|
Ädliche Malware, Backdoor und Trojaner Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:03:54, on 01.07.2010 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18470) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Windows\PLFSetI.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Apoint2K\HidFind.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Users\MAXSTO~1\AppData\Local\Temp\RtkBtMnt.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\ehome\ehtray.exe C:\Users\Ma\AppData\Local\Temp\dispdrv.exe C:\Program Files\ICQ7.0\ICQ.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe C:\Windows\system32\wbem\unsecapp.exe C:\Users\Mer\Documents\ICQ\562181267\ReceivedFiles\594409524 Frank Wendel\HiJackThis204.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1009&m=aspire_7735 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1351351 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1009&m=aspire_7735 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1009&m=aspire_7735 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = hxxp://de.search.yahoo.com/search?fr=mcafee&p=%s R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll R3 - URLSearchHook: (no name) - - (no file) R3 - URLSearchHook: Softonic VLC DE Toolbar - {64577f6f-8a9d-413a-b4c8-d080d6aeaf88} - C:\Program Files\Softonic_VLC_DE\tbSoft.dll R3 - URLSearchHook: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll R3 - URLSearchHook: Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Softonic VLC DE Toolbar - {64577f6f-8a9d-413a-b4c8-d080d6aeaf88} - C:\Program Files\Softonic_VLC_DE\tbSoft.dll O2 - BHO: Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: kikin Plugin - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files\kikin\ie_kikin.dll O2 - BHO: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll O3 - Toolbar: Softonic VLC DE Toolbar - {64577f6f-8a9d-413a-b4c8-d080d6aeaf88} - C:\Program Files\Softonic_VLC_DE\tbSoft.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O3 - Toolbar: Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -k O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" O4 - HKLM\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\APCMain.exe -m O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKLM\..\RunOnce: [CleanSetup] cmd /C rmdir /S /Q "C:\Users\Max Stoiber\AppData\Local\Temp\nro.tmp\" O4 - HKCU\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [svchost] C:\Users\Max Stoiber\AppData\Roaming:svchost.exe O4 - HKCU\..\Run: [Display Driver] C:\Users\MAXSTO~1\AppData\Local\Temp\dispdrv.exe O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4 O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Startup: Orion.lnk = C:\Program Files\Convesoft\Orion\Messenger.exe O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: QQ - C:\Program Files\Tencent\QQIntl\Bin\AddEmotion.htm O9 - Extra button: (no name) - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll O9 - Extra 'Tools' menuitem: My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- End of file - 12830 bytes OTL Extras logfile created on: 01.07.2010 15:05:54 - Run 1 OTL by OldTimer - Version 3.2.6.1 Folder = C:\Users\Mr\Documents\ICQ\562181267\ReceivedFiles\594409524 Frank Wendel Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 51,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 455,99 Gb Total Space | 288,53 Gb Free Space | 63,27% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MAXSTOIBER-PC Current User Name: Max Stoiber Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{03AEC8E8-63BA-4818-A652-AABB80F2840B}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe | "{0619C69C-4CA3-4CE1-9ECB-66C86DC03076}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | "{0AB39ED3-05CC-41B6-B1CC-FFF4E0C4AC0E}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe | "{111DF0F0-8196-41D2-86B7-B74D7F0CF43B}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe | "{20681AC6-81C8-47AF-913F-B3323FEECB76}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe | "{565654F8-F40D-4390-93C6-8058E1ACD914}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | "{56D8337B-B3CF-4916-A06B-598597283E64}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe | "{59D7ECC3-1D25-4D86-A5C5-E7571576410B}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | "{69D3D790-EC68-4F70-B9EA-F8F5D1266E26}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe | "{6E3A109D-AC1A-485F-800A-32582D09EFA8}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe | "{7C991EA6-E962-47E9-AC00-044EA29F179A}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe | "{8D514C19-9B7F-4B3D-9039-760270250D49}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | "{8EEC2F4A-7ACF-4B34-BC2F-022CA365AA9F}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | "{972D0B0B-A8CE-4F04-87D8-6D055421AB5A}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe | "{9C48FAC4-4957-4B0C-8FA2-AF5C18D1C0D4}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe | "{9EE3FB8C-45EA-4C7B-8102-7ACE4913BEB2}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe | "{A84E7203-6E90-462F-A71B-31BCAA39DB42}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe | "{AE4AF426-0752-41FE-A533-F7886DE302D8}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | "{B2E0647C-99CA-4179-8883-7BCB77770287}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe | "{BEA626B6-140C-4DC4-AD06-572D004D03BF}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe | "{C43596D4-29FD-49CA-A145-63C6E39030BA}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe | "{D22D7F9F-F7D7-4B97-88FF-FBC53E22E1F6}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe | "{F75D7E87-9A1C-4ABD-A054-78B5E5BC50F0}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{04B45310-A5FE-4425-BFCA-1A6D8920DE74}" = OpenOffice.org 3.0 "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{056B935A-A03D-D0D8-4CE0-B4B337753156}" = CCC Help Chinese Standard "{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51 "{0C362375-1FE0-98C0-2C57-F4D772B8A759}" = Catalyst Control Center Graphics Full New "{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{2C973B8B-1BB3-358B-250C-336C81A1926E}" = CCC Help Polish "{2F2B002A-8BF5-DF1E-6D36-7900B6F868DE}" = ATI Catalyst Install Manager "{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed "{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode "{360872CE-7A87-A4EE-AF69-EF73E5695D40}" = ccc-utility "{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3CCB314A-B67C-82D0-1CC6-6BC4AE6D053E}" = Catalyst Control Center InstallProxy "{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager "{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision "{45416928-B205-9812-2065-5794D5AC7338}" = CCC Help French "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{53E12B77-A8AC-1A15-7690-FAA711AA0B50}" = CCC Help Portuguese "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress "{5A64A288-025C-F952-E4E3-12FA6596922F}" = CCC Help Chinese Traditional "{5D3A59B1-2BBF-66AF-3B5F-FC5BAA42F817}" = CCC Help Italian "{5F19F78E-274D-8E5C-C49E-2ED722ACF70A}" = CCC Help German "{6078A803-C98F-1F95-CEF7-0132621E6072}" = CCC Help Japanese "{6234F3C6-F8EF-39FB-AE15-0B88E88B79F0}" = CCC Help Greek "{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6A0D64D0-CDF4-9C65-A053-6EC86AEB43CC}" = ccc-core-static "{6A905715-6991-3517-5F04-4392FC18DB76}" = Catalyst Control Center Graphics Previews Vista "{6EAA466F-6F35-F3B7-60B9-3D6DCA97EE02}" = Catalyst Control Center Localization All "{71C2828F-2678-4675-BDEC-895424861262}_is1" = C:\Program Files\Acer GameZone\GameConsole "{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic "{742A17A1-8AA4-4DCE-C881-557AC4EB793D}" = CCC Help Spanish "{75212523-6E47-BF0F-20FF-B65E940A5DDD}" = CCC Help English "{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart "{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110184263}" = Puzzle Express "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11037623}" = Tradewinds 2 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111205743}" = Tri-Peaks Solitaire To Go "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111232687}" = Ocean Express "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11170417}" = Luxor 2 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11219217}" = Cradle of Rome "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112270203}" = Dream Day Wedding "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113056167}" = Dream Day Honeymoon "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113297350}" = Cake Mania 2 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113494430}" = Wedding Dash "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}" = Airport Mania First Flight "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115443300}" = Cooking Dash "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11551977}" = Parking Dash "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent "{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7 "{940F9DF4-A790-EAE9-A4B1-B9F96D3C8CC9}" = CCC Help Finnish "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{979FCA90-1FA4-482F-0001-393419DB8F1B}" = MyTube HD 4.0 "{97BA7028-6FE4-58B5-F254-48C12AA3FBBD}" = CCC Help Swedish "{987381F2-AA18-EF9C-9DDA-4D403FD7F3E2}" = CCC Help Turkish "{99C85B2D-DFA4-5704-9A4C-396DDB5C6F1F}" = CCC Help Thai "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9AF0B106-56F1-461B-A270-95BC1682E282}" = Broadcom Gigabit NetLink Controller "{9E6B5AEA-C8EC-916B-FDFA-91F1274CD695}" = Skins "{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap "{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver "{A025CFB8-64E7-4432-824F-11E7C5ED2ECE}_is1" = Artweaver 1.0 "{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor "{A75C2F92-28EC-FE11-3818-81578F3E9596}" = CCC Help Norwegian "{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA9732EB-64DD-DBA5-DFC1-705E64D3FB18}" = CCC Help Russian "{AAE19E03-87A5-6937-F7D7-6806C5FD1D89}" = Catalyst Control Center Graphics Light "{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch "{B15E1629-4B8C-FC02-1118-35034C235F0D}" = CCC Help Korean "{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles "{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center "{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit "{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter "{BE0EC61A-02BF-E3E1-D7A8-3DDB7B58FBDF}" = PX Profile Update "{BF91B300-EEBC-4223-96F3-0FCBF7241B50}" = AmIcoSingLun "{C10DD83A-CB15-DD3A-FE29-89433A68F55D}" = CCC Help Dutch "{c18746ef-6ebc-4b8b-ad14-d39e0d1dc7af}" = Nero 9 Trial "{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM "{D0F3E75D-6BE1-E974-2A8E-A449D3374FDB}" = Catalyst Control Center Graphics Full Existing "{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime "{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration "{E24DBA75-5452-C0A1-4FF3-CB38F8245919}" = CCC Help Czech "{E430067C-7254-40B6-A8F8-5EEF57A68F1A}" = Catalyst Control Center - Branding "{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit "{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}" = kikin plugin (NO23 Edition) 2.0 "{E86CA8CF-F42D-9569-B2ED-5E6A0F591EA5}" = CCC Help Hungarian "{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer "{EDDDC607-91D9-4758-9F57-265FDCD8A772}" = Microsoft Works 7.0 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget "{F557AF38-AB37-84A8-0148-C53B5F870373}" = CCC Help Danish "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool "{FF7027C7-B001-A144-C83B-03618745E975}" = Catalyst Control Center Core Implementation "Acer Screensaver" = Acer ScreenSaver "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Agere Systems Soft Modem" = Agere Systems HDA Modem "Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode) "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "DVDVideoSoft Toolbar" = DVDVideoSoft Toolbar "Google Desktop" = Google Desktop "GridVista" = Acer GridVista "ICQToolbar" = ICQ Toolbar "Icy Tower v1.4_is1" = Icy Tower v1.4 "InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5 "InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe "InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager "InstallShield_{BF91B300-EEBC-4223-96F3-0FCBF7241B50}" = AmIcoSingLun "LManager" = Launch Manager "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6) "MWSnap 3" = MWSnap 3 "Picasa 3" = Picasa 3 "Softonic_Deutsch Toolbar" = Softonic_Deutsch Toolbar "Softonic_VLC_DE Toolbar" = Softonic_VLC_DE Toolbar "Uninstall_is1" = Uninstall 1.0.0.1 "VLC media player" = VLC media player 1.0.5 ========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > OTL Extras logfile created on: 01.07.2010 15:05:54 - Run 1 OTL by OldTimer - Version 3.2.6.1 Folder = C:\Users\Mr\Documents\ICQ\562181267\ReceivedFiles\594409524 Frank Wendel Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 51,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 455,99 Gb Total Space | 288,53 Gb Free Space | 63,27% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MAXSTOIBER-PC Current User Name: Max Stoiber Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{03AEC8E8-63BA-4818-A652-AABB80F2840B}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe | "{0619C69C-4CA3-4CE1-9ECB-66C86DC03076}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | "{0AB39ED3-05CC-41B6-B1CC-FFF4E0C4AC0E}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe | "{111DF0F0-8196-41D2-86B7-B74D7F0CF43B}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe | "{20681AC6-81C8-47AF-913F-B3323FEECB76}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe | "{565654F8-F40D-4390-93C6-8058E1ACD914}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | "{56D8337B-B3CF-4916-A06B-598597283E64}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe | "{59D7ECC3-1D25-4D86-A5C5-E7571576410B}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | "{69D3D790-EC68-4F70-B9EA-F8F5D1266E26}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe | "{6E3A109D-AC1A-485F-800A-32582D09EFA8}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe | "{7C991EA6-E962-47E9-AC00-044EA29F179A}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe | "{8D514C19-9B7F-4B3D-9039-760270250D49}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | "{8EEC2F4A-7ACF-4B34-BC2F-022CA365AA9F}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | "{972D0B0B-A8CE-4F04-87D8-6D055421AB5A}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe | "{9C48FAC4-4957-4B0C-8FA2-AF5C18D1C0D4}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe | "{9EE3FB8C-45EA-4C7B-8102-7ACE4913BEB2}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe | "{A84E7203-6E90-462F-A71B-31BCAA39DB42}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe | "{AE4AF426-0752-41FE-A533-F7886DE302D8}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | "{B2E0647C-99CA-4179-8883-7BCB77770287}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe | "{BEA626B6-140C-4DC4-AD06-572D004D03BF}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe | "{C43596D4-29FD-49CA-A145-63C6E39030BA}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe | "{D22D7F9F-F7D7-4B97-88FF-FBC53E22E1F6}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe | "{F75D7E87-9A1C-4ABD-A054-78B5E5BC50F0}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{04B45310-A5FE-4425-BFCA-1A6D8920DE74}" = OpenOffice.org 3.0 "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{056B935A-A03D-D0D8-4CE0-B4B337753156}" = CCC Help Chinese Standard "{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51 "{0C362375-1FE0-98C0-2C57-F4D772B8A759}" = Catalyst Control Center Graphics Full New "{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{2C973B8B-1BB3-358B-250C-336C81A1926E}" = CCC Help Polish "{2F2B002A-8BF5-DF1E-6D36-7900B6F868DE}" = ATI Catalyst Install Manager "{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed "{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode "{360872CE-7A87-A4EE-AF69-EF73E5695D40}" = ccc-utility "{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3CCB314A-B67C-82D0-1CC6-6BC4AE6D053E}" = Catalyst Control Center InstallProxy "{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager "{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision "{45416928-B205-9812-2065-5794D5AC7338}" = CCC Help French "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{53E12B77-A8AC-1A15-7690-FAA711AA0B50}" = CCC Help Portuguese "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress "{5A64A288-025C-F952-E4E3-12FA6596922F}" = CCC Help Chinese Traditional "{5D3A59B1-2BBF-66AF-3B5F-FC5BAA42F817}" = CCC Help Italian "{5F19F78E-274D-8E5C-C49E-2ED722ACF70A}" = CCC Help German "{6078A803-C98F-1F95-CEF7-0132621E6072}" = CCC Help Japanese "{6234F3C6-F8EF-39FB-AE15-0B88E88B79F0}" = CCC Help Greek "{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6A0D64D0-CDF4-9C65-A053-6EC86AEB43CC}" = ccc-core-static "{6A905715-6991-3517-5F04-4392FC18DB76}" = Catalyst Control Center Graphics Previews Vista "{6EAA466F-6F35-F3B7-60B9-3D6DCA97EE02}" = Catalyst Control Center Localization All "{71C2828F-2678-4675-BDEC-895424861262}_is1" = C:\Program Files\Acer GameZone\GameConsole "{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic "{742A17A1-8AA4-4DCE-C881-557AC4EB793D}" = CCC Help Spanish "{75212523-6E47-BF0F-20FF-B65E940A5DDD}" = CCC Help English "{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart "{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110184263}" = Puzzle Express "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11037623}" = Tradewinds 2 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111205743}" = Tri-Peaks Solitaire To Go "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111232687}" = Ocean Express "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11170417}" = Luxor 2 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11219217}" = Cradle of Rome "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112270203}" = Dream Day Wedding "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113056167}" = Dream Day Honeymoon "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113297350}" = Cake Mania 2 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113494430}" = Wedding Dash "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}" = Airport Mania First Flight "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115443300}" = Cooking Dash "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11551977}" = Parking Dash "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent "{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7 "{940F9DF4-A790-EAE9-A4B1-B9F96D3C8CC9}" = CCC Help Finnish "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{979FCA90-1FA4-482F-0001-393419DB8F1B}" = MyTube HD 4.0 "{97BA7028-6FE4-58B5-F254-48C12AA3FBBD}" = CCC Help Swedish "{987381F2-AA18-EF9C-9DDA-4D403FD7F3E2}" = CCC Help Turkish "{99C85B2D-DFA4-5704-9A4C-396DDB5C6F1F}" = CCC Help Thai "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9AF0B106-56F1-461B-A270-95BC1682E282}" = Broadcom Gigabit NetLink Controller "{9E6B5AEA-C8EC-916B-FDFA-91F1274CD695}" = Skins "{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap "{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver "{A025CFB8-64E7-4432-824F-11E7C5ED2ECE}_is1" = Artweaver 1.0 "{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor "{A75C2F92-28EC-FE11-3818-81578F3E9596}" = CCC Help Norwegian "{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA9732EB-64DD-DBA5-DFC1-705E64D3FB18}" = CCC Help Russian "{AAE19E03-87A5-6937-F7D7-6806C5FD1D89}" = Catalyst Control Center Graphics Light "{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch "{B15E1629-4B8C-FC02-1118-35034C235F0D}" = CCC Help Korean "{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles "{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center "{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit "{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter "{BE0EC61A-02BF-E3E1-D7A8-3DDB7B58FBDF}" = PX Profile Update "{BF91B300-EEBC-4223-96F3-0FCBF7241B50}" = AmIcoSingLun "{C10DD83A-CB15-DD3A-FE29-89433A68F55D}" = CCC Help Dutch "{c18746ef-6ebc-4b8b-ad14-d39e0d1dc7af}" = Nero 9 Trial "{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM "{D0F3E75D-6BE1-E974-2A8E-A449D3374FDB}" = Catalyst Control Center Graphics Full Existing "{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime "{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration "{E24DBA75-5452-C0A1-4FF3-CB38F8245919}" = CCC Help Czech "{E430067C-7254-40B6-A8F8-5EEF57A68F1A}" = Catalyst Control Center - Branding "{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit "{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}" = kikin plugin (NO23 Edition) 2.0 "{E86CA8CF-F42D-9569-B2ED-5E6A0F591EA5}" = CCC Help Hungarian "{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer "{EDDDC607-91D9-4758-9F57-265FDCD8A772}" = Microsoft Works 7.0 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget "{F557AF38-AB37-84A8-0148-C53B5F870373}" = CCC Help Danish "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool "{FF7027C7-B001-A144-C83B-03618745E975}" = Catalyst Control Center Core Implementation "Acer Screensaver" = Acer ScreenSaver "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Agere Systems Soft Modem" = Agere Systems HDA Modem "Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode) "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "DVDVideoSoft Toolbar" = DVDVideoSoft Toolbar "Google Desktop" = Google Desktop "GridVista" = Acer GridVista "ICQToolbar" = ICQ Toolbar "Icy Tower v1.4_is1" = Icy Tower v1.4 "InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5 "InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe "InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager "InstallShield_{BF91B300-EEBC-4223-96F3-0FCBF7241B50}" = AmIcoSingLun "LManager" = Launch Manager "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6) "MWSnap 3" = MWSnap 3 "Picasa 3" = Picasa 3 "Softonic_Deutsch Toolbar" = Softonic_Deutsch Toolbar "Softonic_VLC_DE Toolbar" = Softonic_VLC_DE Toolbar "Uninstall_is1" = Uninstall 1.0.0.1 "VLC media player" = VLC media player 1.0.5 ========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > OTL logfile created on: 01.07.2010 15:53:26 - Run 2 OTL by OldTimer - Version 3.2.6.1 Folder = C:\Users\Max Stoiber\Documents\ICQ\562181267\ReceivedFiles\594409524 Frank Wendel Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 49,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 74,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 455,99 Gb Total Space | 288,52 Gb Free Space | 63,27% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MAXSTOIBER-PC Current User Name: Max Stoiber Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Programme\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Users\ax Str\Documents\ICQ\562181267\ReceivedFiles\594409524 Frank Wendel\OTL.exe (OldTimer Tools) PRC - C:\Users\Mer\Documents\ICQ\562181267\ReceivedFiles\594409524 Frank Wendel\HiJackThis204.exe (Trend Micro Inc.) PRC - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Users\Max Stoiber\AppData\Local\Temp\dispdrv.exe () PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe (Google) PRC - C:\Users\MAXSTO~1\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.) PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerTray.exe (Acer Incorporated) PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated) PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerEvent.exe (Acer Incorporated) PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) PRC - C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) PRC - C:\Programme\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) PRC - C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.) PRC - C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.) PRC - C:\Programme\Apoint2K\Hidfind.exe (Alps Electric Co., Ltd.) PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink) PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) PRC - C:\Programme\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) PRC - C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe () PRC - C:\Programme\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.) PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.) PRC - C:\Windows\PLFSetI.exe () PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\Max Stoiber\Documents\ICQ\562181267\ReceivedFiles\594409524 Frank Wendel\OTL.exe (OldTimer Tools) MOD - C:\Programme\Acer\Acer PowerSmart Manager\SysHook.dll (Acer Incorporated) MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe () SRV - (GoogleDesktopManager-110309-193829) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (ePowerSvc) -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated) SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV - (NTI IScheduleSvc) -- C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.) SRV - (CLHNService) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe () SRV - (NTISchedulerSvc) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.) SRV - (NTIBackupSvc) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.) SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.) DRV - (btwl2cap) -- C:\Windows\System32\drivers\btwl2cap.sys (Broadcom Corporation.) DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.) DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.) DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.) DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (RTSTOR) -- C:\Windows\System32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.) DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation) DRV - (k57nd60x) Broadcom NetLink (TM) -- C:\Windows\System32\drivers\k57nd60x.sys (Broadcom Corporation) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems) DRV - (UBHelper) -- C:\Windows\System32\drivers\UBHelper.sys (NewTech Infosystems Corporation) DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (NSCIRDA) -- C:\Windows\System32\drivers\nscirda.sys (National Semiconductor Corporation) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1009&m=aspire_7735 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1009&m=aspire_7735 IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {64577f6f-8a9d-413a-b4c8-d080d6aeaf88} - C:\Programme\Softonic_VLC_DE\tbSoft.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKLM\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1009&m=aspire_7735 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1351351 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) IE - HKCU\..\URLSearchHook: {64577f6f-8a9d-413a-b4c8-d080d6aeaf88} - C:\Programme\Softonic_VLC_DE\tbSoft.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.defaultthis.engineName: "Softonic Deutsch Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1351351&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.4.4.118 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2 FF - prefs.js..extensions.enabledItems: {AA994882-F391-4d2e-806F-8908DA4814ED}:2.0 FF - prefs.js..extensions.enabledItems: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c}:2.6.0.15 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220 FF - prefs.js..keyword.URL: "hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=DVSV5&o=15012&locale=de_DE&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.06.28 16:55:51 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.06.28 16:55:51 | 000,000,000 | ---D | M] [2009.11.06 14:00:37 | 000,000,000 | ---D | M] -- C:\Users\Maxer\AppData\Roaming\mozilla\Extensions [2010.06.30 21:25:58 | 000,000,000 | ---D | M] -- C:\Users\Maiber\AppData\Roaming\mozilla\Firefox\Profiles\vw9jvir6.default\extensions [2009.11.10 21:57:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Max Stoiber\AppData\Roaming\mozilla\Firefox\Profiles\vw9jvir6.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.06.17 17:29:19 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Max Stoiber\AppData\Roaming\mozilla\Firefox\Profiles\vw9jvir6.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2009.12.17 16:55:28 | 000,000,000 | ---D | M] (Softonic VLC DE Toolbar) -- C:\Users\Max Stoiber\AppData\Roaming\mozilla\Firefox\Profiles\vw9jvir6.default\extensions\{64577f6f-8a9d-413a-b4c8-d080d6aeaf88} [2010.06.13 18:38:56 | 000,000,000 | ---D | M] (Softonic Deutsch Toolbar) -- C:\Users\Max Stoiber\AppData\Roaming\mozilla\Firefox\Profiles\vw9jvir6.default\extensions\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c} [2010.02.19 13:47:22 | 000,000,000 | ---D | M] (kikin plugin (NO23 Edition)) -- C:\Users\Max Stoiber\AppData\Roaming\mozilla\Firefox\Profiles\vw9jvir6.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED} [2010.01.07 23:10:45 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Users\Max Stoiber\AppData\Roaming\mozilla\Firefox\Profiles\vw9jvir6.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} [2010.06.05 21:05:12 | 000,000,000 | ---D | M] -- C:\Users\Max Stoiber\AppData\Roaming\mozilla\Firefox\Profiles\vw9jvir6.default\extensions\toolbar@ask.com [2010.06.30 21:33:38 | 000,002,385 | ---- | M] () -- C:\Users\Max Stoiber\AppData\Roaming\Mozilla\FireFox\Profiles\vw9jvir6.default\searchplugins\askcom.xml [2010.04.21 12:07:14 | 000,000,935 | ---- | M] () -- C:\Users\Max Stoiber\AppData\Roaming\Mozilla\FireFox\Profiles\vw9jvir6.default\searchplugins\conduit.xml [2010.01.08 16:11:25 | 000,000,694 | ---- | M] () -- C:\Users\Max Stoiber\AppData\Roaming\Mozilla\FireFox\Profiles\vw9jvir6.default\searchplugins\icq-search.xml [2010.03.09 22:57:30 | 000,000,961 | ---- | M] () -- C:\Users\Max Stoiber\AppData\Roaming\Mozilla\FireFox\Profiles\vw9jvir6.default\searchplugins\icqplugin-1.xml [2010.03.31 14:50:01 | 000,000,950 | ---- | M] () -- C:\Users\Max Stoiber\AppData\Roaming\Mozilla\FireFox\Profiles\vw9jvir6.default\searchplugins\icqplugin-2.xml [2010.04.02 23:46:02 | 000,000,950 | ---- | M] () -- C:\Users\Max Stoiber\AppData\Roaming\Mozilla\FireFox\Profiles\vw9jvir6.default\searchplugins\icqplugin-3.xml [2010.06.05 21:59:11 | 000,000,950 | ---- | M] () -- C:\Users\Max Stoiber\AppData\Roaming\Mozilla\FireFox\Profiles\vw9jvir6.default\searchplugins\icqplugin-4.xml [2010.06.28 16:56:08 | 000,000,950 | ---- | M] () -- C:\Users\Max Stoiber\AppData\Roaming\Mozilla\FireFox\Profiles\vw9jvir6.default\searchplugins\icqplugin-5.xml [2008.03.31 13:52:00 | 000,000,168 | ---- | M] () -- C:\Users\Max Stoiber\AppData\Roaming\Mozilla\FireFox\Profiles\vw9jvir6.default\searchplugins\icqplugin.gif [2008.03.31 13:52:00 | 000,000,618 | ---- | M] () -- C:\Users\Max Stoiber\AppData\Roaming\Mozilla\FireFox\Profiles\vw9jvir6.default\searchplugins\icqplugin.src [2008.07.10 14:07:28 | 000,000,944 | ---- | M] () -- C:\Users\Max Stoiber\AppData\Roaming\Mozilla\FireFox\Profiles\vw9jvir6.default\searchplugins\icqplugin.xml [2010.06.17 17:27:50 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2010.03.09 22:48:53 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.06.12 23:57:36 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010.06.17 17:27:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.06.17 17:27:26 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.03.31 14:49:40 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.03.31 14:49:40 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.03.31 14:49:40 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.01.15 20:13:43 | 000,002,027 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\McSiteAdvisor.xml [2010.03.31 14:49:40 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.03.31 14:49:40 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Softonic VLC DE Toolbar) - {64577f6f-8a9d-413a-b4c8-d080d6aeaf88} - C:\Programme\Softonic_VLC_DE\tbSoft.dll (Conduit Ltd.) O2 - BHO: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Programme\kikin\ie_kikin.dll (kikin) O2 - BHO: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Softonic VLC DE Toolbar) - {64577f6f-8a9d-413a-b4c8-d080d6aeaf88} - C:\Programme\Softonic_VLC_DE\tbSoft.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Softonic VLC DE Toolbar) - {64577F6F-8A9D-413A-B4C8-D080D6AEAF88} - C:\Programme\Softonic_VLC_DE\tbSoft.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoft Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Programme\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.) O4 - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated) O4 - HKLM..\Run: [AmIcoSinglun] C:\Programme\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.) O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\APCMain.exe File not found O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4 - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [Display Driver] C:\Users\MAXSTO~1\AppData\Local\Temp\dispdrv.exe () O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.) O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe File not found O4 - HKCU..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer) O4 - HKCU..\Run: [svchost] C:\Users\Max Stoiber\AppData\Roaming:svchost.exe File not found O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKLM..\RunOnce: [CleanSetup] File not found O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Users\Max Stoiber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe () O4 - Startup: C:\Users\Max Stoiber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Orion.lnk = C:\Program Files\Convesoft\Orion\Messenger.exe File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.) O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Programme\kikin\ie_kikin.dll (kikin) O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.) O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: localhost ([]http in ) O15 - HKCU\..Trusted Ranges: GD ([http] in ) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Max Stoiber\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Max Stoiber\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.07.01 13:38:36 | 000,000,000 | ---D | C] -- C:\Users\Max Stoiber\AppData\Roaming\Malwarebytes [2010.07.01 13:38:30 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.07.01 13:38:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.07.01 13:38:28 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.07.01 13:38:28 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2010.06.26 11:46:21 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft.NET [2010.06.24 14:05:21 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax [2010.06.24 14:05:20 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2010.06.24 14:05:16 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll [2010.06.24 14:05:15 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll [2010.06.24 14:05:15 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax [2010.06.24 14:04:27 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2010.06.24 14:04:27 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2010.06.24 14:04:27 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2010.06.23 14:18:50 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll [2010.06.23 14:18:50 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll [2010.06.19 21:19:12 | 000,000,000 | ---D | C] -- C:\Programme\MirandaMe [2010.06.19 21:12:53 | 000,000,000 | ---D | C] -- C:\Users\Max Stoiber\AppData\Roaming\Miranda [2010.06.19 21:11:49 | 000,000,000 | ---D | C] -- C:\Programme\Miranda IM [2010.06.17 17:29:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010.06.17 17:29:30 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java [2010.06.17 17:27:48 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2010.06.17 17:27:48 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.06.17 17:27:48 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.06.17 17:27:48 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010.06.17 17:27:16 | 000,000,000 | ---D | C] -- C:\Programme\Java [2010.06.15 21:03:25 | 000,000,000 | ---D | C] -- C:\Users\Max Stoiber\AppData\Roaming\Avira [2010.06.15 21:02:28 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2010.06.15 21:02:27 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2010.06.15 21:02:27 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys [2010.06.15 21:02:27 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys [2010.06.15 21:02:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2010.06.13 18:38:57 | 000,000,000 | ---D | C] -- C:\Programme\Softonic_Deutsch [2010.06.13 18:38:52 | 000,000,000 | ---D | C] -- C:\Users\Max Stoiber\AppData\Roaming\Audacity [2010.06.13 18:34:29 | 000,000,000 | ---D | C] -- C:\Programme\Audacity 1.3 Beta (Unicode) [2010.06.11 14:26:08 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll [2010.06.11 14:26:06 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010.06.11 14:26:06 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010.06.11 14:25:51 | 000,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010.06.11 14:25:51 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010.06.11 14:25:51 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2010.06.11 14:25:50 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010.06.11 14:25:50 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010.06.11 14:25:50 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2010.06.11 14:25:50 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010.06.11 14:25:50 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll [2010.06.11 14:25:50 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010.06.11 14:25:50 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010.06.11 14:25:49 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010.06.11 14:25:37 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2010.06.11 14:25:11 | 002,036,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010.06.09 17:48:03 | 000,000,000 | ---D | C] -- C:\Users\Max Stoiber\Desktop\STICK [2009.10.29 02:53:23 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll ========== Files - Modified Within 30 Days ========== [2010.07.01 15:54:36 | 002,359,296 | -HS- | M] () -- C:\Users\Mar\NTUSER.DAT [2010.07.01 15:36:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.07.01 14:39:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.07.01 14:04:00 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.07.01 14:04:00 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.07.01 13:38:33 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.07.01 12:04:12 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.07.01 12:04:03 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.07.01 12:03:55 | 3215,908,864 | -HS- | M] () -- C:\hiberfil.sys [2010.06.30 21:45:37 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010.06.30 21:45:35 | 000,524,288 | -HS- | M] () -- C:\Users\Maber\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2010.06.30 21:45:35 | 000,065,536 | -HS- | M] () -- C:\Users\r\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2010.06.30 21:32:47 | 012,426,597 | ---- | M] () -- C:\Users\Maxiber\Desktop\YouTube- Frauenarzt & Manny Marc mit Evil Hectorr , Major , Smoky , Kid Millenium , Keule Helle - Das Geht Ab (Atzen Musik Remix RMX) Juice CD#92.mp4 [2010.06.29 21:54:50 | 003,196,722 | -H-- | M] () -- C:\Users\Max oiber\AppData\Local\IconCache.db [2010.06.26 22:05:40 | 002,844,819 | ---- | M] () -- C:\Users\Max Siber\Desktop\hallo musik.mp3 [2010.06.26 11:50:34 | 001,463,378 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010.06.26 11:50:34 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.06.26 11:50:34 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.06.26 11:50:34 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.06.26 11:50:34 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.06.24 16:44:37 | 000,068,871 | ---- | M] () -- C:\Users\Mtoiber\Desktop\Unbenannt1.jpg [2010.06.24 16:44:21 | 005,621,173 | ---- | M] () -- C:\Users\ax Siber\Desktop\Unbenannt1.awd [2010.06.17 17:27:21 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2010.06.17 17:27:21 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.06.17 17:27:21 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.06.17 17:27:21 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010.06.17 14:34:10 | 000,014,197 | ---- | M] () -- C:\Users\Max Stoiber\Desktop\OpenDocument Text (neu).odt [2010.06.15 21:02:37 | 000,001,851 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010.06.15 20:52:04 | 000,006,836 | ---- | M] () -- C:\Users\MStoib\AppData\Local\d3d9caps.dat [2010.06.13 18:34:39 | 000,000,855 | ---- | M] () -- C:\Users\Max Ster\Desktop\Audacity 1.3 Beta (Unicode).lnk [2010.06.12 23:02:00 | 000,310,720 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.06.06 20:16:55 | 000,005,736 | -HS- | M] () -- C:\Users\Max oiber\Desktop\Folder.jpg [2010.06.06 20:16:55 | 000,002,036 | -HS- | M] () -- C:\Users\Max Siber\Desktop\AlbumArtSmall.jpg [2010.06.03 20:53:35 | 004,814,889 | ---- | M] () -- C:\Users\Matoiber\Desktop\YouTube- Jason Derulo - In My Head.mp3 [2010.06.03 20:43:43 | 000,010,358 | -HS- | M] () -- C:\Users\x Stoibr\Desktop\AlbumArt_{F2B0CF27-809B-42BA-B33A-50980C39C81A}_Large.jpg [2010.06.03 20:43:38 | 000,002,746 | -HS- | M] () -- C:\Users\Ma i\Desktop\AlbumArt_{F2B0CF27-809B-42BA-B33A-50980C39C81A}_Small.jpg [2010.06.03 02:30:12 | 000,007,304 | -HS- | M] () -- C:\Users\ax Stber\Desktop\AlbumArt_{4D621087-E7DA-4A58-9AC3-76378D878C75}_Large.jpg [2010.06.03 02:29:42 | 000,001,893 | -HS- | M] () -- C:\Users\ax oiber\Desktop\AlbumArt_{4D621087-E7DA-4A58-9AC3-76378D878C75}_Small.jpg [2010.06.03 02:29:37 | 000,012,040 | -HS- | M] () -- C:\Users\M oiber\Desktop\AlbumArt_{A2730D23-9538-44BF-B354-EAE69D00E589}_Large.jpg [2010.06.03 02:29:10 | 000,003,207 | -HS- | M] () -- C:\Users\x Str\Desktop\AlbumArt_{A2730D23-9538-44BF-B354-EAE69D00E589}_Small.jpg [2010.06.03 02:28:47 | 000,011,087 | -HS- | M] () -- C:\Users\Mx oiber\Desktop\AlbumArt_{033D1EB7-074A-46D2-BA8A-17D0065BFBF3}_Large.jpg [2010.06.03 02:28:15 | 000,012,118 | -HS- | M] () -- C:\Users\ax Stber\Desktop\AlbumArt_{535EB02F-E699-4682-BA86-17BE261B2227}_Large.jpg [2010.06.03 02:27:40 | 000,002,792 | -HS- | M] () -- C:\Users\Ma oiber\Desktop\AlbumArt_{033D1EB7-074A-46D2-BA8A-17D0065BFBF3}_Small.jpg [2010.06.03 02:27:00 | 000,002,510 | -HS- | M] () -- C:\Users\Matoiber\Desktop\AlbumArt_{535EB02F-E699-4682-BA86-17BE261B2227}_Small.jpg [2010.06.03 02:26:52 | 000,007,707 | -HS- | M] () -- C:\Users\x Stber\Desktop\AlbumArt_{6BA74C58-F81B-451B-AA2E-F472DEC1E918}_Large.jpg [2010.06.03 02:26:24 | 000,001,934 | -HS- | M] () -- C:\Users\Mx Siber\Desktop\AlbumArt_{6BA74C58-F81B-451B-AA2E-F472DEC1E918}_Small.jpg [2010.06.03 02:16:33 | 000,013,868 | -HS- | M] () -- C:\Users\Matoiber\Desktop\AlbumArt_{A2109C89-D317-4E6E-8F3E-B1AF4B70177E}_Large.jpg [2010.06.03 02:16:21 | 000,003,019 | -HS- | M] () -- C:\Users\Maoiber\Desktop\AlbumArt_{A2109C89-D317-4E6E-8F3E-B1AF4B70177E}_Small.jpg [2010.06.03 02:16:20 | 000,008,440 | -HS- | M] () -- C:\Users\Matiber\Desktop\AlbumArt_{9B939490-B9D5-4598-AECD-D6F80D1EB135}_Large.jpg [2010.06.03 02:16:16 | 000,002,160 | -HS- | M] () -- C:\Users\Mar\Desktop\AlbumArt_{9B939490-B9D5-4598-AECD-D6F80D1EB135}_Small.jpg [2010.06.02 17:57:57 | 000,010,868 | -HS- | M] () -- C:\Users\Maer\Desktop\AlbumArt_{EA725ACA-26B1-4712-96DA-67A8F0B0161C}_Large.jpg [2010.06.02 17:57:41 | 000,002,483 | -HS- | M] () -- C:\Users\Mer\Desktop\AlbumArt_{EA725ACA-26B1-4712-96DA-67A8F0B0161C}_Small.jpg [2010.06.02 17:56:46 | 000,008,919 | -HS- | M] () -- C:\Users\Moiber\Desktop\AlbumArt_{3A69D5B7-C459-417D-9014-8E9DF072A390}_Large.jpg [2010.06.02 17:56:44 | 000,002,464 | -HS- | M] () -- C:\Users\Mtoiber\Desktop\AlbumArt_{3A69D5B7-C459-417D-9014-8E9DF072A390}_Small.jpg [2010.06.01 16:29:09 | 000,015,872 | ---- | M] () -- C:\Users\Matoiber\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== Files Created - No Company Name ========== [2010.07.01 13:38:33 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.07.01 13:20:13 | 002,844,819 | ---- | C] () -- C:\Users\Max Stoiber\Desktop\hallo musik.mp3 [2010.06.30 21:28:06 | 012,426,597 | ---- | C] () -- C:\Users\Max Stoiber\Desktop\YouTube- Frauenarzt & Manny Marc mit Evil Hectorr , Major , Smoky , Kid Millenium , Keule Helle - Das Geht Ab (Atzen Musik Remix RMX) Juice CD#92.mp4 [2010.06.24 14:45:32 | 005,621,173 | ---- | C] () -- C:\Users\Max Stoiber\Desktop\Unbenannt1.awd [2010.06.24 14:45:20 | 000,068,871 | ---- | C] () -- C:\Users\Max Stoiber\Desktop\Unbenannt1.jpg [2010.06.15 21:02:37 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010.06.13 18:34:39 | 000,000,855 | ---- | C] () -- C:\Users\Maoiber\Desktop\Audacity 1.3 Beta (Unicode).lnk [2010.06.03 20:53:10 | 004,814,889 | ---- | C] () -- C:\Users\Mx Ster\Desktop\YouTube- Jason Derulo - In My Head.mp3 [2010.06.03 02:30:32 | 000,007,304 | -HS- | C] () -- C:\Users\Mber\Desktop\AlbumArt_{4D621087-E7DA-4A58-9AC3-76378D878C75}_Large.jpg [2010.06.03 02:30:32 | 000,001,893 | -HS- | C] () -- C:\Users\Mx Stoir\Desktop\AlbumArt_{4D621087-E7DA-4A58-9AC3-76378D878C75}_Small.jpg [2010.06.03 02:29:56 | 000,012,040 | -HS- | C] () -- C:\Users\Maber\Desktop\AlbumArt_{A2730D23-9538-44BF-B354-EAE69D00E589}_Large.jpg [2010.06.03 02:29:56 | 000,003,207 | -HS- | C] () -- C:\Users\Miber\Desktop\AlbumArt_{A2730D23-9538-44BF-B354-EAE69D00E589}_Small.jpg [2010.06.03 02:29:23 | 000,011,087 | -HS- | C] () -- C:\Users\ax Stber\Desktop\AlbumArt_{033D1EB7-074A-46D2-BA8A-17D0065BFBF3}_Large.jpg [2010.06.03 02:29:23 | 000,002,792 | -HS- | C] () -- C:\Users\Matoiber\Desktop\AlbumArt_{033D1EB7-074A-46D2-BA8A-17D0065BFBF3}_Small.jpg [2010.06.03 02:29:05 | 000,012,118 | -HS- | C] () -- C:\Users\Miber\Desktop\AlbumArt_{535EB02F-E699-4682-BA86-17BE261B2227}_Large.jpg [2010.06.03 02:29:05 | 000,002,510 | -HS- | C] () -- C:\Users\ax Stber\Desktop\AlbumArt_{535EB02F-E699-4682-BA86-17BE261B2227}_Small.jpg [2010.06.03 02:27:31 | 000,007,707 | -HS- | C] () -- C:\Users\Matoiber\Desktop\AlbumArt_{6BA74C58-F81B-451B-AA2E-F472DEC1E918}_Large.jpg [2010.06.03 02:27:31 | 000,001,934 | -HS- | C] () -- C:\Users\Mx Stoer\Desktop\AlbumArt_{6BA74C58-F81B-451B-AA2E-F472DEC1E918}_Small.jpg [2010.06.03 02:16:41 | 000,013,868 | -HS- | C] () -- C:\Users\Mxoiber\Desktop\AlbumArt_{A2109C89-D317-4E6E-8F3E-B1AF4B70177E}_Large.jpg [2010.06.03 02:16:41 | 000,003,019 | -HS- | C] () -- C:\Users\ax Sto\Desktop\AlbumArt_{A2109C89-D317-4E6E-8F3E-B1AF4B70177E}_Small.jpg [2010.06.03 02:16:27 | 000,008,440 | -HS- | C] () -- C:\Users\Maoiber\Desktop\AlbumArt_{9B939490-B9D5-4598-AECD-D6F80D1EB135}_Large.jpg [2010.06.03 02:16:27 | 000,002,160 | -HS- | C] () -- C:\Users\Mx Siber\Desktop\AlbumArt_{9B939490-B9D5-4598-AECD-D6F80D1EB135}_Small.jpg [2010.06.02 17:58:20 | 000,010,868 | -HS- | C] () -- C:\Users\xiber\Desktop\AlbumArt_{EA725ACA-26B1-4712-96DA-67A8F0B0161C}_Large.jpg [2010.06.02 17:58:20 | 000,002,483 | -HS- | C] () -- C:\Users\x oiber\Desktop\AlbumArt_{EA725ACA-26B1-4712-96DA-67A8F0B0161C}_Small.jpg [2010.06.02 17:56:47 | 000,008,919 | -HS- | C] () -- C:\Users\Maoiber\Desktop\AlbumArt_{3A69D5B7-C459-417D-9014-8E9DF072A390}_Large.jpg [2010.06.02 17:56:47 | 000,002,464 | -HS- | C] () -- C:\Users\Moiber\Desktop\AlbumArt_{3A69D5B7-C459-417D-9014-8E9DF072A390}_Small.jpg [2010.04.08 16:30:35 | 000,018,760 | ---- | C] () -- C:\Windows\System32\QQVistaHelper.dll [2010.03.19 14:14:16 | 000,274,432 | ---- | C] () -- C:\Windows\System32\EMRegSys.dll [2010.03.06 15:50:02 | 000,307,200 | ---- | C] () -- C:\Windows\System32\AscSQLite.dll [2009.11.06 13:40:58 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll [2009.11.06 13:40:58 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini [2009.10.29 02:41:26 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2009.10.29 02:41:26 | 000,011,264 | ---- | C] () -- C:\Windows\System32\atimuixx.dll [2009.03.12 12:32:52 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini [2009.02.11 22:03:58 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll [2009.02.11 22:03:58 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll [2009.02.11 22:03:57 | 000,000,060 | ---- | C] () -- C:\Windows\Prelaunch.ini [2008.09.03 21:35:58 | 000,006,144 | ---- | C] () -- C:\Windows\System32\winssl.dll [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2005.05.08 18:56:44 | 000,055,808 | ---- | C] () -- C:\Windows\System32\zlib1.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:CE0A077E @Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:B623B5B8 < End of report > |
Wo ist denn die Problembeschreibung? Ich mag es echt nicht, wenn hier Logs dem Forum zu Fraß vorgeworfen werden, die dummen Helfer können ja Deine Probleme erraten! :headbang: |
ich bräuchte hilfe dabei die viren los zu werden |
Dann poste auch alle relevanten Infos!! Dein virenscanner hat dir mit sicherheit verraten was genau wo gefunden wurde!! Vergiss nicht, dass du den NUBs zugestimmt hast!! Zitat:
|
| Alle Zeitangaben in WEZ +1. Es ist jetzt 21:32 Uhr. |
Copyright ©2000-2025, Trojaner-Board