Trojaner-Board - Nod32 zeigt virus an (C:cleansweep.exe/cleansweep.exe) was ist das und wie bekomme ich es weg?

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Nod32 zeigt virus an (C:cleansweep.exe/cleansweep.exe) was ist das und wie bekomme ich es weg? (https://www.trojaner-board.de/87285-nod32-zeigt-virus-c-cleansweep-exe-cleansweep-exe-bekomme-weg.html)

Nod32 zeigt virus an (C:cleansweep.exe/cleansweep.exe) was ist das und wie bekomme ich es weg?

Hallo erstma

ich habe nen problem
seit heute zeigt mir nod32 einen virus an
und ich kann ihn nicht löschen aber warum???
sagt mir aber bitte nicht das es ein keyloger ist
denn ich habe mich heute bei der bank eingelogt
kann er das auch sehen ???4
bitte um eine schnelle antwort

m.v.g.
Dario

:hallo:

Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.
Bitte kein Crossposting ( posten in mehreren Foren).
Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf. Erschwert mir nämlich das auswerten.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.

Schritt 1

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die http://image.hijackthis.eu/upload/hjt1-021.jpg Textbox.

Code:

netsvcs

%SYSTEMDRIVE%\*.*

%systemroot%\*. /mp /s

CREATERESTOREPOINT

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\drivers\*.sys /90

%systemroot%\system32\user32.dll /md5

%systemroot%\system32\ws2_32.dll /md5

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList|helpassistant /rs

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf http://billy-oneal.com/Canned%20Spee.../OTL/btnOK.png.
Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

Bitte poste in Deiner nächsten Antwort
OTL.txt
Extras.txt

danke dass du hilfst aber bei mir kommt nur die otl.txt sonst nichts

OTL Logfile:

Code:

OTL logfile created on: 18.06.2010 21:43:27 - Run 2

OTL by OldTimer - Version 3.2.6.0     Folder = C:\Users\Windows 7 (System)\Desktop

64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 51,00% Memory free

8,00 Gb Paging File | 6,00 Gb Available in Paging File | 76,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 450,16 Gb Total Space | 316,18 Gb Free Space | 70,24% Space Free | Partition Type: NTFS

Drive D: | 1,88 Gb Total Space | 1,87 Gb Free Space | 99,85% Space Free | Partition Type: FAT

E: Drive not present or media not loaded

Drive F: | 465,65 Gb Total Space | 369,77 Gb Free Space | 79,41% Space Free | Partition Type: FAT32

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: METALLBAU-PC

Current User Name: Windows 7 (System)

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Include 64bit Scans

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 90 Days

Output = Minimal

Quick Scan

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Users\Windows 7 (System)\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\Google\Update\1.2.183.29\GoogleCrashHandler.exe (Google Inc.)

PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()

PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)

PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()

PRC - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)

PRC - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)

PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

PRC - C:\Program Files (x86)\Launch Manager\LManager.EXE (Dritek System Inc.)

PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)

PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)

PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.)

PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)

PRC - C:\Program Files (x86)\Acer Bio Protection\BASVC.exe (Egis Technology Inc.)

PRC - C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe (Egis Technology Inc.)

PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)

PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)

PRC - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)

PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.)

PRC - C:\cleansweep.exe\cleansweep.exe ()

PRC - C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)

PRC - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)

PRC - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)

PRC - C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer)

PRC - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.)

PRC - C:\Windows\PLFSetI.exe ()

PRC - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)

PRC - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe (Sonic Solutions)

 

 
 ========== Modules (SafeList) ==========

 

MOD - C:\Users\Windows 7 (System)\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation)

MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - (EHttpSrv) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)

SRV:64bit: - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)

SRV:64bit: - (ePowerSvc) -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated)

SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)

SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation)

SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation)

SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation)

SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)

SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation)

SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation)

SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)

SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)

SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation)

SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)

SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation)

SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation)

SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)

SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)

SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation)

SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation)

SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)

SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation)

SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation)

SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)

SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation)

SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation)

SRV:64bit: - (Updater Service) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer)

SRV - (Akamai) -- c:\program files (x86)\common files\akamai\rswin_3697.dll ()

SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()

SRV - (Hamachi2Svc) -- C:\MT2\Hamachi\hamachi-2.exe (LogMeIn Inc.)

SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)

SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()

SRV - (IGBASVC) -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe (Egis Technology Inc.)

SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)

SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)

SRV - (VSS) -- C:\Windows\Vss [2009.07.14 05:20:14 | 000,000,000 | ---D | M]

SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2009.07.14 05:20:14 | 000,000,000 | ---D | M]

SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation)

SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation)

SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()

SRV - (RS_Service) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)

SRV - (NTISchedulerSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.)

SRV - (NTIBackupSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)

SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()

DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()

DRV:64bit: - (vmm) -- C:\Windows\SysNative\Treiber\VMM.sys (Microsoft Corporation)

DRV:64bit: - (epfwwfpr) -- C:\Windows\SysNative\drivers\epfwwfpr.sys (ESET)

DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)

DRV:64bit: - (eamonm) -- C:\Windows\SysNative\drivers\eamonm.sys (ESET)

DRV:64bit: - (KSecPkg) -- C:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation)

DRV:64bit: - (fvevol) -- C:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation)

DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)

DRV:64bit: - (FPSensor) EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys) -- C:\Windows\SysNative\drivers\FPSensor.sys (EgisTec)

DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)

DRV:64bit: - (NETw5s64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)

DRV:64bit: - (nuvotoncir) -- C:\Windows\SysNative\drivers\nuvotoncir.sys (Nuvoton Technology Corporation)

DRV:64bit: - (johci) -- C:\Windows\SysNative\drivers\johci.sys (JMicron )

DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)

DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (hwpolicy) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation)

DRV:64bit: - (FsDepends) -- C:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (WIMMount) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation)

DRV:64bit: - (vhdmp) -- C:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation)

DRV:64bit: - (vdrvroot) -- C:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (rdyboost) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation)

DRV:64bit: - (pcw) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation)

DRV:64bit: - (CNG) -- C:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation)

DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)

DRV:64bit: - (rdpbus) -- C:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation)

DRV:64bit: - (RDPREFMP) -- C:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation)

DRV:64bit: - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation)

DRV:64bit: - (usbrndis6) -- C:\Windows\SysNative\drivers\usb80236.sys (Microsoft Corporation)

DRV:64bit: - (WfpLwf) -- C:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation)

DRV:64bit: - (RMCAST) -- C:\Windows\SysNative\drivers\rmcast.sys (Microsoft Corporation)

DRV:64bit: - (NdisCap) -- C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation)

DRV:64bit: - (vwifimp) -- C:\Windows\SysNative\drivers\vwifimp.sys (Microsoft Corporation)

DRV:64bit: - (vwififlt) -- C:\Windows\SysNative\drivers\vwififlt.sys (Microsoft Corporation)

DRV:64bit: - (vwifibus) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation)

DRV:64bit: - (1394ohci) -- C:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation)

DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)

DRV:64bit: - (usbvideo) USB Video Device (WDM) -- C:\Windows\SysNative\drivers\usbvideo.sys (Microsoft Corporation)

DRV:64bit: - (BthPan) Bluetooth-Gerät (PAN) -- C:\Windows\SysNative\drivers\bthpan.sys (Microsoft Corporation)

DRV:64bit: - (BTHPORT) -- C:\Windows\SysNative\drivers\bthport.sys (Microsoft Corporation)

DRV:64bit: - (RFCOMM) Bluetooth-Gerät (RFCOMM-Protokoll-TDI) -- C:\Windows\SysNative\drivers\rfcomm.sys (Microsoft Corporation)

DRV:64bit: - (BthEnum) -- C:\Windows\SysNative\drivers\bthenum.sys (Microsoft Corporation)

DRV:64bit: - (BTHUSB) -- C:\Windows\SysNative\drivers\BTHUSB.SYS (Microsoft Corporation)

DRV:64bit: - (UmPass) -- C:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation)

DRV:64bit: - (WinUsb) -- C:\Windows\SysNative\drivers\winusb.sys (Microsoft Corporation)

DRV:64bit: - (mshidkmdf) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation)

DRV:64bit: - (WudfPf) -- C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)

DRV:64bit: - (MTConfig) -- C:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation)

DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation)

DRV:64bit: - (Beep) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation)

DRV:64bit: - (AppID) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation)

DRV:64bit: - (scfilter) -- C:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation)

DRV:64bit: - (discache) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation)

DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)

DRV:64bit: - (HidBatt) -- C:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation)

DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation)

DRV:64bit: - (AcpiPmi) -- C:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation)

DRV:64bit: - (AmdPPM) -- C:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation)

DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)

DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)

DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)

DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (k57nd60a) Broadcom NetLink (TM) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)

DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)

DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)

DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)

DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5v64.sys (Intel Corporation)

DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)

DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)

DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)

DRV:64bit: - (int15.sys) -- C:\Windows\SysNative\OEM\factory\int15.sys (Acer, Inc.)

DRV:64bit: - (VPCNetS2) -- C:\Windows\SysNative\drivers\VMNetSrv.sys (Microsoft Corporation)

DRV:64bit: - (RxFilter) -- C:\Windows\SysNative\drivers\RxFilter.sys (Sonic Solutions)

DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

DRV - (WinUsb) -- C:\Windows\SysWOW64\winusb.dll (Microsoft Corporation)

DRV - (NetBIOS) -- C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation)

DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()

DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()

DRV - (mwlPSDVDisk) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlPSDVdisk.sys (Egis Technology Inc.)

DRV - (mwlPSDFilter) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlPSDFilter.sys (Egis Technology Inc.)

DRV - (mwlPSDNServ) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlPSDNServ.sys (Egis Technology Inc.)

DRV - (DKbFltr) Dritek Keyboard Filter Driver (64-bit) -- C:\Windows\SysWOW64\drivers\DKbFltr.sys (Dritek System Inc.)

DRV - (RxFilter) -- C:\Windows\SysWOW64\drivers\RxFilter.sys (Sonic Solutions)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8940g&r=273602108006l0343z175t4882y803

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8940g&r=273602108006l0343z175t4882y803

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8940g&r=273602108006l0343z175t4882y803

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8940g&r=273602108006l0343z175t4882y803

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8940g&r=273602108006l0343z175t4882y803

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8940g&r=273602108006l0343z175t4882y803

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

 

 

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\components [2010.05.15 12:45:58 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\plugins [2010.06.18 20:37:02 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.05.03 22:38:12 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2010.06.18 20:37:02 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.06.18 19:54:14 | 000,000,000 | ---D | M]

 

[2010.05.31 21:09:28 | 000,000,000 | ---D | M] -- C:\Users\Windows 7 (System)\AppData\Roaming\mozilla\Extensions

[2010.05.31 21:09:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Windows 7 (System)\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2010.06.18 20:40:43 | 000,000,000 | ---D | M] -- C:\Users\Windows 7 (System)\AppData\Roaming\mozilla\Firefox\Profiles\ifxymu3v.default\extensions

[2010.06.18 20:37:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Windows 7 (System)\AppData\Roaming\mozilla\Firefox\Profiles\ifxymu3v.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}

 

O1 HOSTS File: ([2010.05.18 21:57:26 | 000,000,857 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1                                activate.adobe.com

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg64.dll (Google Inc.)

O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (moigh Object) - {9A065E57-08DB-4946-9506-6547F4F5734D} - Reg Error: Value error. File not found

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)

O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\HypreCam Toolbar\tbcore3.dll ()

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)

O3 - HKLM\..\Toolbar: (HypreCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\HypreCam Toolbar\tbcore3.dll ()

O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (HypreCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\HypreCam Toolbar\tbcore3.dll ()

O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)

O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)

O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)

O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [XeroxEndeavorBackgroundTask] C:\Windows\SysNative\xrWCbgnd.dll (Xerox Corporation)

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)

O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe File not found

O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)

O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)

O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)

O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)

O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)

O4 - HKLM..\Run: [VitaKeyPdtWzd] C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.)

O4 - HKCU..\Run: [{981ACF21-4AC3-6AF2-CAD1-AFCF32C22551}] C:\Users\Windows 7 (System)\AppData\Roaming\Atuxoz\hyibu.exe File not found

O4 - HKCU..\Run: [4n7fcL8pVO2N] C:\Windows\SysWow64\svchost95.exe File not found

O4 - HKCU..\Run: [cleansweep.exe] C:\cleansweep.exe\cleansweep.exe ()

O4 - HKCU..\Run: [M5T8QL3YW3] C:\Users\Windows 7 (System)\AppData\Local\Temp\Dkh.exe File not found

O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)

O4 - HKCU..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)

O4 - HKCU..\Run: [svchost95] C:\Windows\svchost95.exe (Microsoft Corporation)

O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll (Google Inc.)

O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll (Google Inc.)

O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)

O9:64bit: - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)

O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)

O9 - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)

O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)

O13 - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)

O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009.02.06 17:00:42 | 000,000,000 | ---D | M] - F:\AutoCad2005 -- [ FAT32 ]

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs:64bit: Ias - C:\Windows\SysNative\ias [2009.07.14 05:20:14 | 000,000,000 | ---D | M]

NetSvcs:64bit: Irmon - C:\Windows\SysNative\irmon.dll (Microsoft Corporation)

NetSvcs:64bit: Wmi - C:\Windows\SysNative\wmi.dll (Microsoft Corporation)

NetSvcs:64bit: Themes - C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)

NetSvcs:64bit: BDESVC - C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)

NetSvcs: Ias - C:\Windows\SysWOW64\ias.dll (Microsoft Corporation)

NetSvcs: Wmi - C:\Windows\SysWOW64\wmi.dll (Microsoft Corporation)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 90 Days ==========

 

[2010.06.18 21:40:36 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Users\Windows 7 (System)\Desktop\OTL.exe

[2010.06.18 20:39:18 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\Desktop\Alles rein

[2010.06.18 20:37:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AskBarDis

[2010.06.18 20:37:03 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Foxit

[2010.06.18 20:37:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software

[2010.06.18 19:57:52 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\ESET

[2010.06.18 19:54:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET

[2010.06.18 19:54:13 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2010.06.17 16:31:26 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\skypePM

[2010.06.17 16:29:12 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Skype

[2010.06.17 16:28:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\extensions

[2010.06.17 16:28:30 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype

[2010.06.17 16:28:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype

[2010.06.17 16:28:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype

[2010.06.15 22:07:31 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Windows Server

[2010.06.15 15:37:32 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Roxio

[2010.06.15 15:35:51 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio

[2010.06.15 15:35:46 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield

[2010.06.15 15:35:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic

[2010.06.15 15:34:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio

[2010.06.15 15:34:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared

[2010.06.15 15:34:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio

[2010.06.15 15:33:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared

[2010.06.14 19:17:46 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\PowerCinema

[2010.06.14 19:17:44 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\PowerCinema

[2010.06.14 16:39:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\gta san andreas

[2010.06.13 16:20:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\plugins

[2010.06.12 18:15:17 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Ubisoft

[2010.06.12 18:00:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Tages

[2010.06.12 17:49:34 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Diagnostics

[2010.06.12 16:21:26 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\Documents\NFS Most Wanted Backups

[2010.06.12 16:21:26 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\Documents\NFS Most Wanted

[2010.06.12 15:58:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Counter-Strike 1.6

[2010.06.11 14:16:59 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\gtk-2.0

[2010.06.10 22:54:47 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\.thumbnails

[2010.06.10 22:40:56 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\Documents\gegl-0.0

[2010.06.10 22:40:56 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\.gimp-2.6

[2010.06.10 22:40:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIMP-2.0

[2010.06.10 22:29:07 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\PhotoFiltre

[2010.06.10 22:29:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoFiltre

[2010.06.07 16:57:57 | 000,000,000 | ---D | C] -- C:\Windows\San Andreas Mod Installer

[2010.06.06 00:14:13 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\CyberLink

[2010.06.06 00:14:10 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\PlayMovie

[2010.06.05 23:21:53 | 000,000,000 | -H-D | C] -- C:\MyWinLockerData

[2010.06.05 22:34:28 | 000,000,000 | R-SD | C] -- C:\Users\Windows 7 (System)\Documents\My Stationery

[2010.06.05 12:23:40 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\LogMeIn Hamachi

[2010.06.03 22:54:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Grand Theft Auto San Andreas

[2010.06.03 22:43:38 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\Documents\GTA San Andreas User Files

[2010.06.03 20:56:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CSS-Editor

[2010.06.02 21:11:57 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Broadcom

[2010.06.02 21:11:57 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\Documents\Bluetooth-Exchange-Ordner

[2010.06.02 17:19:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared

[2010.05.31 21:09:25 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Thunderbird

[2010.05.31 21:09:25 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Thunderbird

[2010.05.31 19:36:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Carrera Streckenplaner

[2010.05.31 18:58:42 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Adobe

[2010.05.31 09:24:15 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Atuxoz

[2010.05.30 09:03:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64

[2010.05.30 09:03:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Scan

[2010.05.30 09:03:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton

[2010.05.30 09:03:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64\0207030.022

[2010.05.30 09:03:22 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller

[2010.05.30 09:03:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller

[2010.05.29 16:49:01 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\DivX

[2010.05.29 16:48:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine

[2010.05.29 16:48:53 | 000,000,000 | ---D | C] -- C:\Program Files\DivX

[2010.05.29 16:48:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared

[2010.05.29 16:46:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX

[2010.05.29 16:45:51 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX

[2010.05.29 15:43:50 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Apple Computer

[2010.05.29 09:44:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Combat Arms EU

[2010.05.29 02:13:31 | 000,000,000 | ---D | C] -- C:\Windows\Sun

[2010.05.28 15:18:40 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Microsoft Games

[2010.05.28 05:58:25 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Yfvait

[2010.05.27 19:44:16 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\WinRAR

[2010.05.26 21:53:56 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Google

[2010.05.26 21:53:55 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Google

[2010.05.26 18:45:41 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Apple Computer

[2010.05.25 18:55:13 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Adobe

[2010.05.25 18:54:24 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Mozilla

[2010.05.25 18:54:24 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Mozilla

[2010.05.25 18:53:48 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Macromedia

[2010.05.25 18:53:47 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\EgisTec

[2010.05.25 18:52:13 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Searches

[2010.05.25 18:52:05 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Identities

[2010.05.25 18:52:03 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Contacts

[2010.05.25 18:52:01 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\VirtualStore

[2010.05.25 18:51:58 | 000,000,000 | --SD | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Microsoft

[2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Videos

[2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Saved Games

[2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Pictures

[2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Music

[2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Links

[2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Favorites

[2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Downloads

[2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Documents

[2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Desktop

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Vorlagen

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\AppData\Local\Verlauf

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\AppData\Local\Temporary Internet Files

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Startmenü

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\SendTo

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Recent

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Netzwerkumgebung

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Lokale Einstellungen

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Documents\Eigene Videos

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Documents\Eigene Musik

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Eigene Dateien

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Documents\Eigene Bilder

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Druckumgebung

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Cookies

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\AppData\Local\Anwendungsdaten

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Anwendungsdaten

[2010.05.25 18:51:58 | 000,000,000 | -H-D | C] -- C:\Users\Windows 7 (System)\AppData

[2010.05.25 18:51:58 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Temp

[2010.05.25 18:51:58 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Microsoft Help

[2010.05.25 18:51:58 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Microsoft

[2010.05.25 18:51:58 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Media Center Programs

[2010.05.21 15:33:08 | 000,000,000 | ---D | C] -- C:\Nexon

[2010.05.21 15:33:05 | 000,421,888 | ---- | C] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe

[2010.05.18 18:41:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\T3Desk

[2010.05.17 18:15:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader

[2010.05.17 18:15:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java

[2010.05.14 22:16:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Neuer Ordner

[2010.05.14 19:54:57 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonEU

[2010.05.14 12:13:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\4t Tray Minimizer

[2010.05.13 15:31:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HypreCam Toolbar

[2010.05.13 15:31:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HyCam2

[2010.05.11 15:15:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DeskShare Shared

[2010.05.11 15:15:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Deskshare

[2010.05.07 22:23:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\fpsp

[2010.05.07 21:58:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Total Video Converter

[2010.05.07 18:54:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft

[2010.05.07 18:54:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft

[2010.05.07 17:57:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5

[2010.05.07 17:57:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Red Kawa

[2010.05.07 17:50:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\URTTEMP

[2010.05.07 16:31:40 | 000,000,000 | ---D | C] -- C:\sdafd

[2010.05.03 22:38:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird

[2010.05.01 18:46:57 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\teamspeak2

[2010.05.01 18:46:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Teamspeak2_RC2

[2010.05.01 18:44:28 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess

[2010.05.01 12:19:43 | 000,000,000 | ---D | C] -- C:\ProgramData\IsolatedStorage

[2010.04.29 22:42:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Treiber

[2010.04.29 22:42:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Virtual PC

[2010.04.27 00:04:42 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl

[2010.04.24 10:51:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\funkwerk WIN-Tools

[2010.04.21 12:52:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Autodesk

[2010.04.21 12:51:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Autodesk Shared

[2010.04.21 12:51:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autodesk

[2010.04.12 11:43:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

[2010.04.12 11:43:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java

[2010.04.08 10:10:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Akamai

[2010.04.08 09:47:53 | 000,000,000 | ---D | C] -- C:\Program Files\Subagames

[2010.04.07 21:08:32 | 000,124,760 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\epfwwfpr.sys

[2010.04.07 21:07:10 | 000,139,704 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\ehdrv.sys

[2010.04.07 21:03:52 | 000,163,888 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\eamonm.sys

[2010.04.06 13:32:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime

[2010.04.06 13:32:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer

[2010.04.06 13:31:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple

[2010.04.06 13:31:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update

[2010.04.06 13:31:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple

[2010.04.04 23:29:28 | 000,000,000 | -H-D | C] -- C:\MT2

[2010.04.04 15:48:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Game Cam V2

[2010.04.02 22:13:04 | 000,000,000 | ---D | C] -- C:\Program Files\updates

[2010.04.02 20:03:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar

[2010.04.02 20:02:59 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ

[2010.04.02 12:24:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Xerox

[2010.04.01 17:38:05 | 000,000,000 | ---D | C] -- C:\fhgfd

[2010.04.01 16:34:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QS

[2010.04.01 16:31:18 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys

[2010.03.31 08:00:46 | 000,086,016 | ---- | C] (Beepa P/L) -- C:\Windows\SysWow64\frapsvid.dll

[2010.03.31 08:00:44 | 000,084,992 | ---- | C] (Beepa P/L) -- C:\Windows\SysNative\frapsv64.dll

[2010.03.27 09:54:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe

[2010.03.26 00:02:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft

[2010.03.25 23:49:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft

[2010.03.24 22:49:30 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR

[2006.09.14 11:32:20 | 000,028,672 | R--- | C] ( ) -- C:\Windows\SysWow64\DivXGraphBuilderCallback.dll

 
 ========== Files - Modified Within 90 Days ==========

 

[2010.06.18 21:43:57 | 002,097,152 | -HS- | M] () -- C:\Users\Windows 7 (System)\NTUSER.DAT

[2010.06.18 21:40:44 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Windows 7 (System)\Desktop\OTL.exe

[2010.06.18 21:40:03 | 000,000,338 | -H-- | M] () -- C:\Windows\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job

[2010.06.18 21:14:04 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010.06.18 19:41:32 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010.06.18 19:41:32 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010.06.18 19:39:00 | 001,501,000 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2010.06.18 19:39:00 | 000,656,010 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2010.06.18 19:39:00 | 000,616,632 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2010.06.18 19:39:00 | 000,131,874 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2010.06.18 19:39:00 | 000,108,268 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2010.06.18 19:34:49 | 000,097,384 | ---- | M] () -- C:\Users\Windows 7 (System)\AppData\Local\GDIPFONTCACHEV1.DAT

[2010.06.18 19:34:41 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010.06.18 19:34:21 | 000,388,496 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2010.06.18 19:34:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010.06.18 19:34:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010.06.18 19:33:58 | 3212,234,752 | -HS- | M] () -- C:\hiberfil.sys

[2010.06.18 19:33:11 | 006,349,902 | -H-- | M] () -- C:\Users\Windows 7 (System)\AppData\Local\IconCache.db

[2010.06.18 18:02:42 | 000,000,502 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Merling.job

[2010.06.17 17:56:15 | 000,000,001 | ---- | M] () -- C:\Users\Windows 7 (System)\oashdihasidhasuidhiasdhiashdiuasdhasd

[2010.06.17 16:31:27 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat

[2010.06.16 11:18:16 | 000,002,863 | R-S- | M] () -- C:\Users\Windows 7 (System)\AppData\Roaming\usernt.dat

[2010.06.15 15:37:32 | 000,000,000 | ---- | M] () -- C:\Users\Windows 7 (System)\AppData\Local\rx_image.Cache

[2010.06.14 16:58:37 | 3630,059,453 | ---- | M] () -- C:\Users\Windows 7 (System)\Desktop\gta san andreas.rar

[2010.06.13 12:32:42 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2010.06.12 17:55:48 | 000,000,441 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics

[2010.06.12 17:43:24 | 000,000,000 | -H-- | M] () -- C:\Users\Windows 7 (System)\Documents\Default.rdp

[2010.06.12 16:27:28 | 000,314,016 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys

[2010.06.12 16:27:28 | 000,043,680 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys

[2010.06.11 14:38:42 | 000,141,141 | ---- | M] () -- C:\Users\Windows 7 (System)\Desktop\6-468fb3e909eff8632127632b608d9fd5.jpg

[2010.06.11 14:27:53 | 000,000,880 | ---- | M] () -- C:\Users\Windows 7 (System)\.recently-used.xbel

[2010.06.06 13:30:07 | 000,000,963 | ---- | M] () -- C:\Users\Windows 7 (System)\Desktop\Downloads - Verknüpfung.lnk

[2010.06.05 13:00:31 | 000,000,780 | ---- | M] () -- C:\Users\Windows 7 (System)\Desktop\gta_sa - Verknüpfung.lnk

[2010.05.30 09:03:23 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NSSx64\0207030.022\isolate.ini

[2010.05.25 22:14:40 | 000,524,288 | -HS- | M] () -- C:\Users\Windows 7 (System)\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms

[2010.05.25 22:14:40 | 000,524,288 | -HS- | M] () -- C:\Users\Windows 7 (System)\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms

[2010.05.25 22:14:40 | 000,065,536 | -HS- | M] () -- C:\Users\Windows 7 (System)\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf

[2010.05.25 18:51:58 | 000,000,020 | -HS- | M] () -- C:\Users\Windows 7 (System)\ntuser.ini

[2010.05.21 15:33:05 | 000,421,888 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe

[2010.05.18 21:57:26 | 000,000,857 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

[2010.05.17 00:31:19 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\Acer Registration Reminder.job

[2010.05.15 12:46:01 | 000,001,205 | ---- | M] () -- C:\Program Files\updates.xml

[2010.05.15 12:46:01 | 000,000,057 | ---- | M] () -- C:\Program Files\active-update.xml

[2010.05.15 12:45:57 | 000,000,701 | ---- | M] () -- C:\Program Files\updater.ini

[2010.05.15 12:45:57 | 000,000,003 | ---- | M] () -- C:\Program Files\update.locale

[2010.05.15 12:45:56 | 000,458,200 | ---- | M] (sqlite.org) -- C:\Program Files\sqlite3.dll

[2010.05.15 12:45:56 | 000,000,478 | ---- | M] () -- C:\Program Files\softokn3.chk

[2010.05.15 12:45:54 | 000,016,226 | ---- | M] () -- C:\Program Files\removed-files

[2010.05.15 12:45:54 | 000,000,478 | ---- | M] () -- C:\Program Files\nssdbm3.chk

[2010.05.15 12:45:54 | 000,000,141 | ---- | M] () -- C:\Program Files\platform.ini

[2010.05.15 12:45:53 | 001,015,256 | ---- | M] () -- C:\Program Files\js3250.dll

[2010.05.15 12:45:53 | 000,000,478 | ---- | M] () -- C:\Program Files\freebl3.chk

[2010.05.15 12:45:52 | 000,004,296 | ---- | M] () -- C:\Program Files\crashreporter.ini

[2010.05.15 12:45:52 | 000,000,705 | ---- | M] () -- C:\Program Files\crashreporter-override.ini

[2010.05.15 12:45:49 | 000,031,393 | ---- | M] () -- C:\Program Files\LICENSE

[2010.05.15 12:45:49 | 000,002,530 | ---- | M] () -- C:\Program Files\blocklist.xml

[2010.05.15 12:45:49 | 000,002,126 | ---- | M] () -- C:\Program Files\application.ini

[2010.05.15 12:45:49 | 000,000,220 | ---- | M] () -- C:\Program Files\browserconfig.properties

[2010.05.15 12:45:49 | 000,000,000 | ---- | M] () -- C:\Program Files\.autoreg

[2010.05.14 14:18:02 | 000,000,118 | ---- | M] () -- C:\Windows\wininit.ini

[2010.05.07 17:51:18 | 001,531,462 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2010.05.03 22:38:14 | 000,002,009 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk

[2010.05.02 01:29:08 | 732,645,133 | ---- | M] () -- C:\DarioMT2.rar

[2010.04.29 12:37:16 | 000,000,046 | ---- | M] () -- C:\Windows\hmview.ini

[2010.04.27 00:04:42 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl

[2010.04.26 20:32:24 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

[2010.04.24 10:51:39 | 000,002,314 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Control Center.lnk

[2010.04.21 12:51:58 | 000,002,158 | ---- | M] () -- C:\Users\Public\Desktop\Autodesk Design Review.lnk

[2010.04.19 20:56:34 | 000,000,432 | ---- | M] () -- C:\Windows\BRWMARK.INI

[2010.04.10 16:24:26 | 000,001,024 | ---- | M] () -- C:\.rnd

[2010.04.07 21:08:32 | 000,124,760 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\epfwwfpr.sys

[2010.04.07 21:07:10 | 000,139,704 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\ehdrv.sys

[2010.04.07 21:03:52 | 000,163,888 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\eamonm.sys

[2010.04.06 13:32:54 | 000,001,849 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2010.03.31 08:00:46 | 000,086,016 | ---- | M] (Beepa P/L) -- C:\Windows\SysWow64\frapsvid.dll

[2010.03.31 08:00:44 | 000,084,992 | ---- | M] (Beepa P/L) -- C:\Windows\SysNative\frapsv64.dll

 
 ========== Files Created - No Company Name ==========

 

[2010.06.17 16:31:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010.06.16 11:18:15 | 000,002,863 | R-S- | C] () -- C:\Users\Windows 7 (System)\AppData\Roaming\usernt.dat

[2010.06.15 22:11:22 | 000,000,001 | ---- | C] () -- C:\Users\Windows 7 (System)\oashdihasidhasuidhiasdhiashdiuasdhasd

[2010.06.15 22:07:31 | 000,000,338 | -H-- | C] () -- C:\Windows\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job

[2010.06.15 15:37:32 | 000,000,000 | ---- | C] () -- C:\Users\Windows 7 (System)\AppData\Local\rx_image.Cache

[2010.06.14 16:40:53 | 3630,059,453 | ---- | C] () -- C:\Users\Windows 7 (System)\Desktop\gta san andreas.rar

[2010.06.12 17:53:12 | 001,112,950 | ---- | C] () -- C:\Windows\SysNative\hw.dll

[2010.06.12 17:43:24 | 000,000,000 | -H-- | C] () -- C:\Users\Windows 7 (System)\Documents\Default.rdp

[2010.06.12 16:27:28 | 000,314,016 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys

[2010.06.12 16:27:28 | 000,043,680 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys

[2010.06.11 14:27:53 | 000,000,880 | ---- | C] () -- C:\Users\Windows 7 (System)\.recently-used.xbel

[2010.06.10 22:29:31 | 000,141,141 | ---- | C] () -- C:\Users\Windows 7 (System)\Desktop\6-468fb3e909eff8632127632b608d9fd5.jpg

[2010.06.06 13:30:07 | 000,000,963 | ---- | C] () -- C:\Users\Windows 7 (System)\Desktop\Downloads - Verknüpfung.lnk

[2010.06.05 13:00:31 | 000,000,780 | ---- | C] () -- C:\Users\Windows 7 (System)\Desktop\gta_sa - Verknüpfung.lnk

[2010.05.30 09:03:25 | 000,000,502 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for Merling.job

[2010.05.30 09:03:23 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSSx64\0207030.022\isolate.ini

[2010.05.25 18:51:58 | 002,097,152 | -HS- | C] () -- C:\Users\Windows 7 (System)\NTUSER.DAT

[2010.05.25 18:51:58 | 000,524,288 | -HS- | C] () -- C:\Users\Windows 7 (System)\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms

[2010.05.25 18:51:58 | 000,524,288 | -HS- | C] () -- C:\Users\Windows 7 (System)\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms

[2010.05.25 18:51:58 | 000,262,144 | -HS- | C] () -- C:\Users\Windows 7 (System)\ntuser.dat.LOG1

[2010.05.25 18:51:58 | 000,065,536 | -HS- | C] () -- C:\Users\Windows 7 (System)\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf

[2010.05.25 18:51:58 | 000,000,020 | -HS- | C] () -- C:\Users\Windows 7 (System)\ntuser.ini

[2010.05.25 18:51:58 | 000,000,000 | -HS- | C] () -- C:\Users\Windows 7 (System)\ntuser.dat.LOG2

[2010.05.15 12:46:01 | 000,001,205 | ---- | C] () -- C:\Program Files\updates.xml

[2010.05.15 12:46:00 | 000,000,057 | ---- | C] () -- C:\Program Files\active-update.xml

[2010.05.15 12:45:54 | 000,016,226 | ---- | C] () -- C:\Program Files\removed-files

[2010.05.15 12:45:49 | 000,000,000 | ---- | C] () -- C:\Program Files\.autoreg

[2010.05.14 14:18:02 | 000,000,118 | ---- | C] () -- C:\Windows\wininit.ini

[2010.05.07 17:51:17 | 001,531,462 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2010.05.03 22:38:14 | 000,002,009 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk

[2010.05.01 21:01:57 | 732,645,133 | ---- | C] () -- C:\DarioMT2.rar

[2010.04.26 20:32:24 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

[2010.04.24 11:26:11 | 000,000,046 | ---- | C] () -- C:\Windows\hmview.ini

[2010.04.24 10:51:39 | 000,002,314 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Control Center.lnk

[2010.04.21 12:51:58 | 000,002,158 | ---- | C] () -- C:\Users\Public\Desktop\Autodesk Design Review.lnk

[2010.04.10 16:24:25 | 000,001,024 | ---- | C] () -- C:\.rnd

[2010.04.06 13:32:54 | 000,001,849 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2010.04.01 18:40:03 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll

[2010.02.22 16:43:21 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI

[2009.09.22 01:13:30 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll

[2009.09.22 01:13:30 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini

[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll

[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll

[2006.11.20 18:23:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\px.ini

[2006.10.26 23:02:40 | 000,520,192 | ---- | C] () -- C:\Windows\SysWow64\CddbPlaylist2Roxio.dll

[2006.10.26 23:02:40 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\CddbFileTaggerRoxio.dll

[2005.07.15 20:35:56 | 000,831,488 | ---- | C] () -- C:\Windows\SysWow64\libeay32.dll

[2005.07.15 20:35:56 | 000,159,744 | ---- | C] () -- C:\Windows\SysWow64\ssleay32.dll

[2005.07.15 20:35:24 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll

 
 ========== LOP Check ==========

 

[2010.06.18 19:57:06 | 000,000,000 | ---D | M] -- C:\Users\Windows 7 (System)\AppData\Roaming\Atuxoz

[2010.06.18 20:37:03 | 000,000,000 | ---D | M] -- C:\Users\Windows 7 (System)\AppData\Roaming\Foxit

[2010.06.11 14:16:59 | 000,000,000 | ---D | M] -- C:\Users\Windows 7 (System)\AppData\Roaming\gtk-2.0

[2010.06.10 22:30:43 | 000,000,000 | ---D | M] -- C:\Users\Windows 7 (System)\AppData\Roaming\PhotoFiltre

[2010.06.14 19:17:51 | 000,000,000 | ---D | M] -- C:\Users\Windows 7 (System)\AppData\Roaming\PowerCinema

[2010.05.31 21:09:27 | 000,000,000 | ---D | M] -- C:\Users\Windows 7 (System)\AppData\Roaming\Thunderbird

[2010.06.12 18:15:17 | 000,000,000 | ---D | M] -- C:\Users\Windows 7 (System)\AppData\Roaming\Ubisoft

[2010.06.18 19:32:47 | 000,000,000 | ---D | M] -- C:\Users\Windows 7 (System)\AppData\Roaming\Yfvait

[2010.05.17 00:31:19 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\Acer Registration Reminder.job

[2010.06.07 07:10:02 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[2010.06.18 21:40:03 | 000,000,338 | -H-- | M] () -- C:\Windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 

 
 < %SYSTEMDRIVE%\*.* >

[2010.04.10 16:24:26 | 000,001,024 | ---- | M] () -- C:\.rnd

[2009.10.16 23:14:23 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK

[2010.05.02 01:29:08 | 732,645,133 | ---- | M] () -- C:\DarioMT2.rar

[2007.11.07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt

[2007.11.07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt

[2007.11.07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt

[2007.11.07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt

[2007.11.07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt

[2007.11.07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt

[2007.11.07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt

[2007.11.07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt

[2007.11.07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt

[2007.11.07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini

[2010.06.18 19:33:58 | 3212,234,752 | -HS- | M] () -- C:\hiberfil.sys

[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

[2007.11.07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini

[2007.11.07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll

[2007.11.07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll

[2007.11.07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll

[2007.11.07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll

[2007.11.07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll

[2007.11.07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll

[2007.11.07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll

[2007.11.07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll

[2007.11.07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll

[2010.06.18 19:34:00 | 4282,982,400 | -HS- | M] () -- C:\pagefile.sys

[2009.09.22 01:00:35 | 000,003,192 | ---- | M] () -- C:\RHDSetup.log

[2007.11.07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp

[2007.11.07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab

[2007.11.07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI

[2009.09.22 01:13:30 | 000,000,189 | ---- | M] () -- C:\Webcam.log

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >

[2009.07.14 03:15:20 | 000,380,957 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\expsrv.dll

 
 < %systemroot%\Tasks\*.job /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

 
 < %systemroot%\system32\drivers\*.sys /90 >

 
 < %systemroot%\system32\user32.dll /md5 >

[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll

 
 < %systemroot%\system32\ws2_32.dll /md5 >

[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll

 
 < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList|helpassistant /rs >

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 76 bytes -> C:\Users\Windows 7 (System)\Desktop\Alles rein:Roxio EMC Stream

@Alternate Data Stream - 76 bytes -> C:\Users\Windows 7 (System)\Desktop\6-468fb3e909eff8632127632b608d9fd5.jpg:Roxio EMC Stream

@Alternate Data Stream - 152 bytes -> C:\ProgramData\Temp:AB689DEA

@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:4D066AD2

@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:5D7E5A8F

@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:93DE1838

@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:E1F04E8D

@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:444C53BA

@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:ABE89FFE

@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:4CF61E54

< End of report >

--- --- ---

Ja Run2. Ich weiß nicht wie das manche anstellen, kommt aber vor.

was kannst Du mir dazu sagen ?

O1 - Hosts: 127.0.0.1 activate.adobe.com

habbe schon vorhin ne anleitung befolgt aber das war bei jemanden anders ..soll ich den alten extra noch einfügen ????

Zitat:

O1 - Hosts: 127.0.0.1 activate.adobe.com

keine ahnung was das ist

....
achso und 127.0.0.1 ist doch meine lokale ip oder ???

Poste mal die alte Extras.txt

OTL EXTRAS Logfile:

Code:

OTL Extras logfile created on: 18.06.2010 20:12:26 - Run 1

OTL by OldTimer - Version 3.2.6.0     Folder = C:\Users\Windows 7 (System)\Desktop

64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 52,00% Memory free

8,00 Gb Paging File | 6,00 Gb Available in Paging File | 76,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 450,16 Gb Total Space | 315,95 Gb Free Space | 70,19% Space Free | Partition Type: NTFS

Drive D: | 1,88 Gb Total Space | 1,87 Gb Free Space | 99,85% Space Free | Partition Type: FAT

E: Drive not present or media not loaded

Drive F: | 465,65 Gb Total Space | 369,77 Gb Free Space | 79,41% Space Free | Partition Type: FAT32

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: METALLBAU-PC

Current User Name: Windows 7 (System)

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Include 64bit Scans

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 90 Days

Output = Minimal

Quick Scan

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-2254292999-42661514-4164187713-1006\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %* File not found

cmdfile [open] -- "%1" %* File not found

comfile [open] -- "%1" %* File not found

exefile [open] -- "%1" %* File not found

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %* File not found

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1" File not found

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S File not found

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{053B3DA8-91B5-4682-A130-715412A1A253}" = Paint.NET v3.5.4

"{22ABA92B-6C1B-46D8-AC2B-C48EEAE172A9}" = VD64Inst

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{61A20274-C591-443B-B504-0A7D5721AC08}" = ESET NOD32 Antivirus

"{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007

"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007

"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}" = Broadcom Gigabit NetLink Controller

"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software

"NVIDIA Drivers" = NVIDIA Drivers

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"WinRAR archiver" = WinRAR

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"$NtUninstallMTF1011$" = Street-Ads Browser Enhancer

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM

"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404

"{067EC517-9731-43FD-B4D5-296EE0027BBB}" = LogMeIn Hamachi

"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard

"{13C96625-28E4-4c58-ADE0-CDAFC64752EB}" = JMicron 1394 Filter Driver

"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8

"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe

"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver

"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15

"{27996809-446F-7261-6C69-6B654C656F6E}" = 

"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com

"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime

"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie

"{30075A70-B5D2-440B-AFA3-FB2021740121}" = Backup Manager Advance

"{31146037-317A-43F3-BCB3-10C3ED3F10A9}" = Roxio WinOnCD 9

"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform

"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II

"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404

"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager

"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker

"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent

"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call

"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works

"{669A37FF-A446-46F9-8AAE-EEC1988A2ADF}" = Autodesk Design Review Firefox Add-on v1.1 

"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam

"{79221CA7-A39A-4AE5-A558-B5D928393FC4}_is1" = File Extractor v0.9.9

"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX

"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}" = First Class Flurry

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed

"{8D20B4D7-3422-4099-9332-39F27E617A6F}" = Autodesk Design Review 2011

"{8D8DAC0F-56E7-446B-B8A3-A7E75EEF077B}_is1" = T3Desk 2010 Build Version 10.01

"{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console

"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007

"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007

"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007

"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)

"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007

"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007

"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007

"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007

"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007

"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System

"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007

"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007

"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007

"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007

"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007

"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007

"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)

"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9AC5BB16-8C22-4D5C-9A07-9196183B50C9}_is1" = mirabyte Web Architect 9.0.4

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A837BCE6-BCB1-4A44-8807-A678EAF06933}" = ANNO 1404 Entwickler-Tools

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.3.2 MUI

"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX

"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail

"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2

"{E09664BB-BB08-45FA-87D1-33EAB0E017F5}" = Fingerprint Solution

"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer

"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide

"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update

"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant

"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F1C6C824-FF4F-4CD6-9B25-E40F750FC2E8}" = funkwerk Eumex 401 WIN-Tools V1.00

"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth

"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials

"{FBC79D04-051E-4367-8051-1DB0C893FBE0}" = Nuvoton CIR Device Drivers

"{FCC662D1-01A8-4034-B67D-2AD91F723154}" = Acer Arcade Instant On

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"4t Tray Minimizer_is1" = 4t Tray Minimizer Free 4.40

"Acer Registration" = Acer Registration

"Acer Screensaver" = Acer ScreenSaver

"Acer Welcome Center" = Welcome Center

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"Akamai" = Akamai NetSession Interface

"Ask Toolbar_is1" = Foxit Toolbar

"Autodesk Design Review 2011" = Autodesk Design Review 2011

"AviSynth" = AviSynth 2.5

"Carrera Streckenplaner" = Carrera Streckenplaner

"Combat Arms EU" = Combat Arms EU

"CSS-Editor_is1" = CSS-Editor

"DivX Setup.divx.com" = DivX-Setup

"Foxit Reader" = Foxit Reader

"Free Video to iPod Converter_is1" = Free Video to iPod Converter version 3.4

"FreeStar Free PSP Video Converter" = FreeStar Free PSP Video Converter 2.0.12

"Google Chrome" = Google Chrome

"GridVista" = Acer GridVista

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"HyperCam 2" = HyperCam 2

"HypreCam Toolbar" = HypreCam Toolbar

"ICQToolbar" = ICQ Toolbar

"Identity Card" = Identity Card

"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5

"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2

"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8

"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe

"InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}" = Acer Backup Manager

"InstallShield_{E09664BB-BB08-45FA-87D1-33EAB0E017F5}" = Acer Bio Protection

"InstallShield_{F1C6C824-FF4F-4CD6-9B25-E40F750FC2E8}" = funkwerk Eumex 401 WIN-Tools V1.00

"JDownloader" = JDownloader

"LManager" = Launch Manager

"LogMeIn Hamachi" = LogMeIn Hamachi

"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)

"Mozilla Thunderbird (3.0.4)" = Mozilla Thunderbird (3.0.4)

"My Screen Recorder_is1" = My Screen Recorder 2.62

"NSS" = Norton Security Scan

"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch

"PremiumSoft Navicat Lite 8.2_is1" = PremiumSoft Navicat Lite 8.2

"PremiumSoft Navicat Lite_is1" = PremiumSoft Navicat Lite 9.0

"PSP Video 9" = PSP Video 9 5.04

"San Andreas Mod Installer1.1" = San Andreas Mod Installer

"ST6UNST #1" = Gelber-Bieger WB 1.2.1

"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2

"Total Video Converter 3.61_is1" = Total Video Converter 3.61 100319

"Uninstall_is1" = Uninstall 1.0.0.1

"WinGimp-2.0_is1" = GIMP 2.6.8

"WinLiveSuite_Wave3" = Windows Live Essentials

 
 ========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-2254292999-42661514-4164187713-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"PhotoFiltre" = PhotoFiltre

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 11.06.2010 02:44:29 | Computer Name = Metallbau-PC | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".

Die

 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

Error - 11.06.2010 02:44:29 | Computer Name = Metallbau-PC | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".

Die

 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

Error - 11.06.2010 12:17:38 | Computer Name = Metallbau-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: gta_sa.exe, Version: 0.0.0.0, Zeitstempel:

 0x00564544  Name des fehlerhaften Moduls: gta_sa.exe, Version: 0.0.0.0, Zeitstempel:

 0x00564544  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000b5e03  ID des fehlerhaften Prozesses:

 0x5f0  Startzeit der fehlerhaften Anwendung: 0x01cb097e49004b83  Pfad der fehlerhaften

 Anwendung: C:\Users\Windows 7 (System)\Desktop\Grand Theft Auto San Andreas\gta_sa.exe

Pfad

 des fehlerhaften Moduls: C:\Users\Windows 7 (System)\Desktop\Grand Theft Auto San

 Andreas\gta_sa.exe  Berichtskennung: da02bf1b-7574-11df-a17d-b4999534092b

 

Error - 12.06.2010 09:51:47 | Computer Name = Metallbau-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: thunderbird.exe, Version: 1.9.1.3728,

 Zeitstempel: 0x4ba12250  Name des fehlerhaften Moduls: thunderbird.exe, Version: 

1.9.1.3728, Zeitstempel: 0x4ba12250  Ausnahmecode: 0xc0000005  Fehleroffset: 0x005a0e42

ID

 des fehlerhaften Prozesses: 0xb8c  Startzeit der fehlerhaften Anwendung: 0x01cb0a366207d846

Pfad

 der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

Pfad

 des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

Berichtskennung:

 a4408b22-7629-11df-a10e-fa72aced7351

 

Error - 12.06.2010 20:37:45 | Computer Name = Metallbau-PC | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files

 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder

 Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe

 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"

 des "version"-Attributs im assemblyIdentity-Element ist ungültig.

 

Error - 12.06.2010 20:38:45 | Computer Name = Metallbau-PC | Source = SideBySide | ID = 16842787

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files

 (x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei

 "c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile  8.  Die 

im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente

 überein.  Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".

Definition:

 WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Verwenden Sie

 das Programm "sxstrace.exe" für eine detaillierte Diagnose.

 

Error - 12.06.2010 20:38:59 | Computer Name = Metallbau-PC | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".

Die

 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

Error - 12.06.2010 20:38:59 | Computer Name = Metallbau-PC | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".

Die

 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

Error - 12.06.2010 20:38:59 | Computer Name = Metallbau-PC | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".

Die

 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

Error - 12.06.2010 20:38:59 | Computer Name = Metallbau-PC | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".

Die

 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

[ Media Center Events ]

Error - 26.03.2010 03:17:40 | Computer Name = Metallbau-PC | Source = MCUpdate | ID = 0

Description = 08:17:40 - Fehler beim Herstellen der Internetverbindung.  08:17:40 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 26.03.2010 03:17:49 | Computer Name = Metallbau-PC | Source = MCUpdate | ID = 0

Description = 08:17:45 - Fehler beim Herstellen der Internetverbindung.  08:17:45 

-     Serververbindung konnte nicht hergestellt werden..  

 

[ System Events ]

Error - 28.05.2010 07:43:09 | Computer Name = Metallbau-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "McAfee Real-time Scanner" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%2

 

Error - 28.05.2010 07:47:49 | Computer Name = Metallbau-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "McAfee Real-time Scanner" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%2

 

Error - 28.05.2010 18:10:06 | Computer Name = Metallbau-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "McAfee Real-time Scanner" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%2

 

Error - 28.05.2010 19:51:12 | Computer Name = Metallbau-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "McAfee Real-time Scanner" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%2

 

Error - 29.05.2010 03:39:12 | Computer Name = Metallbau-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "McAfee Real-time Scanner" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%2

 

Error - 29.05.2010 10:38:40 | Computer Name = Metallbau-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "McAfee Real-time Scanner" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%2

 

Error - 29.05.2010 12:56:19 | Computer Name = Metallbau-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "McAfee Real-time Scanner" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%2

 

Error - 30.05.2010 02:54:06 | Computer Name = Metallbau-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "McAfee Real-time Scanner" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%2

 

Error - 30.05.2010 06:19:54 | Computer Name = Metallbau-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "McAfee Real-time Scanner" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%2

 

Error - 30.05.2010 11:23:35 | Computer Name = Metallbau-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "McAfee Real-time Scanner" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%2

 

 

< End of report >

--- --- ---

Sollte ich einen Crack finden, muss ich den Support einstellen.

Schritt 1

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die http://image.hijackthis.eu/upload/hjt1-021.jpg Textbox.

Code:

:OTL

PRC - C:\cleansweep.exe\cleansweep.exe ()

O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)

O4 - HKLM..\Run: []  File not found

O4 - HKCU..\Run: [{981ACF21-4AC3-6AF2-CAD1-AFCF32C22551}] C:\Users\Windows 7 (System)\AppData\Roaming\Atuxoz\hyibu.exe File not found

O4 - HKCU..\Run: [4n7fcL8pVO2N] C:\Windows\SysWow64\svchost95.exe File not found

O4 - HKCU..\Run: [cleansweep.exe] C:\cleansweep.exe\cleansweep.exe ()

O4 - HKCU..\Run: [M5T8QL3YW3] C:\Users\Windows 7 (System)\AppData\Local\Temp\Dkh.exe File not found

O4 - HKCU..\Run: [svchost95] C:\Windows\svchost95.exe (Microsoft Corporation)

[2010.06.15 22:11:22 | 000,000,001 | ---- | C] () -- C:\Users\Windows 7 (System)\oashdihasidhasuidhiasdhiashdiuasdhasd

[2010.06.15 22:07:31 | 000,000,338 | -H-- | C] () -- C:\Windows\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job

@Alternate Data Stream - 76 bytes -> C:\Users\Windows 7 (System)\Desktop\Alles rein:Roxio EMC Stream

@Alternate Data Stream - 76 bytes -> C:\Users\Windows 7 (System)\Desktop\6-468fb3e909eff8632127632b608d9fd5.jpg:Roxio EMC Stream

@Alternate Data Stream - 152 bytes -> C:\ProgramData\Temp:AB689DEA

@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:4D066AD2

@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:5D7E5A8F

@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:93DE1838

@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:E1F04E8D

@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:444C53BA

@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:ABE89FFE

@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:4CF61E54
 

:services
 

:files

C:\Program Files (x86)\AskBarDis

C:\cleansweep.exe

C:\Users\Windows 7 (System)\AppData\Roaming\Atuxoz

:reg

:Commands

[purity]

[emptytemp]

[resethosts]

[emptyflash]

[reboot]

Schliesse bitte nun alle Programme.
Klicke nun bitte auf den Fix Button.
Klick auf http://billy-oneal.com/Canned%20Spee.../OTL/btnOK.png.
OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
( Auch zu finden unter C:\_OTL\MovedFiles\<time_date>.txt)
Kopiere nun den Inhalt hier in Deinen Thread

Schritt 2

Bereinigung mit Malwarebytes' Anti-Malware (Quick-Scan)

Downloade Dir bitte Malwarebytes

Installiere das Programm in den vorgegebenen Pfad.
Denke daran, bei Vista das Programm als Admin zu starten, ansonsten per Doppelklick starten.
Lasse es online updaten (Reiter Updates), sofern sich das Programm bereits auf dem Rechner befand.
Aktiviere "Quick-Scan durchführen" => Scan.
Wenn der Scan beendet ist, klicke auf "Ergebnisse anzeigen".
Bei Funden in C:\System Volume Information den Haken entfernen.
Ansonsten wird dieser Systemwiederherstellungspunkt nicht mehr funktionieren.
Er könnte jedoch trotz Malware noch gebraucht werden.
Versichere Dich, dass ansonsten alle Funde markiert sind und drücke "Entferne Auswahl".
Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
Nachträglich kannst du den Bericht unter "Scan-Berichte" finden.
Berichte, wie der Rechner nun läuft.

Hier findest Du eine ausführliche und bebilderte Anleitung.

Schritt 3

Starte bitte OTL.exe und klicke auf den Quick Scan Button.

Bitte poste in Deiner nächsten Antwort
log von OTLfix
MBAM Log
OTL.txt
Berichte wie der Rechner läuft

das kamm nach dem neustart

Code:

All processes killed

========== OTL ==========

No active process named cleansweep.exe was found!

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.

C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ deleted successfully.

File C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\{981ACF21-4AC3-6AF2-CAD1-AFCF32C22551} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{981ACF21-4AC3-6AF2-CAD1-AFCF32C22551}\ not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\4n7fcL8pVO2N deleted successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\cleansweep.exe deleted successfully.

C:\cleansweep.exe\cleansweep.exe moved successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\M5T8QL3YW3 deleted successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\svchost95 deleted successfully.

C:\Windows\svchost95.exe moved successfully.

C:\Users\Windows 7 (System)\oashdihasidhasuidhiasdhiashdiuasdhasd moved successfully.

C:\Windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job moved successfully.

ADS C:\Users\Windows 7 (System)\Desktop\Alles rein:Roxio EMC Stream deleted successfully.

ADS C:\Users\Windows 7 (System)\Desktop\6-468fb3e909eff8632127632b608d9fd5.jpg:Roxio EMC Stream deleted successfully.

ADS C:\ProgramData\Temp:AB689DEA deleted successfully.

ADS C:\ProgramData\Temp:4D066AD2 deleted successfully.

ADS C:\ProgramData\Temp:5D7E5A8F deleted successfully.

ADS C:\ProgramData\Temp:93DE1838 deleted successfully.

ADS C:\ProgramData\Temp:E1F04E8D deleted successfully.

ADS C:\ProgramData\Temp:444C53BA deleted successfully.

ADS C:\ProgramData\Temp:ABE89FFE deleted successfully.

ADS C:\ProgramData\Temp:4CF61E54 deleted successfully.

========== SERVICES/DRIVERS ==========

========== FILES ==========

C:\Program Files (x86)\AskBarDis\bar\Settings folder moved successfully.

C:\Program Files (x86)\AskBarDis\bar\bin folder moved successfully.

C:\Program Files (x86)\AskBarDis\bar folder moved successfully.

C:\Program Files (x86)\AskBarDis folder moved successfully.

C:\cleansweep.exe folder moved successfully.

C:\Users\Windows 7 (System)\AppData\Roaming\Atuxoz folder moved successfully.

========== REGISTRY ==========

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Merling

->Temp folder emptied: 521341711 bytes

->Temporary Internet Files folder emptied: 128079054 bytes

->Java cache emptied: 12251195 bytes

->FireFox cache emptied: 36542939 bytes

->Google Chrome cache emptied: 6329958 bytes

->Flash cache emptied: 15951155 bytes

 

User: Public

 

User: Windows

 

User: Windows 7 (System)

->Temp folder emptied: 178897013 bytes

->Temporary Internet Files folder emptied: 84875636 bytes

->Java cache emptied: 457363 bytes

->FireFox cache emptied: 250807836 bytes

->Google Chrome cache emptied: 23010579 bytes

->Flash cache emptied: 18205 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 121009613 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67698 bytes

RecycleBin emptied: 1459477997 bytes

 

Total Files Cleaned = 2.708,00 mb

 

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

[EMPTYFLASH]

 

User: All Users

 

User: Default

 

User: Default User

 

User: Merling

->Flash cache emptied: 0 bytes

 

User: Public

 

User: Windows

 

User: Windows 7 (System)

->Flash cache emptied: 0 bytes

 

Total Flash Files Cleaned = 0,00 mb

 

 

OTL by OldTimer - Version 3.2.6.0 log created on 06182010_224250
 

Files\Folders moved on Reboot...

C:\Users\Windows 7 (System)\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

C:\Windows\temp\JETC65A.tmp moved successfully.
 

Registry entries deleted on Reboot...

das ist die mbam

der lap top ist immer noch so schnell wie vorher aber nichts langsam

Code:

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org
 

Datenbank Version: 4213
 

Windows 6.1.7600

Internet Explorer 8.0.7600.16385
 

18.06.2010 22:55:43

mbam-log-2010-06-18 (22-55-43).txt
 

Art des Suchlaufs: Quick-Scan

Durchsuchte Objekte: 146313

Laufzeit: 3 Minute(n), 44 Sekunde(n)
 

Infizierte Speicherprozesse: 0

Infizierte Speichermodule: 1

Infizierte Registrierungsschlüssel: 11

Infizierte Registrierungswerte: 0

Infizierte Dateiobjekte der Registrierung: 0

Infizierte Verzeichnisse: 1

Infizierte Dateien: 1
 

Infizierte Speicherprozesse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule:

C:\Program Files\js3250.dll (Spyware.OnlineGames) -> Delete on reboot.
 

Infizierte Registrierungsschlüssel:

HKEY_CLASSES_ROOT\AppID\{84c3c236-f588-4c93-84f4-147b2abbe67b} (Adware.Adrotator) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\{7b6a2552-e65b-4a9e-add4-c45577ffd8fd} (Adware.EZLife) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\$NtUninstallMTF1011$ (Adware.Adrotator) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\adgj.aghlp (Adware.EZLife) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\adgj.aghlp.1 (Adware.EZLife) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\M5T8QL3YW3 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9a065e57-08db-4946-9506-6547f4f5734d} (Adware.AdRotator) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{9a065e57-08db-4946-9506-6547f4f5734d} (Adware.AdRotator) -> Quarantined and deleted successfully.
 

Infizierte Registrierungswerte:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung:

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse:

C:\Windows\$NtUninstallMTF1011$ (Adware.Adrotator) -> Quarantined and deleted successfully.
 

Infizierte Dateien:

C:\Program Files\js3250.dll (Spyware.OnlineGames) -> Delete on reboot.

und hier nochma der letzte scan

OTL Logfile:

Code:

OTL logfile created on: 18.06.2010 23:02:27 - Run 4

OTL by OldTimer - Version 3.2.6.0     Folder = C:\Users\Windows 7 (System)\Desktop

64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 63,00% Memory free

8,00 Gb Paging File | 6,00 Gb Available in Paging File | 81,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 450,16 Gb Total Space | 317,85 Gb Free Space | 70,61% Space Free | Partition Type: NTFS

Drive D: | 1,88 Gb Total Space | 1,87 Gb Free Space | 99,85% Space Free | Partition Type: FAT

E: Drive not present or media not loaded

Drive F: | 465,65 Gb Total Space | 369,77 Gb Free Space | 79,41% Space Free | Partition Type: FAT32

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: METALLBAU-PC

Current User Name: Windows 7 (System)

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Include 64bit Scans

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 90 Days

Output = Minimal

Quick Scan

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Users\Windows 7 (System)\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\Google\Update\1.2.183.29\GoogleCrashHandler.exe (Google Inc.)

PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()

PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)

PRC - C:\Program Files\firefox.exe (Mozilla Corporation)

PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()

PRC - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)

PRC - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)

PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

PRC - C:\Program Files (x86)\Launch Manager\LManager.EXE (Dritek System Inc.)

PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)

PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)

PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.)

PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)

PRC - C:\Program Files (x86)\Acer Bio Protection\BASVC.exe (Egis Technology Inc.)

PRC - C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.)

PRC - C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe (Egis Technology Inc.)

PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)

PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)

PRC - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)

PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10c.exe (Adobe Systems, Inc.)

PRC - C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)

PRC - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)

PRC - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)

PRC - C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer)

PRC - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.)

PRC - C:\Program Files (x86)\funkwerk WIN-Tools\Eumex 401 WIN-Tools V1.00\ControlCenter.exe (Funkwerk Enterprise Communications GmbH)

PRC - C:\Windows\PLFSetI.exe ()

PRC - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)

PRC - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe (Sonic Solutions)

 

 
 ========== Modules (SafeList) ==========

 

MOD - C:\Users\Windows 7 (System)\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation)

MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - (EhttpSrv) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)

SRV:64bit: - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)

SRV:64bit: - (ePowerSvc) -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated)

SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)

SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation)

SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation)

SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation)

SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)

SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation)

SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation)

SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)

SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)

SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation)

SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)

SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation)

SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation)

SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)

SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)

SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation)

SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation)

SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)

SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation)

SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation)

SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)

SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation)

SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation)

SRV:64bit: - (Updater Service) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer)

SRV - (Akamai) -- c:\program files (x86)\common files\akamai\rswin_3697.dll ()

SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()

SRV - (Hamachi2Svc) -- C:\MT2\Hamachi\hamachi-2.exe (LogMeIn Inc.)

SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)

SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()

SRV - (IGBASVC) -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe (Egis Technology Inc.)

SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)

SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)

SRV - (VSS) -- C:\Windows\Vss [2009.07.14 05:20:14 | 000,000,000 | ---D | M]

SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2009.07.14 05:20:14 | 000,000,000 | ---D | M]

SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation)

SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation)

SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()

SRV - (RS_Service) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)

SRV - (NTISchedulerSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.)

SRV - (NTIBackupSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)

SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()

DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()

DRV:64bit: - (vmm) -- C:\Windows\SysNative\Treiber\VMM.sys (Microsoft Corporation)

DRV:64bit: - (epfwwfpr) -- C:\Windows\SysNative\drivers\epfwwfpr.sys (ESET)

DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)

DRV:64bit: - (eamonm) -- C:\Windows\SysNative\drivers\eamonm.sys (ESET)

DRV:64bit: - (KSecPkg) -- C:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation)

DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)

DRV:64bit: - (fvevol) -- C:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation)

DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)

DRV:64bit: - (FPSensor) EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys) -- C:\Windows\SysNative\drivers\FPSensor.sys (EgisTec)

DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)

DRV:64bit: - (NETw5s64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)

DRV:64bit: - (nuvotoncir) -- C:\Windows\SysNative\drivers\nuvotoncir.sys (Nuvoton Technology Corporation)

DRV:64bit: - (johci) -- C:\Windows\SysNative\drivers\johci.sys (JMicron )

DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)

DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (hwpolicy) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation)

DRV:64bit: - (FsDepends) -- C:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (WIMMount) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation)

DRV:64bit: - (vhdmp) -- C:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation)

DRV:64bit: - (vdrvroot) -- C:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (rdyboost) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation)

DRV:64bit: - (pcw) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation)

DRV:64bit: - (CNG) -- C:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation)

DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)

DRV:64bit: - (rdpbus) -- C:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation)

DRV:64bit: - (RDPREFMP) -- C:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation)

DRV:64bit: - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation)

DRV:64bit: - (usbrndis6) -- C:\Windows\SysNative\drivers\usb80236.sys (Microsoft Corporation)

DRV:64bit: - (WfpLwf) -- C:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation)

DRV:64bit: - (RMCAST) -- C:\Windows\SysNative\drivers\rmcast.sys (Microsoft Corporation)

DRV:64bit: - (NdisCap) -- C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation)

DRV:64bit: - (vwifimp) -- C:\Windows\SysNative\drivers\vwifimp.sys (Microsoft Corporation)

DRV:64bit: - (vwififlt) -- C:\Windows\SysNative\drivers\vwififlt.sys (Microsoft Corporation)

DRV:64bit: - (vwifibus) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation)

DRV:64bit: - (1394ohci) -- C:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation)

DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)

DRV:64bit: - (usbvideo) USB Video Device (WDM) -- C:\Windows\SysNative\drivers\usbvideo.sys (Microsoft Corporation)

DRV:64bit: - (BthPan) Bluetooth-Gerät (PAN) -- C:\Windows\SysNative\drivers\bthpan.sys (Microsoft Corporation)

DRV:64bit: - (BTHPORT) -- C:\Windows\SysNative\drivers\bthport.sys (Microsoft Corporation)

DRV:64bit: - (RFCOMM) Bluetooth-Gerät (RFCOMM-Protokoll-TDI) -- C:\Windows\SysNative\drivers\rfcomm.sys (Microsoft Corporation)

DRV:64bit: - (BthEnum) -- C:\Windows\SysNative\drivers\bthenum.sys (Microsoft Corporation)

DRV:64bit: - (BTHUSB) -- C:\Windows\SysNative\drivers\BTHUSB.SYS (Microsoft Corporation)

DRV:64bit: - (UmPass) -- C:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation)

DRV:64bit: - (WinUsb) -- C:\Windows\SysNative\drivers\winusb.sys (Microsoft Corporation)

DRV:64bit: - (mshidkmdf) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation)

DRV:64bit: - (WudfPf) -- C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)

DRV:64bit: - (MTConfig) -- C:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation)

DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation)

DRV:64bit: - (Beep) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation)

DRV:64bit: - (AppID) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation)

DRV:64bit: - (scfilter) -- C:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation)

DRV:64bit: - (discache) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation)

DRV:64bit: - (HidBatt) -- C:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation)

DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation)

DRV:64bit: - (AcpiPmi) -- C:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation)

DRV:64bit: - (AmdPPM) -- C:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation)

DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)

DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)

DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)

DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (k57nd60a) Broadcom NetLink (TM) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)

DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)

DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)

DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)

DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5v64.sys (Intel Corporation)

DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)

DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)

DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)

DRV:64bit: - (int15.sys) -- C:\Windows\SysNative\OEM\factory\int15.sys (Acer, Inc.)

DRV:64bit: - (VPCNetS2) -- C:\Windows\SysNative\drivers\VMNetSrv.sys (Microsoft Corporation)

DRV:64bit: - (RxFilter) -- C:\Windows\SysNative\drivers\RxFilter.sys (Sonic Solutions)

DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

DRV - (WinUsb) -- C:\Windows\SysWOW64\winusb.dll (Microsoft Corporation)

DRV - (NetBIOS) -- C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation)

DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()

DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()

DRV - (mwlPSDVDisk) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlPSDVdisk.sys (Egis Technology Inc.)

DRV - (mwlPSDFilter) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlPSDFilter.sys (Egis Technology Inc.)

DRV - (mwlPSDNServ) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlPSDNServ.sys (Egis Technology Inc.)

DRV - (DKbFltr) Dritek Keyboard Filter Driver (64-bit) -- C:\Windows\SysWOW64\drivers\DKbFltr.sys (Dritek System Inc.)

DRV - (RxFilter) -- C:\Windows\SysWOW64\drivers\RxFilter.sys (Sonic Solutions)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8940g&r=273602108006l0343z175t4882y803

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8940g&r=273602108006l0343z175t4882y803

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8940g&r=273602108006l0343z175t4882y803

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8940g&r=273602108006l0343z175t4882y803

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8940g&r=273602108006l0343z175t4882y803

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8940g&r=273602108006l0343z175t4882y803

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

 

 

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\components [2010.06.18 23:00:44 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\plugins [2010.06.18 23:00:43 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.05.03 22:38:12 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2010.06.18 20:37:02 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.06.18 19:54:14 | 000,000,000 | ---D | M]

 

[2010.05.31 21:09:28 | 000,000,000 | ---D | M] -- C:\Users\Windows 7 (System)\AppData\Roaming\mozilla\Extensions

[2010.05.31 21:09:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Windows 7 (System)\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2010.06.18 20:40:43 | 000,000,000 | ---D | M] -- C:\Users\Windows 7 (System)\AppData\Roaming\mozilla\Firefox\Profiles\ifxymu3v.default\extensions

[2010.06.18 20:37:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Windows 7 (System)\AppData\Roaming\mozilla\Firefox\Profiles\ifxymu3v.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}

 

O1 HOSTS File: ([2010.06.18 22:44:32 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: ::1       localhost

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg64.dll (Google Inc.)

O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)

O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\HypreCam Toolbar\tbcore3.dll ()

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (HypreCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\HypreCam Toolbar\tbcore3.dll ()

O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)

O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (HypreCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\HypreCam Toolbar\tbcore3.dll ()

O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)

O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)

O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)

O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [XeroxEndeavorBackgroundTask] C:\Windows\SysNative\xrWCbgnd.dll (Xerox Corporation)

O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)

O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe File not found

O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)

O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)

O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)

O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)

O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)

O4 - HKLM..\Run: [VitaKeyPdtWzd] C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.)

O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)

O4 - HKCU..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)

O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll (Google Inc.)

O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll (Google Inc.)

O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)

O9:64bit: - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)

O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)

O9 - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)

O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)

O13 - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)

O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009.02.06 17:00:42 | 000,000,000 | ---D | M] - F:\AutoCad2005 -- [ FAT32 ]

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 90 Days ==========

 

[2010.06.18 23:00:44 | 000,000,000 | ---D | C] -- C:\Program Files\searchplugins

[2010.06.18 22:49:47 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Malwarebytes

[2010.06.18 22:49:34 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

[2010.06.18 22:49:32 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2010.06.18 22:49:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2010.06.18 22:49:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010.06.18 22:42:50 | 000,000,000 | ---D | C] -- C:\_OTL

[2010.06.18 21:40:36 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Users\Windows 7 (System)\Desktop\OTL.exe

[2010.06.18 20:39:18 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\Desktop\Alles rein

[2010.06.18 20:37:03 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Foxit

[2010.06.18 20:37:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software

[2010.06.18 19:57:52 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\ESET

[2010.06.18 19:54:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET

[2010.06.18 19:54:13 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2010.06.17 16:31:26 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\skypePM

[2010.06.17 16:29:12 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Skype

[2010.06.17 16:28:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\extensions

[2010.06.17 16:28:30 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype

[2010.06.17 16:28:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype

[2010.06.17 16:28:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype

[2010.06.15 22:07:31 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Windows Server

[2010.06.15 15:37:32 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Roxio

[2010.06.15 15:35:51 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio

[2010.06.15 15:35:46 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield

[2010.06.15 15:35:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic

[2010.06.15 15:34:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio

[2010.06.15 15:34:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared

[2010.06.15 15:34:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio

[2010.06.15 15:33:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared

[2010.06.14 19:17:46 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\PowerCinema

[2010.06.14 19:17:44 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\PowerCinema

[2010.06.14 16:39:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\gta san andreas

[2010.06.13 16:20:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\plugins

[2010.06.12 18:15:17 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Ubisoft

[2010.06.12 18:00:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Tages

[2010.06.12 17:49:34 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Diagnostics

[2010.06.12 16:21:26 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\Documents\NFS Most Wanted Backups

[2010.06.12 16:21:26 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\Documents\NFS Most Wanted

[2010.06.12 15:58:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Counter-Strike 1.6

[2010.06.11 14:16:59 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\gtk-2.0

[2010.06.10 22:54:47 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\.thumbnails

[2010.06.10 22:40:56 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\Documents\gegl-0.0

[2010.06.10 22:40:56 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\.gimp-2.6

[2010.06.10 22:40:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIMP-2.0

[2010.06.10 22:29:07 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\PhotoFiltre

[2010.06.10 22:29:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoFiltre

[2010.06.07 16:57:57 | 000,000,000 | ---D | C] -- C:\Windows\San Andreas Mod Installer

[2010.06.06 00:14:13 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\CyberLink

[2010.06.06 00:14:10 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\PlayMovie

[2010.06.05 23:21:53 | 000,000,000 | -H-D | C] -- C:\MyWinLockerData

[2010.06.05 22:34:28 | 000,000,000 | R-SD | C] -- C:\Users\Windows 7 (System)\Documents\My Stationery

[2010.06.05 12:23:40 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\LogMeIn Hamachi

[2010.06.03 22:54:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Grand Theft Auto San Andreas

[2010.06.03 22:43:38 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\Documents\GTA San Andreas User Files

[2010.06.03 20:56:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CSS-Editor

[2010.06.02 21:11:57 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Broadcom

[2010.06.02 21:11:57 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\Documents\Bluetooth-Exchange-Ordner

[2010.06.02 17:19:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared

[2010.05.31 21:09:25 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Thunderbird

[2010.05.31 21:09:25 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Thunderbird

[2010.05.31 19:36:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Carrera Streckenplaner

[2010.05.31 18:58:42 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Adobe

[2010.05.30 09:03:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64

[2010.05.30 09:03:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Scan

[2010.05.30 09:03:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton

[2010.05.30 09:03:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64\0207030.022

[2010.05.30 09:03:22 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller

[2010.05.30 09:03:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller

[2010.05.29 16:49:01 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\DivX

[2010.05.29 16:48:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine

[2010.05.29 16:48:53 | 000,000,000 | ---D | C] -- C:\Program Files\DivX

[2010.05.29 16:48:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared

[2010.05.29 16:46:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX

[2010.05.29 16:45:51 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX

[2010.05.29 15:43:50 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Apple Computer

[2010.05.29 09:44:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Combat Arms EU

[2010.05.29 02:13:31 | 000,000,000 | ---D | C] -- C:\Windows\Sun

[2010.05.28 15:18:40 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Microsoft Games

[2010.05.28 05:58:25 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Yfvait

[2010.05.27 19:44:16 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\WinRAR

[2010.05.26 21:53:56 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Google

[2010.05.26 21:53:55 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Google

[2010.05.26 18:45:41 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Apple Computer

[2010.05.25 18:55:13 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Adobe

[2010.05.25 18:54:24 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Mozilla

[2010.05.25 18:54:24 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Mozilla

[2010.05.25 18:53:48 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Macromedia

[2010.05.25 18:53:47 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\EgisTec

[2010.05.25 18:52:13 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Searches

[2010.05.25 18:52:05 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Identities

[2010.05.25 18:52:03 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Contacts

[2010.05.25 18:52:01 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\VirtualStore

[2010.05.25 18:51:58 | 000,000,000 | --SD | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Microsoft

[2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Videos

[2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Saved Games

[2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Pictures

[2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Music

[2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Links

[2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Favorites

[2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Downloads

[2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Documents

[2010.05.25 18:51:58 | 000,000,000 | R--D | C] -- C:\Users\Windows 7 (System)\Desktop

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Vorlagen

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\AppData\Local\Verlauf

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\AppData\Local\Temporary Internet Files

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Startmenü

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\SendTo

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Recent

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Netzwerkumgebung

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Lokale Einstellungen

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Documents\Eigene Videos

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Documents\Eigene Musik

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Eigene Dateien

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Documents\Eigene Bilder

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Druckumgebung

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Cookies

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\AppData\Local\Anwendungsdaten

[2010.05.25 18:51:58 | 000,000,000 | -HSD | C] -- C:\Users\Windows 7 (System)\Anwendungsdaten

[2010.05.25 18:51:58 | 000,000,000 | -H-D | C] -- C:\Users\Windows 7 (System)\AppData

[2010.05.25 18:51:58 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Temp

[2010.05.25 18:51:58 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Microsoft Help

[2010.05.25 18:51:58 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Local\Microsoft

[2010.05.25 18:51:58 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\Media Center Programs

[2010.05.21 15:33:08 | 000,000,000 | ---D | C] -- C:\Nexon

[2010.05.21 15:33:05 | 000,421,888 | ---- | C] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe

[2010.05.18 18:41:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\T3Desk

[2010.05.17 18:15:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader

[2010.05.17 18:15:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java

[2010.05.14 22:16:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Neuer Ordner

[2010.05.14 19:54:57 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonEU

[2010.05.14 12:13:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\4t Tray Minimizer

[2010.05.13 15:31:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HypreCam Toolbar

[2010.05.13 15:31:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HyCam2

[2010.05.11 15:15:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DeskShare Shared

[2010.05.11 15:15:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Deskshare

[2010.05.07 22:23:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\fpsp

[2010.05.07 21:58:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Total Video Converter

[2010.05.07 18:54:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft

[2010.05.07 18:54:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft

[2010.05.07 17:57:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5

[2010.05.07 17:57:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Red Kawa

[2010.05.07 17:50:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\URTTEMP

[2010.05.07 16:31:40 | 000,000,000 | ---D | C] -- C:\sdafd

[2010.05.03 22:38:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird

[2010.05.01 18:46:57 | 000,000,000 | ---D | C] -- C:\Users\Windows 7 (System)\AppData\Roaming\teamspeak2

[2010.05.01 18:46:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Teamspeak2_RC2

[2010.05.01 18:44:28 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess

[2010.05.01 12:19:43 | 000,000,000 | ---D | C] -- C:\ProgramData\IsolatedStorage

[2010.04.29 22:42:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Treiber

[2010.04.29 22:42:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Virtual PC

[2010.04.27 00:04:42 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl

[2010.04.24 10:51:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\funkwerk WIN-Tools

[2010.04.21 12:52:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Autodesk

[2010.04.21 12:51:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Autodesk Shared

[2010.04.21 12:51:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autodesk

[2010.04.12 11:43:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

[2010.04.12 11:43:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java

[2010.04.08 10:10:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Akamai

[2010.04.08 09:47:53 | 000,000,000 | ---D | C] -- C:\Program Files\Subagames

[2010.04.07 21:08:32 | 000,124,760 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\epfwwfpr.sys

[2010.04.07 21:07:10 | 000,139,704 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\ehdrv.sys

[2010.04.07 21:03:52 | 000,163,888 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\eamonm.sys

[2010.04.06 13:32:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime

[2010.04.06 13:32:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer

[2010.04.06 13:31:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple

[2010.04.06 13:31:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update

[2010.04.06 13:31:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple

[2010.04.04 23:29:28 | 000,000,000 | -H-D | C] -- C:\MT2

[2010.04.04 15:48:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Game Cam V2

[2010.04.02 20:03:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar

[2010.04.02 20:02:59 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ

[2010.04.02 12:24:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Xerox

[2010.04.01 17:38:05 | 000,000,000 | ---D | C] -- C:\fhgfd

[2010.04.01 16:34:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QS

[2010.04.01 16:31:18 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys

[2010.03.31 08:00:46 | 000,086,016 | ---- | C] (Beepa P/L) -- C:\Windows\SysWow64\frapsvid.dll

[2010.03.31 08:00:44 | 000,084,992 | ---- | C] (Beepa P/L) -- C:\Windows\SysNative\frapsv64.dll

[2010.03.27 09:54:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe

[2010.03.26 00:02:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft

[2010.03.25 23:49:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft

[2010.03.24 22:49:30 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR

[2006.09.14 11:32:20 | 000,028,672 | R--- | C] ( ) -- C:\Windows\SysWow64\DivXGraphBuilderCallback.dll

 
 ========== Files - Modified Within 90 Days ==========

 

[2010.06.18 23:04:14 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010.06.18 23:04:14 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010.06.18 23:02:39 | 001,501,000 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2010.06.18 23:02:39 | 000,656,010 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2010.06.18 23:02:39 | 000,616,632 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2010.06.18 23:02:39 | 000,131,874 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2010.06.18 23:02:39 | 000,108,268 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2010.06.18 23:00:47 | 000,001,484 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2010.06.18 23:00:27 | 002,097,152 | -HS- | M] () -- C:\Users\Windows 7 (System)\NTUSER.DAT

[2010.06.18 22:57:03 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010.06.18 22:56:45 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010.06.18 22:56:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010.06.18 22:56:38 | 3212,234,752 | -HS- | M] () -- C:\hiberfil.sys

[2010.06.18 22:55:51 | 006,357,490 | -H-- | M] () -- C:\Users\Windows 7 (System)\AppData\Local\IconCache.db

[2010.06.18 22:49:36 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010.06.18 22:44:32 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts

[2010.06.18 22:14:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010.06.18 21:40:44 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Windows 7 (System)\Desktop\OTL.exe

[2010.06.18 19:34:49 | 000,097,384 | ---- | M] () -- C:\Users\Windows 7 (System)\AppData\Local\GDIPFONTCACHEV1.DAT

[2010.06.18 19:34:21 | 000,388,496 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2010.06.18 18:02:42 | 000,000,502 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Merling.job

[2010.06.17 16:31:27 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat

[2010.06.16 11:18:16 | 000,002,863 | R-S- | M] () -- C:\Users\Windows 7 (System)\AppData\Roaming\usernt.dat

[2010.06.15 15:37:32 | 000,000,000 | ---- | M] () -- C:\Users\Windows 7 (System)\AppData\Local\rx_image.Cache

[2010.06.14 16:58:37 | 3630,059,453 | ---- | M] () -- C:\Users\Windows 7 (System)\Desktop\gta san andreas.rar

[2010.06.13 12:32:42 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2010.06.12 17:55:48 | 000,000,441 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics

[2010.06.12 17:43:24 | 000,000,000 | -H-- | M] () -- C:\Users\Windows 7 (System)\Documents\Default.rdp

[2010.06.12 16:27:28 | 000,314,016 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys

[2010.06.12 16:27:28 | 000,043,680 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys

[2010.06.11 14:38:42 | 000,141,141 | ---- | M] () -- C:\Users\Windows 7 (System)\Desktop\6-468fb3e909eff8632127632b608d9fd5.jpg

[2010.06.11 14:27:53 | 000,000,880 | ---- | M] () -- C:\Users\Windows 7 (System)\.recently-used.xbel

[2010.06.06 13:30:07 | 000,000,963 | ---- | M] () -- C:\Users\Windows 7 (System)\Desktop\Downloads - Verknüpfung.lnk

[2010.06.05 13:00:31 | 000,000,780 | ---- | M] () -- C:\Users\Windows 7 (System)\Desktop\gta_sa - Verknüpfung.lnk

[2010.05.30 09:03:23 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NSSx64\0207030.022\isolate.ini

[2010.05.25 22:14:40 | 000,524,288 | -HS- | M] () -- C:\Users\Windows 7 (System)\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms

[2010.05.25 22:14:40 | 000,524,288 | -HS- | M] () -- C:\Users\Windows 7 (System)\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms

[2010.05.25 22:14:40 | 000,065,536 | -HS- | M] () -- C:\Users\Windows 7 (System)\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf

[2010.05.25 18:51:58 | 000,000,020 | -HS- | M] () -- C:\Users\Windows 7 (System)\ntuser.ini

[2010.05.21 15:33:05 | 000,421,888 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe

[2010.05.17 00:31:19 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\Acer Registration Reminder.job

[2010.05.15 12:45:54 | 000,016,226 | ---- | M] () -- C:\Program Files\removed-files

[2010.05.15 12:45:49 | 000,000,000 | ---- | M] () -- C:\Program Files\.autoreg

[2010.05.14 14:18:02 | 000,000,118 | ---- | M] () -- C:\Windows\wininit.ini

[2010.05.07 17:51:18 | 001,531,462 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2010.05.03 22:38:14 | 000,002,009 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk

[2010.05.02 01:29:08 | 732,645,133 | ---- | M] () -- C:\DarioMT2.rar

[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

[2010.04.29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2010.04.29 12:37:16 | 000,000,046 | ---- | M] () -- C:\Windows\hmview.ini

[2010.04.27 00:04:42 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl

[2010.04.26 20:32:24 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

[2010.04.24 10:51:39 | 000,002,314 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Control Center.lnk

[2010.04.21 12:51:58 | 000,002,158 | ---- | M] () -- C:\Users\Public\Desktop\Autodesk Design Review.lnk

[2010.04.19 20:56:34 | 000,000,432 | ---- | M] () -- C:\Windows\BRWMARK.INI

[2010.04.10 16:24:26 | 000,001,024 | ---- | M] () -- C:\.rnd

[2010.04.07 21:08:32 | 000,124,760 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\epfwwfpr.sys

[2010.04.07 21:07:10 | 000,139,704 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\ehdrv.sys

[2010.04.07 21:03:52 | 000,163,888 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\eamonm.sys

[2010.04.06 13:32:54 | 000,001,849 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2010.04.01 20:00:17 | 001,015,256 | ---- | M] () -- C:\Program Files\js3250.dll

[2010.04.01 20:00:17 | 000,458,200 | ---- | M] (sqlite.org) -- C:\Program Files\sqlite3.dll

[2010.04.01 18:54:38 | 000,004,296 | ---- | M] () -- C:\Program Files\crashreporter.ini

[2010.04.01 18:54:38 | 000,000,705 | ---- | M] () -- C:\Program Files\crashreporter-override.ini

[2010.04.01 18:54:38 | 000,000,701 | ---- | M] () -- C:\Program Files\updater.ini

[2010.04.01 18:54:38 | 000,000,220 | ---- | M] () -- C:\Program Files\browserconfig.properties

[2010.04.01 18:54:38 | 000,000,003 | ---- | M] () -- C:\Program Files\update.locale

[2010.04.01 17:56:18 | 000,000,478 | ---- | M] () -- C:\Program Files\softokn3.chk

[2010.04.01 17:56:18 | 000,000,478 | ---- | M] () -- C:\Program Files\nssdbm3.chk

[2010.04.01 17:56:18 | 000,000,478 | ---- | M] () -- C:\Program Files\freebl3.chk

[2010.04.01 17:56:17 | 000,031,393 | ---- | M] () -- C:\Program Files\LICENSE

[2010.04.01 17:56:17 | 000,002,530 | ---- | M] () -- C:\Program Files\blocklist.xml

[2010.04.01 17:56:17 | 000,002,126 | ---- | M] () -- C:\Program Files\application.ini

[2010.04.01 17:56:17 | 000,000,141 | ---- | M] () -- C:\Program Files\platform.ini

[2010.03.31 08:00:46 | 000,086,016 | ---- | M] (Beepa P/L) -- C:\Windows\SysWow64\frapsvid.dll

[2010.03.31 08:00:44 | 000,084,992 | ---- | M] (Beepa P/L) -- C:\Windows\SysNative\frapsv64.dll

 
 ========== Files Created - No Company Name ==========

 

[2010.06.18 23:00:39 | 001,015,256 | ---- | C] () -- C:\Program Files\js3250.dll

[2010.06.18 22:49:36 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010.06.17 16:31:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010.06.16 11:18:15 | 000,002,863 | R-S- | C] () -- C:\Users\Windows 7 (System)\AppData\Roaming\usernt.dat

[2010.06.15 15:37:32 | 000,000,000 | ---- | C] () -- C:\Users\Windows 7 (System)\AppData\Local\rx_image.Cache

[2010.06.14 16:40:53 | 3630,059,453 | ---- | C] () -- C:\Users\Windows 7 (System)\Desktop\gta san andreas.rar

[2010.06.12 17:53:12 | 001,112,950 | ---- | C] () -- C:\Windows\SysNative\hw.dll

[2010.06.12 17:43:24 | 000,000,000 | -H-- | C] () -- C:\Users\Windows 7 (System)\Documents\Default.rdp

[2010.06.12 16:27:28 | 000,314,016 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys

[2010.06.12 16:27:28 | 000,043,680 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys

[2010.06.11 14:27:53 | 000,000,880 | ---- | C] () -- C:\Users\Windows 7 (System)\.recently-used.xbel

[2010.06.10 22:29:31 | 000,141,141 | ---- | C] () -- C:\Users\Windows 7 (System)\Desktop\6-468fb3e909eff8632127632b608d9fd5.jpg

[2010.06.06 13:30:07 | 000,000,963 | ---- | C] () -- C:\Users\Windows 7 (System)\Desktop\Downloads - Verknüpfung.lnk

[2010.06.05 13:00:31 | 000,000,780 | ---- | C] () -- C:\Users\Windows 7 (System)\Desktop\gta_sa - Verknüpfung.lnk

[2010.05.30 09:03:25 | 000,000,502 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for Merling.job

[2010.05.30 09:03:23 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSSx64\0207030.022\isolate.ini

[2010.05.25 18:51:58 | 002,097,152 | -HS- | C] () -- C:\Users\Windows 7 (System)\NTUSER.DAT

[2010.05.25 18:51:58 | 000,524,288 | -HS- | C] () -- C:\Users\Windows 7 (System)\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms

[2010.05.25 18:51:58 | 000,524,288 | -HS- | C] () -- C:\Users\Windows 7 (System)\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms

[2010.05.25 18:51:58 | 000,262,144 | -HS- | C] () -- C:\Users\Windows 7 (System)\ntuser.dat.LOG1

[2010.05.25 18:51:58 | 000,065,536 | -HS- | C] () -- C:\Users\Windows 7 (System)\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf

[2010.05.25 18:51:58 | 000,000,020 | -HS- | C] () -- C:\Users\Windows 7 (System)\ntuser.ini

[2010.05.25 18:51:58 | 000,000,000 | -HS- | C] () -- C:\Users\Windows 7 (System)\ntuser.dat.LOG2

[2010.05.15 12:45:54 | 000,016,226 | ---- | C] () -- C:\Program Files\removed-files

[2010.05.15 12:45:49 | 000,000,000 | ---- | C] () -- C:\Program Files\.autoreg

[2010.05.14 14:18:02 | 000,000,118 | ---- | C] () -- C:\Windows\wininit.ini

[2010.05.07 17:51:17 | 001,531,462 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2010.05.03 22:38:14 | 000,002,009 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk

[2010.05.01 21:01:57 | 732,645,133 | ---- | C] () -- C:\DarioMT2.rar

[2010.04.26 20:32:24 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

[2010.04.24 11:26:11 | 000,000,046 | ---- | C] () -- C:\Windows\hmview.ini

[2010.04.24 10:51:39 | 000,002,314 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Control Center.lnk

[2010.04.21 12:51:58 | 000,002,158 | ---- | C] () -- C:\Users\Public\Desktop\Autodesk Design Review.lnk

[2010.04.10 16:24:25 | 000,001,024 | ---- | C] () -- C:\.rnd

[2010.04.06 13:32:54 | 000,001,849 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2010.04.01 18:40:03 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll

[2010.02.22 16:43:21 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI

[2009.09.22 01:13:30 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll

[2009.09.22 01:13:30 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini

[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll

[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll

[2006.11.20 18:23:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\px.ini

[2006.10.26 23:02:40 | 000,520,192 | ---- | C] () -- C:\Windows\SysWow64\CddbPlaylist2Roxio.dll

[2006.10.26 23:02:40 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\CddbFileTaggerRoxio.dll

[2005.07.15 20:35:56 | 000,831,488 | ---- | C] () -- C:\Windows\SysWow64\libeay32.dll

[2005.07.15 20:35:56 | 000,159,744 | ---- | C] () -- C:\Windows\SysWow64\ssleay32.dll

[2005.07.15 20:35:24 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll

 
 ========== LOP Check ==========

 

[2010.06.18 20:37:03 | 000,000,000 | ---D | M] -- C:\Users\Windows 7 (System)\AppData\Roaming\Foxit

[2010.06.11 14:16:59 | 000,000,000 | ---D | M] -- C:\Users\Windows 7 (System)\AppData\Roaming\gtk-2.0

[2010.06.10 22:30:43 | 000,000,000 | ---D | M] -- C:\Users\Windows 7 (System)\AppData\Roaming\PhotoFiltre

[2010.06.14 19:17:51 | 000,000,000 | ---D | M] -- C:\Users\Windows 7 (System)\AppData\Roaming\PowerCinema

[2010.05.31 21:09:27 | 000,000,000 | ---D | M] -- C:\Users\Windows 7 (System)\AppData\Roaming\Thunderbird

[2010.06.12 18:15:17 | 000,000,000 | ---D | M] -- C:\Users\Windows 7 (System)\AppData\Roaming\Ubisoft

[2010.06.18 22:34:49 | 000,000,000 | ---D | M] -- C:\Users\Windows 7 (System)\AppData\Roaming\Yfvait

[2010.05.17 00:31:19 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\Acer Registration Reminder.job

[2010.06.07 07:10:02 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

< End of report >

--- --- ---

Zitat:

Sollte ich einen Crack finden, muss ich den Support einstellen.

was soll das bedeuten ???wo soll ich den nen crack haben ???

edit

Kaspersky Online Scanner

Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.

Anmerkung für Vista-User: Bitte den Browser unbedingt als Administrator starten.
Bitte während des Scans alle Hintergrundwächter abstellen/deaktivieren.
Java muss installiert, aktiv und erlaubt sein.
Bebilderte Anleitung von sundavis.
Dieser Scanner entfernt die Funde nicht, gibt aber einen guten Überblick.

Wir werden Dir helfen, die Funde manuell vom System zu entfernen.
Die Datenschutzerklärung akzeptieren.
Programm installieren lassen.
Update der Signaturen installieren lassen.
Wenn der Status "Complete" ist,
Scan-Einstellungen (Settings) Standard lassen
Links den Link "My Computer" anklicken.
Scan beginnt automatisch.
Wenn der Scan fertig ist, auf "View scan report" klicken,
"Save report as" und Dateityp auf .txt umstellen,
und auf dem Desktop als Kaspersky.txt speichern.
Logdatei hier posten.
Deinstallation ist nicht nötig, alle Dateien werden in temporären Ordnern gespeichert.

hier die haspersky sachen

Code:

--------------------------------------------------------------------------------

KASPERSKY ONLINE SCANNER 7.0: scan report

 Friday, June 18, 2010

 Operating system: Microsoft  (build 7600)

 Kaspersky Online Scanner version: 7.0.26.13

 Last database update: Friday, June 18, 2010 15:59:06

 Records in database: 4291682

--------------------------------------------------------------------------------
 

Scan settings:

        scan using the following database: extended

        Scan archives: yes

        Scan e-mail databases: yes
 

Scan area - My Computer:

        C:\

        D:\

        E:\
 

Scan statistics:

        Objects scanned: 165088

        Threats found: 0

        Infected objects found: 0

        Suspicious objects found: 0

        Scan duration: 00:01:54
 

No threats found. Scanned area is clean.
 

Selected area has been scanned.

Lösche bitte folgenden Ordner

C:\Users\Windows 7 (System)\AppData\Roaming\Yfvait

Bitte lasse die Dateien aus der Code-Box bei Virustotal überprüfen

Code:

C:\Program Files\js3250.dll

Also gehe wie hier beschrieben vor:

Öffne diese Webseite: virustotal
Klicke auf "Durchsuchen"
Suche die Datei auf deinem Rechner--> Doppelklick auf die zu prüfende Datei (oder kopiere den Inhalt ab aus der Codebox)
"Senden der Datei"
Warte, bis der Scandurchlauf aller Virenscanner beendet ist
Auf "Filter" klicken
dann auf "Ergebnisse"
das Ergebnis (wie Du es bekommst )
komplett markieren und hier rein kopieren

Sollte die Datei als schädlich erkannt werden bitte noch nicht entfernen

Schritt 2

Ich würde dir raten, die Google Toolbar zu deinstallieren. Das ist deine Entscheidung.

Schritt 3

Lass bitte Malwarebytes einen vollständigen Scan machen

Schritt 4

Java aktualisieren

Deine Javaversion ist veraltet. Da einige Schädlinge (z. B. Vundo) über Java-Exploits in das System eindringen, muss Java aktualisiert werden und alte Versionen müssen vom System entfernt werden, da die alten Versionen ein Sicherheitsrisiko darstellen. Lade JavaRa von prm753 herunter und entpacke es auf den Desktop. JavaRA ist geeignet für Windows 9x, 2k, XP und Vista (mit deaktivierter Benuterkontensteuerung).

Schließe alle Browserfenster.
Doppelklicke die JavaRa.exe, um das Programm zu starten.
Die Sprache auswählen, nimm Englisch und klicke "Select".
Klicke auf Additional Task, mache Haken bei Remove Useless JRE Files und [b]Remove Sun Download Manager[b].
Klicke auf Go und jeweils auf Ok und schließe das Fenster "Additional Tasks" wieder.
Klicke auf Remove Older Versions, um alte Java-Versionen, die auf dem Rechner installiert sind, zu entfernen.
Klicke auf Yes wenn es verlangt wird. Wenn JavaRa fertig, erscheint eine Notiz, dass ein Logfile erstellt wurde, klicke OK.
Das Logfile wird im Editor geöffnet, bitte speichern und später hier posten.
Kontrolliere in Systemsteuerung => Programme, ob noch Java-Versionen vorhanden sind und deinstalliere diese.
Rechner neu starten.

Downloade nun Java (Java Runtime Environment (JRE) 6 Update XX) von Oracle und installiere es. Vor dem Download musst Du die Lizenzbedingungen akzeptieren, indem Du "Accept License Agreement" aktivierst. Erweiterte Optionen anhaken, Sponsoren-Programm (Toolbar oder ähnliches) ggfs. abwählen.

Schritt 5

Starte bitte OTL.exe.
Wähle unter
Extra Registrierung: Benutze Safe List und klicke auf den Scan Button.

Bitte poste in Deiner nächsten Antwort
Auswertung von Virustotal.
MBAM Logfile
OTL.txt
Extras.txt
Berichte wie der Rechner läuft