Auswertung PC und Laptop
Hallo,
ich wollte einfach mal abchecken ob bei meinen zwei Geräten alles okay ist. Ich poste in der folgenden Reihenfolge:
Anti-malewarebytes
OTL (quickscann - falls normaler scann benötigt habe ich auch noch)
Hijackthis
Zuerst kommt mein PC ---------------------
Anti-Malewarebytes Code:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 5799
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
18.02.2011 18:31:16
mbam-log-2011-02-18 (18-31-16).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|)
Durchsuchte Objekte: 251662
Laufzeit: 13 Minute(n), 3 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
OTL
OTL Logfile: Code:
OTL logfile created on: 18.02.2011 18:43:53 - Run 2
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Philipp\Desktop\SchnickSchnack
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
6,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 69,00% Memory free
12,00 Gb Paging File | 10,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 922,79 Gb Total Space | 823,27 Gb Free Space | 89,22% Space Free | Partition Type: NTFS
Computer Name: PHILIPP-PC | User Name: Philipp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.02.18 18:10:58 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Philipp\Desktop\SchnickSchnack\OTL.exe
PRC - [2011.02.06 12:18:29 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.01.10 14:23:04 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.01.10 14:22:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.01.10 14:22:55 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.01.05 11:59:50 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.09.01 05:26:04 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010.08.03 09:43:02 | 000,522,824 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\Applets\LCDMedia.exe
PRC - [2010.04.07 15:59:42 | 000,013,624 | ---- | M] (Alienware) -- C:\Programme\Alienware\Command Center\AlienFXHook32Mngr.exe
PRC - [2010.04.07 15:59:20 | 000,061,256 | ---- | M] (Alienware Corporation) -- C:\Programme\Alienware\Command Center\AlienwareAlienFXController.exe
========== Modules (SafeList) ==========
MOD - [2011.02.18 18:10:58 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Philipp\Desktop\SchnickSchnack\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.01.05 03:57:44 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.04.07 16:04:18 | 000,014,648 | ---- | M] (Alienware) [Auto | Stopped] -- C:\Program Files\Alienware\Command Center\AlienFusionService.exe -- (AlienFusionService)
SRV - [2011.02.06 12:18:29 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.02.05 23:55:12 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.01.10 14:23:04 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.01.10 14:22:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.01.05 11:59:50 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.03 15:56:06 | 000,092,160 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.02.07 16:23:26 | 000,019,464 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AWOPFilterDriver.sys -- (AWOPFilterDriver)
DRV:64bit: - [2011.01.10 14:23:15 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.01.10 14:23:15 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.01.05 04:37:14 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.01.05 03:19:38 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.12.14 18:51:20 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010.11.17 13:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2009.11.23 17:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.23 17:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.08.25 14:42:22 | 000,112,240 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.07 00:36:46 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 46 CD 93 63 84 C5 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.8
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.02.06 00:00:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.02.06 00:00:47 | 000,000,000 | ---D | M]
[2011.02.05 23:48:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Philipp\AppData\Roaming\mozilla\Extensions
[2011.02.18 15:32:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\ozoss7bt.default\extensions
[2011.02.15 18:31:13 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\ozoss7bt.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2011.02.05 23:53:48 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\ozoss7bt.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.02.05 23:55:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.02.05 23:55:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.02.05 23:55:10 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [AlienFX Controller] C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (Alienware Corporation)
O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] File not found
O4:64bit: - HKLM..\Run: [Thermal Controller] C:\Program Files\Alienware\Command Center\ThermalController.exe (Alienware Corp.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4407195f-3171-11e0-8ac6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4407195f-3171-11e0-8ac6-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autoRcd.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.02.18 18:21:36 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Desktop\Auswertung PC
[2011.02.11 19:44:41 | 000,021,480 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\cpuz134_x64.sys
[2011.02.10 17:57:52 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\2K Games
[2011.02.10 17:57:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011.02.07 23:02:46 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Documents\Scanned Documents
[2011.02.07 23:02:46 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Documents\Fax
[2011.02.07 16:24:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alienware
[2011.02.06 20:00:04 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2011.02.06 16:18:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2011.02.06 16:17:25 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment
[2011.02.06 15:47:48 | 000,000,000 | ---D | C] -- C:\Programme\World of Warcraft
[2011.02.06 15:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2011.02.06 15:47:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard
[2011.02.06 12:21:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2011.02.06 12:21:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2011.02.06 12:21:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech
[2011.02.06 12:21:11 | 000,000,000 | ---D | C] -- C:\Programme\Logitech
[2011.02.06 12:20:37 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2011.02.06 12:19:18 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\PunkBuster
[2011.02.06 12:19:16 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Documents\BFBC2
[2011.02.06 07:44:00 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011.02.06 07:43:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\OEM
[2011.02.06 07:43:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\OEM
[2011.02.06 02:23:31 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Macromedia
[2011.02.06 02:23:31 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Adobe
[2011.02.06 02:19:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011.02.06 01:41:42 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Activision
[2011.02.06 01:13:51 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Documents\AlienFX
[2011.02.06 01:12:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Alienware
[2011.02.06 01:09:49 | 000,000,000 | ---D | C] -- C:\Programme\Alienware
[2011.02.06 00:56:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011.02.06 00:45:07 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\TS3Client
[2011.02.06 00:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2011.02.06 00:39:12 | 000,000,000 | ---D | C] -- C:\Programme\TeamSpeak 3 Client
[2011.02.06 00:34:55 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Malwarebytes
[2011.02.06 00:34:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.02.06 00:34:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.02.06 00:34:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.02.06 00:34:43 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.02.06 00:34:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.02.06 00:29:33 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2011.02.06 00:02:01 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Apple Computer
[2011.02.06 00:02:00 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Apple Computer
[2011.02.06 00:01:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.02.06 00:01:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011.02.06 00:01:30 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2011.02.06 00:01:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011.02.06 00:01:30 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2011.02.06 00:01:30 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011.02.06 00:00:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011.02.06 00:00:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011.02.06 00:00:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011.02.06 00:00:36 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Apple
[2011.02.06 00:00:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011.02.06 00:00:29 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Apple
[2011.02.06 00:00:22 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2011.02.06 00:00:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011.02.06 00:00:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011.02.06 00:00:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011.02.05 23:57:42 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Logitech
[2011.02.05 23:55:56 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2011.02.05 23:55:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.02.05 23:55:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.02.05 23:55:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011.02.05 23:54:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2011.02.05 23:54:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011.02.05 23:54:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2011.02.05 23:50:55 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Avira
[2011.02.05 23:50:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.02.05 23:50:01 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.02.05 23:50:01 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.02.05 23:50:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.02.05 23:50:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2011.02.05 23:49:03 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Desktop\SchnickSchnack
[2011.02.05 23:48:11 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Mozilla
[2011.02.05 23:48:11 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Mozilla
[2011.02.05 23:48:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2011.02.05 23:48:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.02.05 23:44:02 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\ATI
[2011.02.05 23:44:02 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\ATI
[2011.02.05 23:44:02 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011.02.05 23:41:25 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\ATI Technologies
[2011.02.05 23:41:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2011.02.05 23:41:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATI Stream SDK v2
[2011.02.05 23:41:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Stream
[2011.02.05 23:41:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI
[2011.02.05 23:41:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011.02.05 23:40:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2011.02.05 23:40:42 | 000,000,000 | ---D | C] -- C:\Programme\ATI Technologies
[2011.02.05 23:40:39 | 000,000,000 | ---D | C] -- C:\Programme\ATI
[2011.02.05 23:40:08 | 000,000,000 | ---D | C] -- C:\ATI
[2011.02.05 23:39:54 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2011.02.05 23:39:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2011.02.05 23:28:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Broadcom
[2011.02.05 23:28:22 | 000,000,000 | ---D | C] -- C:\Programme\Broadcom
[2011.02.05 23:27:36 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011.02.05 23:27:32 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Downloaded Installations
[2011.02.05 23:27:03 | 000,000,000 | ---D | C] -- C:\RaidTool
[2011.02.05 23:27:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JMicron Technology Corp
[2011.02.05 23:26:58 | 000,000,000 | ---D | C] -- C:\Windows\RaidTool
[2011.02.05 23:23:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2011.02.05 23:23:42 | 000,000,000 | ---D | C] -- C:\Programme\Realtek
[2011.02.05 23:23:27 | 000,513,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2011.02.05 23:23:27 | 000,150,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2011.02.05 23:23:26 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2011.02.05 23:23:26 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2011.02.05 23:23:26 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011.02.05 23:23:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2011.02.05 23:23:24 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2011.02.05 23:23:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2011.02.05 23:19:09 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.02.05 23:19:09 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Searches
[2011.02.05 23:19:09 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.02.05 23:18:54 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Identities
[2011.02.05 23:18:49 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Contacts
[2011.02.05 23:18:45 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\VirtualStore
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Vorlagen
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\AppData\Local\Verlauf
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\AppData\Local\Temporary Internet Files
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Startmenü
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\SendTo
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Recent
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Netzwerkumgebung
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Lokale Einstellungen
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Documents\Eigene Videos
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Documents\Eigene Musik
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Eigene Dateien
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Documents\Eigene Bilder
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Druckumgebung
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Cookies
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\AppData\Local\Anwendungsdaten
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Anwendungsdaten
[2011.02.05 23:18:27 | 000,000,000 | --SD | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft
[2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Videos
[2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Saved Games
[2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Pictures
[2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Music
[2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Links
[2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Favorites
[2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Downloads
[2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Documents
[2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Desktop
[2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.02.05 23:18:27 | 000,000,000 | -H-D | C] -- C:\Users\Philipp\AppData
[2011.02.05 23:18:27 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Temp
[2011.02.05 23:18:27 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Microsoft
[2011.02.05 23:18:27 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Media Center Programs
[2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2011.02.05 22:50:34 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011.02.05 22:46:37 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
========== Files - Modified Within 30 Days ==========
[2011.02.18 18:19:02 | 001,613,000 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.02.18 18:19:02 | 000,696,752 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.02.18 18:19:02 | 000,652,070 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.02.18 18:19:02 | 000,148,048 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.02.18 18:19:02 | 000,121,002 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.02.18 17:11:21 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.02.18 17:11:21 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.02.18 17:03:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.02.18 17:03:37 | 529,731,583 | -HS- | M] () -- C:\hiberfil.sys
[2011.02.10 15:21:42 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.02.09 17:48:19 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011.02.07 16:26:28 | 000,001,843 | ---- | M] () -- C:\Users\Public\Desktop\Alienware Command Center.lnk
[2011.02.07 16:26:06 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_AWOPFilterDriver_01007.Wdf
[2011.02.07 16:23:26 | 000,019,464 | ---- | M] () -- C:\Windows\SysNative\drivers\AWOPFilterDriver.sys
[2011.02.06 19:43:32 | 008,690,712 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.02.06 12:19:22 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.02.06 12:19:22 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.02.06 12:18:29 | 002,434,856 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011.02.06 12:18:29 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.02.06 00:39:15 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2011.02.06 00:01:58 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.02.05 23:58:44 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2011.02.05 23:57:40 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSBW_01_00_00.Wdf
[2011.02.05 23:57:35 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSQVGA_01_00_00.Wdf
[2011.02.05 23:49:19 | 000,001,031 | ---- | M] () -- C:\Users\Philipp\Desktop\Philipp - Verknüpfung.lnk
[2011.02.05 23:48:09 | 000,001,945 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.02.05 23:44:53 | 000,012,526 | ---- | M] () -- C:\Users\Philipp\Desktop\Computer - Verknüpfung.lnk
[2011.02.05 23:42:56 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2011.02.05 23:23:54 | 000,000,159 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2011.02.05 23:17:08 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011.02.05 23:17:08 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011.02.05 22:54:28 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.01.29 16:51:24 | 000,000,171 | ---- | M] () -- C:\WJYJUIF7.dat
========== Files Created - No Company Name ==========
[2011.02.09 17:48:19 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011.02.07 16:26:28 | 000,001,843 | ---- | C] () -- C:\Users\Public\Desktop\Alienware Command Center.lnk
[2011.02.07 16:26:06 | 000,019,464 | ---- | C] () -- C:\Windows\SysNative\drivers\AWOPFilterDriver.sys
[2011.02.07 16:26:06 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_AWOPFilterDriver_01007.Wdf
[2011.02.06 12:19:22 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.02.06 12:18:30 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.02.06 12:18:29 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011.02.06 12:18:29 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.02.06 01:02:45 | 008,690,712 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.02.06 00:39:15 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2011.02.06 00:01:58 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.02.06 00:00:35 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011.02.05 23:57:40 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSBW_01_00_00.Wdf
[2011.02.05 23:57:35 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSQVGA_01_00_00.Wdf
[2011.02.05 23:54:36 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2011.02.05 23:49:19 | 000,001,031 | ---- | C] () -- C:\Users\Philipp\Desktop\Philipp - Verknüpfung.lnk
[2011.02.05 23:48:09 | 000,001,945 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.02.05 23:44:53 | 000,012,526 | ---- | C] () -- C:\Users\Philipp\Desktop\Computer - Verknüpfung.lnk
[2011.02.05 23:42:56 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.02.05 23:23:54 | 000,188,416 | ---- | C] () -- C:\Windows\SysNative\APOMgr64.DLL
[2011.02.05 23:23:54 | 000,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011.02.05 23:23:54 | 000,088,064 | ---- | C] () -- C:\Windows\SysNative\CmdRtr64.DLL
[2011.02.05 23:23:54 | 000,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011.02.05 23:23:54 | 000,000,159 | RH-- | C] () -- C:\Windows\ctfile.rfc
[2011.02.05 23:19:20 | 000,001,411 | ---- | C] () -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.02.05 23:19:12 | 000,001,445 | ---- | C] () -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.02.05 22:57:10 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011.02.05 22:57:03 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011.02.05 22:54:28 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.01.29 16:51:24 | 000,000,171 | ---- | C] () -- C:\WJYJUIF7.dat
[2010.04.07 15:58:22 | 000,097,584 | ---- | C] () -- C:\Windows\SysWow64\CCBiosSupportAPI.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
========== LOP Check ==========
[2011.02.06 14:48:06 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\TS3Client
[2009.07.14 06:08:49 | 000,012,474 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
--- --- ---
Hijackthis:
HiJackthis Logfile: Code:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:50:04, on 18.02.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal
Running processes:
C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Philipp\Desktop\SchnickSchnack\HiJackThis204.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Alienware Fusion Service (AlienFusionService) - Alienware - C:\Program Files\Alienware\Command Center\AlienFusionService.exe
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6469 bytes
--- --- ---
Hier mein Laptop:
Anti-Malewarebyts Code:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 5799
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
18.02.2011 18:38:30
mbam-log-2011-02-18 (18-38-30).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Durchsuchte Objekte: 247251
Laufzeit: 17 Minute(n), 7 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
OTL
OTL Logfile: Code:
OTL logfile created on: 18.02.2011 18:42:57 - Run 2
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Philipp\Desktop\SchnickSchnack
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 67,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 225,80 Gb Total Space | 194,95 Gb Free Space | 86,34% Space Free | Partition Type: NTFS
Drive D: | 226,19 Gb Total Space | 226,09 Gb Free Space | 99,96% Space Free | Partition Type: NTFS
Computer Name: PHILIPP-PC | User Name: Philipp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.02.18 18:10:56 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Philipp\Desktop\SchnickSchnack\OTL.exe
PRC - [2011.01.10 14:23:04 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.01.10 14:22:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.01.10 14:22:55 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.01.05 11:59:50 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.04.08 21:18:40 | 000,908,368 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010.04.08 21:18:40 | 000,312,400 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010.04.08 21:18:40 | 000,298,064 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010.03.09 00:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010.03.09 00:56:38 | 000,260,608 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2010.02.01 19:05:02 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
PRC - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2010.01.13 10:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2009.12.25 02:45:16 | 000,401,192 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2009.12.25 02:44:48 | 000,201,512 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2009.11.06 01:51:20 | 000,144,640 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
========== Modules (SafeList) ==========
MOD - [2011.02.18 18:10:56 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Philipp\Desktop\SchnickSchnack\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010.03.29 17:41:36 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011.02.09 19:07:15 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.01.10 14:23:04 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.01.10 14:22:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.01.05 11:59:50 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.04.23 10:46:22 | 000,867,360 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2010.04.08 21:18:40 | 000,312,400 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010.03.26 11:46:48 | 000,920,352 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.09 00:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010.02.01 19:04:40 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009.11.06 01:51:20 | 000,144,640 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc)
SRV - [2009.11.06 01:50:50 | 000,050,432 | ---- | M] (NewTech InfoSystems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.01.10 14:23:15 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.01.10 14:23:15 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2010.04.02 01:18:30 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010.03.29 17:51:38 | 006,405,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.03.29 16:46:28 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.03.09 15:21:42 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.03.06 18:04:08 | 000,335,400 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.03.02 23:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.02.16 04:05:12 | 000,102,440 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.02.09 06:57:22 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.01.14 23:41:12 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.01.14 23:41:06 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.12.22 02:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009.10.22 05:55:06 | 000,272,432 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009.10.16 11:32:22 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2009.08.24 02:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.20 03:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.03 03:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009.06.03 03:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009.06.03 03:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.05.06 01:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.05.06 01:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.8
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.02.09 19:18:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.02.09 19:18:55 | 000,000,000 | ---D | M]
[2011.02.09 18:49:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Philipp\AppData\Roaming\mozilla\Extensions
[2011.02.17 22:01:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\nmen04xg.default\extensions
[2011.02.17 06:59:46 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\nmen04xg.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2011.02.09 18:55:43 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\nmen04xg.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.02.09 19:03:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.02.09 19:03:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.02.09 19:03:26 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.02.18 18:20:17 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Desktop\Auswertung Laptop
[2011.02.18 18:11:31 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Diagnostics
[2011.02.13 19:20:10 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Malwarebytes
[2011.02.13 19:20:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.02.13 19:20:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.02.13 19:20:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.02.13 19:20:03 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.02.13 19:20:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.02.11 17:42:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011.02.11 17:26:57 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011.02.11 17:26:55 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Skype
[2011.02.11 17:26:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011.02.11 17:01:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011.02.09 19:19:51 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Apple Computer
[2011.02.09 19:19:50 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Apple Computer
[2011.02.09 19:19:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.02.09 19:19:25 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2011.02.09 19:19:24 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2011.02.09 19:19:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011.02.09 19:19:24 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011.02.09 19:18:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011.02.09 19:18:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011.02.09 19:18:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011.02.09 19:18:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011.02.09 19:18:32 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Apple
[2011.02.09 19:18:22 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Apple
[2011.02.09 19:18:11 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2011.02.09 19:18:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011.02.09 19:18:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011.02.09 19:18:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011.02.09 19:06:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011.02.09 19:06:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2011.02.09 19:06:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2011.02.09 19:04:04 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2011.02.09 19:03:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.02.09 19:03:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.02.09 19:03:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011.02.09 18:56:31 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Desktop\SchnickSchnack
[2011.02.09 18:56:19 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Avira
[2011.02.09 18:51:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.02.09 18:51:25 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.02.09 18:51:24 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.02.09 18:51:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.02.09 18:51:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2011.02.09 18:49:34 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Mozilla
[2011.02.09 18:49:34 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Mozilla
[2011.02.09 18:49:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2011.02.09 18:49:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.02.09 18:47:57 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Adobe
[2011.02.09 15:29:18 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Google
[2011.02.09 15:17:57 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\ATI
[2011.02.09 15:17:57 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\ATI
[2011.02.09 15:17:57 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011.02.09 15:17:33 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2011.02.09 15:16:45 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\EgisTec IPS
[2011.02.09 15:16:43 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Macromedia
[2011.02.09 15:16:12 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.02.09 15:16:12 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.02.09 15:16:11 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Searches
[2011.02.09 15:16:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OEM
[2011.02.09 15:15:39 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Identities
[2011.02.09 15:15:31 | 000,000,000 | ---D | C] -- C:\Programme\Acer Accessory Store
[2011.02.09 15:15:26 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Contacts
[2011.02.09 15:15:22 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\VirtualStore
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Vorlagen
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\AppData\Local\Verlauf
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\AppData\Local\Temporary Internet Files
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Startmenü
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\SendTo
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Recent
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Netzwerkumgebung
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Lokale Einstellungen
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Documents\Eigene Videos
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Documents\Eigene Musik
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Eigene Dateien
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Documents\Eigene Bilder
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Druckumgebung
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Cookies
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\AppData\Local\Anwendungsdaten
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Anwendungsdaten
[2011.02.09 15:14:45 | 000,000,000 | --SD | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft
[2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Videos
[2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Saved Games
[2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Pictures
[2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Music
[2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Links
[2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Favorites
[2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Downloads
[2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Documents
[2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Desktop
[2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.02.09 15:14:45 | 000,000,000 | -H-D | C] -- C:\Users\Philipp\AppData
[2011.02.09 15:14:45 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Temp
[2011.02.09 15:14:45 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Microsoft
[2011.02.09 15:14:45 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Media Center Programs
[2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\Programme
[2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2011.02.08 21:57:08 | 000,000,000 | ---D | C] -- C:\Windows\de-DE
[2011.02.08 21:57:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2011.02.08 21:57:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\de-DE
[2011.02.08 21:57:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de
[2011.02.08 21:57:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0407
[2011.02.08 21:57:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0407
[2011.02.08 21:57:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2011.02.08 21:57:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de
[2011.02.08 21:56:00 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui
[2011.02.08 21:56:00 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui
[2011.02.08 21:55:58 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui
[2011.02.08 21:55:58 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui
[2011.02.08 21:50:54 | 000,000,000 | ---D | C] -- C:\Windows\NAPP_Dism_Log
[2011.02.08 21:47:16 | 000,349,776 | ---- | C] (Dritek System Inc.) -- C:\Windows\UNINSTLMv4.EXE
[2011.02.08 21:46:03 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2011.02.08 21:46:03 | 000,055,296 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll
[2011.02.08 21:46:02 | 000,450,560 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2011.02.08 21:46:02 | 000,202,752 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2011.02.08 21:46:02 | 000,012,288 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2011.02.08 21:45:31 | 000,525,088 | ---- | C] (Wistron Corp.) -- C:\Windows\WGRegx64.exe
[2011.02.08 21:45:31 | 000,000,000 | ---D | C] -- C:\Windows\Lan
[2011.02.08 21:45:16 | 000,484,128 | ---- | C] (Wistron Corp.) -- C:\Windows\WISMVIMG.EXE
[2011.02.08 21:45:16 | 000,255,264 | ---- | C] (Wistron Corp.) -- C:\Windows\WISI2BAT.EXE
[2011.02.08 21:45:16 | 000,176,928 | ---- | C] (Wistron Corp.) -- C:\Windows\PATCHFUL.EXE
[2011.02.08 21:45:15 | 000,388,384 | ---- | C] (Wistron Corp.) -- C:\Windows\WisGAPasx64.exe
[2011.02.08 21:45:15 | 000,342,560 | ---- | C] (Acer Inc.) -- C:\Windows\ParseModule_X64.exe
[2011.02.08 21:45:14 | 000,326,432 | ---- | C] (Wistron Corp.) -- C:\Windows\WisGAPas.exe
[2011.02.08 21:45:14 | 000,231,968 | ---- | C] (Acer Inc.) -- C:\Windows\ParseModule_X86.exe
[2011.02.08 13:22:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011.02.08 13:21:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2011.02.08 13:21:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011.02.08 13:21:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2011.02.08 13:21:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011.02.08 13:21:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2011.02.08 13:21:03 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011.02.08 13:20:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2011.02.08 13:19:28 | 000,000,000 | ---D | C] -- C:\BOOK
[2011.02.08 13:19:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.02.08 13:19:06 | 000,000,000 | ---D | C] -- C:\Programme\Preload
[2011.02.08 13:18:57 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9
[2011.02.08 13:18:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\CyberLink
[2011.02.08 13:17:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2011.02.08 13:17:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2011.02.08 13:16:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Launch Manager
[2011.02.08 13:15:59 | 000,000,000 | ---D | C] -- C:\Programme\Apoint2K
[2011.02.08 13:15:44 | 001,664,248 | ---- | C] (SuYin) -- C:\Windows\Acer Crystal Eye webcam.exe
[2011.02.08 13:15:44 | 000,049,464 | ---- | C] ( ) -- C:\Windows\AutosetFrequency.exe
[2011.02.08 13:15:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam
[2011.02.08 13:13:29 | 000,000,000 | ---D | C] -- C:\Programme\WIDCOMM
[2011.02.08 13:12:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2011.02.08 13:12:24 | 000,000,000 | ---D | C] -- C:\Programme\Realtek
[2011.02.08 13:12:22 | 002,719,504 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2011.02.08 13:12:22 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2011.02.08 13:12:21 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2011.02.08 13:12:21 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2011.02.08 13:12:21 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2011.02.08 13:12:18 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2011.02.08 13:12:18 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2011.02.08 13:12:18 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2011.02.08 13:12:18 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2011.02.08 13:12:18 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2011.02.08 13:12:18 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2011.02.08 13:12:17 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2011.02.08 13:12:17 | 000,325,904 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2011.02.08 13:12:12 | 000,474,896 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2011.02.08 13:12:12 | 000,321,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2011.02.08 13:12:11 | 001,325,328 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2011.02.08 13:12:11 | 001,178,384 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2011.02.08 13:12:11 | 000,489,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2011.02.08 13:12:11 | 000,315,152 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2011.02.08 13:12:11 | 000,268,560 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2011.02.08 13:12:11 | 000,265,488 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2011.02.08 13:12:11 | 000,123,664 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2011.02.08 13:12:11 | 000,123,152 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2011.02.08 13:12:11 | 000,122,128 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2011.02.08 13:12:10 | 001,110,800 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2011.02.08 13:12:10 | 000,504,592 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2011.02.08 13:12:08 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2011.02.08 13:11:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2011.02.08 13:11:42 | 000,000,000 | ---D | C] -- C:\Programme\DIFX
[2011.02.08 13:11:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011.02.08 13:11:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2011.02.08 13:11:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011.02.08 13:09:41 | 000,000,000 | ---D | C] -- C:\Programme\ATI
[2011.02.08 13:09:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2011.02.08 13:06:25 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011.02.08 13:03:19 | 000,000,000 | -HSD | C] -- C:\System Volume Information
========== Files - Modified Within 30 Days ==========
[2011.02.18 18:30:01 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\Acer Registration - Reminder Recall task.job
[2011.02.18 18:14:52 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.02.18 18:14:52 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.02.18 18:14:52 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.02.18 18:14:52 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.02.18 18:14:52 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.02.18 18:06:05 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.02.18 18:06:05 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.02.18 17:58:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.02.18 17:58:21 | 3219,787,776 | -HS- | M] () -- C:\hiberfil.sys
[2011.02.11 17:32:08 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.02.11 17:26:57 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.02.09 19:19:47 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.02.09 19:08:23 | 000,000,921 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2011.02.09 19:02:40 | 000,000,987 | ---- | M] () -- C:\Users\Philipp\Desktop\Philipp.lnk
[2011.02.09 18:49:35 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2011.02.09 18:49:24 | 000,001,943 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.02.09 15:24:40 | 000,012,482 | ---- | M] () -- C:\Users\Philipp\Desktop\Computer - Verknüpfung.lnk
[2011.02.09 15:16:37 | 000,000,201 | ---- | M] () -- C:\Windows\USER.XML
[2011.02.09 15:14:55 | 000,000,211 | RHS- | M] () -- C:\Preload.rev
[2011.02.09 15:14:55 | 000,000,168 | ---- | M] () -- C:\Windows\WisLangCode.ini
[2011.02.09 15:14:24 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011.02.09 15:14:24 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011.02.08 22:01:15 | 000,001,690 | ---- | M] () -- C:\Windows\WPatchProgress.ini
[2011.02.08 21:56:52 | 000,295,922 | ---- | M] () -- C:\Windows\SysNative\perfi007.dat
[2011.02.08 21:56:52 | 000,038,104 | ---- | M] () -- C:\Windows\SysNative\perfd007.dat
[2011.02.08 21:56:00 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui
[2011.02.08 21:56:00 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui
[2011.02.08 21:55:58 | 000,004,096 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui
[2011.02.08 21:55:58 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui
[2011.02.08 21:50:54 | 000,011,453 | ---- | M] () -- C:\Windows\ChangeLang_Done.tag
[2011.02.08 21:48:54 | 000,000,926 | ---- | M] () -- C:\Windows\MOD01SET74DE0N0003.XML
[2011.02.08 13:32:54 | 000,000,213 | ---- | M] () -- C:\Windows\Factory.xml
[2011.02.08 13:22:47 | 000,000,020 | ---- | M] () -- C:\Windows\ú©
[2011.02.08 13:16:13 | 000,000,184 | ---- | M] () -- C:\Windows\LMv4.UNI
[2011.02.08 13:16:03 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01007.Wdf
[2011.02.08 13:14:45 | 000,000,834 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2011.02.08 13:07:11 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2011.02.08 13:06:18 | 000,696,680 | ---- | M] () -- C:\Windows\SysNative\oem7.inf
========== Files Created - No Company Name ==========
[2011.02.11 17:26:57 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.02.11 16:44:08 | 000,000,390 | ---- | C] () -- C:\Windows\tasks\Acer Registration - Reminder Recall task.job
[2011.02.09 19:19:47 | 000,001,787 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.02.09 19:18:32 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011.02.09 19:06:26 | 000,000,921 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2011.02.09 19:02:40 | 000,000,987 | ---- | C] () -- C:\Users\Philipp\Desktop\Philipp.lnk
[2011.02.09 18:49:35 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.02.09 18:49:24 | 000,001,943 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.02.09 15:24:40 | 000,012,482 | ---- | C] () -- C:\Users\Philipp\Desktop\Computer - Verknüpfung.lnk
[2011.02.09 15:16:25 | 000,001,409 | ---- | C] () -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.02.09 15:16:18 | 000,001,443 | ---- | C] () -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.02.08 22:01:15 | 000,011,453 | ---- | C] () -- C:\Windows\ChangeLang_Done.tag
[2011.02.08 21:57:37 | 000,654,166 | ---- | C] () -- C:\Windows\SysNative\perfh007.dat
[2011.02.08 21:57:37 | 000,295,922 | ---- | C] () -- C:\Windows\SysNative\perfi007.dat
[2011.02.08 21:57:37 | 000,130,006 | ---- | C] () -- C:\Windows\SysNative\perfc007.dat
[2011.02.08 21:57:37 | 000,038,104 | ---- | C] () -- C:\Windows\SysNative\perfd007.dat
[2011.02.08 21:49:01 | 000,000,926 | ---- | C] () -- C:\Windows\MOD01SET74DE0N0003.XML
[2011.02.08 21:48:34 | 000,000,385 | RHS- | C] () -- C:\Patch.rev
[2011.02.08 21:48:34 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1025_ACER_ACER_Aspire 7552.mrk
[2011.02.08 21:48:34 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\1025_ACER_ACER_Aspire 7552.mrk
[2011.02.08 21:46:03 | 000,511,072 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2011.02.08 21:46:03 | 000,511,072 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2011.02.08 21:46:03 | 000,026,112 | ---- | C] () -- C:\Windows\SysNative\atitmp64.dll
[2011.02.08 21:46:03 | 000,002,093 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.02.08 21:46:03 | 000,002,093 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2011.02.08 21:46:02 | 000,332,288 | ---- | C] () -- C:\Windows\SysNative\ATIODE.exe
[2011.02.08 21:46:02 | 000,201,875 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2011.02.08 21:46:02 | 000,051,200 | ---- | C] () -- C:\Windows\SysNative\ATIODCLI.exe
[2011.02.08 21:46:02 | 000,020,692 | ---- | C] () -- C:\Windows\atiogl.xml
[2011.02.08 21:46:01 | 000,033,616 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2011.02.08 21:45:31 | 000,000,201 | ---- | C] () -- C:\Windows\USER.XML
[2011.02.08 21:45:13 | 000,001,690 | ---- | C] () -- C:\Windows\WPatchProgress.ini
[2011.02.08 13:24:22 | 000,000,033 | ---- | C] () -- C:\Windows\LaunApp.ini
[2011.02.08 13:22:46 | 000,000,020 | ---- | C] () -- C:\Windows\ú©
[2011.02.08 13:16:13 | 000,000,184 | ---- | C] () -- C:\Windows\LMv4.UNI
[2011.02.08 13:16:03 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01007.Wdf
[2011.02.08 13:15:44 | 000,632,056 | ---- | C] () -- C:\Windows\Image.dll
[2011.02.08 13:15:44 | 000,222,382 | ---- | C] () -- C:\Windows\Acer Crystal Eye webcam.ico
[2011.02.08 13:15:44 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2011.02.08 13:15:44 | 000,025,848 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe
[2011.02.08 13:15:44 | 000,009,168 | ---- | C] () -- C:\Windows\Suyin.reg
[2011.02.08 13:15:44 | 000,000,637 | ---- | C] () -- C:\Windows\AutoSetFrequency.ini
[2011.02.08 13:15:44 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini
[2011.02.08 13:13:39 | 000,000,834 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2011.02.08 13:12:24 | 000,231,056 | ---- | C] () -- C:\Windows\SysNative\drivers\RTConvEQ.dat
[2011.02.08 13:12:24 | 000,026,448 | ---- | C] () -- C:\Windows\SysNative\drivers\RtPCEE3.DAT
[2011.02.08 13:12:24 | 000,001,352 | ---- | C] () -- C:\Windows\SysNative\drivers\RtHdatEx.dat
[2011.02.08 13:12:24 | 000,000,712 | ---- | C] () -- C:\Windows\SysNative\drivers\SamSfPa.dat
[2011.02.08 13:12:24 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX3.dat
[2011.02.08 13:12:24 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX2.dat
[2011.02.08 13:12:24 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX1.dat
[2011.02.08 13:12:24 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX0.dat
[2011.02.08 13:12:24 | 000,000,176 | ---- | C] () -- C:\Windows\SysNative\drivers\RTHDAEQ1.dat
[2011.02.08 13:12:24 | 000,000,008 | ---- | C] () -- C:\Windows\SysNative\drivers\rtkhdaud.dat
[2011.02.08 13:07:11 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.02.08 13:06:22 | 000,696,680 | ---- | C] () -- C:\Windows\SysNative\oem7.inf
[2011.02.08 13:03:20 | 3219,787,776 | -HS- | C] () -- C:\hiberfil.sys
[2010.05.19 23:08:32 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010.05.19 23:07:19 | 000,000,193 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2010.05.19 23:07:19 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2010.05.19 23:07:19 | 000,000,147 | ---- | C] () -- C:\Windows\WisPriority.ini
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
========== LOP Check ==========
[2011.02.18 18:30:01 | 000,000,390 | ---- | M] () -- C:\Windows\Tasks\Acer Registration - Reminder Recall task.job
[2009.07.14 06:08:49 | 000,008,420 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
--- --- ---
Hijackthis
HiJackthis Logfile: Code:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:51:52, on 18.02.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Users\Philipp\Desktop\SchnickSchnack\HiJackThis204.exe
C:\Windows\SysWOW64\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9360 bytes
--- --- ---
Vielen dank schonmal :bussi:
Gruß
*push* :heilig: |
