hallo,
danke markusg, dass du dich meines problems annimmst
malewarebytes log
Malwarebytes' Anti-Malware 1.44
Datenbank Version: 3600
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18865
20.01.2010 20:50:02
mbam-log-2010-01-20 (20-50-02).txt
Scan-Methode: Quick-Scan
Durchsuchte Objekte: 1
Laufzeit: 49 second(s)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
----------------------------------OTL Logfile: Code:
OTL Extras logfile created on: 12.02.2011 15:19:17 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Andreas\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
1.021,00 Mb Total Physical Memory | 189,00 Mb Available Physical Memory | 18,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 53,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 71,28 Gb Total Space | 19,45 Gb Free Space | 27,29% Space Free | Partition Type: NTFS
Drive D: | 70,94 Gb Total Space | 48,47 Gb Free Space | 68,33% Space Free | Partition Type: NTFS
Computer Name: ACER-5610 | User Name: Andreas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1399674020-1881937264-2458645722-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Andreas\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1399674020-1881937264-2458645722-1000]
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05E00A3B-943F-4293-9C44-A9A1E6203F9E}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1E284B58-9BE7-44C2-B8D5-167EDDC4FC6E}" = lport=8772 | protocol=6 | dir=in | name=bitcomet 8772 tcp |
"{283E7A02-054E-44EE-8C12-887CC2A8C993}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2BD46886-3561-4691-982D-0A2D4D467FA1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2EB5B47B-0D0D-442A-AA3E-ECC75019C3CB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2F107A7F-D75B-4226-99B8-24590C975668}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{34453F71-E1EB-44FB-A55D-D6E90CF9F017}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4E01F6C7-6AC6-4EFC-9562-CC59BA6AB071}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5198721F-719B-45C5-8754-D2416ACDFDEB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{53258EF5-AC8A-4AD2-B5DF-C31A913261B7}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5DEF7110-4F0C-4491-9D0E-C0BF8C06EF6D}" = lport=8023 | protocol=17 | dir=in | name=bitcomet 8023 udp |
"{5EF39263-49BA-4367-970F-6C38E5B978A2}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7E2874AB-ED98-42C7-A5C1-6DACD6BC6C26}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{82884CD8-A3EC-49BE-AC2A-E1F3B6604445}" = lport=8023 | protocol=6 | dir=in | name=bitcomet 8023 tcp |
"{910267F4-8E94-4F1F-93FE-94D6821A68EA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{91A19A93-04F6-45E4-8FC4-3A493C1FA958}" = lport=8023 | protocol=17 | dir=in | name=bitcomet 8023 udp |
"{92919597-64D1-4FC2-9555-4400EEDA218A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{979A7E0A-7629-493D-A32E-8F1B51DC22E9}" = lport=8772 | protocol=17 | dir=in | name=bitcomet 8772 udp |
"{A7006985-CC5B-4952-9FA2-2535EAF4CC1E}" = lport=22431 | protocol=6 | dir=in | name=bitcomet 22431 tcp |
"{A8AD8530-FEE4-444A-B36B-D36525DAC33F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B00C5D48-F8AD-495D-89FE-A2E5B6B29ABC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B44F8F96-35BB-4A59-ADB4-3367B52C96CC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D14E97EE-6637-478C-9A97-B6B11EE1DF4F}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E61D676B-3B8D-42FF-AE99-4548BEEE265F}" = lport=8023 | protocol=6 | dir=in | name=bitcomet 8023 tcp |
"{F26ECE18-1ED3-452C-8ED9-4C0F04DBE134}" = lport=22431 | protocol=17 | dir=in | name=bitcomet 22431 udp |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01F5F2AC-D6B9-4005-B481-9C4B9A7B9FA2}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{03109A9F-58CD-46BE-B5B3-143233FD21DD}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{094EF7E8-E4BC-434D-A295-6E9B441C7A1F}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{0B8D64D9-8F08-4735-84D4-4B1C7BED17EA}" = dir=in | app=c:\program files\avg\avg9\avgdiagex.exe |
"{0C89DC49-CB6A-421A-BFCB-30EE77C719CF}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{16885E66-483A-4352-9F85-2F360AEE9161}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{173C4815-2356-4B90-A9CD-43E4BA47A534}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{17D0F203-3BB5-4161-9484-1F183AA5DD9B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{182582E7-33CA-42A1-ADBB-A514C7F4A5C4}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{1CCB8487-D339-4D9D-88F8-D3F2A47746F3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1E6B9976-AB45-4874-B70B-807052BF62B9}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{1F0564C6-B3B8-4A2A-AD55-3167F6F343E5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{2451680A-88E9-4437-8161-CEB884E2E72D}" = protocol=17 | dir=in | app=c:\program files\telekom austria\breitband-internet-installation\mobile installer\aonflex.exe |
"{25459516-EE63-4B36-B4F8-C43F327EB52B}" = protocol=6 | dir=out | app=system |
"{2BC24538-FAD9-4F0B-8550-C6743B1DF654}" = protocol=6 | dir=in | app=c:\program files\aon\aoncontroller\aoncontroller.exe |
"{2F9E884B-C1DF-45D1-802E-8119A8E5D2AC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{331F368C-D97E-42E6-87A5-B15CB3974125}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{39052E49-5CC9-44F4-B504-CD8002C68909}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{3CFD9355-A7AA-4739-8BAA-1004BB47100B}" = protocol=17 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleilcs.exe |
"{47B0CD0E-5688-4084-A2CD-932EF0D67314}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4A65735B-45D5-4816-BF42-BE06FF6EEDAA}" = protocol=17 | dir=in | app=c:\program files\aon\aoncontroller\aoncontroller.exe |
"{4E51BC7F-7947-4F1D-B6C8-8E32B09B1038}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{5E5F9A97-A985-4886-B1AB-63C36C094403}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{65F9CB04-29CC-4FEB-A567-77F9D76E2996}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{68EBB992-C0F6-4254-8960-89A8F293F430}" = protocol=17 | dir=in | app=c:\windows\temp\aonflex.exe |
"{73D088FD-5FB8-40DC-A00E-FC14A5DB9F6F}" = protocol=6 | dir=in | app=c:\program files\aon\aoncontroller\aoncontroller.exe |
"{7DD5D246-C423-4707-9A72-B592E1787840}" = protocol=17 | dir=in | app=c:\windows\temp\installer.exe |
"{82EF3449-5A51-4895-BED8-5B4B463DDEF3}" = protocol=17 | dir=in | app=c:\program files\telekom austria\breitband-internet-installation\fixnet installer\installer.exe |
"{8842593D-EF3D-4CEA-B85E-4FEA388E2136}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8E41017D-72E6-45F8-ACCD-8AB9D9ADBD70}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{91A1A778-F89B-46FE-97A3-013B5FC5218B}" = protocol=6 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleilcs.exe |
"{949C24B8-1547-4A20-937C-ACE001FD1971}" = protocol=6 | dir=in | app=c:\windows\temp\installer.exe |
"{949D6B85-F5C1-4102-B667-F2358BFAFAF9}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{970397DA-D4CF-46A6-A0E5-2F4693F2CD3F}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{9E31CA96-75B5-494D-B1AA-35964AE8DF7F}" = protocol=6 | dir=in | app=c:\windows\temp\aonflex.exe |
"{9F3B961D-A978-4BE2-BC0F-AAB54F3E04FE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A00D9846-F8F4-4A9A-A2E7-3D046240A0C1}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{A22D5BC3-AC18-4C99-A935-C5C93E84D865}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A3AFD828-14F7-4EFB-A2B7-F0CCCB425923}" = dir=in | app=c:\program files\avg\avg9\avgupd.exe |
"{B1769FBB-FDB0-4D49-AF58-C1FAA4A0C8BC}" = dir=in | app=c:\program files\avg\avg9\avgam.exe |
"{B2A1186B-300E-4902-AD1B-D73D8F70FFAB}" = protocol=6 | dir=in | app=c:\program files\telekom austria\breitband-internet-installation\fixnet installer\installer.exe |
"{B7EF80C2-5729-4D77-A345-E6B79377CB81}" = dir=in | app=c:\program files\avg\avg9\avgnsx.exe |
"{B8EA4C37-C8FF-4356-BD48-968F4AC40EC1}" = protocol=17 | dir=in | app=c:\program files\soluto\soluto.exe |
"{C3FAAF7C-C7D7-452B-91DF-49D961AFF471}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{C65C3E40-FE3F-4ADA-B505-8014C97A4F9E}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{DED6106D-7DBE-46E1-A786-14470C5CF496}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E134D7A4-1F73-421D-ADC6-8CDD835A6A9A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E228B6AE-DD85-416F-A428-4F93A5D6C379}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E59A68BD-86FD-452C-80FB-F95B07C07B1C}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{E816806D-3C16-4B0C-AE2C-3FBFA5F29D85}" = protocol=17 | dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\mce deluxe suite.exe |
"{E89D646F-F9B5-4CA4-AC11-90664DF82509}" = protocol=6 | dir=in | app=c:\program files\telekom austria\breitband-internet-installation\mobile installer\aonflex.exe |
"{EB1E8568-65F0-450A-B936-F247615E7844}" = protocol=17 | dir=in | app=c:\program files\aon\aoncontroller\aoncontroller.exe |
"{EC48B909-208A-4B5C-8733-13A5488A709A}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{F58443D8-1535-4283-A923-BD4AA6B2D2BD}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F7FC42A9-465F-4619-88D6-9EE705CCE118}" = protocol=6 | dir=in | app=c:\program files\soluto\soluto.exe |
"{FAB0E74C-3939-4F10-9ED7-BB878A92688D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FAB21688-E9E1-4260-8D5B-4C36193883D6}" = protocol=6 | dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\mce deluxe suite.exe |
"{FCD3FB4D-CFA5-4A76-B53E-7F5F202CE03D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{FF622334-DD79-4CB9-B5BE-C45E9803A504}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"TCP Query User{047FE5B8-19BF-4EE4-8911-5DFB72DC8731}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"TCP Query User{0C10DD66-7552-4E7E-9064-8D6E217BE5DA}C:\program files\shareaza\shareaza.exe" = protocol=6 | dir=in | app=c:\program files\shareaza\shareaza.exe |
"TCP Query User{4B2D40B3-9704-4311-AB50-4E30ED2A5FD0}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"TCP Query User{4E52627A-B114-4441-9A73-C2AD9366F002}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{4E814D91-C6D8-4D87-813C-EBE48527087B}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{53209584-2A7A-451A-8E3D-A2F325899B59}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{65BE0A8F-4CD7-4BCD-B393-67AA79572CB8}C:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe |
"TCP Query User{C134037E-4894-4093-9675-1BA3E4C07C27}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"TCP Query User{D1EDFA06-C4D8-4153-BC8C-91A4BCA1B56A}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"TCP Query User{EA4279C7-61BD-471A-BDEB-B5438B079B91}C:\program files\emuleex\emsoft.exe" = protocol=6 | dir=in | app=c:\program files\emuleex\emsoft.exe |
"UDP Query User{0495DA47-E7FE-4266-8FA5-95BAB7466DD9}C:\program files\emuleex\emsoft.exe" = protocol=17 | dir=in | app=c:\program files\emuleex\emsoft.exe |
"UDP Query User{53AE5983-7BA8-4911-BEFF-B2C518E1708F}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{91251D3D-428F-4EB7-B5F8-0E46B2BBA69B}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{924A4AB4-B660-4173-BF39-A0888C4A7B15}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{968D2611-14A0-4DEF-925E-6EE6FFA4A421}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{A120E007-2BF6-41A7-802D-04C9DB3C4356}C:\program files\shareaza\shareaza.exe" = protocol=17 | dir=in | app=c:\program files\shareaza\shareaza.exe |
"UDP Query User{AB0BC7F4-92E1-47EE-B764-ABA04B44B132}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{D49F8797-B5D7-418B-9DE1-2C00FD8EB3A7}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{E9ED6CB0-0B9B-4B9F-AFB5-D5F8609383BF}C:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe |
"UDP Query User{F02D8A73-C717-4663-B6FA-E5FFE4ABC366}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0F79C1B2-36B2-4B62-8221-42721CF54638}" = Acer OrbiCam Application
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{1AEC7728-1640-4E98-AABC-5EBE3FB57FE4}" = SMSC Fast Infrared Driver
"{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}" = Corel Graphics Suite 11
"{1DA193D3-BEC6-4FEF-89E3-D8F739216BFB}_is1" = Ashampoo Anti-Malware 1.02
"{1ED31028-6D65-4CFD-AD03-8E484A052FE7}" = aonUpdate
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23C3F5C0-566B-478B-AAB6-197ADAD0C945}" = Uniblue SpeedUpMyPC 2009
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 22
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2CF2D7F1-73A0-4D5D-85E6-A49AECF67B15}" = Windows Vista Cleaner
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{35C0A1E4-D02A-412C-841F-266DBB116ABB}" = Intel(R) PROSet/Wireless WiFi-Software
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4767A89A-F6A5-41B1-903C-734483739882}" = Highspeed-Internet-Installation
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C556B5C-8EF7-47B4-AE05-FE71EEB2C25B}" = Plus Pack für Acronis True Image Home 2010
"{51E4FE53-D6B0-43A0-B98C-7DE233D53EAB}" = Farming Extreme Manager
"{5545EEE4-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2701.01)
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5980B928-1C95-4B3E-957B-B02D8147FF9E}" = Desktop SMS
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7
"{67ED38A3-4882-448B-B44D-3428AB00D7D5}" = Acronis*True*Image*Home
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B7FB3C4-E71B-478D-9E15-5AE97EAD67B8}" = aonFTP
"{7148F0A8-6813-11D6-A77B-00B0D0142000}" = Java 2 Runtime Environment, SE v1.4.2
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C5747-0C40-4930-9AFE-113BCE553101}" = Adobe Stock Photos 1.0
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7b7e564b-0c70-4506-9ab6-b7a2044425ab}" = Gigaset QuickSync
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{904B64C4-49D8-4941-A2B6-D13D06C5CD8B}" = Controller
"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AD976243-75CB-4A2B-809F-8C9EC4292377}" = Mobiles Internet für unterwegs
"{B0D7190D-B2DD-404E-88E6-74CC0B62054C}" = Soluto
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{BFBB91DB-9F0F-4A9C-9669-A97DA3512CF2}" = RealSpeak Solo fur Deutsch - Steffi
"{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}" = Uniblue DriverScanner 2009
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DAF4C31F-5DE8-48D4-AF5B-8D1165B548AE}" = egisReader1.0
"{DF2035BE-5820-4965-BD97-7FAF8D4A7879}" = Microsoft_VC90_CRT_x86
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Deluxe
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.01.058
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Any Video Converter_is1" = Any Video Converter 2.7.9
"aonFTP" = aonFTP
"aonUpdate" = aonUpdate
"Ashampoo WinOptimizer 2010 Advanced_is1" = Ashampoo WinOptimizer 2010 Advanced
"Autoplay Repair" = Autoplay Repair 2.2.0
"AutoRunnerX" = AutoRunnerX
"AVG9Uninstall" = AVG 9.0
"BitComet" = BitComet 1.22
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"Controller" = Controller
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"eMule" = eMule
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free Studio_is1" = Free Studio version 4.8
"Free YouTube Download_is1" = Free YouTube Download 2.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"GridVista" = Acer GridVista
"Highspeed-Internet-Installation" = Highspeed-Internet-Installation
"HijackThis" = HijackThis 2.0.2
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}" = Corel Graphics Suite 11
"IsoBuster_is1" = IsoBuster 2.8
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mobiles Internet für unterwegs" = Mobiles Internet für unterwegs
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MPE" = MyPhoneExplorer
"NVIDIA Drivers" = NVIDIA Drivers
"PC Wizard 2010_is1" = PC Wizard 2010.1.95
"ProInst" = Intel PROSet Wireless
"RealPlayer 12.0" = RealPlayer
"Security Task Manager" = Security Task Manager 1.7h
"Shareaza_is1" = Shareaza 2.3.1.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 5" = TeamViewer 5
"Trojan Remover_is1" = Trojan Remover 6.8.1
"TuneUp Utilities" = TuneUp Utilities
"Uniblue DriverScanner 2009" = Uniblue DriverScanner 2009
"Uniblue SpeedUpMyPC 2009" = Uniblue SpeedUpMyPC 2009
"Uninstall_is1" = Uninstall 1.0.0.1
"Update Service" = Update Service
"ViewpointMediaPlayer" = Viewpoint Media Player (Remove Only)
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"XviD" = XviD MPEG-4 Codec
"Xvid_is1" = Xvid 1.1.3 final uninstall
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1399674020-1881937264-2458645722-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"OnlineFestplatte" = aon Online Festplatte (entfernen)
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
--- --- ---
----------------------------------------------------OTL Logfile: Code:
OTL logfile created on: 12.02.2011 15:19:17 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Andreas\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
1.021,00 Mb Total Physical Memory | 189,00 Mb Available Physical Memory | 18,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 53,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 71,28 Gb Total Space | 19,45 Gb Free Space | 27,29% Space Free | Partition Type: NTFS
Drive D: | 70,94 Gb Total Space | 48,47 Gb Free Space | 68,33% Space Free | Partition Type: NTFS
Computer Name: ACER-5610 | User Name: Andreas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Andreas\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10l_ActiveX.exe (Adobe Systems, Inc.)
PRC - C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgfws9.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Soluto\SolutoService.exe (Soluto)
PRC - C:\Program Files\Soluto\Soluto.exe (Soluto)
PRC - C:\Program Files\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgam.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2010 Advanced\DfSdkS.exe (mst software GmbH, Germany)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Users\Andreas\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
MOD - C:\Windows\System32\vbscript.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wbem\wmiutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wbem\wbemsvc.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wbem\wbemprox.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wbem\fastprox.dll (Microsoft Corporation)
MOD - C:\Windows\System32\rsaenh.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wbem\wbemdisp.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wbemcomn.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sxs.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (avgfws9) -- C:\Program Files\AVG\AVG9\avgfws9.exe (AVG Technologies CZ, s.r.o.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (TuneUp.Defrag) -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (SolutoService) -- C:\Program Files\Soluto\SolutoService.exe (Soluto)
SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Sony Ericsson PCCompanion) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AAMWService) -- C:\Program Files\Ashampoo\Ashampoo Anti-Malware\AAMW_Service.exe ()
SRV - (afcdpsrv) -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (AcrSch2Svc) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (DfSdkS) -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2010 Advanced\DfsdkS.exe (mst software GmbH, Germany)
SRV - (LBTServ) -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (WMIService) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer)
SRV - (eLockService) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.)
SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()
SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
SRV - (eSettingsService) -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
========== Driver Services (SafeList) ==========
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (PCGenFAM) -- C:\Windows\system32\DRIVERS\PCGenFAM.sys (Soluto LTD.)
DRV - (AvgTdiX) -- C:\Windows\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSFiltervtx) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSShimvtx) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSErHrvtx) -- C:\Windows\System32\Drivers\AVGIDSvx.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDrivervtx) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV - (AvgLdx86) -- C:\Windows\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\Windows\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgRkx86) -- C:\Windows\System32\Drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgfwfd) -- C:\Windows\System32\drivers\avgfwd6x.sys (AVG Technologies CZ, s.r.o.)
DRV - (afcdp) -- C:\Windows\System32\drivers\afcdp.sys (Acronis)
DRV - (tdrpman258) Acronis Try&Decide and Restore Points filter (build 258) -- C:\Windows\system32\DRIVERS\tdrpm258.sys (Acronis)
DRV - (timounter) -- C:\Windows\system32\DRIVERS\timntr.sys (Acronis)
DRV - (snapman) -- C:\Windows\system32\DRIVERS\snapman.sys (Acronis)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (BthAvrcp) -- C:\Windows\System32\drivers\BthAvrcp.sys (CSR, plc)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (s1018mdm) -- C:\Windows\System32\drivers\s1018mdm.sys (MCCI Corporation)
DRV - (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) -- C:\Windows\System32\drivers\s1018unic.sys (MCCI Corporation)
DRV - (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s1018mgmt.sys (MCCI Corporation)
DRV - (s1018obex) -- C:\Windows\System32\drivers\s1018obex.sys (MCCI Corporation)
DRV - (s1018bus) Sony Ericsson Device 1018 driver (WDM) -- C:\Windows\System32\drivers\s1018bus.sys (MCCI Corporation)
DRV - (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS) -- C:\Windows\System32\drivers\s1018nd5.sys (MCCI Corporation)
DRV - (s1018mdfl) -- C:\Windows\System32\drivers\s1018mdfl.sys (MCCI Corporation)
DRV - (GigasetGenericUSB) -- C:\Windows\System32\drivers\GigasetGenericUSB.sys (Siemens Home and Office Communication Devices GmbH & Co. KG)
DRV - (btnetBUs) -- C:\Windows\System32\drivers\btnetBus.sys ()
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (NETw4v32) Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (lv321av) Logitech USB PC Camera (VC0321) -- C:\Windows\System32\drivers\lv321av.sys (Logitech Inc.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (bcm4sbxp) -- C:\Windows\System32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.)
DRV - (DritekPortIO) -- C:\Program Files\Launch Manager\DPortIO.sys (Dritek System Inc.)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (ESDCR) -- C:\Windows\System32\drivers\ESD7SK.sys (ENE Technology Inc.)
DRV - (ESMCR) -- C:\Windows\System32\drivers\ESM7SK.sys (ENE Technology Inc.)
DRV - (EMSCR) -- C:\Windows\System32\drivers\EMS7SK.sys (ENE Technology Inc.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (SMSCIRDA) -- C:\Windows\System32\drivers\smscirda.sys (SMSC)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (AvgAsCln) -- C:\Windows\System32\drivers\AvgAsCln.sys (GRISOFT, s.r.o.)
DRV - (UBHelper) -- C:\Windows\System32\drivers\UBHelper.sys ()
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (SE2Eobex) -- C:\Windows\System32\drivers\SE2Eobex.sys (MCCI)
DRV - (SE2Emgmt) Sony Ericsson Device 046 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\SE2Emgmt.sys (MCCI)
DRV - (SE2Emdm) -- C:\Windows\System32\drivers\SE2Emdm.sys (MCCI)
DRV - (SE2Emdfl) -- C:\Windows\System32\drivers\SE2Emdfl.sys (MCCI)
DRV - (SE2Ebus) Sony Ericsson Device 046 Driver driver (WDM) -- C:\Windows\System32\drivers\SE2Ebus.sys (MCCI)
DRV - (se2End5) Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (NDIS) -- C:\Windows\System32\drivers\se2End5.sys (MCCI)
DRV - (se2Eunic) Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (WDM) -- C:\Windows\System32\drivers\se2Eunic.sys (MCCI)
DRV - (LHidKe) -- C:\Windows\System32\drivers\LHidKE.Sys (Logitech, Inc.)
DRV - (LMouKE) -- C:\Windows\System32\drivers\LMouKE.Sys (Logitech, Inc.)
DRV - (Ser2pl) -- C:\Windows\System32\drivers\ser2pl.sys (Prolific Technology Inc.)
DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.intl.acer.yahoo.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1399674020-1881937264-2458645722-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKU\S-1-5-21-1399674020-1881937264-2458645722-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = hxxp://www.telekom.at/suche
IE - HKU\S-1-5-21-1399674020-1881937264-2458645722-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-1399674020-1881937264-2458645722-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-1399674020-1881937264-2458645722-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-1399674020-1881937264-2458645722-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKU\S-1-5-21-1399674020-1881937264-2458645722-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.at/"
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: finder@meingutscheincode.de:1.0.2
FF - prefs.js..extensions.enabledItems: {40c3cc16-7269-4b32-9531-17f2950fb06f}:2.5.8.6
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.29 18:00:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.11.03 04:33:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.07.15 06:27:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010.11.03 04:33:43 | 000,000,000 | ---D | M]
[2010.07.29 18:01:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andreas\AppData\Roaming\mozilla\Extensions
[2011.02.12 11:01:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andreas\AppData\Roaming\mozilla\Firefox\Profiles\2qy1druw.default\extensions
[2010.07.29 18:19:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Andreas\AppData\Roaming\mozilla\Firefox\Profiles\2qy1druw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.11.18 19:42:47 | 000,000,000 | ---D | M] (Winload Toolbar) -- C:\Users\Andreas\AppData\Roaming\mozilla\Firefox\Profiles\2qy1druw.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}
[2010.09.01 15:32:49 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Andreas\AppData\Roaming\mozilla\Firefox\Profiles\2qy1druw.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.08.29 14:32:10 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Andreas\AppData\Roaming\mozilla\Firefox\Profiles\2qy1druw.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.10.16 17:34:42 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Andreas\AppData\Roaming\mozilla\Firefox\Profiles\2qy1druw.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.07.30 02:17:00 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Users\Andreas\AppData\Roaming\mozilla\Firefox\Profiles\2qy1druw.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2010.11.18 19:42:40 | 000,000,000 | ---D | M] (Mein Gutscheincode Finder) -- C:\Users\Andreas\AppData\Roaming\mozilla\Firefox\Profiles\2qy1druw.default\extensions\finder@meingutscheincode.de
[2011.02.12 11:01:37 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Andreas\AppData\Roaming\mozilla\Firefox\Profiles\2qy1druw.default\extensions\toolbar@ask.com
[2010.02.04 16:45:40 | 000,002,254 | ---- | M] () -- C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\2qy1druw.default\searchplugins\askcom.xml
[2010.10.20 11:41:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.08.15 09:08:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.20 11:41:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2008.01.23 07:20:30 | 000,491,520 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2010.09.15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2008.02.19 01:07:20 | 001,193,952 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files\Mozilla Firefox\plugins\NpFv41629.dll
[2008.09.04 08:50:59 | 001,271,760 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files\Mozilla Firefox\plugins\NpFv501.dll
[2010.07.23 01:48:56 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.07.23 01:48:56 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.07.23 01:48:56 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.07.23 01:48:56 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.07.23 01:48:56 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.05.16 08:50:34 | 000,000,734 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll (BitComet)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKU\S-1-5-21-1399674020-1881937264-2458645722-1000\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found.
O3 - HKU\S-1-5-21-1399674020-1881937264-2458645722-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1399674020-1881937264-2458645722-1000\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKU\S-1-5-21-1399674020-1881937264-2458645722-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1399674020-1881937264-2458645722-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1399674020-1881937264-2458645722-1000..\RunOnce: [Shockwave Updater] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\S-1-5-21-1399674020-1881937264-2458645722-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O8 - Extra context menu item: &Alles mit BitComet herunterladen - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Alle &Filme mit BitComet herunterladen - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Andreas\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Andreas\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Mit BitComet herunter&laden - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.6.22.dll (BitComet)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {588031A3-94BF-4CDD-86D0-939F6F93910F} https://fixit.support.microsoft.com/ActiveX/FixItClient.CAB (FixItClient Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1264640385833 (WUWebControl Class)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} hxxp://www.systemrequirementslab.com/sysreqlab2.cab (Reg Error: Key error.)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2-windows-i586.cab (Java Plug-in 1.4.2)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F560} hxxp://92.51.137.94/objects/NpFv522.dll (Flatcast Viewer 5.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (acaptuser32.dll) - C:\Windows\System32\acaptuser32.dll (Adobe Systems, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Program Files\Soluto\soluto.exe /userinit) - C:\Program Files\Soluto\soluto.exe (Soluto)
O24 - Desktop WallPaper: C:\Users\Andreas\Pictures\BILD0388.JPG
O24 - Desktop BackupWallPaper: C:\Users\Andreas\Pictures\BILD0388.JPG
O30 - LSA: Authentication Packages - (C:\Windows\system32\khfFWnKC) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.12.05 03:24:29 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{7cc7af08-af47-11df-a7ff-0009dd60f197}\Shell\AutoRun\command - "" = F:\SanDiskMediaManager.EXE
O33 - MountPoints2\{7cc7af09-af47-11df-a7ff-0009dd60f197}\Shell - "" = AutoRun
O33 - MountPoints2\{7cc7af09-af47-11df-a7ff-0009dd60f197}\Shell\AutoRun\command - "" = G:\Startme.exe
O33 - MountPoints2\{7fc6b006-b1c1-11df-9d9e-0016d4686c43}\Shell\AutoRun\command - "" = F:\SanDiskMediaManager.EXE
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.02.12 15:05:40 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Andreas\Desktop\OTL.exe
[2011.02.12 11:20:40 | 000,000,000 | ---D | C] -- C:\Users\Andreas\AppData\Local\AskToolbar
[2011.02.12 11:01:56 | 000,114,176 | ---- | C] (CPUID) -- C:\Windows\System32\PCWizard.cpl
[2011.02.12 11:01:56 | 000,000,000 | ---D | C] -- C:\Windows\Java
[2011.02.12 11:01:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2011.02.12 11:01:54 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2011.02.12 11:01:37 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2011.02.12 10:56:33 | 005,262,149 | ---- | C] (CPUID ) -- C:\Users\Andreas\Desktop\pc-wizard_2010.1.95-setup.exe
[2011.02.12 10:40:25 | 000,000,000 | ---D | C] -- C:\Program Files\Feedback Tool
[2010.09.03 16:40:43 | 000,000,254 | ---- | C] () -- C:\Users\Andreas\AppData\Local\xobni_installer_updater.log
[2010.08.15 08:17:29 | 000,000,098 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2010.08.03 13:18:01 | 001,456,640 | ---- | C] () -- C:\Program Files\Common Files\Falk Navi-Manager.msi
[2010.06.05 11:10:00 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.05.08 00:48:49 | 004,288,534 | -H-- | C] () -- C:\Users\Andreas\AppData\Local\IconCache.db
[2010.04.23 07:43:40 | 000,463,906 | ---- | C] () -- C:\Users\Andreas\AppData\Roaming\farm.bmp
[2010.04.23 07:38:36 | 000,011,917 | ---- | C] () -- C:\Users\Andreas\AppData\Roaming\settings.dat
[2010.04.21 10:52:42 | 000,004,096 | -H-- | C] () -- C:\Users\Andreas\AppData\Local\keyfile3.drm
[2010.02.03 17:14:04 | 000,034,308 | ---- | C] () -- C:\ProgramData\mazuki.dll
[2010.01.18 13:34:50 | 000,000,680 | ---- | C] () -- C:\Users\Andreas\AppData\Local\d3d9caps.dat
[2009.10.09 23:55:52 | 000,009,211 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2009.08.09 15:32:02 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe2138.dll
[2009.08.09 12:36:12 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe1ADD.dll
[2009.03.18 20:07:19 | 000,047,962 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.03.18 20:07:19 | 000,047,962 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008.06.29 17:25:35 | 000,110,456 | ---- | C] () -- C:\ProgramData\BM2b0ac1ff.xml
[2008.06.29 17:25:35 | 000,105,393 | ---- | C] () -- C:\ProgramData\BM2b0ac1ff.txt
[2008.06.29 17:25:35 | 000,000,023 | ---- | C] () -- C:\ProgramData\pskt.ini
[2007.07.24 22:55:00 | 000,038,425 | ---- | C] () -- C:\Users\Andreas\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
[2007.07.24 22:50:44 | 000,038,410 | ---- | C] () -- C:\Users\Andreas\AppData\Roaming\Microsoft Excel.ADR
[2007.06.09 19:21:41 | 000,029,239 | ---- | C] () -- C:\Users\Andreas\AppData\Roaming\UserTile.png
[2007.05.10 07:14:36 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2007.03.28 01:53:43 | 000,013,119 | ---- | C] () -- C:\Users\Andreas\AppData\Roaming\nvModes.001
[2007.03.28 01:53:41 | 000,013,119 | ---- | C] () -- C:\Users\Andreas\AppData\Roaming\nvModes.dat
[2007.03.28 00:09:59 | 000,031,232 | ---- | C] () -- C:\Users\Andreas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.03.27 19:20:12 | 000,129,088 | ---- | C] () -- C:\Users\Andreas\AppData\Local\GDIPFONTCACHEV1.DAT
[2006.12.05 03:31:45 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll
[2006.11.02 13:50:50 | 000,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
========== Files - Modified Within 30 Days ==========
[2011.02.12 15:09:01 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.02.12 15:05:44 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Andreas\Desktop\OTL.exe
[2011.02.12 14:59:02 | 000,003,296 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.02.12 14:59:02 | 000,003,296 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.02.12 14:54:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.02.12 14:54:40 | 1071,767,552 | -HS- | M] () -- C:\hiberfil.sys
[2011.02.12 14:51:53 | 000,005,332 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.02.12 14:41:07 | 000,001,126 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1399674020-1881937264-2458645722-1000UA.job
[2011.02.12 14:14:28 | 071,115,338 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2011.02.12 11:28:19 | 000,015,913 | ---- | M] () -- C:\Users\Andreas\Desktop\so sieht die seite aus.jpg
[2011.02.12 11:01:58 | 000,000,884 | ---- | M] () -- C:\Users\Andreas\Desktop\PC Wizard 2010.lnk
[2011.02.12 10:57:00 | 005,262,149 | ---- | M] (CPUID ) -- C:\Users\Andreas\Desktop\pc-wizard_2010.1.95-setup.exe
[2011.02.12 10:49:07 | 000,013,119 | ---- | M] () -- C:\Users\Andreas\AppData\Roaming\nvModes.001
[2011.02.12 10:41:53 | 000,000,134 | ---- | M] () -- C:\Users\Andreas\Desktop\Internet Explorer-Problembehebung.url
[2011.02.12 10:22:40 | 000,864,256 | ---- | M] () -- C:\Users\Andreas\Desktop\Dok1.doc
[2011.02.12 07:41:01 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1399674020-1881937264-2458645722-1000Core.job
[2011.02.11 18:13:18 | 000,645,397 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavifw.avm
[2011.02.10 03:44:11 | 000,637,262 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.02.10 03:44:11 | 000,603,224 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.02.10 03:44:11 | 000,129,996 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.02.10 03:44:11 | 000,107,040 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.02.10 03:36:30 | 000,460,616 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.01.16 09:40:00 | 000,602,508 | ---- | M] () -- C:\Users\Andreas\Desktop\IMAG0030.jpg
========== Files Created - No Company Name ==========
[2011.02.12 11:28:19 | 000,015,913 | ---- | C] () -- C:\Users\Andreas\Desktop\so sieht die seite aus.jpg
[2011.02.12 11:01:58 | 000,000,884 | ---- | C] () -- C:\Users\Andreas\Desktop\PC Wizard 2010.lnk
[2011.02.12 10:41:53 | 000,000,134 | ---- | C] () -- C:\Users\Andreas\Desktop\Internet Explorer-Problembehebung.url
[2011.02.12 10:22:39 | 000,864,256 | ---- | C] () -- C:\Users\Andreas\Desktop\Dok1.doc
[2011.01.16 09:40:38 | 000,602,508 | ---- | C] () -- C:\Users\Andreas\Desktop\IMAG0030.jpg
[2010.02.05 22:14:06 | 000,000,085 | ---- | C] () -- C:\Windows\MGX.INI
[2009.06.28 18:52:08 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.03.11 22:00:18 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2009.03.03 19:50:48 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2009.03.03 19:50:48 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
[2009.03.03 19:50:48 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2009.03.03 19:50:48 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
[2008.12.07 12:44:54 | 000,030,088 | ---- | C] () -- C:\Windows\System32\drivers\btnetBus.sys
[2008.07.02 07:25:29 | 000,450,542 | -HS- | C] () -- C:\Windows\System32\DeeOqBeg.ini
[2008.07.02 00:53:16 | 000,450,542 | -HS- | C] () -- C:\Windows\System32\sDJPAcfe.ini
[2008.07.01 20:12:39 | 000,451,844 | -HS- | C] () -- C:\Windows\System32\CKnWFfhk.ini
[2008.07.01 09:25:16 | 000,450,438 | -HS- | C] () -- C:\Windows\System32\EeKUFfhk.ini
[2008.07.01 01:55:56 | 000,451,035 | -HS- | C] () -- C:\Windows\System32\KkjlmUvw.ini
[2008.06.30 23:27:13 | 000,450,404 | -HS- | C] () -- C:\Windows\System32\IRCIOqss.ini
[2008.06.30 10:31:37 | 000,000,501 | ---- | C] () -- C:\Windows\wininit.ini
[2008.06.29 07:24:20 | 000,450,999 | -HS- | C] () -- C:\Windows\System32\IhghhiPo.ini
[2008.02.29 20:14:57 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008.02.29 20:14:56 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008.02.24 09:56:59 | 000,061,440 | ---- | C] () -- C:\Windows\System32\cygz.dll
[2008.02.24 09:56:59 | 000,007,196 | ---- | C] () -- C:\Windows\System32\INI_Pro_3GP_AAC.ini
[2008.02.24 09:56:59 | 000,006,490 | ---- | C] () -- C:\Windows\System32\INI_Pro_PSP.ini
[2008.02.24 09:56:59 | 000,005,028 | ---- | C] () -- C:\Windows\System32\INI_Pro_3GP2_AAC.ini
[2008.02.24 09:56:59 | 000,004,296 | ---- | C] () -- C:\Windows\System32\INI_Pro_Zune.ini
[2008.02.24 09:56:59 | 000,003,045 | ---- | C] () -- C:\Windows\System32\INI_Pro_iPod.ini
[2008.02.24 09:56:59 | 000,002,956 | ---- | C] () -- C:\Windows\System32\INI_Pro_PMP.ini
[2008.02.24 09:56:59 | 000,002,910 | ---- | C] () -- C:\Windows\System32\INI_Pro_3GP_AMR.ini
[2008.02.24 09:56:59 | 000,002,516 | ---- | C] () -- C:\Windows\System32\INI_Pro_PPC.ini
[2008.02.24 09:56:59 | 000,002,175 | ---- | C] () -- C:\Windows\System32\INI_Pro_iPhone.ini
[2008.02.24 09:56:59 | 000,001,964 | ---- | C] () -- C:\Windows\System32\INI_QT_3GPP2_QVGA_AAC.ini
[2008.02.24 09:56:59 | 000,001,964 | ---- | C] () -- C:\Windows\System32\INI_QT_3GPP2_QCIF_AAC.ini
[2008.02.24 09:56:59 | 000,001,878 | ---- | C] () -- C:\Windows\System32\INI_Pro_Xbox.ini
[2008.02.24 09:56:59 | 000,001,814 | ---- | C] () -- C:\Windows\System32\INI_QT_3GPP_QVGA_AMR.ini
[2008.02.24 09:56:59 | 000,001,814 | ---- | C] () -- C:\Windows\System32\INI_QT_3GPP_QVGA_AAC.ini
[2008.02.24 09:56:59 | 000,001,814 | ---- | C] () -- C:\Windows\System32\INI_QT_3GPP_QCIF_AMR.ini
[2008.02.24 09:56:59 | 000,001,814 | ---- | C] () -- C:\Windows\System32\INI_QT_3GPP_QCIF_AAC.ini
[2008.02.24 09:56:59 | 000,001,739 | ---- | C] () -- C:\Windows\System32\INI_Pro_AppleTV.ini
[2008.02.24 09:56:59 | 000,000,036 | ---- | C] () -- C:\Windows\System32\INI_Add_mfra.ini
[2008.02.24 09:56:52 | 000,262,144 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2008.02.24 09:56:49 | 000,598,016 | ---- | C] () -- C:\Windows\System32\viscomqtde.dll
[2007.12.28 08:22:04 | 000,010,296 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2007.05.30 11:22:08 | 000,000,028 | ---- | C] () -- C:\Windows\Jcmkr32.INI
[2007.04.28 14:58:39 | 000,000,952 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2007.04.28 09:49:00 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2007.03.27 19:32:49 | 000,069,632 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2007.03.27 19:32:49 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2007.03.27 19:31:54 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2007.03.27 19:21:10 | 000,000,037 | ---- | C] () -- C:\Windows\Acer.ini
[2007.02.06 22:57:20 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll
[2006.12.28 01:22:29 | 000,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI
[2006.12.05 12:27:19 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2006.12.05 10:40:19 | 000,000,101 | ---- | C] () -- C:\Windows\Alaunch.ini
[2006.12.05 10:40:08 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2006.12.05 10:39:08 | 000,042,594 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2006.12.05 03:35:42 | 000,198,144 | ---- | C] () -- C:\Windows\System32\_psisdecd.dll
[2006.12.05 03:31:48 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll
[2006.12.05 03:24:47 | 000,013,952 | ---- | C] () -- C:\Windows\System32\drivers\UBHelper.sys
[2006.12.05 03:17:47 | 000,356,352 | ---- | C] () -- C:\Windows\EMCRI.dll
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2003.02.20 16:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[2002.09.10 16:10:05 | 000,495,616 | ---- | C] () -- C:\Windows\System32\xvid.dll
[2001.12.26 15:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.09.03 22:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 15:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 21:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
========== LOP Check ==========
[2010.01.06 08:03:41 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Acronis
[2009.06.15 19:17:09 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\AD ON Multimedia
[2009.12.22 03:09:15 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Any Video Converter
[2008.06.28 23:14:03 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Application Data
[2010.07.17 23:57:10 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\BitComet
[2009.02.23 10:58:43 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\digital publishing
[2010.09.01 15:35:12 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\DVDVideoSoftIEHelpers
[2007.06.23 00:39:27 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\gtk-2.0
[2010.01.14 21:00:54 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Image Zone Express
[2009.12.06 13:28:35 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Leadertech
[2010.01.26 14:18:07 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Morpheus Software
[2008.10.11 02:56:27 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\mquadr.at
[2010.01.26 12:23:31 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\mresreg
[2010.10.31 16:58:15 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\MyPhoneExplorer
[2009.03.05 12:52:12 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Opera
[2007.06.09 19:21:41 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\PeerNetworking
[2010.01.14 21:00:53 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Printer Info Cache
[2010.07.18 08:02:11 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Registry Booster
[2010.01.21 08:06:45 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Registry Mechanic
[2008.08.26 05:06:32 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Shareaza
[2009.03.03 19:50:43 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Simply Super Software
[2011.01.15 01:41:30 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\TeamViewer
[2008.02.29 16:24:02 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\TuneUp Software
[2010.01.23 09:24:53 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Uniblue
[2010.02.04 01:27:10 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Web Page Maker
[2009.01.21 17:11:01 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Windows Live Writer
[2011.02.12 14:51:51 | 000,032,580 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.01.06 08:03:41 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Acronis
[2009.06.15 19:17:09 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\AD ON Multimedia
[2010.08.12 23:41:14 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Adobe
[2007.05.05 21:40:17 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\AdobeUM
[2009.12.22 03:09:15 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Any Video Converter
[2010.07.20 00:45:46 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Apple Computer
[2008.06.28 23:14:03 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Application Data
[2009.12.20 11:28:53 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\AVS4YOU
[2010.07.17 23:57:10 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\BitComet
[2007.05.03 23:49:57 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Corel
[2007.07.11 06:56:27 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\CyberLink
[2009.02.23 10:58:43 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\digital publishing
[2010.09.06 01:53:25 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\DivX
[2010.09.01 15:35:12 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\DVDVideoSoftIEHelpers
[2007.06.23 00:39:27 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\gtk-2.0
[2010.01.15 19:26:21 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\HpUpdate
[2007.03.27 19:21:51 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Identities
[2010.01.14 21:00:54 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Image Zone Express
[2008.02.15 20:08:14 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\InstallShield
[2007.07.12 01:21:04 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Intel
[2009.12.06 13:28:35 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Leadertech
[2008.02.15 19:42:33 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Logitech
[2007.03.27 19:21:14 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Macromedia
[2010.01.19 07:58:45 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Malwarebytes
[2006.11.02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Media Center Programs
[2010.11.08 14:55:30 | 000,000,000 | --SD | M] -- C:\Users\Andreas\AppData\Roaming\Microsoft
[2010.01.26 14:18:07 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Morpheus Software
[2010.07.29 18:01:37 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Mozilla
[2008.10.11 02:56:27 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\mquadr.at
[2010.01.26 12:23:31 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\mresreg
[2010.10.31 16:58:15 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\MyPhoneExplorer
[2009.03.05 12:52:12 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Opera
[2007.06.09 19:21:41 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\PeerNetworking
[2010.01.14 21:00:53 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Printer Info Cache
[2010.05.07 19:07:01 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Real
[2010.07.18 08:02:11 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Registry Booster
[2010.01.21 08:06:45 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Registry Mechanic
[2008.08.26 05:06:32 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Shareaza
[2009.03.03 19:50:43 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Simply Super Software
[2010.08.15 08:35:40 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Skype
[2010.08.15 08:27:12 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\skypePM
[2007.03.29 20:48:55 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Sun
[2008.02.09 15:47:56 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Talkback
[2011.01.15 01:41:30 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\TeamViewer
[2008.02.29 16:24:02 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\TuneUp Software
[2010.01.23 09:24:53 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Uniblue
[2010.02.04 01:27:10 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Web Page Maker
[2009.01.21 17:11:01 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Windows Live Writer
[2007.12.18 17:27:53 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Yahoo!
< %APPDATA%\*.exe /s >
[2007.05.08 21:29:03 | 026,598,760 | ---- | M] (Adobe Systems Inc ) -- C:\Users\Andreas\AppData\Roaming\Adobe\Acrobat\7.0\Updater\Ac705PrP_efgj.exe
[2007.05.06 10:04:02 | 005,214,208 | ---- | M] ( ) -- C:\Users\Andreas\AppData\Roaming\Adobe\Acrobat\7.0\Updater\AdbeRdr709_en_US.exe
[2008.09.11 13:46:15 | 013,505,768 | ---- | M] () -- C:\Users\Andreas\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airinstaller1x0\airinstaller1x0.exe
[2007.04.09 17:13:00 | 000,025,214 | R--- | M] () -- C:\Users\Andreas\AppData\Roaming\Microsoft\Installer\{2CF2D7F1-73A0-4D5D-85E6-A49AECF67B15}\_963318B54532554E2BCCC4.exe
[2007.04.09 17:13:00 | 000,025,214 | R--- | M] () -- C:\Users\Andreas\AppData\Roaming\Microsoft\Installer\{2CF2D7F1-73A0-4D5D-85E6-A49AECF67B15}\_B4BEDDCA51A0D19F96C44A.exe
[2010.04.27 00:48:27 | 000,454,838 | R--- | M] () -- C:\Users\Andreas\AppData\Roaming\Microsoft\Installer\{51E4FE53-D6B0-43A0-B98C-7DE233D53EAB}\_79EA6093CDC1C8B67BF4A7.exe
[2010.04.27 00:48:27 | 000,454,838 | R--- | M] () -- C:\Users\Andreas\AppData\Roaming\Microsoft\Installer\{51E4FE53-D6B0-43A0-B98C-7DE233D53EAB}\_B2A5E32828760C880D7C1D.exe
[2010.05.07 18:58:44 | 000,738,824 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Andreas\AppData\Roaming\Real\RealPlayer\setup\AU_setup20100217.exe
[2010.01.21 08:35:21 | 003,175,784 | ---- | M] (Uniblue Systems Ltd ) -- C:\Users\Andreas\AppData\Roaming\Uniblue\RegistryBooster 2010\_temp\ub.exe
[2010.04.21 00:55:12 | 004,004,960 | ---- | M] (Uniblue Systems Ltd ) -- C:\Users\Andreas\AppData\Roaming\Uniblue\RegistryBooster\_temp\ub.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.02.15 20:20:16 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.02.15 20:20:16 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.02.15 20:20:15 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2007.10.12 01:39:28 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2007.10.12 01:39:28 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: IASTORV.SYS >
[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: USER32.DLL >
[2007.04.04 08:40:21 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=63B4F59D7C89B1BF5277F1FFEFD491CD -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll
[2007.04.04 08:40:21 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll
[2008.01.19 08:36:46 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2006.11.02 10:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
< MD5 for: USERINIT.EXE >
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2006.11.02 09:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys
[2008.01.19 06:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.19 06:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009.04.11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009.04.11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
< >
========== Alternate Data Streams ==========
@Alternate Data Stream - 229 bytes -> C:\ProgramData\TEMP:8FF81EB0
@Alternate Data Stream - 185 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 16 bytes -> C:\Users\Andreas\Downloads\Documents\Shareaza Downloads:Shareaza.GUID
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:CB0AACC9
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:A8ADE5D8
< End of report >
--- --- ---
danke im voraus ! |
