| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: win32.AutoRun.tmp trojaner lässt sich nicht entfernenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
04.01.2011, 00:14
| #1 |
 |  win32.AutoRun.tmp trojaner lässt sich nicht entfernen Hi. Ich habe folgendes Problem: Spybot meldet den oben genannten Trojaner und verweigert mir mit Hinweis auf mangelnde Administratorrechte eine Bereinigung. Da ich mein Administratorpasswort vergessen habe (oder wurde es vielleicht vom Trojaner geändert???-bin nicht sicher  ) habe ich über den abgesicherten Modus einen neuen Adminstratoraccount angelegt. Jetzt ist allerdings auch mein Account den ich sonst immmer genutzt habe total verändert (temporäerer Account!??).Merke bis jetzt sonst nichts von einem Befall, außer dass mein Rechner immer langsamer wird  .Antivir findet keine infizierten Dateien. Hier kommt ein Post von den durchgeführten Scannprogrammen (OTL, Malware): OTL. Text:OTL Logfile: Code:
ATTFilter OTL logfile created on: 03.01.2011 21:29:55 - Run 1 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\Admini\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 53,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 143,79 Gb Total Space | 76,02 Gb Free Space | 52,87% Space Free | Partition Type: NTFS Drive D: | 140,29 Gb Total Space | 135,72 Gb Free Space | 96,74% Space Free | Partition Type: NTFS Drive F: | 698,45 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: MANFRED-ACER-LA | User Name: Admini | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.01.03 21:29:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Admini\Downloads\OTL.exe PRC - [2011.01.03 20:44:20 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Admini\AppData\Local\Temp\RtkBtMnt.exe PRC - [2010.12.12 01:46:02 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2010.12.12 01:46:02 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\plugin-container.exe PRC - [2010.09.07 16:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastUI.exe PRC - [2010.09.07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe PRC - [2010.07.15 12:43:10 | 000,604,488 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TUProgSt.exe PRC - [2010.07.06 16:03:00 | 000,173,352 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe PRC - [2009.08.18 10:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2009.08.18 10:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2009.04.11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.01.26 14:31:12 | 005,365,592 | RHS- | M] (Safer Networking Limited) -- C:\Programme\Spybot - Search & Destroy\SpybotSD.exe PRC - [2009.01.26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe PRC - [2008.10.16 16:26:20 | 000,860,160 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe PRC - [2008.10.16 15:54:34 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe PRC - [2008.10.03 23:58:58 | 000,962,480 | ---- | M] (Acronis) -- C:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe PRC - [2008.10.03 23:55:12 | 004,378,000 | ---- | M] (Acronis) -- C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe PRC - [2008.10.03 22:40:00 | 000,165,144 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedhlp.exe PRC - [2008.10.03 22:39:54 | 000,554,264 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe PRC - [2008.09.16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe PRC - [2008.03.24 18:37:18 | 000,462,848 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe PRC - [2008.02.25 09:53:24 | 000,518,656 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe PRC - [2008.02.25 09:50:10 | 000,491,008 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe PRC - [2008.01.24 03:29:00 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008.01.24 03:28:00 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynTPStart.exe PRC - [2008.01.09 18:43:28 | 000,323,584 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe PRC - [2008.01.02 14:17:28 | 000,707,080 | ---- | M] (Dritek System Inc.) -- C:\Programme\Launch Manager\QtZgAcer.EXE PRC - [2007.12.20 11:33:14 | 000,761,856 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNMTray.exe PRC - [2007.12.20 11:32:04 | 000,131,072 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe PRC - [2007.12.19 18:09:22 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe PRC - [2007.11.27 18:54:36 | 000,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe PRC - [2007.11.22 09:01:00 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2007.11.22 09:01:00 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2007.10.10 06:41:54 | 001,286,144 | ---- | M] (CyberLink) -- C:\Acer\Empowering Technology\eAudio\eAudio.exe PRC - [2007.10.01 16:42:36 | 000,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe PRC - [2007.09.20 13:57:28 | 000,167,936 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe PRC - [2007.09.19 14:41:50 | 000,051,200 | ---- | M] () -- C:\Acer\ALaunch\ALaunchSvc.exe PRC - [2007.09.10 14:28:18 | 000,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe PRC - [2007.09.06 11:02:04 | 000,393,216 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe PRC - [2007.08.17 15:13:20 | 000,364,192 | ---- | M] () -- C:\Windows\System32\atwtusb.exe PRC - [2007.06.25 17:12:36 | 001,969,824 | ---- | M] () -- C:\Windows\System32\WTMKM.exe ========== Modules (SafeList) ========== MOD - [2011.01.03 21:29:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Admini\Downloads\OTL.exe MOD - [2010.08.31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2010.09.07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010.09.07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010.09.07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010.07.15 12:43:10 | 000,604,488 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc) SRV - [2010.07.15 12:43:09 | 000,361,288 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2010.07.06 16:03:00 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5) SRV - [2010.03.18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.09.25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009.07.15 10:48:20 | 000,029,000 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp) SRV - [2009.01.26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2008.12.23 10:44:30 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2008.10.16 16:26:20 | 000,860,160 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2008.10.16 15:54:34 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2008.10.03 22:39:54 | 000,554,264 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2008.09.16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0) SRV - [2008.02.25 09:50:10 | 000,491,008 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service) SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007.12.20 11:32:04 | 000,131,072 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service) SRV - [2007.12.19 18:09:22 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService) SRV - [2007.11.27 18:54:36 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService) SRV - [2007.11.22 09:01:00 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) SRV - [2007.10.01 16:42:36 | 000,024,576 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService) SRV - [2007.09.20 13:57:28 | 000,167,936 | ---- | M] (acer) [Auto | Running] -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService) SRV - [2007.09.19 14:41:50 | 000,051,200 | ---- | M] () [Auto | Running] -- C:\Acer\ALaunch\ALaunchSvc.exe -- (ALaunchService) SRV - [2007.09.10 14:28:18 | 000,057,344 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService) SRV - [2007.08.17 15:13:20 | 000,364,192 | ---- | M] () [Auto | Running] -- C:\Windows\System32\atwtusb.exe -- (WTService) SRV - [2005.02.09 10:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Auto | Stopped] -- C:\Windows\System32\drivers\Pclepci.sys -- (PCLEPCI) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VHIDMini.sys -- (VHidMinidrv) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VcommMgr.sys -- (VcommMgr) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\VComm.sys -- (VComm) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\BTHidMgr.sys -- (BTHidMgr) DRV - File not found [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vbtenum.sys -- (BTHidEnum) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\btcusb.sys -- (Btcsrusb) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\btnetdrv.sys -- (BT) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys -- (BlueletSCOAudio) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\blueletaudio.sys -- (BlueletAudio) DRV - [2010.10.02 12:25:04 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2010.09.16 13:09:44 | 000,027,432 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV - [2010.09.14 14:16:06 | 000,108,480 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD) DRV - [2010.09.07 15:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010.09.07 15:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010.09.07 15:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010.09.07 15:47:30 | 000,050,768 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2010.09.07 15:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009.05.22 22:24:01 | 000,306,816 | ---- | M] (AfaTech ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AF15BDA.sys -- (AF15BDA) DRV - [2009.04.11 05:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB-Audiotreiber (WDM) DRV - [2008.12.23 12:08:25 | 000,971,168 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tdrpm140.sys -- (tdrpman140) Acronis Try&Decide and Restore Points filter (build 140) DRV - [2008.12.23 12:08:20 | 000,540,000 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\timntr.sys -- (timounter) DRV - [2008.12.23 12:08:20 | 000,044,704 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\System32\drivers\tifsfilt.sys -- (tifsfilter) DRV - [2008.12.23 12:08:15 | 000,134,272 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\snman380.sys -- (snapman380) Acronis Snapshots Manager (Build 380) DRV - [2008.12.17 09:42:26 | 000,004,352 | ---- | M] (Promethean Technologies Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\activmouse.sys -- (prmvmouse) DRV - [2008.12.17 09:42:16 | 000,055,424 | ---- | M] (Promethean Technologies Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\activhidsermini.sys -- (ActivHidSerMini) DRV - [2008.11.17 06:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R) DRV - [2008.03.25 15:04:50 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr) DRV - [2008.03.11 03:11:00 | 008,240,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008.01.30 09:24:00 | 003,483,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008.01.24 03:29:00 | 001,950,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008.01.24 03:29:00 | 000,984,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV) DRV - [2008.01.24 03:29:00 | 000,660,480 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf) DRV - [2008.01.24 03:29:00 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL) DRV - [2008.01.24 03:29:00 | 000,179,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x) DRV - [2008.01.24 03:29:00 | 000,043,008 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winbondcir.sys -- (winbondcir) DRV - [2008.01.24 03:29:00 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) DRV - [2008.01.24 03:28:00 | 000,192,816 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2008.01.21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008.01.21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008.01.21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008.01.21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008.01.21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008.01.21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008.01.21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008.01.21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008.01.21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008.01.21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2008.01.21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008.01.21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008.01.21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008.01.21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008.01.21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008.01.21 03:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL) DRV - [2008.01.21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008.01.21 03:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R) DRV - [2008.01.21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008.01.21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008.01.21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008.01.21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2008.01.04 16:15:08 | 000,041,456 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Programme\Acer Arcade Deluxe\Play Movie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) DRV - [2008.01.03 04:07:26 | 000,059,952 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSDVdisk.sys -- (psdvdisk) DRV - [2008.01.03 04:07:24 | 000,018,480 | ---- | M] (Egis Incorporated) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter) DRV - [2008.01.03 04:07:24 | 000,016,432 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSDNServ.sys -- (PSDNServ) DRV - [2007.11.22 09:05:00 | 000,308,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor) DRV - [2007.09.26 12:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R) DRV - [2007.08.08 20:42:08 | 000,045,568 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2007.07.30 11:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007.07.30 10:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2007.07.03 15:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2007.07.03 15:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2007.07.03 15:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM) DRV - [2007.07.03 09:05:20 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15) DRV - [2007.06.12 09:38:26 | 001,729,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV - [2007.06.05 15:12:04 | 000,061,067 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftser2k.sys -- (FTSER2K) DRV - [2007.06.05 15:11:24 | 000,047,249 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS) DRV - [2007.03.21 04:46:00 | 000,598,379 | ---- | M] (Omnivision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ovtcam2.sys -- (OM2800) DRV - [2007.01.04 08:07:00 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus) DRV - [2006.11.30 14:18:18 | 000,027,416 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF) DRV - [2006.11.02 14:29:38 | 000,021,264 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DKbFltr.sys -- (DKbFltr) DRV - [2006.11.02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006.11.02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006.11.02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006.11.02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006.11.02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006.11.02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006.11.02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006.11.02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006.11.02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006.11.02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006.11.02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006.11.02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006.11.02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006.11.02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006.11.02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006.11.02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006.11.02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006.11.02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006.07.24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2005.12.21 09:14:52 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emDevice.sys -- (DCamUSBEMPIA) DRV - [2005.12.21 09:14:52 | 000,019,712 | ---- | M] (Pinnacle Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emAudio.sys -- (emAudio) DRV - [2005.12.21 09:14:52 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emFilter.sys -- (FiltUSBEMPIA) DRV - [2005.12.21 09:14:52 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emScan.sys -- (ScanUSBEMPIA) DRV - [2005.04.17 12:21:00 | 000,085,248 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctxusbtv.sys -- (CTXUSBTV) USB Hybrid Video Capture (DVB-T/PAL) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.intl.acer.yahoo.com IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\e, = hxxp://www.preispiraten.de/e/tr_ebdeblitz.pl?%s IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\e,# = %23 IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\e,& = %26 IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\e,? = %3F IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\e,+ = %2B IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\e,= = %3D IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\e,MenuText = eBay.de IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\eb, = hxxp://www.preispiraten.de/e/tr_ebdeblitz.pl?%s IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\eb,# = %23 IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\eb,& = %26 IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\eb,? = %3F IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\eb,+ = %2B IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\eb,= = %3D IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\eb,MenuText = eBay.de IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\eba, = hxxp://www.preispiraten.de/e/tr_ebdeblitz.pl?%s IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\eba,# = %23 IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\eba,& = %26 IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\eba,? = %3F IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\eba,+ = %2B IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\eba,= = %3D IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\eba,MenuText = eBay.de IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\ebay, = hxxp://www.preispiraten.de/e/tr_ebdeblitz.pl?%s IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\ebay,# = %23 IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\ebay,& = %26 IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\ebay,? = %3F IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\ebay,+ = %2B IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\ebay,= = %3D IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\ebay,MenuText = eBay.de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {144D1513-0819-4538-AD26-D515AF443AE7}:1.1.0.1 FF - prefs.js..extensions.enabledItems: {3F4D6A2C-841D-403C-8CD8-48E54192DDEB}:1.0.0.5 FF - prefs.js..extensions.enabledItems: {4B4D630E-AAE2-4EA9-A0CB-5F045AAF2EC2}:1.0.0.5 FF - prefs.js..extensions.enabledItems: {7A7EF87E-95DB-4A84-83E8-E0FE7B20017F}:1.0.0.5 FF - prefs.js..extensions.enabledItems: {8AA36F4F-6DC7-4c06-77AF-5035170634FE}:2008.7.7 FF - prefs.js..extensions.enabledItems: {B1FC0AB8-EEDC-451A-9185-A0D5E308BBDD}:1.0.0.8 FF - prefs.js..extensions.enabledItems: {C8D3D3BE-7ADC-4109-BF8C-6330A9F58B0C}:1.0.0.5 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {EC1B67CA-A2CD-4931-915A-63D5341D1285}:1.0.0.5 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.12 01:46:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.12 01:46:03 | 000,000,000 | ---D | M] [2011.01.03 21:18:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admini\AppData\Roaming\mozilla\Extensions [2011.01.03 21:18:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admini\AppData\Roaming\mozilla\Firefox\Profiles\816d0xr1.default\extensions [2011.01.03 21:18:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admini\AppData\Roaming\mozilla\Firefox\Profiles\816d0xr1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.01.03 21:18:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admini\AppData\Roaming\mozilla\Firefox\Profiles\816d0xr1.default\extensions\staged-xpis [2010.11.04 08:02:48 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2008.06.29 16:11:21 | 000,000,000 | ---D | M] (Amazon Startcenter) -- C:\Programme\Mozilla Firefox\extensions\{144D1513-0819-4538-AD26-D515AF443AE7} [2008.06.29 16:11:25 | 000,000,000 | ---D | M] (Google Kontextmenü) -- C:\Programme\Mozilla Firefox\extensions\{3F4D6A2C-841D-403C-8CD8-48E54192DDEB} [2008.06.29 16:11:23 | 000,000,000 | ---D | M] (eBay-Kontextmenü) -- C:\Programme\Mozilla Firefox\extensions\{4B4D630E-AAE2-4EA9-A0CB-5F045AAF2EC2} [2008.06.29 16:11:19 | 000,000,000 | ---D | M] (eBay-Startcenter) -- C:\Programme\Mozilla Firefox\extensions\{7A7EF87E-95DB-4A84-83E8-E0FE7B20017F} [2009.06.14 14:19:00 | 000,000,000 | ---D | M] ("Citavi Picker") -- C:\Programme\Mozilla Firefox\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE} [2008.06.29 16:11:10 | 000,000,000 | ---D | M] (eBay Statusbar Button) -- C:\Programme\Mozilla Firefox\extensions\{B1FC0AB8-EEDC-451A-9185-A0D5E308BBDD} [2008.06.29 16:11:27 | 000,000,000 | ---D | M] (Preispiraten) -- C:\Programme\Mozilla Firefox\extensions\{C8D3D3BE-7ADC-4109-BF8C-6330A9F58B0C} [2010.06.24 22:10:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.07.22 22:35:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.11.04 08:02:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2008.06.29 16:11:26 | 000,000,000 | ---D | M] (Amazon Kontextmenü) -- C:\Programme\Mozilla Firefox\extensions\{EC1B67CA-A2CD-4931-915A-63D5341D1285} [2008.06.29 16:11:21 | 000,000,000 | ---D | M] (Amazon Startcenter) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{144D1513-0819-4538-AD26-D515AF443AE7} [2008.06.29 16:11:25 | 000,000,000 | ---D | M] (Google Kontextmenü) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{3F4D6A2C-841D-403C-8CD8-48E54192DDEB} [2008.06.29 16:11:23 | 000,000,000 | ---D | M] (eBay-Kontextmenü) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{4B4D630E-AAE2-4EA9-A0CB-5F045AAF2EC2} [2008.06.29 16:11:19 | 000,000,000 | ---D | M] (eBay-Startcenter) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{7A7EF87E-95DB-4A84-83E8-E0FE7B20017F} [2009.06.14 14:19:00 | 000,000,000 | ---D | M] ("Citavi Picker") -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{8AA36F4F-6DC7-4C06-77AF-5035170634FE} [2008.06.29 16:11:10 | 000,000,000 | ---D | M] (eBay Statusbar Button) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{B1FC0AB8-EEDC-451A-9185-A0D5E308BBDD} [2008.06.29 16:11:27 | 000,000,000 | ---D | M] (Preispiraten) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{C8D3D3BE-7ADC-4109-BF8C-6330A9F58B0C} [2008.12.21 19:56:57 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [2009.05.15 14:00:09 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [2009.09.01 23:44:22 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [2010.06.24 22:10:30 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.07.22 22:35:25 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.11.04 08:02:48 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2008.06.29 16:11:26 | 000,000,000 | ---D | M] (Amazon Kontextmenü) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{EC1B67CA-A2CD-4931-915A-63D5341D1285} [2010.09.15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2009.12.23 21:02:39 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Programme\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll [2010.06.12 02:24:05 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.06.12 02:24:05 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.06.12 02:24:05 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.06.12 02:24:05 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.06.12 02:24:05 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.07.22 20:41:47 | 000,417,104 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.1001-search.info O1 - Hosts: 127.0.0.1 1001-search.info O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.123topsearch.com O1 - Hosts: 127.0.0.1 123topsearch.com O1 - Hosts: 127.0.0.1 www.132.com O1 - Hosts: 127.0.0.1 132.com O1 - Hosts: 127.0.0.1 www.136136.net O1 - Hosts: 14409 more lines... O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com) O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (HiTRUST) O2 - BHO: (amazon) - {84B94901-3645-4D80-A6B7-4D0050B19455} - C:\Programme\Preispiraten\IEButtonAmazonInterface.dll () O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O2 - BHO: (eBay) - {CD9B7762-DFBC-42B1-BB30-02A78287B456} - C:\Programme\Preispiraten\IEButtonEbayInterface.dll () O2 - BHO: (Preispiraten) - {E9E027BF-C3F3-4022-8F6B-8F6D39A59684} - C:\Programme\Preispiraten\IEButtonPPInterface.dll () O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found. O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis) O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [eAudio] C:\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink) O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated) O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\QtZgAcer.EXE (Dritek System Inc.) O4 - HKLM..\Run: [MacrokeyManager] C:\Windows\System32\WTMKM.exe () O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [PLFSet] C:\Windows\PLFSet.DLL ( ) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKLM..\Run: [SynTPStart] C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.) O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - HKLM..\Run: [USB2Check] C:\Windows\System32\PCLECoInst.DLL (Pinnacle Systems) O4 - HKLM..\Run: [WarReg_PopUp] C:\Programme\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated) O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O8 - Extra context menu item: &Citavi Picker... - C:\Program Files\Internet Explorer\PLUGINS\Citavi Picker\ShowContextMenu.html () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Preispiraten - {350F4DA2-3886-4BB8-A1A8-D7F57B56DFFF} - C:\Programme\Preispiraten\preispiraten3ie.exe () O9 - Extra 'Tools' menuitem : Preispiraten - {350F4DA2-3886-4BB8-A1A8-D7F57B56DFFF} - C:\Programme\Preispiraten\preispiraten3ie.exe () O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Amazon Startseite - {9E029088-432F-4EBF-9537-0171A4C37870} - File not found O9 - Extra 'Tools' menuitem : Amazon Startseite - {9E029088-432F-4EBF-9537-0171A4C37870} - File not found O9 - Extra Button: eBay - {E79005A3-0F92-434B-9F7B-51131FC7168F} - File not found O13 - gopher Prefix: missing O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/de-de/wlscctrl2.cab (Windows Live OneCare safety scanner control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008.10.15 20:04:32 | 000,000,169 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.01.03 21:21:26 | 000,000,000 | ---D | C] -- C:\Users\Admini\AppData\Roaming\Adobe [2011.01.03 21:18:04 | 000,000,000 | ---D | C] -- C:\Users\Admini\AppData\Roaming\Mozilla [2011.01.03 21:18:04 | 000,000,000 | ---D | C] -- C:\Users\Admini\AppData\Local\Mozilla [2011.01.03 20:45:26 | 000,000,000 | -H-D | C] -- C:\Users\Admini\AppData\Local\acer eNM [2011.01.03 20:44:50 | 000,000,000 | ---D | C] -- C:\Users\Admini\AppData\Roaming\ATI [2011.01.03 20:44:50 | 000,000,000 | ---D | C] -- C:\Users\Admini\AppData\Local\ATI [2011.01.03 20:43:57 | 000,000,000 | R--D | C] -- C:\Users\Admini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2011.01.03 20:43:57 | 000,000,000 | R--D | C] -- C:\Users\Admini\Searches [2011.01.03 20:43:57 | 000,000,000 | R--D | C] -- C:\Users\Admini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2011.01.03 20:43:45 | 000,000,000 | ---D | C] -- C:\Users\Admini\AppData\Roaming\Identities [2011.01.03 20:43:42 | 000,000,000 | R--D | C] -- C:\Users\Admini\Contacts [2011.01.03 20:43:41 | 000,000,000 | ---D | C] -- C:\Users\Admini\AppData\Local\VirtualStore [2011.01.03 20:43:32 | 000,000,000 | -HSD | C] -- C:\Users\Admini\AppData\Local\Verlauf [2011.01.03 20:43:32 | 000,000,000 | -HSD | C] -- C:\Users\Admini\AppData\Local\Temporary Internet Files [2011.01.03 20:43:31 | 000,000,000 | -HSD | C] -- C:\Users\Admini\Vorlagen [2011.01.03 20:43:31 | 000,000,000 | -HSD | C] -- C:\Users\Admini\Startmenü [2011.01.03 20:43:31 | 000,000,000 | -HSD | C] -- C:\Users\Admini\SendTo [2011.01.03 20:43:31 | 000,000,000 | -HSD | C] -- C:\Users\Admini\Recent [2011.01.03 20:43:31 | 000,000,000 | -HSD | C] -- C:\Users\Admini\Netzwerkumgebung [2011.01.03 20:43:31 | 000,000,000 | -HSD | C] -- C:\Users\Admini\Lokale Einstellungen [2011.01.03 20:43:31 | 000,000,000 | -HSD | C] -- C:\Users\Admini\Documents\Eigene Videos [2011.01.03 20:43:31 | 000,000,000 | -HSD | C] -- C:\Users\Admini\Documents\Eigene Musik [2011.01.03 20:43:31 | 000,000,000 | -HSD | C] -- C:\Users\Admini\Eigene Dateien [2011.01.03 20:43:31 | 000,000,000 | -HSD | C] -- C:\Users\Admini\Documents\Eigene Bilder [2011.01.03 20:43:31 | 000,000,000 | -HSD | C] -- C:\Users\Admini\Druckumgebung [2011.01.03 20:43:31 | 000,000,000 | -HSD | C] -- C:\Users\Admini\Cookies [2011.01.03 20:43:31 | 000,000,000 | -HSD | C] -- C:\Users\Admini\AppData\Local\Anwendungsdaten [2011.01.03 20:43:31 | 000,000,000 | -HSD | C] -- C:\Users\Admini\Anwendungsdaten [2011.01.03 20:43:29 | 000,000,000 | --SD | C] -- C:\Users\Admini\AppData\Roaming\Microsoft [2011.01.03 20:43:29 | 000,000,000 | R--D | C] -- C:\Users\Admini\Videos [2011.01.03 20:43:29 | 000,000,000 | R--D | C] -- C:\Users\Admini\Saved Games [2011.01.03 20:43:29 | 000,000,000 | R--D | C] -- C:\Users\Admini\Pictures [2011.01.03 20:43:29 | 000,000,000 | R--D | C] -- C:\Users\Admini\Music [2011.01.03 20:43:29 | 000,000,000 | R--D | C] -- C:\Users\Admini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2011.01.03 20:43:29 | 000,000,000 | R--D | C] -- C:\Users\Admini\Links [2011.01.03 20:43:29 | 000,000,000 | R--D | C] -- C:\Users\Admini\Favorites [2011.01.03 20:43:29 | 000,000,000 | R--D | C] -- C:\Users\Admini\Downloads [2011.01.03 20:43:29 | 000,000,000 | R--D | C] -- C:\Users\Admini\Documents [2011.01.03 20:43:29 | 000,000,000 | R--D | C] -- C:\Users\Admini\Desktop [2011.01.03 20:43:29 | 000,000,000 | R--D | C] -- C:\Users\Admini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2011.01.03 20:43:29 | 000,000,000 | -H-D | C] -- C:\Users\Admini\AppData [2011.01.03 20:43:29 | 000,000,000 | ---D | C] -- C:\Users\Admini\AppData\Local\Temp [2011.01.03 20:43:29 | 000,000,000 | ---D | C] -- C:\Users\Admini\Roaming [2011.01.03 20:43:29 | 000,000,000 | ---D | C] -- C:\Users\Admini\AppData\Local\Microsoft Help [2011.01.03 20:43:29 | 000,000,000 | ---D | C] -- C:\Users\Admini\AppData\Local\Microsoft [2011.01.03 20:43:29 | 000,000,000 | ---D | C] -- C:\Users\Admini\AppData\Roaming\Media Center Programs [2011.01.03 20:43:29 | 000,000,000 | ---D | C] -- C:\Users\Admini\AppData\Roaming\Macromedia [2011.01.03 20:43:29 | 000,000,000 | ---D | C] -- C:\Users\Admini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerProducer [2010.12.29 20:09:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 [2010.12.19 01:16:10 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.12.19 01:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2010.12.19 01:16:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.12.19 01:16:06 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.12.19 01:16:05 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2010.12.17 05:39:57 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll [2010.12.17 05:39:56 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2010.12.17 05:39:56 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2010.12.17 05:39:55 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010.12.17 05:39:54 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2010.12.17 05:39:53 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010.12.17 05:39:53 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2010.12.17 05:39:53 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010.12.17 05:39:47 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010.12.17 05:39:42 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010.12.17 05:39:42 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010.12.17 05:39:42 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010.12.17 05:39:41 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010.12.17 05:39:41 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010.12.17 05:39:41 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010.12.17 05:39:41 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010.12.17 05:39:41 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010.12.17 05:39:41 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010.12.17 05:39:41 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010.12.17 05:39:41 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2010.12.17 05:39:41 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010.12.17 05:39:41 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010.12.17 05:39:41 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010.12.17 05:39:41 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2010.12.17 05:39:41 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010.12.17 05:39:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010.12.12 19:51:35 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip [2010.12.12 19:51:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2010.12.12 19:43:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NEWZIP [2010.12.12 19:42:45 | 000,000,000 | ---D | C] -- C:\Programme\NEWZIP [2008.05.08 18:08:56 | 000,172,032 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll [2008.05.08 18:08:56 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll [2008.03.25 21:59:55 | 000,045,056 | ---- | C] ( ) -- C:\Windows\PLFSet.dll [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.01.03 21:32:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.01.03 21:19:20 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2011.01.03 20:43:35 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.01.03 20:43:21 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.01.03 20:43:21 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.01.03 20:43:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.01.03 20:43:13 | 3219,578,880 | -HS- | M] () -- C:\hiberfil.sys [2011.01.03 20:36:52 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011.01.01 20:00:04 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI [2010.12.21 21:19:05 | 000,632,252 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.12.21 21:19:05 | 000,598,900 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.12.21 21:19:05 | 000,127,464 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.12.21 21:19:05 | 000,104,914 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.12.17 18:07:54 | 000,474,352 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.01.03 20:43:13 | 3219,578,880 | -HS- | C] () -- C:\hiberfil.sys [2010.12.12 19:43:02 | 000,022,528 | ---- | C] () -- C:\Windows\zipsfx.bin [2010.12.12 19:43:00 | 000,130,560 | ---- | C] () -- C:\Windows\Zipdll.dll [2010.12.12 19:42:57 | 000,115,712 | ---- | C] () -- C:\Windows\Unzdll.dll [2010.08.20 11:13:24 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2010.08.20 10:44:31 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2010.07.23 14:49:34 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.07.15 13:31:19 | 000,000,190 | ---- | C] () -- C:\Windows\System32\Vista Services Optimizer.ini [2009.09.02 02:57:52 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI [2009.09.02 02:57:51 | 000,000,014 | ---- | C] () -- C:\Windows\schreib2.ini [2009.09.02 02:55:17 | 000,000,011 | ---- | C] () -- C:\Windows\schreib1.ini [2009.09.02 02:52:36 | 000,000,011 | ---- | C] () -- C:\Windows\LESEN1.INI [2009.09.02 02:47:01 | 000,000,135 | ---- | C] () -- C:\Windows\asym.ini [2009.09.02 00:34:38 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2009.06.04 18:33:40 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.03.08 19:03:28 | 000,180,224 | ---- | C] () -- C:\Windows\System32\ATWTINK.DLL [2009.03.08 19:03:28 | 000,013,951 | ---- | C] () -- C:\Windows\System32\Photoshop Elements.ini [2009.03.08 19:03:28 | 000,010,361 | ---- | C] () -- C:\Windows\System32\PhotoImpact XL SE.ini [2009.03.08 19:03:28 | 000,007,633 | ---- | C] () -- C:\Windows\System32\Vista.ini [2009.03.08 19:03:28 | 000,007,341 | ---- | C] () -- C:\Windows\System32\XP_2000.ini [2009.03.08 19:03:28 | 000,006,435 | ---- | C] () -- C:\Windows\aiptbl.ini [2009.03.08 19:03:28 | 000,000,574 | ---- | C] () -- C:\Windows\System32\MKProfile.ini [2008.08.29 01:45:07 | 001,882,112 | ---- | C] () -- C:\Windows\System32\statfi.dll [2008.08.12 13:29:00 | 000,000,133 | ---- | C] () -- C:\Windows\System32\ftdiun2k.ini [2008.07.28 13:35:50 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib [2008.06.26 22:15:07 | 000,000,024 | ---- | C] () -- C:\Windows\Medi8or.ini [2008.06.23 21:08:35 | 000,196,096 | ---- | C] () -- C:\Windows\System32\macd32.dll [2008.06.23 21:08:35 | 000,138,752 | ---- | C] () -- C:\Windows\System32\mase32.dll [2008.06.23 21:08:35 | 000,136,192 | ---- | C] () -- C:\Windows\System32\mamc32.dll [2008.06.23 21:08:35 | 000,057,856 | ---- | C] () -- C:\Windows\System32\masd32.dll [2008.06.23 21:08:35 | 000,027,648 | ---- | C] () -- C:\Windows\System32\ma32.dll [2008.06.11 22:55:30 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2008.05.09 02:49:12 | 000,000,030 | ---- | C] () -- C:\Windows\SetPanel.ini [2008.05.09 02:48:59 | 000,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI [2008.05.08 17:54:50 | 000,001,132 | ---- | C] () -- C:\Windows\RtDefLvl.ini [2008.04.12 06:41:20 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2008.04.12 06:30:20 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2008.03.28 18:41:32 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2008.03.26 00:32:43 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll [2008.03.25 21:59:55 | 001,729,152 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys [2008.03.25 21:59:49 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2008.03.25 21:59:41 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2008.03.25 15:21:39 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys [2008.03.25 15:20:59 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll [2008.01.21 03:24:13 | 001,868,944 | ---- | C] () -- C:\Windows\System32\RSA32_16.DLL [2007.02.05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2004.09.16 21:24:26 | 003,375,104 | ---- | C] () -- C:\Windows\System32\qt-mt331.dll [2003.03.24 05:03:00 | 000,279,552 | ---- | C] () -- C:\Windows\System32\FGWVB32.DLL [2001.12.26 15:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001.09.03 22:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001.07.30 15:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001.07.23 21:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 24 bytes -> C:\Windows:4C910840893E1766 @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:B623B5B8 < End of report > Extras.Txt:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 03.01.2011 21:29:55 - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\Admini\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 53,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 143,79 Gb Total Space | 76,02 Gb Free Space | 52,87% Space Free | Partition Type: NTFS
Drive D: | 140,29 Gb Total Space | 135,72 Gb Free Space | 96,74% Space Free | Partition Type: NTFS
Drive F: | 698,45 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: MANFRED-ACER-LA | User Name: Admini | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{73311C73-F776-43AC-A72F-7158F9D68AF9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12900B2C-1F92-4CE9-AE04-BCA2CBA3937D}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{193BF336-ABCE-47E3-8047-874A2FD3FCE1}" = protocol=6 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe |
"{1A4BA2F7-D67D-41DB-9DE5-4D4843CA223C}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 11\programs\umi.exe |
"{3B354A10-D392-4DC5-BEAB-76057DD95CE2}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 11\programs\pmsregisterfile.exe |
"{532B22F4-E2AE-4BE5-AEDF-0E298890F715}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 11\programs\studio.exe |
"{5EAC58ED-2D78-4B98-A126-2530EA9FFEBC}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 11\programs\studio.exe |
"{64319142-A520-4177-BF35-9307B8D50165}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 11\programs\rm.exe |
"{68FFE427-941F-40BB-86F4-C8F342D35717}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 11\programs\umi.exe |
"{775984C0-041C-4331-85F5-BC5C583E1D3A}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\pmvservice.exe |
"{7D1671BF-6AE1-4C6B-865F-0C860ED7CD20}" = protocol=17 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe |
"{899583DE-CF2F-4D7F-96CB-0613433B0991}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\playmovie.exe |
"{92C1B1EF-7372-4178-A600-C99EEC7E82A0}" = dir=in | app=c:\program files\acer arcade deluxe\dvdivine\dvdivine.exe |
"{94C66258-B755-416F-BE57-04351B32B719}" = protocol=17 | dir=in | app=c:\program files\12voip.com\12voip\12voip.exe |
"{97857CAD-4278-4D3C-915A-26A6F0B537A4}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 11\programs\pmsregisterfile.exe |
"{A1FEB69F-E3A2-46CC-8F11-62B0E5AD57F1}" = dir=in | app=c:\program files\acer arcade deluxe\dv wizard\dv wizard.exe |
"{A435E7EF-5AC3-40B1-976A-6261827828C6}" = protocol=6 | dir=in | app=c:\program files\12voip.com\12voip\12voip.exe |
"{BC973743-7235-4237-A16D-5F2BBC9E1660}" = dir=in | app=c:\program files\acer arcade deluxe\videomagician\videomagician.exe |
"{C7861AA6-22F4-4C6E-B4FD-865083C23C90}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{C9BA6B16-451C-4E8E-9F91-800704B8DA90}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{D435E31D-7F1F-4DBD-A476-8AABFF2C5D26}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{D5975B15-BFEE-4C1F-92DC-78488A84B7D0}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 11\programs\rm.exe |
"{F5314740-E6A3-4A06-8F9F-52840F451AF4}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{F595A901-C9CC-4E2D-B450-8F52C6B86A83}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{0463798B-0444-4803-AC1B-AB1904CA4F76}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{328EDD0A-25E8-46A8-894D-2CB731DAEA1D}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{4FB72DCF-EBE9-4EBC-B057-3362466614E8}F:\setup.exe" = protocol=6 | dir=in | app=f:\setup.exe |
"UDP Query User{A0A1A4D4-2597-412D-91FE-4D8CF081DEE9}F:\setup.exe" = protocol=17 | dir=in | app=f:\setup.exe |
"UDP Query User{E041BA00-7ADA-4679-884E-ADF2222BA34A}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{ECE4EC12-BAC4-41A9-87C1-955AB237F74D}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03F39988-365B-3491-2DE8-47D2F40B658C}" = Catalyst Control Center Localization Dutch
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06A0F6AD-9AF4-4162-8CB9-6776F43A4307}" = Formatwandler
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0D38396A-26FD-4106-A149-99CE891AA6CA}" = aTube Catcher 1.0
"{110B1ADF-2EAE-4E8F-B501-D2A1E6D8ED9D}" = Studio 11
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{119B7481-0216-40D2-A5CC-C3E1F461ECC1}" = Windows Live Fotogalerie
"{11F14F73-5F6E-4E99-BDBD-F17CF68B4B04}" = FormatFactory
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1962A938-85FA-AEC7-A533-5D78D976621D}" = Catalyst Control Center Localization Danish
"{1CA7ACD6-B21B-4240-AA05-4FC55F6E1031}" = Nero 8 Essentials
"{1D2C96C3-A3F3-49E7-B839-95279DED837F}" = Opera 10.60
"{1D54B4A2-9CF9-BEC1-BF40-FB67B64FBD37}" = Catalyst Control Center Localization Korean
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{2077FEAB-E2DE-A9C9-52EA-D059F78507A7}" = Catalyst Control Center Localization Turkish
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{232A093A-208F-5A12-1B55-199C0126D140}" = Catalyst Control Center Graphics Light
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 22
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2A13103F-809F-4A5F-D5D5-0462B463CE26}" = Catalyst Control Center Localization German
"{2AAC4085-DCBF-417B-AEBD-182197839240}" = Native Instruments Traktor
"{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228
"{30161931-E14F-42B5-BFC0-1AB5ADE4459B}" = muvee autoProducer 5.0
"{31F4E894-2B51-890F-3A04-89AA16C1B667}" = Catalyst Control Center Localization Russian
"{354A4677-23FE-454C-B70D-E8F2AB4A8AF2}" = Administative Templates for Windows Vista (.admx)
"{3594EE90-B157-4519-9E82-8B6F4711A0A1}" = Catalyst Control Center - Branding
"{35C0A1E4-D02A-412C-841F-266DBB116ABB}" = Intel(R) PROSet/Wireless WiFi-Software
"{363D1E82-40C5-C298-4C73-BD72E58168B4}" = Catalyst Control Center Localization Greek
"{37C8899D-FD70-481F-94AA-1F1B08765E22}" = Acronis True Image Home
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Acer Crystal Eye webcam
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4097D40F-FB75-869F-18A0-637635A5FAA0}" = Catalyst Control Center Localization Chinese Traditional
"{427967BF-09F8-46D5-9275-37001CCBBA5D}" = Winbond CIR Drivers
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{432B7B0E-D471-1A8A-B43D-99C52D0DF092}" = Catalyst Control Center Localization Norwegian
"{4448ABF6-786D-4C3D-A49D-7BB237E6DD17}" = Foxit PDF IFilter
"{459F8ABE-28DB-4F9E-9F96-3149C332FA83}" = Lernwerkstatt 7
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{506C49D5-1A41-FEBF-8A0B-F4481C73F1DD}" = Catalyst Control Center Localization Swedish
"{5106480F-2039-420F-B315-213472966ED6}" = Samsung PC Studio 3
"{5313CFF7-E762-4752-BEC0-1E2CB2C685E4}" = uMedia uTV
"{544EC169-1787-4F95-B216-468F4C3E578D}" = Lernwerkstatt Sek I
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{584BFB71-3D12-8720-F222-7739726C3E7C}" = Catalyst Control Center Core Implementation
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{5D5D742B-171C-2C00-810F-3DD837FDE520}" = Catalyst Control Center Localization Hungarian
"{61232CEF-6A36-A4F2-4242-605518175098}" = Catalyst Control Center Localization Finnish
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6E87F7DD-C1C8-44B2-8D54-BEB6FE26394F}" = Vista Services Optimizer
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77B74177-25E3-6801-D4F6-514E0926F3B8}" = Catalyst Control Center Localization Chinese Standard
"{77BDD5AF-E4AC-E3F7-449C-5F5621A84A73}" = Catalyst Control Center Localization Italian
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7F149393-7D14-B0EF-154F-3B83D57725AA}" = Catalyst Control Center Localization French
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{821D7BFA-918B-EDCE-15A5-6C6BAB0528A1}" = Catalyst Control Center Localization Thai
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AF4C172-FC1D-418A-ABDE-A6B30A03D8D8}" = StatFi 2007 GAOTD
"{8B961557-75BB-4336-8167-90267ED34267}" = Media Add-Ons für Acronis True Image 2009
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90300407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}" = Windows Live Essentials
"{93099B48-E36A-46C9-A03F-C85201D9B1C1}" = Foxit PDF IFilter
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0120-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95D22C3E-5C19-4633-BD0A-493FC94C5051}" = Schreiblabor 2
"{A0F147B7-115C-A8D8-EFB8-B891D0DB39D1}" = ATI Catalyst Install Manager
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA047D7C-5E7C-4878-B75C-77589151B563}" = Acer Crystal Eye webcam
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.1 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AF04BC19-3F00-2F3A-2499-19A998E84B95}" = Catalyst Control Center Localization Japanese
"{B1C2147A-54CE-070A-C844-E69C203A3202}" = ccc-core-static
"{B3251D6A-05E1-252C-64A6-4E6A7FE8F6B4}" = Catalyst Control Center Localization Portuguese
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{C40AEEAE-DB5D-F537-0A90-A5F75DEE192D}" = Catalyst Control Center Localization Spanish
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C9E9625A-47B5-4DED-A851-B394B51279FA}" = MatchWare OpenMind 2.0 Home
"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
"{CDBE2FB7-5098-0277-2AE9-145ECE3C0773}" = Catalyst Control Center Localization Czech
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D299837D-74C1-41A9-8783-966610A9BED7}" = Preispiraten
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{DA472378-2901-09E2-E9B9-019342B8CCD0}" = ccc-utility
"{DDC2B636-4F9F-4241-9B15-4DF12C97CF4A}" = Studio 11
"{DEAFFA41-FCE8-EBA5-3918-55F9672F75F8}" = Catalyst Control Center Localization Polish
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{ED636101-1959-4360-8BF7-209436E7DEE4}" = Windows Live Sync
"{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}" = Pinnacle Instant DVD Recorder
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Deluxe
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9AEEC34-CF00-4CBD-9E36-DF9DC4002685}" = Yahoo! Desktop Login
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FC7C8D7C-3360-4D34-B7AF-59C6A5EAEB54}" = Vista UsbCam_Vid_AF
"{FE6E1AF6-6B88-44FE-8101-84AE6A52B393}" = Windows Live Movie Maker-Betaversion
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
"Ani...Paint Standard_is1" = Ani...Paint 3.1.3 Standard
"Any Video Converter_is1" = Any Video Converter 3.1.7
"AnyDVD" = AnyDVD
"Arbeitsblatt Profi" = Arbeitsblatt Profi
"Ashampoo Burning Studio 7_is1" = Ashampoo Burning Studio 7.21
"Ashampoo Photo Commander 5_is1" = Ashampoo Photo Commander 5.40
"Ask Toolbar_is1" = Foxit Toolbar
"avast5" = avast! Free Antivirus
"BitZipper_is1" = BitZipper 2010
"Budenberg_is1" = Budenberg Software Mehrplatz 5/09 WIN
"CCleaner" = CCleaner
"Citavi" = Citavi 2.5
"CloneDVD2" = CloneDVD2
"Defraggler" = Defraggler
"easy Whiteboard" = easy Whiteboard
"ELFE" = ELFE 1-6
"FormatFactory" = FormatFactory 2.45
"FotoSketcher_is1" = FotoSketcher - Version 1.6
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader" = Foxit Reader
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"Google Updater" = Google Updater
"InstallShield_{544EC169-1787-4F95-B216-468F4C3E578D}" = Lernwerkstatt Sek I
"InstallShield_{95D22C3E-5C19-4633-BD0A-493FC94C5051}" = Schreiblabor 2
"Internet-Radio Player_is1" = Internet-Radio Player Version 2.01.4
"IrfanView" = IrfanView (remove only)
"IsoBuster_is1" = IsoBuster 2.4
"Klex11" = Tintenklex11
"lgx4.lgx.server" = G DATA Logox4 Speechengine
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MatchWare Mediator 7 Pro Installation" = MatchWare Mediator 7 Pro Installation
"Mediator 7 Pro Service Pack 5.0" = Mediator 7 Pro Service Pack 5.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MindManager 2002" = MindManager 2002
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Traktor" = Native Instruments Traktor
"Nero PhotoShow Express 5" = Nero PhotoShow Express 5
"NewImage SuperCAM" = Uninstall NewImage SuperCAM
"NEWZIP version 1.6B1" = NEWZIP version 1.6B1
"Photo Commander Plugin Installation" = Photo Commander Plugin Installation
"PhotoFiltre" = PhotoFiltre
"Picasa 3" = Picasa 3
"Pointofix_is1" = Pointofix
"ProInst" = Intel PROSet Wireless
"PROR" = Microsoft Office Professional 2007
"Rmtablet" = Pen Pad Driver with Macro Key Manager
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Smoothboard" = Smoothboard
"Smoothboard 1.0" = Smoothboard 1.0
"StatFi 2007 GAOTD" = StatFi 2007 GAOTD
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 5" = TeamViewer 5
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.1.1
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite_Wave3" = Windows Live Essentials
"Wondershare Flash Slideshow Builder Giveaway Edition_is1" = Wondershare Flash Slideshow Builder Giveaway Edition (4.6.0)
"Wondershare Photo Story Gold Giveaway Edition_is1" = Wondershare Photo Story Gold Giveaway Edition version 3.0.0
"Xvid_is1" = Xvid 1.1.3 final uninstall
"Zarb" = Zarb 4.1
"Zattoo4" = Zattoo4 4.0.5
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 14.12.2010 19:24:53 | Computer Name = Manfred-acer-la | Source = EventSystem | ID = 4621
Description =
Error - 17.12.2010 00:25:29 | Computer Name = Manfred-acer-la | Source = WinMgmt | ID = 10
Description =
Error - 17.12.2010 01:27:55 | Computer Name = Manfred-acer-la | Source = EventSystem | ID = 4621
Description =
Error - 17.12.2010 13:08:34 | Computer Name = Manfred-acer-la | Source = WinMgmt | ID = 10
Description =
Error - 17.12.2010 15:25:01 | Computer Name = Manfred-acer-la | Source = EventSystem | ID = 4621
Description =
Error - 17.12.2010 18:07:40 | Computer Name = Manfred-acer-la | Source = WinMgmt | ID = 10
Description =
Error - 18.12.2010 19:56:43 | Computer Name = Manfred-acer-la | Source = WinMgmt | ID = 10
Description =
Error - 18.12.2010 20:35:52 | Computer Name = Manfred-acer-la | Source = WinMgmt | ID = 10
Description =
Error - 18.12.2010 21:38:43 | Computer Name = Manfred-acer-la | Source = EventSystem | ID = 4621
Description =
Error - 19.12.2010 09:29:56 | Computer Name = Manfred-acer-la | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 23.06.2008 14:00:21 | Computer Name = Manfred-acer-la | Source = ehRecvr | ID = 4
Description =
Error - 23.06.2008 16:14:10 | Computer Name = Manfred-acer-la | Source = ehRecvr | ID = 4
Description =
[ System Events ]
Error - 03.01.2011 15:39:39 | Computer Name = Manfred-acer-la | Source = Service Control Manager | ID = 7001
Description =
Error - 03.01.2011 15:39:39 | Computer Name = Manfred-acer-la | Source = Service Control Manager | ID = 7026
Description =
Error - 03.01.2011 15:39:39 | Computer Name = Manfred-acer-la | Source = Service Control Manager | ID = 7001
Description =
Error - 03.01.2011 15:39:39 | Computer Name = Manfred-acer-la | Source = Service Control Manager | ID = 7001
Description =
Error - 03.01.2011 15:39:39 | Computer Name = Manfred-acer-la | Source = Service Control Manager | ID = 7001
Description =
Error - 03.01.2011 15:39:39 | Computer Name = Manfred-acer-la | Source = Service Control Manager | ID = 7001
Description =
Error - 03.01.2011 15:43:15 | Computer Name = Manfred-acer-la | Source = ACPI | ID = 327693
Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen
Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware
hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie
den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen
Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
Error - 03.01.2011 15:43:28 | Computer Name = Manfred-acer-la | Source = Service Control Manager | ID = 7000
Description =
Error - 03.01.2011 15:43:30 | Computer Name = Manfred-acer-la | Source = Service Control Manager | ID = 7026
Description =
Error - 03.01.2011 15:46:02 | Computer Name = Manfred-acer-la | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.33 für die Netzwerkkarte mit der Netzwerkadresse
001DE0AB4199 wurde durch den DHCP-Server 192.168.0.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
[ TuneUp Events ]
Error - 18.12.2010 20:16:38 | Computer Name = Manfred-acer-la | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-12-19 01:16:38', '\device\harddiskvolume2\program
files\malwarebytes' anti-malware\mbam.exe','2012',0)
Error - 18.12.2010 20:18:53 | Computer Name = Manfred-acer-la | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-12-19 01:18:53', '\device\harddiskvolume2\program
files\malwarebytes' anti-malware\mbam.exe','5036',0)
Error - 18.12.2010 20:36:13 | Computer Name = Manfred-acer-la | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-12-19 01:36:13', '\device\harddiskvolume2\program
files\malwarebytes' anti-malware\mbam.exe','4896',0)
Error - 19.12.2010 09:41:56 | Computer Name = Manfred-acer-la | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-12-19 14:41:56', '\device\harddiskvolume2\program
files\malwarebytes' anti-malware\mbam.exe','4012',0)
< End of report >
Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 5449 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18999 04.01.2011 00:04:50 mbam-log-2011-01-04 (00-04-50).txt Scan type: Full scan (C:\|D:\|) Objects scanned: 421998 Time elapsed: 2 hour(s), 1 minute(s), 55 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Ist es nötig und wenn ja möglich da was zu machen??? Im Voraus vielen Dank und Grüße |
| Themen zu win32.AutoRun.tmp trojaner lässt sich nicht entfernen |
| 0x00000001, alternate, antivirus, any video converter, askbar, avast!, bho, converter, corp./icp, desktop, device driver, entfernen, error, excel, firefox, flash player, frage, google, google earth, helper, home, home premium, iastor.sys, install.exe, launch, location, logfile, lässt sich nicht entfernen, malware, media center, microsoft office word, mozilla, mp3, nicht sicher, nvlddmkm.sys, nvstor.sys, office 2007, oldtimer, opera.exe, picasa, plug-in, popup, problem, programdata, realtek, registry, safer networking, saver, scan, searchplugins, security update, shell32.dll, skype.exe, software, sptd.sys, start menu, studio, total commander, trojaner, video converter, vista, vlc media player |
Baum-Darstellung