| |
| |||||||
Alles rund um Windows: Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter...Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
 |
24.02.2011, 20:40
| #1 |
 |  Problem: Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter... Hallo, wie bereits Stichwortartig in der Überschrift erwähnt habe ich seit ca. 10 Tagen folgendes Problem. Ich wollte abends den PC herunterfahren und als ich morgens in PC-Zimmer kam war er immer noch am runterfahren (er hat es nicht getan). Ich habe Ihn ausgemacht. Seitdem fährt er ganz langsam hoch, der Lüfter ist fast die ganze Zeit an, und der Explorer, die Programme reagieren GANZ verzögert. Auch wenn ich den PC ausmachen möchte fährt er nicht immer runter! Kann mir vielleicht jemand helfen!? Ich bin absoluter Laie und kann mir nicht erklären woran es liegt. Bei Hilfe bitte für einen Laien Anweisungen geben! Ich danke euch im Vorfeld - bin auch gerne bereit euch hier zu unterstützen! Gruß |
|
24.02.2011, 22:04
| #2 |
| /// Helfer-Team    | Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter... Anleitung / Hilfe Da Du hier nicht ganz neu bist, erspare ich mir jetzt mal die Begrüßungszeremonien. Lese, beachte und poste alle geforderten Angaben.
__________________LG Der Felix
__________________ |
|
25.02.2011, 12:45
| #3 |
| | Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter... Details Malwarebytes' Anti-Malware 1.50.1.1100
__________________www.malwarebytes.org Datenbank Version: 5874 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.19019 25.02.2011 12:31:21 mbam-log-2011-02-25 (12-31-18).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 164839 Laufzeit: 4 Minute(n), 27 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 6 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: c:\program files\internet saving optimizer (Adware.DoubleD) -> No action taken. c:\program files\internet saving optimizer\3.8.1.4690 (Adware.DoubleD) -> No action taken. c:\program files\internet saving optimizer\3.8.1.4690\FF (Adware.DoubleD) -> No action taken. c:\program files\media access startup (Adware.DoubleD) -> No action taken. c:\program files\media access startup\2.0.0.1050 (Adware.DoubleD) -> No action taken. c:\program files\media access startup\2.0.0.1050\FF (Adware.DoubleD) -> No action taken. Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
25.02.2011, 12:45
| #4 |
| | Lösung: Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter... OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 25.02.2011 12:49:10 - Run 4
OTL by OldTimer - Version 3.2.21.0 Folder = C:\Users\****\Desktop\MFTools
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 142,16 Gb Total Space | 74,15 Gb Free Space | 52,16% Space Free | Partition Type: NTFS
Drive D: | 142,18 Gb Total Space | 95,16 Gb Free Space | 66,93% Space Free | Partition Type: NTFS
Computer Name: ****-PC | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1199916533-2294184880-3576752702-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05FA27B0-56F7-44A1-A07C-8605C1934BB1}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0CA1894E-A6D0-4A78-8217-58375294475F}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{20478DBD-9024-4CD5-BA3A-1A7D4A51C0D6}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{31EFE7E0-A964-44C2-8062-274DAFD017EB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{34432A93-5174-4033-A966-62CC0A15794A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{38446EE4-F760-46FE-97F3-6D346B0D5563}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{3E221D95-9DC3-4823-84AF-C1506F00D4BE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{447B5148-94CD-48F7-AF43-6BD9D38BDA19}" = lport=2869 | protocol=6 | dir=in | app=system |
"{59911795-2FCC-4B15-A99F-296FEEC436BF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{661DD868-AB6B-4515-837E-FE92F5928E53}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{6D3544AB-79FC-44C2-B1B5-11DEA4B71DC1}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{8DBDD998-BA4E-4D66-A65C-FD6AC1CD1816}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{AFBFD523-C065-4648-A52B-3DCBDF9CEB54}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C171028B-4B38-488F-B1E0-EF1A2CA508E2}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C218BD3F-E8B0-458C-9AF3-F46092EB6586}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C502FF24-D701-40E7-B264-547F646D0A41}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C56AA661-B5C3-4A7E-8A90-CBB611C23B00}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{C68B436F-6D23-4DAE-A7BF-6378990E6DFC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C6BB3CAB-6587-406E-92D1-B8646AC35F90}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D9139F81-A830-4E78-AE84-E8C1A948DF1A}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{F6DEF7E6-9144-425B-83B0-F761B97EEBA7}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FC3A7A42-D29E-46A0-8D7E-942003F0F98F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00007600-C351-4D0D-887F-438367E21DD4}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{06FE4965-C693-4AA0-AFC2-147D2DBA0581}" = protocol=6 | dir=in | app=c:\program files\1&1\fboxupd.exe |
"{0905ED90-EE61-42E8-8A68-72D726715200}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0940B8D9-3B75-4C9D-A7C6-158B8DD752E8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{0ECD8E47-B254-4345-8824-3F42ED1E28FA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{111A6E94-F28B-438C-A901-408856880B29}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{135C47AA-639F-495F-937F-1A676F9B852A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1A2792E7-BF7C-477B-AD5F-60F9CC7AE695}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{1E7F6256-261E-4315-B70D-66C88BCE204B}" = protocol=17 | dir=in | app=c:\users\****\appdata\local\apps\2.0\n7vqt6n5.ebo\8nvv6oyj.nph\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe |
"{2104D361-9B11-400B-BCDB-77ED721745A0}" = protocol=6 | dir=in | app=c:\users\****\appdata\local\apps\2.0\n7vqt6n5.ebo\8nvv6oyj.nph\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe |
"{2607828D-314B-4021-AEBC-34FDEAB306B4}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2753E249-444D-47B4-A33F-87E5D4F40E31}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2B091538-BE58-47EC-8E76-658E532CA181}" = protocol=17 | dir=in | app=c:\program files\1&1\fboxupd.exe |
"{2CD5B1B2-288F-4190-8952-28D58DA0198E}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung pc share manager\wiselinkpro.exe |
"{2F3B1B4D-472B-46F4-9544-46F7DC8729AD}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{2FFC394B-3ED6-4118-B466-8981172307A8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{31C244A1-3DF6-4B60-B963-E08D83B7E189}" = protocol=6 | dir=in | app=c:\program files\twonkymedia\twonkymediaserverwatchdog.exe |
"{31FEDB43-3F17-458A-9736-82A6E52A6E3D}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{36F8E1E1-7493-40B4-8C89-C8934096C679}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3D0D8BAC-68A3-4B54-9EF1-985CC6B20BA5}" = protocol=17 | dir=in | app=c:\program files\twonkymedia\twonkymediaserverwatchdog.exe |
"{41454323-A7FA-47D3-B3B3-F31BBE1FE05B}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{45F7A61C-EEFB-423C-805F-1B83DDD5D368}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung pc share manager\http_ss_win_pro.exe |
"{4994F26F-1989-4F45-88A8-8243A84891CF}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{4EBE2879-40B2-4694-8A7A-7BF84B4B3472}" = protocol=6 | dir=in | app=c:\users\****\appdata\local\apps\2.0\n7vqt6n5.ebo\8nvv6oyj.nph\frit..tion_8488884cfbcefd60_0002.0002_9409db79b3f040fd\fritzbox-usb-fernanschluss.exe |
"{5277B95F-4166-462C-A39C-724DAACCE0E1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5A819053-ABB6-47E4-9D16-EC89085FA270}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe |
"{5DB012BB-DF24-4364-8955-39DC01884B89}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{60CCFB14-3D63-480D-ACD2-F0E6FE7F4222}" = protocol=6 | dir=in | app=c:\program files\twonkymedia\mediamanager\twonkymediamanager.exe |
"{6B2B1A41-97F5-40E9-9F39-BF7F0A31995A}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6BE11C61-2C1A-457C-92CC-4CFF31E47DB3}" = protocol=6 | dir=in | app=c:\users\****\appdata\local\apps\2.0\n7vqt6n5.ebo\8nvv6oyj.nph\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe |
"{6CDDAB7B-CE53-4180-BEB0-DAB4A8C4C0C1}" = dir=in | app=c:\windows\system32\lxeccoms.exe |
"{7243604F-EBD0-4311-B9FA-3DEC34C5C86A}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung pc share manager\http_ss_win_pro.exe |
"{727DC909-3A31-4704-9E16-A4466D594F7A}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{7494DCAD-E537-42D3-B0DE-E94820A1E397}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{7AAE93A8-1261-4C9C-9A9E-A9033440E3B0}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{7C3692AF-892E-4377-8484-20BFFE47DD25}" = protocol=6 | dir=in | app=c:\program files\twonkymedia\twonkymediaserver.exe |
"{8054D065-197B-48E1-81D1-8D8CFB2F7103}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung pc share manager\http_ss_win_pro.exe |
"{848CA979-E55B-4173-A811-2393897DC6C7}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{87C1C5D6-E404-4877-A915-DF3C7B833D1D}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{889E9A21-34ED-4373-B743-9868930ED6CE}" = protocol=6 | dir=in | app=c:\program files\fritz!\igd_finder.exe |
"{8AB192DE-3AB3-41A6-A19A-9BF7D0D5C7F5}" = protocol=17 | dir=in | app=c:\users\****\appdata\local\apps\2.0\n7vqt6n5.ebo\8nvv6oyj.nph\frit..tion_8488884cfbcefd60_0002.0002_9409db79b3f040fd\fritzbox-usb-fernanschluss.exe |
"{90F7CCCD-C360-4D36-9DD8-ECD824B55224}" = dir=in | app=c:\windows\system32\lxeccoms.exe |
"{91EE6C62-A859-4AAE-AF8D-3434749DCE3F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{94C9E0C4-29B5-4ACD-AB83-0D44D8A65865}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{96643B35-92AC-4392-BED0-E4B8A493A3B6}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9967C727-90D2-4031-96DD-CFBFFD5E1CD5}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung pc share manager\wiselinkpro.exe |
"{998721AD-C6B4-4BEE-8ADC-12EB26ABB776}" = protocol=6 | dir=in | app=c:\users\****\appdata\local\apps\2.0\n7vqt6n5.ebo\8nvv6oyj.nph\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"{9BD2B96D-B1F6-4E65-BE2B-858CD90103F8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9BF9575A-6377-48FF-BB19-969C682ED554}" = protocol=17 | dir=in | app=c:\program files\lexmark pro800-pro900 series\lxecfax.exe |
"{9C073FF2-2595-476C-A405-CB3887575264}" = protocol=6 | dir=in | app=c:\program files\lexmark pro800-pro900 series\lxecfax.exe |
"{A21F51AC-215C-4F8D-B5EF-AB442B98EE88}" = dir=in | app=c:\windows\system32\lxeccoms.exe |
"{A3A18F0D-34D9-4C5B-A22E-0421C884C629}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A6863883-8899-4985-A0DB-39D4C4A4F7EF}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung pc share manager\wiselinkpro.exe |
"{A76B4BB3-9D76-4CEC-BE79-810A9481F7C1}" = protocol=17 | dir=in | app=c:\program files\1&1\igdctrl.exe |
"{A8D92FCB-0530-49CC-98C5-6D1DF0769037}" = protocol=17 | dir=in | app=c:\users\****\appdata\local\apps\2.0\n7vqt6n5.ebo\8nvv6oyj.nph\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"{A93B0B88-D413-405D-B482-D62D07A4AD90}" = protocol=17 | dir=in | app=c:\users\****\appdata\local\apps\2.0\n7vqt6n5.ebo\8nvv6oyj.nph\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe |
"{AE4838FC-893D-4D02-B33F-447A8E92227E}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung pc share manager\http_ss_win_pro.exe |
"{AE63E44C-E0D7-489E-96C7-5E8A294D6731}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{AF411229-81D6-44D8-8DF0-9D120D5C4266}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B181E2A3-E5A9-4E6D-851A-9C873693503E}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B300B767-3959-4018-B248-6D9827E3DA5D}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{B7093A8E-38AD-478D-8D58-961F1129BF90}" = protocol=6 | dir=in | app=c:\program files\1&1\webwaigd.exe |
"{B9AA12C9-3796-4481-BB3A-C0A55CA1B226}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{BA97250D-8A31-4237-B152-5A65892739C5}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe |
"{BDBC5C69-A72F-40AB-AEFE-4B0E225BADBB}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{BE2B6EC5-9CE9-4741-85A6-B80113B66112}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BFAE954A-EB78-4868-9DCB-DDA98FB2A0E6}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{C3F995EC-3E35-48A0-A264-F20F0D4932C5}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{C3FCA9E0-F281-45E8-9A07-8608DD92A903}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C65C422E-7C6D-452D-BA1D-2E6ECB0DE451}" = protocol=17 | dir=in | app=c:\program files\twonkymedia\twonkymediaserver.exe |
"{CF304FD5-34D1-40CA-81CC-557E082F9CD2}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{CFF6C3DA-3DA8-44EB-BD22-1BF6250ACACF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D84C09C5-37E5-4AE8-8880-3AD0C76844FC}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{DCC0A4C5-CA4B-4EBA-A602-DAA8C13EF855}" = protocol=6 | dir=out | app=system |
"{DCC367BF-E5DD-4089-98EF-0E6A2D91D9FF}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DE6CAB9B-0BBD-46E3-93A7-D6BC49C3D64E}" = protocol=17 | dir=in | app=c:\program files\fritz!\igd_finder.exe |
"{E0D8B720-FBB7-4D86-BB31-3177EFF19933}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E14D3977-12C3-43D7-8B56-D61A6684F83D}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E2109F94-F3D7-48C5-9798-64883A6CA0A3}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E2252493-C748-4B32-9EB2-B9414FA0A2DF}" = protocol=17 | dir=in | app=c:\program files\twonkymedia\mediamanager\twonkymediamanager.exe |
"{E2C94B72-AD41-4B85-A7A8-EE8646179521}" = protocol=17 | dir=in | app=c:\program files\1&1\webwaigd.exe |
"{E9131088-D67C-4FD0-B6BC-07CD8088D9E4}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{EA35326E-3E14-489D-9BC3-40DA24F4438D}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{EF554C95-4B24-4B81-AFD8-A7278816BAF8}" = dir=in | app=c:\windows\system32\lxeccoms.exe |
"{F28E033E-6E1C-4971-B4E0-1A1862AF97F0}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung pc share manager\wiselinkpro.exe |
"{F38A58B3-5AFE-4CE4-8DBF-D0999BB1E5F0}" = protocol=6 | dir=in | app=c:\program files\1&1\igdctrl.exe |
"TCP Query User{1782D3EA-03E0-4B78-9E88-5C41B98355C8}C:\users\****\appdata\local\temp\_istmp1.dir\_ins5576._mp" = protocol=6 | dir=in | app=c:\users\****\appdata\local\temp\_istmp1.dir\_ins5576._mp |
"TCP Query User{1C5FF53C-7ABD-4DFE-8BEC-F62DFA5FF6C9}E:\utility\easy_search_utility.exe" = protocol=6 | dir=in | app=e:\utility\easy_search_utility.exe |
"TCP Query User{25CC73AE-82E9-42F9-A125-A346DAB1FC7B}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{3D3261F8-06C3-486B-B366-837F211A8310}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{4A640492-E181-4A68-AC6B-69F84F1CA894}C:\program files\twonkymedia\mediamanager\twonkymediamanager.exe" = protocol=6 | dir=in | app=c:\program files\twonkymedia\mediamanager\twonkymediamanager.exe |
"TCP Query User{5A62CD3D-D341-4E9E-8B75-D9D19FDC6D1E}C:\program files\packetvideo\twonkybeam\tmslite\tms-beam.exe" = protocol=6 | dir=in | app=c:\program files\packetvideo\twonkybeam\tmslite\tms-beam.exe |
"TCP Query User{6C839082-F97C-416C-832E-2A816CFECA99}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{7F572E42-A0C8-4F4E-9772-02108C693BE1}C:\program files\fritz!\frifax32.exe" = protocol=6 | dir=in | app=c:\program files\fritz!\frifax32.exe |
"TCP Query User{ADA1CE85-706F-4DC7-8F7D-E9E36DF34749}C:\users\****\appdata\local\temp\_istmp1.dir\_istmp0.dir\igd_finder.exe" = protocol=6 | dir=in | app=c:\users\****\appdata\local\temp\_istmp1.dir\_istmp0.dir\igd_finder.exe |
"TCP Query User{AF84D7EF-CDD6-4E59-9C25-5D14FFAEE2E1}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{D7159C7C-31A0-4A3B-A560-D7B21D14AE75}C:\program files\mozilla firefox 3.5 beta 4\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox 3.5 beta 4\firefox.exe |
"TCP Query User{E7925A0F-8101-4ADA-90E2-1A4694B4AA01}C:\program files\sprite software\sprite backup\spriteservice.exe" = protocol=6 | dir=in | app=c:\program files\sprite software\sprite backup\spriteservice.exe |
"TCP Query User{EB60F51C-9326-42D0-8D47-3E022B275ECF}C:\program files\dap\dap.exe" = protocol=6 | dir=in | app=c:\program files\dap\dap.exe |
"TCP Query User{FFE25184-5229-4EA1-AE4C-CB5065A6CF53}C:\users\****\appdata\local\apps\2.0\n7vqt6n5.ebo\8nvv6oyj.nph\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe" = protocol=6 | dir=in | app=c:\users\****\appdata\local\apps\2.0\n7vqt6n5.ebo\8nvv6oyj.nph\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"UDP Query User{096482FB-339F-4249-89D7-E5C555F723B9}C:\program files\dap\dap.exe" = protocol=17 | dir=in | app=c:\program files\dap\dap.exe |
"UDP Query User{09DBB4BC-B34E-4CC7-ADF6-173765746F94}C:\users\****\appdata\local\temp\_istmp1.dir\_istmp0.dir\igd_finder.exe" = protocol=17 | dir=in | app=c:\users\****\appdata\local\temp\_istmp1.dir\_istmp0.dir\igd_finder.exe |
"UDP Query User{1BE4496A-B175-4D88-90F4-B07408276983}C:\program files\sprite software\sprite backup\spriteservice.exe" = protocol=17 | dir=in | app=c:\program files\sprite software\sprite backup\spriteservice.exe |
"UDP Query User{40EFAE30-51C1-43E6-8664-23203F4CD660}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{7257ACDF-A9B0-480D-8547-10C44387CDB1}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{752072C4-3E91-4259-B0AB-732EF888AA99}C:\program files\mozilla firefox 3.5 beta 4\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox 3.5 beta 4\firefox.exe |
"UDP Query User{958ADF00-4A01-4BFD-930B-096697CC21E8}C:\users\****\appdata\local\temp\_istmp1.dir\_ins5576._mp" = protocol=17 | dir=in | app=c:\users\****\appdata\local\temp\_istmp1.dir\_ins5576._mp |
"UDP Query User{95B58524-33AA-4760-8D66-EA4EB09D09F8}E:\utility\easy_search_utility.exe" = protocol=17 | dir=in | app=e:\utility\easy_search_utility.exe |
"UDP Query User{A377C594-C9E5-46FD-8B09-AD4293B9E08D}C:\program files\fritz!\frifax32.exe" = protocol=17 | dir=in | app=c:\program files\fritz!\frifax32.exe |
"UDP Query User{ACFA332D-3FF4-42F8-8A33-F26D6DD875DD}C:\program files\twonkymedia\mediamanager\twonkymediamanager.exe" = protocol=17 | dir=in | app=c:\program files\twonkymedia\mediamanager\twonkymediamanager.exe |
"UDP Query User{B9DB096E-142F-4E8B-9AE3-0CF41AE10364}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{E6AC2B49-633F-4DD6-B46E-AF62EA28C189}C:\users\****\appdata\local\apps\2.0\n7vqt6n5.ebo\8nvv6oyj.nph\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe" = protocol=17 | dir=in | app=c:\users\****\appdata\local\apps\2.0\n7vqt6n5.ebo\8nvv6oyj.nph\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"UDP Query User{E907B426-2341-4D4C-B186-DA68B16AC816}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{F0B38877-8CA3-4525-96ED-71F4F0C0A0D7}C:\program files\packetvideo\twonkybeam\tmslite\tms-beam.exe" = protocol=17 | dir=in | app=c:\program files\packetvideo\twonkybeam\tmslite\tms-beam.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Symbolleiste
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{12FE558D-1FE1-4DEC-8C4A-F67C20F279B3}" = Application Suite
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2899C5-8938-4232-98CC-7A075ECB3172}" = t@x 2010 Standard
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 24
"{272253C3-D9DD-4C0C-A586-7E7ABC7E9AA2}" = Presto! BizCard 5
"{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Bing Maps 3D
"{2EF095CE-24AF-4AAA-BB82-85F988EC51C0}" = 1und1 Internet Explorer Add-On
"{302E9B7B-2B6A-4C29-9A02-9F2110649779}" = Nuvoton EC Generic HID Driver
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{41B20968-B2E1-49C0-9508-CC1544D568F5}" = Presto! BizCard Komponente (für Windows CE Gerät)
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{431A5BB6-E5E2-444E-8AF3-70E6BF16DEF6}" = UVC Video Camera
"{44AFDB86-1509-4CDC-9B2E-1C73B2DEE5F0}" = Mobile Broadband Drivers
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}" = FRITZ!Box starter
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{52D3199D-2858-4216-AA1D-B2A9BB9FA31B}" = Sprite Backup HTC
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}" = Vodafone Mobile Connect
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8E5E3330-6746-4A1D-A6BA-043E4D437A59}" = InstallIQ Updater
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A899DA1F-D626-401C-8651-F2921E3B4CB3}" = T-Mobile web'n'walk Manager
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAD47011-8518-4608-9656-951DA35B587B}" = iTunes
"{AC4600DB-4897-4EAF-B153-6335B9AA066D}" = GT HSDPA driver installer
"{AC76BA86-7AD7-2447-0000-900000000003}" = Chinese Simplified Fonts Support For Adobe Reader 9
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B0414A3B-3AE3-47B8-8FC0-2129781FF425}" = t@x 2011
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.57.409
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark
"{D59E595E-E49D-4908-98BF-E390264147BF}" = 4Team Sync2
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DCBDA0BD-11BA-4AD1-9F82-6B073EABEFCE}" = Presto! BizCard 5
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone-Konfigurationsprogramm
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"1und1 Internet Explorer Add-On" = 1und1 Internet Explorer Add-On
"3D Hausplaner 9_is1" = DATA BECKER 3D Hausplaner 9
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AllMusicConverter_is1" = AllMusicConverter 3.8.5
"Alt WAV MP3 WMA OGG Converter 7.2 Shareware_is1" = Alt WAV MP3 WMA OGG Converter 7.2
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"CYCAS3_is1" = CYCAS 3.90 public for Windows
"doPDF 6 printer_is1" = doPDF 6.2 printer
"etope Lister_is1" = 1.25
"Free CD to MP3 Converter" = Free CD to MP3 Converter
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.0
"FreePDF_XP" = FreePDF (Remove only)
"GPL Ghostscript 9.00" = GPL Ghostscript 9.00
"GridVista" = Acer GridVista
"HandBrake" = HandBrake 0.9.5
"HijackThis" = HijackThis 2.0.2
"Huawei Modems" = Huawei modem
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"Lexmark Pro800-Pro900 Series" = Lexmark Pro800-Pro900 Series
"LIDL Fotoservice_is1" = LIDL Fotoservice
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaMonkey_is1" = MediaMonkey 3.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.5.13)" = Mozilla Firefox (3.5.13)
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24)
"Novatel_V20051Installer" = Novatel driver package V2.00.51
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OptionHsxpa72_PCCardInstaller" = Option Globetrotter HSXPA 7.2 PC-Cards
"OptionPCCardInstaller_tmcc" = Option PC Cards driver package
"OptionPluss_PCCardInstaller" = Option GT HSDPA driver suit
"Protect Disc License Helper" = Protect Disc License Helper 1.0.118
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Sierra Wireless AirCards" = Sierra Wireless AirCards
"Sweet Home 3D_is1" = Sweet Home 3D version 2.4
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"T-Mobile Internet Manager" = T-Mobile Internet Manager
"TomTom HOME" = TomTom HOME 2.7.0.1785
"VLC media player" = VLC media player 1.0.0-rc3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f018cf21c0452c64" = AVM FRITZ!Box USB-Fernanschluss
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 01.01.2011 16:43:53 | Computer Name = ****-PC | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Users\****\Downloads\1257762534-1257770034-8177b5-B-f10d543540072eb0103609cd967afb83.exe".
Fehler in Manifest- oder Richtliniendatei "C:\Users\****\Downloads\1257762534-1257770034-8177b5-B-f10d543540072eb0103609cd967afb83.exe"
in Zeile 0. Ungültige XML-Syntax.
Error - 02.01.2011 07:08:51 | Computer Name = ****-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 02.01.2011 07:08:51 | Computer Name = ****-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 02.01.2011 07:09:37 | Computer Name = ****-PC | Source = WinMgmt | ID = 10
Description =
Error - 02.01.2011 13:47:30 | Computer Name = ****-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 02.01.2011 13:47:30 | Computer Name = ****-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 02.01.2011 13:48:38 | Computer Name = ****-PC | Source = WinMgmt | ID = 10
Description =
Error - 03.01.2011 06:11:49 | Computer Name = ****-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 03.01.2011 06:11:49 | Computer Name = ****-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 03.01.2011 06:12:57 | Computer Name = ****-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 25.02.2011 03:21:12 | Computer Name = ****-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 24.02.2011 um 20:55:35 unerwartet heruntergefahren.
Error - 25.02.2011 03:22:00 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 25.02.2011 03:22:00 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 25.02.2011 03:22:00 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 25.02.2011 03:22:19 | Computer Name = ****-PC | Source = DCOM | ID = 10016
Description =
Error - 25.02.2011 07:01:21 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 25.02.2011 07:06:23 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 25.02.2011 07:06:23 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 25.02.2011 07:06:23 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 25.02.2011 07:06:44 | Computer Name = ****-PC | Source = DCOM | ID = 10016
Description =
< End of report >
Geändert von 79alex23 (25.02.2011 um 12:52 Uhr) |
|
25.02.2011, 12:53
| #5 |
| | Wie Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter... OTL Logfile: Code:
ATTFilter OTL logfile created on: 25.02.2011 12:49:10 - Run 4 OTL by OldTimer - Version 3.2.21.0 Folder = C:\Users\****\Desktop\MFTools Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19019) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 142,16 Gb Total Space | 74,15 Gb Free Space | 52,16% Space Free | Partition Type: NTFS Drive D: | 142,18 Gb Total Space | 95,16 Gb Free Space | 66,93% Space Free | Partition Type: NTFS Computer Name: ****-PC | User Name: **** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.02.25 12:07:05 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\****\AppData\Local\Temp\RtkBtMnt.exe PRC - [2011.02.25 11:59:06 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Users\****\Desktop\MFTools\OTL.exe PRC - [2011.02.02 13:15:26 | 001,085,952 | ---- | M] (W3i, LLC) -- C:\Programme\W3i\InstallIQUpdater\InstallIQUpdater.exe PRC - [2011.01.05 11:59:50 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010.12.21 11:16:27 | 000,535,152 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2011\taxaktuell.exe PRC - [2010.12.20 18:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbam.exe PRC - [2010.12.12 20:41:44 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\plugin-container.exe PRC - [2010.12.12 20:41:43 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2010.12.11 12:15:28 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2010.11.18 13:57:12 | 003,753,168 | ---- | M] (4Team Corporation) -- C:\Programme\4Team Corporation\Sync2\Sync2.exe PRC - [2010.11.06 08:56:32 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.11.06 08:56:32 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2010.10.16 07:20:46 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Programme\Google\Update\1.2.183.39\GoogleCrashHandler.exe PRC - [2010.08.12 21:51:10 | 001,422,168 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office14\WINWORD.EXE PRC - [2010.07.16 17:23:30 | 006,638,080 | ---- | M] () -- C:\Programme\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe PRC - [2010.06.17 20:56:44 | 000,370,176 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe PRC - [2010.06.09 15:15:34 | 000,417,906 | ---- | M] () -- C:\Programme\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe PRC - [2010.04.07 08:01:28 | 001,053,848 | ---- | M] () -- C:\Windows\System32\ieconfig_1und1_svc.exe PRC - [2010.03.16 02:58:36 | 000,718,208 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office14\MSOSYNC.EXE PRC - [2010.03.11 09:02:02 | 000,208,528 | ---- | M] (Geek Software GmbH) -- C:\Programme\pdf24\pdf24.exe PRC - [2010.01.18 10:27:10 | 000,139,944 | ---- | M] () -- C:\Programme\Lexmark Pro800-Pro900 Series\ezprint.exe PRC - [2010.01.18 10:26:56 | 000,770,728 | ---- | M] () -- C:\Programme\Lexmark Pro800-Pro900 Series\lxecmon.exe PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE PRC - [2010.01.07 14:36:50 | 000,598,696 | ---- | M] ( ) -- C:\Windows\System32\lxeccoms.exe PRC - [2009.12.16 19:39:36 | 000,249,856 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Programme\Huawei Modems\DataCardMonitor.exe PRC - [2009.08.07 15:31:40 | 000,247,144 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe PRC - [2009.08.07 15:31:40 | 000,092,008 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe PRC - [2009.07.20 11:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPoint\SetPoint.exe PRC - [2009.07.10 11:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Programme\Common Files\Logishrd\KHAL2\KHALMNPR.exe PRC - [2009.07.03 11:40:32 | 000,009,216 | ---- | M] (Vodafone) -- C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe PRC - [2009.06.23 16:43:40 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\****\AppData\Roaming\T-Mobile Internet Manager\ouc.exe PRC - [2009.05.05 16:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.01.08 14:10:00 | 000,187,456 | ---- | M] (DATA BECKER GmbH & Co KG) -- C:\Programme\Common Files\DATA BECKER Shared\DBService.exe PRC - [2008.12.17 07:37:06 | 000,858,632 | ---- | M] (Dritek System Inc.) -- C:\Programme\Launch Manager\LManager.exe PRC - [2008.11.28 10:56:06 | 000,024,576 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe PRC - [2008.11.28 10:08:46 | 000,417,792 | ---- | M] (Acer Inc.) -- C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe PRC - [2008.10.04 04:09:02 | 000,069,632 | ---- | M] () -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe PRC - [2008.09.19 04:00:10 | 006,294,048 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008.08.01 17:00:16 | 007,540,736 | ---- | M] (Alcor Micro Corp.) -- C:\Programme\UVC Video Camera\EffectDir\UVCTray.exe PRC - [2008.08.01 14:50:14 | 000,245,760 | ---- | M] (Alcor Micro Corp.) -- C:\Programme\UVC Video Camera\UVCSti.exe PRC - [2008.07.29 17:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe PRC - [2008.04.25 21:36:20 | 000,045,056 | ---- | M] (NewTech InfoSystems, Inc.) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe PRC - [2008.04.25 21:36:20 | 000,028,672 | ---- | M] () -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe PRC - [2008.04.25 21:36:02 | 000,131,072 | ---- | M] () -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe PRC - [2008.03.31 18:58:06 | 000,009,728 | ---- | M] () -- C:\Programme\UVC Video Camera\RunEffect.exe PRC - [2008.03.03 13:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe PRC - [2008.01.21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2008.01.21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe PRC - [2007.12.07 16:08:26 | 000,778,240 | ---- | M] (AVM Berlin) -- C:\Programme\1&1\Stcenter.exe PRC - [2007.12.06 16:15:28 | 000,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe PRC - [2007.10.25 17:49:44 | 000,457,248 | ---- | M] (Birdstep Technology) -- C:\Programme\T-Mobile\web'n'walk Manager\AutoUpdateSrv.exe PRC - [2007.10.25 16:09:18 | 000,087,344 | ---- | M] (AVM Berlin) -- C:\Programme\1&1\IGDCTRL.EXE PRC - [2007.05.31 09:21:28 | 000,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdcBase.exe PRC - [2007.02.09 14:48:26 | 000,176,128 | ---- | M] (OptionNV) -- C:\Programme\Common Files\GtFlashSwitch\GtFlashSwitch.exe PRC - [2003.06.19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\VS7DEBUG\MDM.EXE ========== Modules (SafeList) ========== MOD - [2011.02.25 11:59:06 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Users\****\Desktop\MFTools\OTL.exe MOD - [2010.08.31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll MOD - [2009.04.11 07:21:38 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\GdiPlus.dll ========== Win32 Services (SafeList) ========== SRV - [2011.01.20 14:44:03 | 000,797,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2011.01.05 11:59:50 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010.12.11 12:15:28 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010.11.06 08:56:32 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010.07.16 17:23:30 | 006,638,080 | ---- | M] () [Auto | Running] -- C:\Programme\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe -- (AllShare) SRV - [2010.04.07 08:01:28 | 001,053,848 | ---- | M] () [Auto | Running] -- C:\Windows\System32\ieconfig_1und1_svc.exe -- (serviceIEConfig) SRV - [2010.03.25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2010.03.18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.01.07 14:36:50 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxeccoms.exe -- (lxec_device) SRV - [2010.01.07 14:36:45 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxecserv.exe -- (lxecCATSCustConnectService) SRV - [2009.08.07 15:31:40 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2009.07.20 11:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2009.07.03 11:40:32 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService) SRV - [2009.05.28 13:57:22 | 000,245,760 | ---- | M] (SMServer) [On_Demand | Stopped] -- C:\Windows\System32\snmvtsvc.exe -- (SMServer) SRV - [2009.01.08 14:10:00 | 000,187,456 | ---- | M] (DATA BECKER GmbH & Co KG) [Auto | Running] -- C:\Programme\Common Files\DATA BECKER Shared\DBService.exe -- (DBService) SRV - [2008.11.28 10:56:06 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe -- (ETService) SRV - [2008.10.04 04:09:02 | 000,069,632 | ---- | M] () [Auto | Running] -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService) SRV - [2008.07.29 17:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service) SRV - [2008.04.25 21:36:20 | 000,045,056 | ---- | M] (NewTech InfoSystems, Inc.) [Auto | Running] -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc) SRV - [2008.04.25 21:36:02 | 000,131,072 | ---- | M] () [Auto | Running] -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc) SRV - [2008.03.31 18:58:06 | 000,009,728 | ---- | M] () [Auto | Running] -- C:\Programme\UVC Video Camera\RunEffect.exe -- (RunEffect serivce) SRV - [2008.03.03 13:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe -- (BUNAgentSvc) SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007.12.06 16:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService) SRV - [2007.10.25 16:09:18 | 000,087,344 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files\1&1\IGDCTRL.EXE -- (IGDCTRL) SRV - [2007.05.31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007.05.31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2007.02.09 14:48:26 | 000,176,128 | ---- | M] (OptionNV) [Auto | Running] -- C:\Program Files\Common Files\GtFlashSwitch\GtFlashSwitch.exe -- (GtFlashSwitch) ========== Driver Services (SafeList) ========== DRV - [2010.12.26 13:09:49 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2010.11.24 14:33:04 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010.11.07 12:20:54 | 000,101,248 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avmaudio.sys -- (avmaudio) DRV - [2010.04.30 17:48:53 | 000,101,248 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avmaura.sys -- (avmaura) DRV - [2009.06.17 17:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2009.06.17 17:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2009.06.17 17:55:58 | 000,010,384 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidEqd.sys -- (LHidEqd) DRV - [2009.06.17 17:55:50 | 000,040,720 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LEqdUsb.sys -- (LEqdUsb) DRV - [2009.06.05 10:42:28 | 000,017,408 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl) DRV - [2009.05.28 11:59:46 | 000,023,096 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MusCAudio.sys -- (MusCAudio) DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.02.13 11:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2009.01.19 19:31:56 | 000,277,544 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11) DRV - [2009.01.10 15:11:30 | 000,300,544 | ---- | M] (CamVendor) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cam3820a.sys -- (Cam3820) DRV - [2008.12.13 11:27:50 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2008.11.22 07:07:00 | 007,451,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008.10.09 13:50:04 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM) DRV - [2008.10.08 10:43:08 | 000,005,632 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidshim.sys -- (hidshim) DRV - [2008.10.08 10:43:06 | 000,022,528 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nuvotonhidgeneric.sys -- (nuvotonhidgeneric) DRV - [2008.10.01 10:04:16 | 000,012,832 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15) DRV - [2008.09.25 14:39:48 | 000,045,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2008.09.19 17:43:50 | 000,061,952 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTSTOR.sys -- (RTSTOR) DRV - [2008.09.19 03:49:28 | 002,169,944 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008.07.29 17:53:12 | 000,060,464 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSDVdisk.sys -- (psdvdisk) DRV - [2008.07.29 17:53:10 | 000,018,992 | ---- | M] (Egis Incorporated) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter) DRV - [2008.07.29 17:53:10 | 000,016,944 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSDNServ.sys -- (PSDNServ) DRV - [2008.06.26 01:39:42 | 000,212,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x) DRV - [2008.05.21 13:36:12 | 003,663,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R) DRV - [2008.04.25 19:08:42 | 000,199,472 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2008.01.31 02:52:06 | 000,014,848 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr) DRV - [2008.01.31 02:51:50 | 000,013,824 | ---- | M] (NewTech Infosystems Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\UBHelper.sys -- (UBHelper) DRV - [2008.01.21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008.01.21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008.01.21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008.01.21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008.01.21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008.01.21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008.01.21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008.01.21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008.01.21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008.01.21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2008.01.21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008.01.21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008.01.21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008.01.21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008.01.21 03:23:23 | 000,030,720 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nscirda.sys -- (NSCIRDA) DRV - [2008.01.21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008.01.21 03:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL) DRV - [2008.01.21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008.01.21 03:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV - [2008.01.21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008.01.21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008.01.21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008.01.21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2007.02.01 16:25:30 | 000,158,720 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NWADIenum.sys -- (NWADI) DRV - [2006.12.22 20:50:24 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV) DRV - [2006.12.22 20:49:04 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL) DRV - [2006.12.22 20:48:54 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf) DRV - [2006.11.29 01:44:52 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) DRV - [2006.11.03 06:29:36 | 000,021,264 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DKbFltr.sys -- (DKbFltr) DRV - [2006.11.02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006.11.02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006.11.02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006.11.02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006.11.02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006.11.02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006.11.02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006.11.02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006.11.02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006.11.02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006.11.02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006.11.02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006.11.02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006.11.02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006.11.02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006.11.02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006.11.02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006.11.02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006.09.28 15:32:14 | 000,009,472 | ---- | M] (June Fabrics Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pnetmdm.sys -- (pnetmdm) DRV - [2002.07.17 15:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0209&m=aspire_8730 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0209&m=aspire_8730 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0209&m=aspire_8730 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.1und1.de/links/home IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.order.1: "Yahoo" FF - prefs.js..browser.search.order.2: "GMX Suche" FF - prefs.js..browser.search.order.3: "amazon.de" FF - prefs.js..browser.search.order.4: "WEB.DE Suche" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.web.de" FF - prefs.js..extensions.enabledItems: {398e77b8-2304-11dc-8314-0800200c9a66}:0.3.13 FF - prefs.js..extensions.enabledItems: noia2_option@kk.noia:3.76 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76 FF - prefs.js..keyword.URL: "hxxp://go.web.de/suchbox/webdesuche?su=" FF - HKLM\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\Vodafone\Vodafone Mobile Connect\Optimization Client\addon\ [2009.12.16 20:51:43 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Components: C:\Program Files\Mozilla Firefox 3.5 Beta 4\components [2010.12.12 13:31:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox 3.5 Beta 4\plugins [2011.02.15 10:38:06 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.12 20:41:45 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.02.15 10:38:06 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.12.12 13:31:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2008.02.22 16:24:06 | 000,095,832 | ---- | M] () [2009.08.19 17:33:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Extensions [2009.08.19 17:33:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2011.02.24 16:47:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\kb5tuk1y.default\extensions [2010.07.05 07:28:57 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\kb5tuk1y.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009.07.23 08:37:23 | 000,000,000 | ---D | M] (Minimap Addon) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\kb5tuk1y.default\extensions\{398e77b8-2304-11dc-8314-0800200c9a66} [2011.02.15 10:46:19 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\kb5tuk1y.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2010.03.22 07:55:17 | 000,000,000 | ---D | M] (Noia 2.0 (eXtreme)) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\kb5tuk1y.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e} [2010.03.22 07:55:21 | 000,000,000 | ---D | M] (Noia 2.0 eXtreme OPT) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\kb5tuk1y.default\extensions\noia2_option@kk.noia [2010.09.25 12:37:39 | 000,000,000 | ---D | M] (Personas) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\kb5tuk1y.default\extensions\personas@christopher.beard [2010.01.22 20:56:11 | 000,005,591 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\kb5tuk1y.default\searchplugins\1und1-suche.xml [2010.01.22 20:56:11 | 000,001,371 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\kb5tuk1y.default\searchplugins\amazonde.xml [2010.01.22 20:56:11 | 000,010,605 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\kb5tuk1y.default\searchplugins\gmx-suche.xml [2010.01.22 20:56:11 | 000,005,588 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\kb5tuk1y.default\searchplugins\webde-suche.xml [2011.02.23 11:18:42 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.11.09 13:01:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.01.12 08:51:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011.02.23 11:18:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2010.11.09 13:01:02 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.01.12 08:51:50 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011.02.23 11:18:42 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2008.02.22 16:24:06 | 000,095,832 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\NPPDLicenseHelper.dll [2010.10.22 14:01:54 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.10.22 14:01:54 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.10.22 14:01:54 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.10.22 14:01:54 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.10.22 14:01:54 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.11.30 20:22:40 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll () O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Programme\Lexmark Printable Web\bho.dll () O2 - BHO: (1&&1 Internet AG Browser Configuration by mquadr.at) - {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} - C:\Windows\System32\ieconfig_1und1.dll (mquadr.at software engineering und consulting GmbH) O2 - BHO: (no name) - {D6E0063B-7B09-45C9-A51D-1FB51840EBE0} - No CLSID value found. O3 - HKLM\..\Toolbar: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll () O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll () O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll () O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [BkupTray] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe () O4 - HKLM..\Run: [DataCardMonitor] C:\Programme\Huawei Modems\DataCardMonitor.exe (Huawei Technologies Co., Ltd.) O4 - HKLM..\Run: [ePower_DMC] C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.) O4 - HKLM..\Run: [eRecoveryService] File not found O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark Pro800-Pro900 Series\ezprint.exe () O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de) O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [Lexmark Pro800-Pro900 Series Fax Server] C:\Program Files\Lexmark Pro800-Pro900 Series\fm3032.exe () O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [lxecmon.exe] C:\Program Files\Lexmark Pro800-Pro900 Series\lxecmon.exe () O4 - HKLM..\Run: [ Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone) O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [PDFPrint] C:\Programme\pdf24\pdf24.exe (Geek Software GmbH) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [RunUVC] C:\Program Files\UVC Video Camera\RUNUVC.exe () O4 - HKLM..\Run: [UVCSti] C:\Program Files\UVC Video Camera\UVCSti.exe (Alcor Micro Corp.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation) O4 - HKCU..\Run: [] File not found O4 - HKCU..\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] C:\Program Files\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.) O4 - HKCU..\Run: [InstallIQUpdater] C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe (W3i, LLC) O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation) O4 - HKCU..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation) O4 - HKCU..\Run: [Sync2] C:\Program Files\4Team Corporation\Sync2\Sync2.exe (4Team Corporation) O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O4 - Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TwonkyManager.lnk = File not found O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Programme\AllMusicConverter\YouTubeRipper.dll () O9 - Extra 'Tools' menuitem : Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Programme\AllMusicConverter\YouTubeRipper.dll () O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\****\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\****\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.02.25 12:00:14 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.02.25 12:00:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.02.25 12:00:10 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.02.25 11:59:01 | 000,000,000 | ---D | C] -- C:\Users\****\Desktop\MFTools [2011.02.24 17:24:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell [2011.02.24 17:23:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll [2011.02.24 17:23:14 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe [2011.02.24 17:23:13 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe [2011.02.24 17:23:13 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe [2011.02.24 17:23:12 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll [2011.02.24 17:23:12 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll [2011.02.24 17:23:09 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll [2011.02.24 17:23:09 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe [2011.02.24 17:23:09 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll [2011.02.24 17:23:09 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll [2011.02.24 17:23:09 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll [2011.02.24 17:23:04 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll [2011.02.24 17:23:04 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe [2011.02.24 17:23:04 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll [2011.02.24 17:23:04 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll [2011.02.24 17:23:04 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll [2011.02.23 11:18:57 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java [2011.02.23 11:18:38 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011.02.23 11:18:38 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011.02.23 11:18:38 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011.02.17 11:04:29 | 000,000,000 | ---D | C] -- C:\Users\****\Documents\gegl-0.0 [2011.02.17 11:04:29 | 000,000,000 | ---D | C] -- C:\Users\****\.gimp-2.6 [2011.02.17 11:04:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP [2011.02.17 11:03:51 | 000,000,000 | ---D | C] -- C:\Programme\GIMP-2.0 [2011.02.15 11:55:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance [2011.02.15 11:55:16 | 000,000,000 | ---D | C] -- C:\ProgramData\ScanSoft [2011.02.15 11:55:14 | 000,000,000 | ---D | C] -- C:\Programme\Nuance [2011.02.15 11:54:51 | 000,000,000 | ---D | C] -- C:\Programme\W3i [2011.02.15 11:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\W3i [2011.02.15 11:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater [2011.02.15 10:48:55 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Nuance [2011.02.15 10:47:09 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Zeon [2011.02.15 10:47:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Nuance [2011.02.15 10:46:33 | 000,000,000 | ---D | C] -- C:\Programme\Free Offers from Freeze.com [2011.02.12 19:31:46 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Avira [2011.02.11 08:38:32 | 002,039,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011.02.11 08:38:28 | 003,602,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2011.02.11 08:38:27 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2011.02.11 08:38:19 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2011.02.11 08:38:19 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2011.02.11 08:38:19 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll [2011.02.11 08:38:19 | 000,797,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll [2011.02.11 08:38:18 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll [2011.02.11 08:38:18 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2011.02.11 08:38:18 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2011.02.11 08:38:18 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll [2011.02.11 08:38:18 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll [2011.02.11 08:38:18 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2011.02.11 08:38:18 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll [2011.02.11 08:38:18 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll [2011.02.11 08:38:17 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll [2011.02.11 08:38:17 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll [2011.02.11 08:38:17 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll [2011.02.11 08:38:17 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe [2011.02.11 08:38:17 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll [2011.02.11 08:38:17 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll [2011.02.11 08:38:17 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2011.02.11 08:38:17 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll [2011.02.11 08:38:17 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2011.02.11 08:38:16 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll [2011.02.11 08:38:13 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll [2011.02.11 08:38:13 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2011.02.11 08:38:12 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll [2011.02.11 08:38:04 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011.02.11 08:38:04 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011.02.11 08:38:03 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.02.11 08:38:03 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2011.02.11 08:38:03 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011.02.11 08:38:03 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011.02.11 08:38:03 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011.02.11 08:38:03 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011.02.11 08:38:03 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.02.11 08:38:03 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011.02.11 08:38:03 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011.02.11 08:38:03 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011.02.11 08:38:03 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011.02.11 08:38:03 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011.02.11 08:38:03 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011.02.11 08:38:03 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.02.11 08:38:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011.02.11 08:37:57 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2011.02.11 08:37:57 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2011.02.06 20:43:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.02.06 20:42:12 | 000,000,000 | ---D | C] -- C:\Programme\iPod [2011.02.06 20:42:11 | 000,000,000 | ---D | C] -- C:\Programme\iTunes [2010.03.29 20:40:03 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\lxeccoin.dll [2010.03.29 20:37:06 | 001,048,576 | ---- | C] ( ) -- C:\Windows\System32\lxecserv.dll [2010.03.29 20:37:06 | 000,847,872 | ---- | C] ( ) -- C:\Windows\System32\lxecusb1.dll [2010.03.29 20:37:06 | 000,802,816 | ---- | C] ( ) -- C:\Windows\System32\lxeccomc.dll [2010.03.29 20:37:06 | 000,688,128 | ---- | C] ( ) -- C:\Windows\System32\lxechbn3.dll [2010.03.29 20:37:06 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxecpmui.dll [2010.03.29 20:37:06 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxeclmpm.dll [2010.03.29 20:37:06 | 000,372,736 | ---- | C] ( ) -- C:\Windows\System32\lxeccomm.dll [2010.03.29 20:37:06 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxecinpa.dll [2010.03.29 20:37:06 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\LXEChcp.dll [2010.03.29 20:37:06 | 000,344,064 | ---- | C] ( ) -- C:\Windows\System32\lxeciesc.dll [2009.02.20 22:49:15 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll [7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.02.25 12:43:49 | 000,002,617 | ---- | M] () -- C:\Users\****\Desktop\Microsoft Word 2010.lnk [2011.02.25 12:26:02 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.02.25 12:12:26 | 000,626,790 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.02.25 12:12:26 | 000,594,224 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.02.25 12:12:26 | 000,126,388 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.02.25 12:12:26 | 000,104,038 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.02.25 12:06:32 | 000,031,776 | ---- | M] () -- C:\ProgramData\nvModes.001 [2011.02.25 12:06:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml [2011.02.25 12:06:04 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.02.25 12:05:42 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.02.25 12:05:42 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.02.25 12:05:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.02.25 12:05:31 | 3215,851,520 | -HS- | M] () -- C:\hiberfil.sys [2011.02.25 12:03:36 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011.02.25 12:00:14 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.02.25 11:59:15 | 000,296,448 | ---- | M] () -- C:\Users\****\Desktop\g2m3e4r.exe [2011.02.25 11:59:14 | 000,050,477 | ---- | M] () -- C:\Users\****\Desktop\defogger.exe [2011.02.25 11:58:18 | 000,472,080 | ---- | M] () -- C:\Users\****\Desktop\Load.exe [2011.02.25 11:49:05 | 000,002,721 | ---- | M] () -- C:\Users\****\Desktop\Microsoft Outlook 2010.lnk [2011.02.18 21:51:13 | 000,112,640 | ---- | M] () -- C:\Users\****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.02.18 18:29:40 | 000,023,602 | ---- | M] () -- C:\Users\****\Desktop\Zinsvergleich nk.xlsx [2011.02.17 21:08:42 | 000,033,261 | ---- | M] () -- C:\Users\****\Desktop\Spk. NK Anfrage.pdf [2011.02.17 11:04:26 | 000,000,904 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk [2011.02.15 11:55:18 | 000,000,946 | ---- | M] () -- C:\Users\Public\Desktop\Nuance PDF Reader.lnk [2011.02.11 21:07:49 | 000,380,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.02.08 08:31:42 | 000,000,125 | -HS- | M] () -- C:\ProgramData\.zreglib [2011.02.06 20:43:02 | 000,001,668 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.02.02 21:40:39 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011.02.02 21:40:38 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011.02.02 21:40:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011.02.02 21:40:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2011.02.02 19:48:22 | 000,088,123 | ---- | M] () -- C:\Users\****\Desktop\LinkClick.pdf [2011.02.02 17:42:52 | 000,002,619 | ---- | M] () -- C:\Users\****\Desktop\Microsoft Excel 2010.lnk [2011.02.01 17:49:01 | 000,929,808 | ---- | M] () -- C:\Users\****\Documents\bauherrenhaftpflicht.docx [7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.02.25 12:00:14 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.02.25 11:59:15 | 000,296,448 | ---- | C] () -- C:\Users\****\Desktop\g2m3e4r.exe [2011.02.25 11:59:14 | 000,050,477 | ---- | C] () -- C:\Users\****\Desktop\defogger.exe [2011.02.25 11:58:18 | 000,472,080 | ---- | C] () -- C:\Users\****\Desktop\Load.exe [2011.02.24 17:23:05 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs [2011.02.24 17:23:05 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml [2011.02.24 17:23:05 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl [2011.02.17 21:09:04 | 000,033,261 | ---- | C] () -- C:\Users\****\Desktop\Spk. NK Anfrage.pdf [2011.02.17 11:04:26 | 000,000,904 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk [2011.02.15 11:55:18 | 000,000,946 | ---- | C] () -- C:\Users\Public\Desktop\Nuance PDF Reader.lnk [2011.02.09 18:53:07 | 000,023,602 | ---- | C] () -- C:\Users\****\Desktop\Zinsvergleich nk.xlsx [2011.02.06 20:43:02 | 000,001,668 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.02.02 19:48:22 | 000,088,123 | ---- | C] () -- C:\Users\****\Desktop\LinkClick.pdf [2011.02.01 17:49:01 | 000,929,808 | ---- | C] () -- C:\Users\****\Documents\bauherrenhaftpflicht.docx [2011.01.03 13:08:14 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib [2011.01.01 21:05:27 | 000,000,011 | ---- | C] () -- C:\ProgramData\.tv6 [2010.12.24 13:48:21 | 000,001,164 | ---- | C] () -- C:\Users\****\AppData\Local\crc32list11.txt [2010.10.24 08:20:15 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll [2010.04.19 16:20:54 | 000,303,104 | ---- | C] () -- C:\Windows\System32\Lib4Dups.dll [2010.03.29 20:57:07 | 000,000,504 | ---- | C] () -- C:\ProgramData\FastPics.log [2010.03.29 20:56:03 | 000,045,390 | ---- | C] () -- C:\ProgramData\lxecJSW.log [2010.03.29 20:40:06 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxecvs.dll [2010.03.29 20:40:01 | 000,294,912 | ---- | C] () -- C:\Windows\System32\lxeccui.dll [2010.03.29 20:40:01 | 000,110,592 | ---- | C] () -- C:\Windows\System32\lxeccuir.dll [2010.03.29 20:40:01 | 000,086,016 | ---- | C] () -- C:\Windows\System32\lxecgcfg.dll [2010.03.29 20:39:59 | 000,085,533 | ---- | C] () -- C:\ProgramData\lxecscan.log [2010.03.29 20:38:27 | 000,049,152 | ---- | C] () -- C:\Windows\System32\LXECPMON.DLL [2010.03.29 20:38:27 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXECFXPU.DLL [2010.03.29 20:38:07 | 004,485,120 | ---- | C] () -- C:\Windows\System32\LXECoem.dll [2010.03.29 20:37:19 | 000,000,044 | -H-- | C] () -- C:\Windows\System32\lxecrwrd.ini [2010.03.29 20:37:07 | 000,327,680 | ---- | C] () -- C:\Windows\System32\LXECinst.dll [2010.03.29 20:37:06 | 000,323,584 | ---- | C] () -- C:\Windows\System32\lxecins.dll [2010.03.29 20:37:06 | 000,262,144 | ---- | C] () -- C:\Windows\System32\lxecinsb.dll [2010.03.29 20:37:06 | 000,253,952 | ---- | C] () -- C:\Windows\System32\lxeccu.dll [2010.03.29 20:37:06 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxecgrd.dll [2010.03.29 20:37:06 | 000,114,688 | ---- | C] () -- C:\Windows\System32\lxecinsr.dll [2010.03.29 20:37:06 | 000,090,112 | ---- | C] () -- C:\Windows\System32\lxeccub.dll [2010.03.29 20:37:06 | 000,057,344 | ---- | C] () -- C:\Windows\System32\lxecjswr.dll [2010.03.29 20:37:06 | 000,036,864 | ---- | C] () -- C:\Windows\System32\lxeccur.dll [2010.03.29 20:32:40 | 000,000,000 | ---- | C] () -- C:\ProgramData\LxWbGwLog.log [2010.03.29 20:32:40 | 000,000,000 | ---- | C] () -- C:\ProgramData\cmn_upld.log [2010.03.29 20:32:33 | 000,000,000 | ---- | C] () -- C:\ProgramData\UpdaterLog.txt [2010.03.29 20:32:15 | 000,024,064 | ---- | C] () -- C:\Windows\System32\LXECsmr.dll [2010.03.29 20:32:14 | 000,299,008 | ---- | C] () -- C:\Windows\System32\LXECsm.dll [2010.01.22 18:50:35 | 000,000,645 | ---- | C] () -- C:\Windows\wiso.ini [2009.10.20 20:11:31 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.07.01 20:27:58 | 000,000,569 | ---- | C] () -- C:\Users\****\AppData\Roaming\mdbu.bin [2009.07.01 20:16:51 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [2009.07.01 20:16:41 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini [2009.06.16 13:25:04 | 000,121,512 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4 [2009.05.31 14:06:04 | 000,001,475 | ---- | C] () -- C:\Users\****\AppData\Local\RecConfig.xml [2009.05.31 13:55:04 | 000,000,170 | ---- | C] () -- C:\Windows\wininit.ini [2009.05.30 18:08:42 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009.05.30 18:02:19 | 000,000,000 | ---- | C] () -- C:\Windows\OpPrintServer.INI [2009.05.30 17:59:44 | 000,007,680 | ---- | C] () -- C:\Windows\System32\CNMVS64.DLL [2009.05.28 16:51:20 | 000,112,640 | ---- | C] () -- C:\Users\****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.05.27 05:50:45 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2009.05.26 15:24:33 | 000,031,776 | ---- | C] () -- C:\ProgramData\nvModes.001 [2009.05.26 15:24:31 | 000,031,776 | ---- | C] () -- C:\ProgramData\nvModes.dat [2009.04.09 16:47:04 | 000,013,824 | ---- | C] () -- C:\Windows\System32\CallSimReader.dll [2009.04.09 16:46:04 | 000,055,808 | ---- | C] () -- C:\Windows\System32\SimReader.dll [2009.02.20 14:14:09 | 000,000,033 | ---- | C] () -- C:\Windows\LaunApp.ini [2009.02.20 14:10:52 | 000,006,073 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe2.log [2009.02.20 13:59:58 | 000,000,057 | ---- | C] () -- C:\Windows\PidList.ini [2009.02.20 13:58:56 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini [2009.01.22 19:28:59 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll [2009.01.22 19:13:54 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll [2009.01.22 19:13:54 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll [2008.11.11 04:27:31 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2008.11.11 04:27:24 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll [2008.11.11 04:27:24 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll [2008.11.11 04:26:52 | 000,000,041 | ---- | C] () -- C:\Windows\Prelaunch.ini [2007.10.22 07:53:12 | 000,466,944 | ---- | C] () -- C:\Windows\System32\RemoveDevice.dll [2007.10.22 07:53:12 | 000,466,944 | ---- | C] () -- C:\Windows\RemoveDevice.dll [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll ========== LOP Check ========== [2009.05.27 06:27:21 | 000,000,000 | -HSD | M] -- C:\Users\****\AppData\Roaming\.# [2011.01.25 12:13:55 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\4Team [2009.01.22 18:59:31 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Acer GameZone Console [2009.12.16 19:53:13 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Birdstep Technology [2009.11.22 14:09:34 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Buhl Data Service [2009.12.16 20:52:19 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Bytemobile [2009.05.31 13:50:03 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\eSobi [2010.06.01 18:33:32 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\FRITZ! [2011.01.07 20:04:20 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\HandBrake [2010.09.24 17:02:09 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Leadertech [2010.07.22 19:45:51 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\LiveCAD3 [2009.07.01 20:18:36 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\MAGIX [2011.02.15 10:48:55 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Nuance [2009.05.28 20:06:45 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\PowerCinema [2010.03.30 17:17:34 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Pro800-Pro900 Series [2010.07.28 19:59:18 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\ProtectDisc [2009.05.26 15:44:47 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\SoftDMA [2009.11.12 18:22:30 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Sprite Software [2009.12.16 20:18:44 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\T-Mobile [2010.09.11 12:32:13 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\T-Mobile Internet Manager [2011.01.25 12:08:04 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\TeamViewer [2009.05.30 21:02:19 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Thunderbird [2009.08.20 19:17:31 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\TomTom [2011.01.01 21:50:01 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\TwonkyMedia [2009.12.16 20:57:41 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Vodafone [2009.12.16 21:07:20 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Vodafone Mobile Connect [2011.02.15 10:47:09 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Zeon [2011.02.25 12:03:36 | 000,032,628 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:A9662AE0 @Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:D74B6CF5 @Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:753F86A9 < End of report > |
|
25.02.2011, 13:49
| #6 |
| | Wo Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter... Lösung! In letzter Zeit ist mir aufgefallen, dass ich ab und an das Geräusch am PC höre, als ob ich ein USB Gerät anschließe/entferne ("Dadang") obwohl ich nichts anschließe/entferne!!! |
|
27.02.2011, 19:24
| #7 |
| | Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter... Hat niemand eine Idee, oder ist nichts Auffälliges in den files? |
|
| Themen zu Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter... |
| absoluter, adware.doubled, ausmachen, bereits, erklären, explorer, folge, folgendes, herunterfahren, laien, langsam, lüfter, morgens, pc herunterfahren, programme, reagieren, seitdem, tagen, vista, windows, windows vista, woran |
Linear-Darstellung
