| matze1179 | 22.04.2011 16:52 |
TR/Kazy.mekml.1 eingefangen
Hallo in die Runde,
Seit heute morgen zeigt mir Antivir an, dass der Trojaner „TP/Kazy.mekml.1“ gefunden wurde.
Hinzu kommen noch Meldungen, dass meine Festplatte beschädigt sei (kritischer Fehler), dass der RAM-Speicher gescheitert ist, usw.
Der Bildschirmhintergrund ist schwarz und ich kann nicht auf meine Dateien zugreifen.
Das ist die identische Fehlerbeschreibung eines Leidensgenossen.
Ich habe hier schon einiges gelesen und versucht vorzubereiten.
- Load.exe geladen und durchlaufen lassen (Symbole auf dem Desktop verschwinden wieder nach dem Neustart!?!)
-ebenso wie OTL und erun...
-Malewarebytes ist durchgelaufen, find nur die Log-Datei nicht wieder.
In diesen Dingen bin ich leider ein Laie und benötige eine nachvollziehbare Anleitung :)
Bitte um dringende HILFE!!
Vielen Dank.
gruß
Matze1179
Hier die entsprechende OTL.TxtOTL Logfile: Code:
OTL logfile created on: 22.04.2011 18:12:55 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\matze\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
6,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 67,00% Memory free
12,00 Gb Paging File | 10,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 366,72 Gb Total Space | 224,23 Gb Free Space | 61,14% Space Free | Partition Type: NTFS
Drive H: | 550,13 Gb Total Space | 536,90 Gb Free Space | 97,60% Space Free | Partition Type: NTFS
Computer Name: MATZE-PC | User Name: matze | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\matze\Desktop\OTL(4).exe (OldTimer Tools)
PRC - C:\ProgramData\GoWNKtoBbTfMqRQ.exe (WinTrust)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrB.exe ()
PRC - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
PRC - C:\Program Files (x86)\Logitech\QuickCam\Quickcam.exe ()
PRC - C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
PRC - C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - C:\Windows\SysWOW64\conime.exe (Microsoft Corporation)
PRC - C:\Windows\SysWOW64\attrib.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Users\matze\Desktop\OTL(4).exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\Temp\logishrd\LVPrcInj01.dll (Logitech Inc.)
========== Win32 Services (SafeList) ==========
SRV:64bit: - (LVPrcS64) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV:64bit: - (LVCOMSer) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSer64.exe (Logitech Inc.)
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll ()
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (PnkBstrB) -- C:\Windows\SysWOW64\PnkBstrB.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (ETService) -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (eDataSecurity Service) -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Acer HomeMedia Connect Service) -- C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software GmbH)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys ()
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\DRIVERS\avgntflt.sys ()
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\DRIVERS\avipbb.sys ()
DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys ()
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys ()
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys ()
DRV:64bit: - (AnyDVD) -- C:\Windows\SysNative\Drivers\AnyDVD.sys ()
DRV:64bit: - (psdvdisk) -- C:\Windows\SysNative\DRIVERS\PSDVdisk.sys ()
DRV:64bit: - (PSDNServ) -- C:\Windows\SysNative\DRIVERS\PSDNServ.sys ()
DRV:64bit: - (PSDFilter) -- C:\Windows\SysNative\DRIVERS\psdfilter.sys ()
DRV:64bit: - (LVUSBS64) -- C:\Windows\SysNative\drivers\LVUSBS64.sys ()
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\DRIVERS\lvrs64.sys ()
DRV:64bit: - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\Windows\SysNative\DRIVERS\LV302V64.SYS ()
DRV:64bit: - (lvpepf64) -- C:\Windows\SysNative\DRIVERS\lv302a64.sys ()
DRV:64bit: - (LVPr2Mon) -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys ()
DRV:64bit: - (LVPr2M64) -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys ()
DRV:64bit: - (e1yexpress) Intel(R) -- C:\Windows\SysNative\DRIVERS\e1y60x64.sys ()
DRV:64bit: - (gwfilt64) -- C:\Windows\SysNative\drivers\gwfilt64.sys ()
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\Drivers\NTIDrvr.sys ()
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys ()
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof ()
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\DRIVERS\iaStor.sys ()
DRV - (AnyDVD) -- C:\Windows\SysWOW64\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (int15) -- C:\Windows\SysWOW64\drivers\int15_64.sys (Acer, Inc.)
DRV - (ElbyCDIO) -- C:\Windows\SysWOW64\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (ElbyDelay) -- C:\Windows\SysWOW64\drivers\ElbyDelay.sys (Elaborate Bytes AG)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Acer.com Worldwide - Select your local country or region [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Acer.com Worldwide - Select your local country or region [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ICQ.com Suche
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q="
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.03.27 18:55:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.03.30 20:16:06 | 000,000,000 | ---D | M]
[2009.05.11 20:35:49 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\matze\AppData\Roaming\mozilla\Extensions
[2011.04.22 11:34:32 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\matze\AppData\Roaming\mozilla\Firefox\Profiles\nn0n8bpp.default\extensions
[2010.09.21 18:37:32 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\matze\AppData\Roaming\mozilla\Firefox\Profiles\nn0n8bpp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.11.10 15:41:21 | 000,000,000 | -H-D | M] ("ICQ Toolbar") -- C:\Users\matze\AppData\Roaming\mozilla\Firefox\Profiles\nn0n8bpp.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.11.18 15:04:40 | 000,000,000 | -H-D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\matze\AppData\Roaming\mozilla\Firefox\Profiles\nn0n8bpp.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.04.18 18:27:38 | 000,000,950 | -H-- | M] () -- C:\Users\matze\AppData\Roaming\Mozilla\Firefox\Profiles\nn0n8bpp.default\searchplugins\icqplugin-1.xml
[2010.12.13 20:59:48 | 000,000,950 | -H-- | M] () -- C:\Users\matze\AppData\Roaming\Mozilla\Firefox\Profiles\nn0n8bpp.default\searchplugins\icqplugin-2.xml
[2011.03.18 20:48:28 | 000,000,950 | -H-- | M] () -- C:\Users\matze\AppData\Roaming\Mozilla\Firefox\Profiles\nn0n8bpp.default\searchplugins\icqplugin-3.xml
[2011.03.27 18:55:12 | 000,000,950 | -H-- | M] () -- C:\Users\matze\AppData\Roaming\Mozilla\Firefox\Profiles\nn0n8bpp.default\searchplugins\icqplugin-4.xml
[2010.11.10 15:41:21 | 000,000,168 | -H-- | M] () -- C:\Users\matze\AppData\Roaming\Mozilla\Firefox\Profiles\nn0n8bpp.default\searchplugins\icqplugin.gif
[2010.11.10 15:41:21 | 000,000,618 | -H-- | M] () -- C:\Users\matze\AppData\Roaming\Mozilla\Firefox\Profiles\nn0n8bpp.default\searchplugins\icqplugin.src
[2010.06.21 17:35:24 | 000,001,042 | -H-- | M] () -- C:\Users\matze\AppData\Roaming\Mozilla\Firefox\Profiles\nn0n8bpp.default\searchplugins\icqplugin.xml
[2010.11.10 15:41:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2009.05.11 22:06:35 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files (x86)\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.05.16 19:35:25 | 000,000,000 | ---D | M] (pdfforge Toolbar Plugin) -- C:\Program Files (x86)\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[2009.05.16 19:35:26 | 000,000,000 | ---D | M] (Search Settings Plugin) -- C:\Program Files (x86)\mozilla firefox\extensions\search@searchsettings.com
[2010.04.15 13:15:47 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.03.18 20:48:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.03.18 20:48:00 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.03.18 20:48:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.03.18 20:48:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.03.18 20:48:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\SnagIt 9\DLLx64\SnagItBHO64.dll (TechSmith Corporation)
O2:64bit: - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\ActiveToolBand.dll (Egis)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.)
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\WidgiToolbarIE.dll (GreenTree Applications, Inc.)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\WidgiToolbarIE.dll (GreenTree Applications, Inc.)
O3:64bit: - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files (x86)\Logitech\QuickCam\Quickcam.exe ()
O4 - HKCU..\Run: [AnyDVD] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [GoWNKtoBbTfMqRQ] C:\ProgramData\GoWNKtoBbTfMqRQ.exe (WinTrust)
O4 - HKCU..\Run: [Steam] c:\program files (x86)\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [WMPNSCFG] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\matze\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\matze\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{ebcad9e3-27ba-11df-b7d3-002268494d71}\Shell\AutoRun\command - "" = K:\Menu.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.04.22 18:11:49 | 000,580,608 | -H-- | C] (OldTimer Tools) -- C:\Users\matze\Desktop\OTL(4).exe
[2011.04.22 17:35:54 | 000,580,608 | -H-- | C] (OldTimer Tools) -- C:\Users\matze\Desktop\OTL(3).exe
[2011.04.22 17:29:19 | 000,580,608 | -H-- | C] (OldTimer Tools) -- C:\Users\matze\Desktop\OTL(2).exe
[2011.04.22 17:19:36 | 000,791,393 | -H-- | C] (Lars Hederer ) -- C:\Users\matze\Desktop\Erunt-setup.exe
[2011.04.22 17:19:36 | 000,446,464 | -H-- | C] (OldTimer Tools) -- C:\Users\matze\Desktop\TFC.exe
[2011.04.22 15:18:07 | 010,464,584 | -H-- | C] (SUPERAntiSpyware.com) -- C:\Users\matze\Desktop\SUPERAntiSpyware-4.49.1000.exe
[2011.04.22 15:18:07 | 000,580,608 | -H-- | C] (OldTimer Tools) -- C:\Users\matze\Desktop\OTL.exe
[2011.04.22 14:09:21 | 000,000,000 | -H-D | C] -- C:\Users\matze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Recovery
[2011.04.22 12:10:53 | 000,565,248 | -H-- | C] (WinTrust) -- C:\ProgramData\GoWNKtoBbTfMqRQ.exe
[2011.04.16 11:08:29 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.04.16 11:08:03 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011.04.16 11:08:02 | 000,476,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.04.16 11:08:00 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011.04.16 11:07:59 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011.04.16 11:07:59 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.04.16 11:07:59 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.04.16 11:07:59 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011.04.16 11:07:59 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieencode.dll
[2011.04.16 11:07:51 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011.04.16 11:07:50 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011.04.16 11:07:48 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011.04.16 11:07:48 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011.04.16 11:07:45 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011.04.09 16:40:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft
[2011.04.09 16:40:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GridinSoft Trojan Killer
[2008.11.02 02:15:06 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
========== Files - Modified Within 30 Days ==========
[2011.04.22 18:11:50 | 000,580,608 | -H-- | M] (OldTimer Tools) -- C:\Users\matze\Desktop\OTL(4).exe
[2011.04.22 17:59:02 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.04.22 17:57:30 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.04.22 17:54:46 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.22 17:54:46 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.22 17:54:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.22 17:53:47 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.04.22 17:36:04 | 000,580,608 | -H-- | M] (OldTimer Tools) -- C:\Users\matze\Desktop\OTL(3).exe
[2011.04.22 17:29:39 | 000,377,260 | -H-- | M] () -- C:\Users\matze\Desktop\Load.exe
[2011.04.22 17:29:20 | 000,580,608 | -H-- | M] (OldTimer Tools) -- C:\Users\matze\Desktop\OTL(2).exe
[2011.04.22 17:22:03 | 000,487,424 | -H-- | M] () -- C:\ProgramData\45735688.exe
[2011.04.22 17:19:43 | 000,791,393 | -H-- | M] (Lars Hederer ) -- C:\Users\matze\Desktop\Erunt-setup.exe
[2011.04.22 17:19:39 | 000,446,464 | -H-- | M] (OldTimer Tools) -- C:\Users\matze\Desktop\TFC.exe
[2011.04.22 17:16:19 | 000,000,416 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job
[2011.04.22 17:10:17 | 001,453,974 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.04.22 17:10:17 | 000,632,014 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.04.22 17:10:17 | 000,598,702 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.04.22 17:10:17 | 000,127,258 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.04.22 17:10:17 | 000,104,716 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.04.22 14:12:56 | 000,000,870 | -H-- | M] () -- C:\Users\matze\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.22 14:09:53 | 000,000,160 | -H-- | M] () -- C:\ProgramData\~45604616
[2011.04.22 14:09:50 | 000,000,128 | -H-- | M] () -- C:\ProgramData\~45604616r
[2011.04.22 14:08:59 | 000,000,344 | -H-- | M] () -- C:\ProgramData\45604616
[2011.04.22 13:42:22 | 000,580,608 | -H-- | M] (OldTimer Tools) -- C:\Users\matze\Desktop\OTL.exe
[2011.04.22 13:35:36 | 010,464,584 | -H-- | M] (SUPERAntiSpyware.com) -- C:\Users\matze\Desktop\SUPERAntiSpyware-4.49.1000.exe
[2011.04.22 13:11:02 | 000,504,657 | -H-- | M] () -- C:\Users\matze\Desktop\unhide.exe
[2011.04.22 12:10:53 | 000,565,248 | -H-- | M] (WinTrust) -- C:\ProgramData\GoWNKtoBbTfMqRQ.exe
[2011.04.17 19:54:22 | 000,000,125 | -HS- | M] () -- C:\ProgramData\.zreglib
[2011.04.16 15:23:55 | 002,309,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.04.14 20:40:43 | 1995,911,889 | -H-- | M] () -- C:\Users\matze\NAVIGON EU v1.8.0.ipa
[2011.04.09 16:40:17 | 000,000,982 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Killer.lnk
[2011.03.30 20:16:06 | 000,001,921 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
========== Files Created - No Company Name ==========
[2011.04.22 17:29:38 | 000,377,260 | -H-- | C] () -- C:\Users\matze\Desktop\Load.exe
[2011.04.22 17:22:02 | 000,487,424 | -H-- | C] () -- C:\ProgramData\45735688.exe
[2011.04.22 15:18:08 | 000,504,657 | -H-- | C] () -- C:\Users\matze\Desktop\unhide.exe
[2011.04.22 14:12:56 | 000,000,870 | -H-- | C] () -- C:\Users\matze\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.22 14:09:50 | 000,000,160 | -H-- | C] () -- C:\ProgramData\~45604616
[2011.04.22 14:09:50 | 000,000,128 | -H-- | C] () -- C:\ProgramData\~45604616r
[2011.04.22 14:08:59 | 000,000,344 | -H-- | C] () -- C:\ProgramData\45604616
[2011.04.20 22:03:25 | 1995,911,889 | -H-- | C] () -- C:\Users\matze\NAVIGON EU v1.8.0.ipa
[2011.04.16 11:08:50 | 001,075,600 | ---- | C] () -- C:\Windows\SysNative\winload.efi
[2011.04.16 11:08:50 | 001,062,800 | ---- | C] () -- C:\Windows\SysNative\winload.exe
[2011.04.16 11:08:50 | 000,990,096 | ---- | C] () -- C:\Windows\SysNative\winresume.efi
[2011.04.16 11:08:50 | 000,979,344 | ---- | C] () -- C:\Windows\SysNative\winresume.exe
[2011.04.16 11:08:50 | 000,020,880 | ---- | C] () -- C:\Windows\SysNative\kdusb.dll
[2011.04.16 11:08:50 | 000,018,832 | ---- | C] () -- C:\Windows\SysNative\kd1394.dll
[2011.04.16 11:08:50 | 000,018,320 | ---- | C] () -- C:\Windows\SysNative\kdcom.dll
[2011.04.16 11:08:33 | 000,461,312 | ---- | C] () -- C:\Windows\SysNative\drivers\srv.sys
[2011.04.16 11:08:32 | 000,176,128 | ---- | C] () -- C:\Windows\SysNative\drivers\srv2.sys
[2011.04.16 11:08:32 | 000,144,896 | ---- | C] () -- C:\Windows\SysNative\drivers\srvnet.sys
[2011.04.16 11:08:30 | 000,753,152 | ---- | C] () -- C:\Windows\SysNative\jscript.dll
[2011.04.16 11:08:30 | 000,603,648 | ---- | C] () -- C:\Windows\SysNative\vbscript.dll
[2011.04.16 11:08:25 | 000,273,920 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb10.sys
[2011.04.16 11:08:25 | 000,135,168 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb.sys
[2011.04.16 11:08:25 | 000,105,472 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb20.sys
[2011.04.16 11:08:25 | 000,090,624 | ---- | C] () -- C:\Windows\SysNative\drivers\bowser.sys
[2011.04.16 11:08:22 | 000,975,872 | ---- | C] () -- C:\Windows\SysNative\inetcomm.dll
[2011.04.16 11:08:15 | 002,760,704 | ---- | C] () -- C:\Windows\SysNative\win32k.sys
[2011.04.16 11:08:07 | 005,697,536 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2011.04.16 11:08:04 | 001,426,944 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll
[2011.04.16 11:08:02 | 007,015,424 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll
[2011.04.16 11:08:02 | 000,758,784 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll
[2011.04.16 11:08:01 | 001,129,984 | ---- | C] () -- C:\Windows\SysNative\mstime.dll
[2011.04.16 11:08:01 | 001,032,704 | ---- | C] () -- C:\Windows\SysNative\wininet.dll
[2011.04.16 11:08:00 | 000,590,848 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll
[2011.04.16 11:08:00 | 000,485,376 | ---- | C] () -- C:\Windows\SysNative\html.iec
[2011.04.16 11:08:00 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\ieaksie.dll
[2011.04.16 11:08:00 | 000,249,856 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll
[2011.04.16 11:07:59 | 001,383,424 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2011.04.16 11:07:59 | 000,480,256 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll
[2011.04.16 11:07:59 | 000,375,296 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll
[2011.04.16 11:07:59 | 000,208,896 | ---- | C] () -- C:\Windows\SysNative\occache.dll
[2011.04.16 11:07:59 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\ieencode.dll
[2011.04.16 11:07:59 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll
[2011.04.16 11:07:58 | 000,422,400 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dll
[2011.04.16 11:07:51 | 000,367,616 | ---- | C] () -- C:\Windows\SysNative\atmfd.dll
[2011.04.16 11:07:50 | 000,048,128 | ---- | C] () -- C:\Windows\SysNative\atmlib.dll
[2011.04.16 11:07:49 | 001,360,384 | ---- | C] () -- C:\Windows\SysNative\mfc42u.dll
[2011.04.16 11:07:48 | 001,398,784 | ---- | C] () -- C:\Windows\SysNative\mfc42.dll
[2011.04.16 11:07:45 | 000,221,184 | ---- | C] () -- C:\Windows\SysNative\dnsapi.dll
[2011.04.16 11:07:45 | 000,117,760 | ---- | C] () -- C:\Windows\SysNative\dnsrslvr.dll
[2011.04.16 11:07:45 | 000,028,672 | ---- | C] () -- C:\Windows\SysNative\dnscacheugc.exe
[2011.04.09 16:54:58 | 000,001,108 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.04.09 16:54:58 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.04.09 16:40:17 | 000,000,982 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Killer.lnk
[2011.03.30 20:16:06 | 000,001,921 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2011.03.30 20:16:06 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk
[2010.07.17 09:50:59 | 000,004,096 | -H-- | C] () -- C:\Users\matze\AppData\Local\keyfile3.drm
[2010.03.07 12:40:23 | 000,000,221 | -H-- | C] () -- C:\Windows\NCLogConfig.ini
[2009.11.17 11:49:22 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009.10.02 12:31:38 | 000,001,058 | -H-- | C] () -- C:\Windows\wiso.ini
[2009.09.30 10:47:19 | 000,007,700 | -H-- | C] () -- C:\Users\matze\AppData\Local\d3d9caps.dat
[2009.08.19 15:37:19 | 000,164,329 | -H-- | C] () -- C:\Windows\hpoins19.dat
[2009.08.19 15:37:06 | 000,026,952 | -H-- | C] () -- C:\Windows\hpomdl19.dat
[2009.07.14 19:05:48 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009.06.19 18:41:50 | 000,000,331 | -H-- | C] () -- C:\Windows\game.ini
[2009.06.10 19:24:25 | 000,000,159 | -H-- | C] () -- C:\Users\matze\AppData\Roaming\default.rss
[2009.06.10 19:21:52 | 000,000,069 | -H-- | C] () -- C:\Windows\NeroDigital.ini
[2009.05.29 18:21:46 | 001,448,408 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.05.29 18:14:45 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009.05.19 21:55:15 | 000,189,104 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2009.05.19 21:55:14 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2009.05.19 21:55:13 | 000,682,280 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2009.05.16 13:49:25 | 000,048,640 | -H-- | C] () -- C:\Users\matze\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.05.11 20:35:49 | 000,000,000 | -H-- | C] () -- C:\Windows\nsreg.dat
[2009.02.21 12:22:30 | 000,000,044 | -H-- | C] () -- C:\Windows\Acer(Normal).ini
[2009.02.21 12:22:30 | 000,000,042 | -H-- | C] () -- C:\Windows\Acer(Wide).ini
[2009.02.21 11:55:48 | 000,106,605 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009.02.21 11:55:48 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008.11.01 18:24:51 | 000,001,024 | R--- | C] () -- C:\Windows\SysWow64\NTIOFM4.dll
[2008.11.01 18:24:51 | 000,001,024 | R--- | C] () -- C:\Windows\SysWow64\NTIBUN5.dll
[2008.01.21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008.01.21 04:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2006.11.02 17:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006.11.02 14:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006.11.02 14:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.11.02 11:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2005.12.07 11:31:00 | 000,202,752 | R--- | C] () -- C:\Windows\SysWow64\CddbCdda.dll
[2001.12.26 17:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\multiplex_vcd.dll
[2001.09.04 00:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\Hmpg12.dll
[2001.07.30 17:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\HMPV2_ENC.dll
[2001.07.23 23:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\HMPV2_ENC_MMX.dll
========== LOP Check ==========
[2009.06.20 00:13:43 | 000,000,000 | -HSD | M] -- C:\Users\matze\AppData\Roaming\.#
[2008.11.01 18:30:21 | 000,000,000 | -H-D | M] -- C:\Users\matze\AppData\Roaming\Acer GameZone Console
[2009.06.12 21:03:59 | 000,000,000 | -H-D | M] -- C:\Users\matze\AppData\Roaming\Ashampoo
[2009.10.02 12:32:27 | 000,000,000 | -H-D | M] -- C:\Users\matze\AppData\Roaming\Buhl Data Service
[2009.05.19 21:20:14 | 000,000,000 | -H-D | M] -- C:\Users\matze\AppData\Roaming\DAEMON Tools
[2009.09.30 10:44:26 | 000,000,000 | -H-D | M] -- C:\Users\matze\AppData\Roaming\DAEMON Tools Lite
[2009.05.29 18:23:58 | 000,000,000 | -H-D | M] -- C:\Users\matze\AppData\Roaming\Datalayer
[2010.11.18 14:13:33 | 000,000,000 | -H-D | M] -- C:\Users\matze\AppData\Roaming\DVDVideoSoft
[2009.05.14 19:26:37 | 000,000,000 | -H-D | M] -- C:\Users\matze\AppData\Roaming\eSobi
[2009.05.29 18:32:45 | 000,000,000 | -H-D | M] -- C:\Users\matze\AppData\Roaming\Gearbox Software
[2011.03.29 21:46:34 | 000,000,000 | -H-D | M] -- C:\Users\matze\AppData\Roaming\ICQ
[2009.05.12 18:58:07 | 000,000,000 | -H-D | M] -- C:\Users\matze\AppData\Roaming\Leadertech
[2009.05.29 18:20:43 | 000,000,000 | -H-D | M] -- C:\Users\matze\AppData\Roaming\Nokia
[2009.07.02 21:01:36 | 000,000,000 | -H-D | M] -- C:\Users\matze\AppData\Roaming\Nokia Multimedia Player
[2011.01.17 21:09:38 | 000,000,000 | -H-D | M] -- C:\Users\matze\AppData\Roaming\Ohfaa
[2009.05.29 18:23:31 | 000,000,000 | -H-D | M] -- C:\Users\matze\AppData\Roaming\PC Suite
[2009.07.14 18:57:39 | 000,000,000 | -H-D | M] -- C:\Users\matze\AppData\Roaming\TuneUp Software
[2011.01.17 19:30:15 | 000,000,000 | -H-D | M] -- C:\Users\matze\AppData\Roaming\Upebav
[2011.04.22 17:16:19 | 000,000,416 | ---- | M] () -- C:\Windows\Tasks\1-Klick-Wartung.job
[2011.04.22 17:53:47 | 000,032,554 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 72 bytes -> C:\Windows:4797B8233B9EBDB5
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:FEBEC560
< End of report >
--- --- ---
..und hier die Extras.TxtOTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 22.04.2011 18:12:55 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\matze\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
6,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 67,00% Memory free
12,00 Gb Paging File | 10,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 366,72 Gb Total Space | 224,23 Gb Free Space | 61,14% Space Free | Partition Type: NTFS
Drive H: | 550,13 Gb Total Space | 536,90 Gb Free Space | 97,60% Space Free | Partition Type: NTFS
Computer Name: MATZE-PC | User Name: matze | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l File not found
InternetShortcut [print] -- rundll32.exe C:\Windows\system32\mshtml.dll,PrintHTML "%1" ()
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3063F928-F892-4129-8B3E-F4DF118BD660}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{5C9E0860-9180-44A1-8C25-D07C3BE2ED10}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8F56C14A-85C7-465E-A26C-F2A3F7D8F99E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0141A656-698F-45BE-BACE-D99853390B29}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{0510D1A0-3D60-4A7A-9A12-A98BEA470671}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{0E11A761-8F06-4967-9BC9-CB319BB1E08C}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{0F259A4A-FFD5-4865-9799-590FD8AF6D43}" = dir=in | app=c:\program files (x86)\acer arcade live\acer videomagician\acer videomagician.exe |
"{126C2BD5-830D-4CB5-A3CB-B27AEAF7D92A}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe |
"{15DD727A-B5BB-41F5-96C5-7D69C5723273}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{1BF145E0-CD1F-4192-957D-480E2B3BA488}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{1F7200B6-861E-46D1-A4CD-BAA33A919459}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{20ABAC37-8F0A-4369-BB63-AAD8D8A88FE3}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"{22C012B4-C2EA-4A5D-A0D3-47799822BF54}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{27B0CCD7-ECE7-481C-A0C8-884A221CB18F}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{2822797D-6AF4-40AD-AFD1-E05572094B30}" = dir=in | app=c:\program files (x86)\acer arcade live\acer dv magician\acer dv magician.exe |
"{295049DA-2EC4-4B93-AB99-6FF457FBD760}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{2F9E01B9-31E0-409C-AC6E-F73523A0536D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{3A796A12-8953-4A63-B617-5CFB4F57E650}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{42F1C0D0-B81D-40F0-9A9F-3F5A97D5158C}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia\acer homemedia.exe |
"{483F0B91-778F-4089-B5FC-89B406EBB227}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{4B5E0829-7555-46EC-B20E-9AF2D2054C3A}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{4D2ADC22-FD23-42AC-809E-5118406682A4}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{4DE6B761-FC28-4CA4-A42A-E5A48DA096CD}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell conviction\src\system\gu.exe |
"{50141318-6B47-46F3-AE7F-305802C2728E}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{5055EA3D-E755-45D5-9377-D0CF3181EA59}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5438F06B-7410-4DBB-896E-82C7F413C721}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia trial creator\acer homemedia trial creator.exe |
"{5763A13F-DC5B-43F5-8C21-8C422A3843FE}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{59347CC7-D8B8-43DE-936C-A636BFA18B44}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |
"{5CF4E20B-2E0C-49C2-9F92-51E59B458D3A}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{5F3FB66C-2D64-49F1-8687-E0DF7C8710E1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{60DC62CA-9D41-41D1-BAC4-E3DD80690168}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe |
"{6367AF85-967F-45F3-8FAB-436EDF5B6A16}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"{66D6AF3A-5598-4958-80D6-2759277AC1BC}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell conviction\src\system\conviction_game.exe |
"{681A1985-5F8C-402E-AB1B-2ABD89F3B05B}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{6BCEEE6B-6951-4ACD-9214-C427E8A0EBA7}" = dir=in | app=c:\program files (x86)\acer arcade live\acer arcade live main page\acer arcade live.exe |
"{6C3A857E-8A90-4536-8D20-9A0E95DC0AF1}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe |
"{6E4D4F84-CAC8-495A-BF25-0E2D24080E13}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{712A8248-624F-439D-A8BC-85605F39B363}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{72EABF01-1CE6-4AD0-8D86-141C206ABD90}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |
"{73D9BF11-4782-4DA3-9000-AE8DAA511887}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{75E2B5CE-6876-47A5-B15B-B7B6B5729960}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{834E99EF-8515-4B7C-A7F2-DE7F56C7E00C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{86EC2B8C-A9A2-4506-884F-979DDABFE627}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"{8B06FFCA-8ABF-4579-9550-6D366726EFD7}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{8DE650C9-F116-4C4E-8049-4371A535933D}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell conviction\src\system\conviction_game.exe |
"{94440732-F1D5-4F72-942E-F1ED6120616D}" = dir=in | app=c:\program files (x86)\acer arcade live\acer slideshow dvd\acer slideshow dvd.exe |
"{94FE809A-2318-4851-9FE1-D5EDC7EE48FB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{97F3B93F-0C8C-418D-A969-A164B2A95026}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{9AF4B5B7-E2F9-4683-A2C6-12E5E604BDA1}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe |
"{9C8E78DA-40FD-4994-96BC-9EEEA8849D69}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{9FCB212C-76A9-4867-8BB7-7DCE4D2C3E48}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{A13B25C2-0344-46AB-A662-8382FF8C696E}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"{AD6005D6-FFA5-468F-BCED-55959C14A0E1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{B0385344-6921-4823-8AB8-4550F3B0EFF4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{B0C8DAD5-CF7B-461E-ADF6-49F9F02D96EA}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe |
"{B8A59FA9-4B55-4B22-8FC3-63AF8B6E6D39}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{BA2010D2-BF5D-4519-83E6-18390EA8C0F5}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{BE618B1B-5EB6-4EF0-BC3C-9B82253222D5}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"{C4BEE35A-BF37-4442-BF3E-5B6D6F3B5FCE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{C6067BA4-A434-41A6-8006-50E9A3ECD155}" = dir=in | app=c:\program files (x86)\acer arcade live\acer dvdivine\acer dvdivine.exe |
"{CD9C5A91-B92D-447F-AFB5-E3075EA8BE0C}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia connect\acer homemedia connect.exe |
"{D0D7BA41-8748-4956-A83B-E9BA9A23506E}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{D4676D16-2E2A-4E16-939F-2A8006063CCB}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{E309D758-ABBF-434A-B22B-072F7E6201F7}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell conviction\src\system\gu.exe |
"{E803A12C-17E1-44A1-A0DD-8FD04E0732B2}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{F5BA9C1D-BE86-4054-8172-AC82833CF659}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{F6564CA5-8A9A-48EA-AEEF-7F24FC961B17}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"TCP Query User{16CFB216-CD30-445B-BF48-F3BF11559BA8}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"TCP Query User{3906EF4C-9E31-4877-A7D4-B905F16A0FF3}C:\program files (x86)\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"TCP Query User{4C0BCAB2-019E-42E5-B385-397ED9D0DB7D}C:\users\matze\appdata\roaming\ohfaa\gaez.exe" = protocol=6 | dir=in | app=c:\users\matze\appdata\roaming\ohfaa\gaez.exe |
"TCP Query User{55780B20-13D7-4C44-9089-088E7D96C733}C:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe |
"TCP Query User{59851C55-6094-435F-823D-C1FAEAFE74E7}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{93693459-7B22-4AE5-B6CE-8C8695B639E4}C:\users\matze\appdata\roaming\ohfaa\gaez.exe" = protocol=6 | dir=in | app=c:\users\matze\appdata\roaming\ohfaa\gaez.exe |
"UDP Query User{0E170311-181B-45BE-916F-C31C86396179}C:\users\matze\appdata\roaming\ohfaa\gaez.exe" = protocol=17 | dir=in | app=c:\users\matze\appdata\roaming\ohfaa\gaez.exe |
"UDP Query User{4F230573-5F9B-46BA-8079-8BCE825AF951}C:\users\matze\appdata\roaming\ohfaa\gaez.exe" = protocol=17 | dir=in | app=c:\users\matze\appdata\roaming\ohfaa\gaez.exe |
"UDP Query User{82D6EF3D-4136-4AD4-9938-33A4A8D2C44E}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"UDP Query User{AB9E0807-32DD-4C6F-837B-37629C3ABBA8}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{B964CEB8-3A99-42B4-A421-EBE3D4C38A83}C:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe |
"UDP Query User{D807D6FD-87B2-4EC5-A399-54C717BEE5E0}C:\program files (x86)\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06FF213F-78F3-4E38-AFC2-69FD9D70DEE2}" = Nokia Phone Browser 64-bit
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{17E02F38-FF2D-4c3d-83DF-ECE2A1D20A5E}" = AIO_CDB_ToolboxIni64
"{249E9ED4-1C67-4DA5-9E39-F0F09AFD93B7}" = Logitech QuickCam
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9545E9DB-6F4C-4404-BF25-E221BE8B44C5}" = iTunes
"{9F560BEB-021F-43AC-825F-AA60442D8DE4}" = 64 Bit HP CIO Components Installer
"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DDD076BF-C5C3-468C-AA1B-F9A7E47446FE}" = Intel(R) Network Connections 13.1.33.0
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{E5961659-16A2-47A7-BB7B-7B951F2B0BB3}" = PC Connectivity Solution 64-bit components
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"lvdrivers_11.80" = Logitech QuickCam-Treiberpaket
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"PROSetDX" = Intel(R) Network Connections 13.1.33.0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C58EBE-223E-4AB6-8AE9-38F27F4420BD}" = WISO Sparbuch 2009
"{02091327-B124-4216-9D71-58C0E24F5392}" = Nokia PC Suite
"{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}" = WISO Steuer-Sparbuch 2011
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{04F3BF74-9E34-4D3E-93C3-D3D1F24199C8}" = PC Connectivity Solution
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{09F25F86-F957-4051-8AB2-0E0D948BBB5D}" = 1310
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3BFFC6B8-4EC0-4240-858C-998FD4077983}" = Nokia Connectivity Cable Driver
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{46B70DEB-97B3-4E38-B746-EC16905E6A8F}" = WISO Sparbuch 2010
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57634571-FD82-4BEC-B822-A1ED7765474F}_is1" = SmartLauncher
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{59991D18-A988-45AB-B1BF-5ADE6E64CD3F}" = SnagIt 9
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D4553DF-2095-4D10-92C0-17934733B51D}" = 1310_Help
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6D7E031C-4C05-4265-854A-FE9FDEA9984D}" = 1310Trb
"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{735DEB9C-61BD-4D31-994B-92395BBB4E45}" = Microsoft XML Parser
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{7C5B4583-7CBF-4289-B195-03B553959DEA}" = VoiceOver Kit
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}" = Backspin Billiards
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{8686D4FE-62EF-46FB-B9FD-00679EB381FF}_is1" = Trojan Killer 2.0
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A1973A71-BC23-4A8C-A0A0-2B0497B7EAF4}" = WISO Sparbuch 2008
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-A82000000003}" = Adobe Reader 8.2.0 - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B580C409-E16F-44FF-904D-3AE94E113BE0}" = Acer HomeMedia Trial Creator
"{B7BD291B-D415-4484-89A4-82077504BE93}_is1" = SmartCopy
"{B8B0FC8B-E69B-4215-AF1A-4BDFF20D794B}" = pdfforge Toolbar v1.0
"{B9B02A9E-8074-4C3F-AAE5-311528F34FED}" = NTI Photo Maker Hot Fix
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C73F2967-062E-48F2-A462-D335B8950183}" = Safari
"{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}" = TuneUp Utilities 2007
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DDA223A7-627F-4173-9CA4-A9C531BCBB62}" = NTI JewelCase Maker Hot Fix
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician
"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"Acer GameZone Console_is1" = Acer GameZone Console DTV 2.0.1.1
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"AnyDVD" = AnyDVD
"Ashampoo Burning Studio 9_is1" = Ashampoo Burning Studio 9.03
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BrothersInArms" = Brothers In Arms
"CloneDVD2" = CloneDVD2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Video to iPhone Converter_is1" = Free Video to iPhone Converter version 3.2.10
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{B9B02A9E-8074-4C3F-AAE5-311528F34FED}" = NTI Photo Maker Hot Fix
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{DDA223A7-627F-4173-9CA4-A9C531BCBB62}" = NTI JewelCase Maker Hot Fix
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"PunkBusterSvc" = PunkBuster Services
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.1
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 16.04.2011 05:47:07 | Computer Name = Matze-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 16.04.2011 05:47:08 | Computer Name = Matze-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 16.04.2011 05:47:31 | Computer Name = Matze-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 16.04.2011 05:47:32 | Computer Name = Matze-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 16.04.2011 05:47:33 | Computer Name = Matze-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 16.04.2011 05:47:44 | Computer Name = Matze-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 16.04.2011 05:49:20 | Computer Name = Matze-PC | Source = Windows Search Service | ID = 3006
Description =
Error - 16.04.2011 05:49:20 | Computer Name = Matze-PC | Source = Windows Search Service | ID = 3007
Description =
Error - 16.04.2011 09:24:17 | Computer Name = Matze-PC | Source = WinMgmt | ID = 10
Description =
Error - 16.04.2011 11:43:37 | Computer Name = Matze-PC | Source = WinMgmt | ID = 10
Description =
[ OSession Events ]
Error - 07.02.2010 12:16:12 | Computer Name = Matze-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8992
seconds with 3300 seconds of active time. This session ended with a crash.
Error - 22.05.2010 11:24:46 | Computer Name = Matze-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 568
seconds with 360 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 22.04.2011 11:33:56 | Computer Name = Matze-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 22.04.2011 11:33:56 | Computer Name = Matze-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 22.04.2011 11:38:01 | Computer Name = Matze-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 22.04.2011 11:54:29 | Computer Name = Matze-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\ElbyDelay.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 22.04.2011 11:54:33 | Computer Name = Matze-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\ElbyDelay.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 22.04.2011 11:54:33 | Computer Name = Matze-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\ElbyDelay.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 22.04.2011 11:54:33 | Computer Name = Matze-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\ElbyDelay.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 22.04.2011 11:54:45 | Computer Name = Matze-PC | Source = HTTP | ID = 15016
Description =
Error - 22.04.2011 11:56:20 | Computer Name = Matze-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 22.04.2011 11:56:20 | Computer Name = Matze-PC | Source = Service Control Manager | ID = 7026
Description =
< End of report >
--- --- ---
hier die Log Datei von Malwarebytes
Malwarebytes' Anti-Malware 1.46
Malwarebytes
Datenbank Version: 4052
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000
22.04.2011 18:07:04
mbam-log-2011-04-22 (18-07-04).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 123015
Laufzeit: 4 Minute(n), 53 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden) |
