos [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Documents\Eigene Musik [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Eigene Dateien [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Documents\Eigene Bilder [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Druckumgebung [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Cookies [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\AppData\Local\Anwendungsdaten [2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Anwendungsdaten [2010.05.25 18:51:58 | 000,000,000 | -H-D | C] -- C:\Users\Windows 7 (System)\AppData [2010.05.25 18:51:58 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Temp [2010.05.25 18:51:58 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Microsoft Help [2010.05.25 18:51:58 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Microsoft [2010.05.25 18:51:58 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Media Center Programs [2010.05.21 15:33:08 | 000,000,000 | ---D | C] -- C:\Nexon [2010.05.21 15:33:05 | 000,421,888 | ---- | C] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe [2006.09.14 11:32:20 | 000,028,672 | R--- | C] ( ) -- C:\Windows\SysWow64\DivXGraphBuilderCallback.dll ========== Files - Modified Within 30 Days ========== [2010.06.19 22:51:51 | 000,656,010 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.06.19 22:51:51 | 000,616,632 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.06.19 22:51:51 | 000,131,874 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.06.19 22:51:51 | 000,108,268 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.06.19 22:51:50 | 001,501,000 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.06.19 22:51:07 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.06.19 22:51:07 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.06.19 22:50:17 | 002,097,152 | -HS- | M] () -- C:\Users\Windows 7 (System)\NTUSER.DAT [2010.06.19 22:48:36 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2010.06.19 22:48:35 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2010.06.19 22:48:35 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2010.06.19 22:48:35 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2010.06.19 22:44:10 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.06.19 22:43:54 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.06.19 22:43:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.06.19 22:43:43 | 3212,234,752 | -HS- | M] () -- C:\hiberfil.sys [2010.06.19 22:41:32 | 006,429,992 | -H-- | M] () -- C:\Users\Windows 7 (System)\AppData\Local\IconCache.db [2010.06.19 22:14:06 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.06.19 21:56:51 | 000,007,619 | ---- | M] () -- C:\Users\Windows 7 (System)\AppData\Local\Resmon.ResmonCfg [2010.06.19 21:07:52 | 000,000,502 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Merling.job [2010.06.19 01:25:50 | 002,442,400 | ---- | M] () -- C:\Users\Windows 7 (System)\Desktop\TENNY TAG.pptx [2010.06.19 00:07:21 | 000,324,148 | ---- | M] () -- C:\Users\Windows 7 (System)\Desktop\himmel_licht_strahl.jpg [2010.06.18 23:00:47 | 000,001,484 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.06.18 22:49:36 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.06.18 22:44:32 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts [2010.06.18 21:40:44 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Windows 7 (System)\Desktop\OTL.exe [2010.06.18 19:34:49 | 000,097,384 | ---- | M] () -- C:\Users\Windows 7 (System)\AppData\Local\GDIPFONTCACHEV1.DAT [2010.06.18 19:34:21 | 000,388,496 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010.06.17 16:31:27 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat [2010.06.16 11:18:16 | 000,002,863 | R-S- | M] () -- C:\Users\Windows 7 (System)\AppData\Roaming\usernt.dat [2010.06.15 15:37:32 | 000,000,000 | ---- | M] () -- C:\Users\Windows 7 (System)\AppData\Local\rx_image.Cache [2010.06.14 16:58:37 | 3630,059,453 | ---- | M] () -- C:\Users\Windows 7 (System)\Desktop\gta san andreas.rar [2010.06.13 12:32:42 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2010.06.12 17:55:48 | 000,000,441 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics [2010.06.12 17:43:24 | 000,000,000 | -H-- | M] () -- C:\Users\Windows 7 (System)\Documents\Default.rdp [2010.06.12 16:27:28 | 000,314,016 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys [2010.06.12 16:27:28 | 000,043,680 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys [2010.06.11 14:38:42 | 000,141,141 | ---- | M] () -- C:\Users\Windows 7 (System)\Desktop\6-468fb3e909eff8632127632b608d9fd5.jpg [2010.06.11 14:27:53 | 000,000,880 | ---- | M] () -- C:\Users\Windows 7 (System)\.recently-used.xbel [2010.06.06 13:30:07 | 000,000,963 | ---- | M] () -- C:\Users\Windows 7 (System)\Desktop\Downloads - Verknüpfung.lnk [2010.06.05 13:00:31 | 000,000,780 | ---- | M] () -- C:\Users\Windows 7 (System)\Desktop\gta_sa - Verknüpfung.lnk [2010.05.30 09:03:23 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NSSx64\0207030.022\isolate.ini [2010.05.29 10:29:32 | 001,498,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100d.dll [2010.05.29 10:29:24 | 000,761,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll [2010.05.27 09:24:13 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2010.05.27 08:34:09 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2010.05.27 06:11:32 | 000,366,080 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2010.05.27 05:49:37 | 000,293,888 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2010.05.25 22:14:40 | 000,524,288 | -HS- | M] () -- C:\Users\Windows 7 (System)\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2010.05.25 22:14:40 | 000,524,288 | -HS- | M] () -- C:\Users\Windows 7 (System)\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2010.05.25 22:14:40 | 000,065,536 | -HS- | M] () -- C:\Users\Windows 7 (System)\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2010.05.25 18:51:58 | 000,000,020 | -HS- | M] () -- C:\Users\Windows 7 (System)\ntuser.ini [2010.05.21 15:33:05 | 000,421,888 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe [2010.05.21 07:52:30 | 001,192,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll [2010.05.21 07:47:27 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsproxy.dll [2010.05.21 07:18:06 | 000,977,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll [2010.05.21 07:14:50 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll ========== Files Created - No Company Name ========== [2010.06.19 21:56:51 | 000,007,619 | ---- | C] () -- C:\Users\Windows 7 (System)\AppData\Local\Resmon.ResmonCfg [2010.06.19 01:26:16 | 002,442,400 | ---- | C] () -- C:\Users\Windows 7 (System)\Desktop\TENNY TAG.pptx [2010.06.19 00:04:58 | 000,324,148 | ---- | C] () -- C:\Users\Windows 7 (System)\Desktop\himmel_licht_strahl.jpg [2010.06.18 23:00:39 | 001,015,256 | ---- | C] () -- C:\Program Files\js3250.dll [2010.06.18 22:49:36 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.06.17 16:31:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.06.16 11:18:15 | 000,002,863 | R-S- | C] () -- C:\Users\Windows 7 (System)\AppData\Roaming\usernt.dat [2010.06.15 15:37:32 | 000,000,000 | ---- | C] () -- C:\Users\Windows 7 (System)\AppData\Local\rx_image.Cache [2010.06.14 16:40:53 | 3630,059,453 | ---- | C] () -- C:\Users\Windows 7 (System)\Desktop\gta san andreas.rar [2010.06.12 17:53:12 | 001,112,950 | ---- | C] () -- C:\Windows\SysNative\hw.dll [2010.06.12 17:43:24 | 000,000,000 | -H-- | C] () -- C:\Users\Windows 7 (System)\Documents\Default.rdp [2010.06.12 16:27:28 | 000,314,016 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys [2010.06.12 16:27:28 | 000,043,680 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys [2010.06.11 14:27:53 | 000,000,880 | ---- | C] () -- C:\Users\Windows 7 (System)\.recently-used.xbel [2010.06.10 22:29:31 | 000,141,141 | ---- | C] () -- C:\Users\Windows 7 (System)\Desktop\6-468fb3e909eff8632127632b608d9fd5.jpg [2010.06.06 13:30:07 | 000,000,963 | ---- | C] () -- C:\Users\Windows 7 (System)\Desktop\Downloads - Verknüpfung.lnk [2010.06.05 13:00:31 | 000,000,780 | ---- | C] () -- C:\Users\Windows 7 (System)\Desktop\gta_sa - Verknüpfung.lnk [2010.05.30 09:03:25 | 000,000,502 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for Merling.job [2010.05.30 09:03:23 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSSx64\0207030.022\isolate.ini [2010.05.25 18:51:58 | 002,097,152 | -HS- | C] () -- C:\Users\Windows 7 (System)\NTUSER.DAT [2010.05.25 18:51:58 | 000,524,288 | -HS- | C] () -- C:\Users\Windows 7 (System)\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2010.05.25 18:51:58 | 000,524,288 | -HS- | C] () -- C:\Users\Windows 7 (System)\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2010.05.25 18:51:58 | 000,262,144 | -HS- | C] () -- C:\Users\Windows 7 (System)\ntuser.dat.LOG1 [2010.05.25 18:51:58 | 000,065,536 | -HS- | C] () -- C:\Users\Windows 7 (System)\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2010.05.25 18:51:58 | 000,000,020 | -HS- | C] () -- C:\Users\Windows 7 (System)\ntuser.ini [2010.05.25 18:51:58 | 000,000,000 | -HS- | C] () -- C:\Users\Windows 7 (System)\ntuser.dat.LOG2 [2010.05.14 14:18:02 | 000,000,118 | ---- | C] () -- C:\Windows\wininit.ini [2010.05.07 17:51:17 | 001,531,462 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.04.24 11:26:11 | 000,000,046 | ---- | C] () -- C:\Windows\hmview.ini [2010.04.01 18:40:03 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll [2010.02.22 16:43:21 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI [2009.09.22 01:13:30 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll [2009.09.22 01:13:30 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2006.11.20 18:23:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\px.ini [2006.10.26 23:02:40 | 000,520,192 | ---- | C] () -- C:\Windows\SysWow64\CddbPlaylist2Roxio.dll [2006.10.26 23:02:40 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\CddbFileTaggerRoxio.dll [2005.07.15 20:35:56 | 000,831,488 | ---- | C] () -- C:\Windows\SysWow64\libeay32.dll [2005.07.15 20:35:56 | 000,159,744 | ---- | C] () -- C:\Windows\SysWow64\ssleay32.dll [2005.07.15 20:35:24 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 76 bytes -> C:\Users\Windows 7 (System)\Desktop\himmel_licht_strahl.jpg:Roxio EMC Stream < End of report > |
|
19.06.2010, 21:59
| #23 |
| | Nod32 zeigt virus an (C:cleansweep.exe/cleansweep.exe) was ist das und wie bekomme ich es weg? extra.txt : extra.txt : OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 19.06.2010 22:49:32 - Run 5
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Windows 7 (System)\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450,16 Gb Total Space | 317,77 Gb Free Space | 70,59% Space Free | Partition Type: NTFS
Drive D: | 1,88 Gb Total Space | 1,87 Gb Free Space | 99,85% Space Free | Partition Type: FAT
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: METALLBAU-PC
Current User Name: Windows 7 (System)
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{053B3DA8-91B5-4682-A130-715412A1A253}" = Paint.NET v3.5.4
"{22ABA92B-6C1B-46D8-AC2B-C48EEAE172A9}" = VD64Inst
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{61A20274-C591-443B-B504-0A7D5721AC08}" = ESET NOD32 Antivirus
"{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}" = Broadcom Gigabit NetLink Controller
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{067EC517-9731-43FD-B4D5-296EE0027BBB}" = LogMeIn Hamachi
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13C96625-28E4-4c58-ADE0-CDAFC64752EB}" = JMicron 1394 Filter Driver
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{27996809-446F-7261-6C69-6B654C656F6E}" =
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{30075A70-B5D2-440B-AFA3-FB2021740121}" = Backup Manager Advance
"{31146037-317A-43F3-BCB3-10C3ED3F10A9}" = Roxio WinOnCD 9
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{669A37FF-A446-46F9-8AAE-EEC1988A2ADF}" = Autodesk Design Review Firefox Add-on v1.1
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{79221CA7-A39A-4AE5-A558-B5D928393FC4}_is1" = File Extractor v0.9.9
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}" = First Class Flurry
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8D20B4D7-3422-4099-9332-39F27E617A6F}" = Autodesk Design Review 2011
"{8D8DAC0F-56E7-446B-B8A3-A7E75EEF077B}_is1" = T3Desk 2010 Build Version 10.01
"{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AC5BB16-8C22-4D5C-9A07-9196183B50C9}_is1" = mirabyte Web Architect 9.0.4
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A837BCE6-BCB1-4A44-8807-A678EAF06933}" = ANNO 1404 Entwickler-Tools
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.3.2 MUI
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{E09664BB-BB08-45FA-87D1-33EAB0E017F5}" = Fingerprint Solution
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1C6C824-FF4F-4CD6-9B25-E40F750FC2E8}" = funkwerk Eumex 401 WIN-Tools V1.00
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FBC79D04-051E-4367-8051-1DB0C893FBE0}" = Nuvoton CIR Device Drivers
"{FCC662D1-01A8-4034-B67D-2AD91F723154}" = Acer Arcade Instant On
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"4t Tray Minimizer_is1" = 4t Tray Minimizer Free 4.40
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"Ask Toolbar_is1" = Foxit Toolbar
"Autodesk Design Review 2011" = Autodesk Design Review 2011
"AviSynth" = AviSynth 2.5
"Carrera Streckenplaner" = Carrera Streckenplaner
"Combat Arms EU" = Combat Arms EU
"CSS-Editor_is1" = CSS-Editor
"DivX Setup.divx.com" = DivX-Setup
"Foxit Reader" = Foxit Reader
"Free Video to iPod Converter_is1" = Free Video to iPod Converter version 3.4
"FreeStar Free PSP Video Converter" = FreeStar Free PSP Video Converter 2.0.12
"Google Chrome" = Google Chrome
"GridVista" = Acer GridVista
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HyperCam 2" = HyperCam 2
"HypreCam Toolbar" = HypreCam Toolbar
"ICQToolbar" = ICQ Toolbar
"Identity Card" = Identity Card
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}" = Acer Backup Manager
"InstallShield_{E09664BB-BB08-45FA-87D1-33EAB0E017F5}" = Acer Bio Protection
"InstallShield_{F1C6C824-FF4F-4CD6-9B25-E40F750FC2E8}" = funkwerk Eumex 401 WIN-Tools V1.00
"JDownloader" = JDownloader
"LManager" = Launch Manager
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Mozilla Thunderbird (3.0.4)" = Mozilla Thunderbird (3.0.4)
"My Screen Recorder_is1" = My Screen Recorder 2.62
"NSS" = Norton Security Scan
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"PremiumSoft Navicat Lite 8.2_is1" = PremiumSoft Navicat Lite 8.2
"PremiumSoft Navicat Lite_is1" = PremiumSoft Navicat Lite 9.0
"PSP Video 9" = PSP Video 9 5.04
"San Andreas Mod Installer1.1" = San Andreas Mod Installer
"ST6UNST #1" = Gelber-Bieger WB 1.2.1
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Total Video Converter 3.61_is1" = Total Video Converter 3.61 100319
"Uninstall_is1" = Uninstall 1.0.0.1
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre" = PhotoFiltre
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 14.06.2010 02:34:01 | Computer Name = Metallbau-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 14.06.2010 02:34:01 | Computer Name = Metallbau-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 14.06.2010 02:34:01 | Computer Name = Metallbau-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 14.06.2010 02:34:01 | Computer Name = Metallbau-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 15.06.2010 02:29:25 | Computer Name = Metallbau-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 15.06.2010 02:30:26 | Computer Name = Metallbau-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 15.06.2010 02:30:41 | Computer Name = Metallbau-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 15.06.2010 02:30:41 | Computer Name = Metallbau-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 15.06.2010 02:30:41 | Computer Name = Metallbau-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 15.06.2010 02:30:41 | Computer Name = Metallbau-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
[ Media Center Events ]
Error - 26.03.2010 03:17:40 | Computer Name = Metallbau-PC | Source = MCUpdate | ID = 0
Description = 08:17:40 - Fehler beim Herstellen der Internetverbindung. 08:17:40
- Serververbindung konnte nicht hergestellt werden..
Error - 26.03.2010 03:17:49 | Computer Name = Metallbau-PC | Source = MCUpdate | ID = 0
Description = 08:17:45 - Fehler beim Herstellen der Internetverbindung. 08:17:45
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 28.05.2010 07:43:09 | Computer Name = Metallbau-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee Real-time Scanner" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 28.05.2010 07:47:49 | Computer Name = Metallbau-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee Real-time Scanner" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 28.05.2010 18:10:06 | Computer Name = Metallbau-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee Real-time Scanner" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 28.05.2010 19:51:12 | Computer Name = Metallbau-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee Real-time Scanner" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 29.05.2010 03:39:12 | Computer Name = Metallbau-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee Real-time Scanner" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 29.05.2010 10:38:40 | Computer Name = Metallbau-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee Real-time Scanner" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 29.05.2010 12:56:19 | Computer Name = Metallbau-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee Real-time Scanner" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 30.05.2010 02:54:06 | Computer Name = Metallbau-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee Real-time Scanner" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 30.05.2010 06:19:54 | Computer Name = Metallbau-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee Real-time Scanner" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 30.05.2010 11:23:35 | Computer Name = Metallbau-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee Real-time Scanner" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
< End of report >
|
|
20.06.2010, 13:49
| #24 |
| /// Selecta Jahrusso | Nod32 zeigt virus an (C:cleansweep.exe/cleansweep.exe) was ist das und wie bekomme ich es weg? windows + R taste --> notepad (eingeben) --> OK Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter @echo off
cd \
del "C:\Users\Merling\AppData\Roaming\Microsoft\Addon\Microsoft.exe"
del %0
Wähle bei Dateityp alle Dateien aus. Doppelklich auf die file.bat. Vista- User: Mit Rechtsklick "als Administrator starten" Noch Probleme ?
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
20.06.2010, 14:36
| #25 |
| | Nod32 zeigt virus an (C:cleansweep.exe/cleansweep.exe) was ist das und wie bekomme ich es weg? neee...danke |
|
20.06.2010, 14:40
| #26 |
| /// Selecta Jahrusso | Nod32 zeigt virus an (C:cleansweep.exe/cleansweep.exe) was ist das und wie bekomme ich es weg? Logfile ist sauber  Hier noch die letzten paar Schritte zur Säuberung Deines Rechners. Schritt 1 Windows +E Taste drücken --> Rechtsklick über Laufwerk C --> Eigenschaften --> Bereinigen --> weitere Optionen --> Systemwiederherstellung und Schattenkopien bereinigen. Schritt 2 Tool CleanUp Starte bitte die OTL.exe. Klicke nun auf den Bereinigung Button. Dies wird die meisten Tools und Logfiles entfernen. Sollte denoch etwas bestehen bleiben, bitte manuell entfernen sowie den Papierkorb leeren. Schritt 3 Automatische Updates Sehen wir nach ob die Updates für Windows sich automatisch downloaden. Das ist der beste Weg um all die Sicherheits- Patches und Fixes zu erhalten. Windows + R Taste drücken. Kopiere nun folgenden Text in die Kommandozeile RunDll32.exe shell32.dll,Control_RunDLL wscui.cpl und klicke auf OK. Stelle sicher das die automatischen Updates aktiviert sind. Schritt 4 Um Dich für die Zukunft vor weiteren Infizierungen zu schützen empfehle ich Dir noch ein paar Programme.
Schritt 5 Tipps für sicheres Surfen Das sind meine Vorschläge. Verwende einen alternativen Browser statt den IE. Ich empfehle Mozilla Firefox. Für Firefox gibt es verschiedenste AddOns um sicher durch das WWW zu kommen.
Don'ts
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen. Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
| Themen zu Nod32 zeigt virus an (C:cleansweep.exe/cleansweep.exe) was ist das und wie bekomme ich es weg? |
| heute, löschen, nicht löschen, nod32, schnelle, virus, warum |
Linear-Darstellung
