Hallo,
seit nun ungefähr 2 Tagen leitet mich Firefox immer wieder auf Seiten weiter, die dann wiederrum von Firefox blockiert werden, weil sie als gefährlich eingestuft werden. Die Weiterleitung geschieht vorrangig wenn ich Google-Links anklicke.
Ich habe mit Antivir, Malwarebytes' Anti-Malware und Spybot Search & Destroy alles gescannt. Antivir findet immer wieder was & entfernt es, das Problem mit Firefox bleibt aber bestehen.
Da ich diesen PC auch zum Onlinebanking benutzt habe ist mir noch mulmiger bei der ganzen Geschichte.
Ich habe zwar kaum Ahnung auf dem Gebiet, aber mein Acrobat Reader-Prozess verbraucht seit dem sehr viel Systemkapazitäten.
Ich habe hier im Forum mal ein bisschen rumgeguckt und einige Logfiles erstellt, alle nach den im Forum vorgegebenen Anleitungen:
Defogger:
rsit info:Code:defogger_disable by jpshortstuff (23.02.10.1) Log created at 15:05 on 07/08/2010 (Adrian) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... Unable to read sptd.sys SPTD -> Disabled (Service running -> reboot required) -=E.O.F=-
rsit log:Code:info.txt logfile of random's system information tool 1.08 2010-08-06 14:15:21 ======Uninstall list====== -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x7 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x7 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x7 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x7 /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x7 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x7 /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AB55EC6-1158-41EF-B87D-90555A8F5C92}\setup.exe" -l0x7 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x7 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x7 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88C97CD1-C7C6-4CEC-B15C-F4D3E26F6A6F}\setup.exe" -l0x7 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x7 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C88C3C27-AECE-4137-A6CC-D7A6FFAD2F84}\setup.exe" -l0x7 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C88C3C27-AECE-4137-A6CC-D7A6FFAD2F84}\setup.exe" -l0x7 /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEC86016-B796-4348-B93B-36C5EDEB85E1}\setup.exe" -l0x7 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECC3C64B-2A22-48C5-857B-E952D7BE64F5}\setup.exe" -l0x7 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECC3C64B-2A22-48C5-857B-E952D7BE64F5}\setup.exe" -l0x7 /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x7 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x7 /remove -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x7 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x7 /remove Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95} Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61} Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394} Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23} Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C} Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E} Adobe Color Common Settings-->C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF} Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2} Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029} Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A} Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D} Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD} Adobe Download Manager-->"C:\Windows\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1 Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8} Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -maintain plugin Adobe Flash Player 9 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B} Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245} Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078} Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C} Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\5f143314a5d434c8511097393d17397\Setup.exe Adobe Photoshop CS3-->MsiExec.exe /I{29F05234-DCBB-4FE0-88DC-5160C9250312} Adobe Reader 8.1.3 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A81300000003} Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1} Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D} Adobe Setup-->MsiExec.exe /I{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C} Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe" Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183} Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312} Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8} Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5} Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6} Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923} Age of Mythology Gold-->"D:\Spiele\Age of Mythology - Gold Edition\UNINSTAL.EXE" /runtemp /uninstall Agere Systems HDA Modem-->agrsmdel AnyDVD-->"C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD" Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143} Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Atheros WLAN Client-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{04983D37-2202-4295-94A2-8B547C66133F}\setup.exe" -l0x9 Auto Gordian Knot 2.55-->C:\Program Files\AutoGK\uninst.exe Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe" Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} BrettspielWelt-->"C:\Users\Adrian\AppData\Roaming\BSW\uninstall.exe" Canon MP550 series MP Drivers-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series CloneDVD2-->"C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2" Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE} Creative Audio-Systemsteuerung-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x7 /remove Creative Entertainment Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEC86016-B796-4348-B93B-36C5EDEB85E1}\setup.exe" -l0x7 /remove Creative Konsole Starter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x7 /remove Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x7 /remove CyberLink DVD Suite-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall CyberLink DVD Suite-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall CyberLink LabelPrint-->"C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall CyberLink LabelPrint-->"C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall CyberLink PowerBackup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ADD5DB49-72CF-11D8-9D75-000129760D75}\Setup.exe" -uninstall CyberLink PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall CyberLink PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall CyberLink PowerDVD 8-->"C:\Program Files\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\Setup.exe" /z-uninstall CyberLink PowerDVD 8-->"C:\Program Files\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\Setup.exe" /z-uninstall CyberLink PowerProducer-->"C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" /z-uninstall CyberLink PowerProducer-->"C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" /z-uninstall devolo dLAN Wireless extender Konfiguration-->C:\Program Files\devolo\setup.exe /remove:dlanwlancfg devolo dLAN-Konfigurationsassistent-->C:\Program Files\devolo\setup.exe /remove:dlanconf devolo EasyShare-->C:\Program Files\devolo\setup.exe /remove:easyshare devolo Informer-->C:\Program Files\devolo\setup.exe /remove:dslmon DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC Duden Korrektor PLUS-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{541E5E15-7186-4395-9593-16D02765FF27} EarMaster Pro 4-->"C:\Program Files\EarMaster\unins000.exe" Easy Battery Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6F730513-8688-4C3C-90A3-6B9792CE2EF3}\setup.exe" -l0x9 Remove Easy Display Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17283B95-21A8-4996-97DA-547A48DB266F}\setup.exe" -l0x9 -removeonly Easy Network Manager 3.0-->C:\Program Files\InstallShield Installation Information\{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}\setup.exe -runfromtemp -l0x0407 Easy SpeedUp Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF367AA4-070B-493C-9575-85BE59D789C9}\setup.exe" -l0x9 Remove Eigenschaften von Creative Sound Blaster-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AB55EC6-1158-41EF-B87D-90555A8F5C92}\setup.exe" -l0x7 /remove Fernbedienungssystem-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88C97CD1-C7C6-4CEC-B15C-F4D3E26F6A6F}\setup.exe" -l0x7 /remove Google Earth-->MsiExec.exe /X{F7B0939E-58DF-11DF-B3A6-005056806466} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7} Host OpenAL-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x7 /remove Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Intel PROSet Wireless-->Intel PROSet Wireless Intel® Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall iTSfv 5.45.4.5-->"C:\Users\Adrian\Documents\Applications\iTSfv\unins000.exe" iTunes-->MsiExec.exe /I{81063354-9060-42B2-A000-1EBE96778AA9} Java DB 10.4.2.1-->MsiExec.exe /X{926C96FB-9D0A-4504-8000-C6D3A4A3118E} Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF} Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060} Java(TM) SE Development Kit 6 Update 17-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160170} JDownloader-->C:\Program Files\JDownloader\uninstall.exe Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 3.5 Language Pack SP1 - DEU-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - deu\setup.exe Microsoft .NET Framework 3.5 Language Pack SP1 - deu-->MsiExec.exe /I{052FDD78-A6EA-3187-8386-C82F4CA3A929} Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft .NET Framework 4 Client Profile DEU Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1031 /parameterfolder ClientLP Microsoft .NET Framework 4 Client Profile DEU Language Pack-->MsiExec.exe /X{F750C986-5310-3A5A-95F8-4EC71C8AC01C} Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6} Microsoft Age of Empires II: The Conquerors Expansion-->"D:\Spiele\Age of Empires II\UNINSTALX.EXE" /runtemp /addremove Microsoft Age of Empires II-->"D:\Spiele\Age of Empires II\UNINSTAL.EXE" /runtemp /uninstall Microsoft Office 2003 Web Components-->MsiExec.exe /I{90A40407-6000-11D3-8CFE-0150048383C9} Microsoft Office 2007 Primary Interop Assemblies-->MsiExec.exe /X{50120000-1105-0000-0000-0000000FF1CE} Microsoft Office Professional Edition 2003-->MsiExec.exe /I{91110407-6000-11D3-8CFE-0150048383C9} Microsoft Office Small Business Connectivity Components-->MsiExec.exe /X{A939D341-5A04-4E0A-BB55-3E65B386432D} Microsoft SOAP Toolkit 2.0 SP2-->MsiExec.exe /I{36BEAD11-8577-49AD-9250-E06A50AE87B0} Microsoft SQL Server Native Client-->MsiExec.exe /I{1D1D8ADC-BF08-4E61-9393-5FA305B16864} Microsoft SQL Server VSS Writer-->MsiExec.exe /I{5C759B74-34F4-43C6-A5D9-039CB754C5E9} Mozilla Firefox (3.6.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe Mozilla Thunderbird (3.0.6)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13} MyPhoneExplorer-->C:\Program Files\MyPhoneExplorer\uninstall.exe Napster Burn Engine-->MsiExec.exe /I{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} Napster-->C:\Program Files\InstallShield Installation Information\{BBBCAE4B-B416-4182-A6F2-438180894A81}\setup.exe -runfromtemp -l0x0007 -removeonly Nokia Connectivity Cable Driver-->MsiExec.exe /I{52D02A2B-03D2-4E34-A358-DC5D951FD296} Nokia Map Loader-->MsiExec.exe /I{45D4F727-43B5-49CD-B474-B9866A8F4FB8} Nokia Maps Updater 1.0.10-->"C:\Program Files\Nokia\Nokia Maps Updater\Uninstall Information\unins000.exe" Nokia Multimedia Common Components 2.4-->MsiExec.exe /I{6EB6C056-02BB-453E-8448-EC90B9794180} Nokia Music-->MsiExec.exe /I{7035F31B-20DA-4522-B0DB-3CA18B46DD77} Nokia Ovi Application Installer 6.85.3011-->msiexec /qn /x {42B74521-4706-412A-9A27-AED12B83E886} Nokia Ovi Application Installer-->MsiExec.exe /I{42B74521-4706-412A-9A27-AED12B83E886} Nokia Ovi Content Copier 6.85.3011-->msiexec /qn /x {6442DEDF-AC2F-4CBA-85DE-42E459C5006C} Nokia Ovi Content Copier-->MsiExec.exe /X{6442DEDF-AC2F-4CBA-85DE-42E459C5006C} Nokia Ovi Suite-->MsiExec.exe /I{2218B96C-ABA2-45D9-A0B4-56B71F5303DB} Nokia Ovi System Utilities 6.85.3018-->msiexec /qn /x {F9EA1C47-64A6-45E4-9A80-8CC1575B971D} Nokia Ovi System Utilities-->MsiExec.exe /X{F9EA1C47-64A6-45E4-9A80-8CC1575B971D} Nokia Software Updater-->MsiExec.exe /X{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78} Office-Bibliothek-->MsiExec.exe /I{5C81B189-5456-40C4-9313-7FE6FA6DD64C} OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U PC Connectivity Solution-->MsiExec.exe /I{0C973594-7DDF-4BD0-84ED-3517F7622037} PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5} PixiePack Codec Pack-->MsiExec.exe /I{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC} QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2} Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly Samsung Magic Doctor-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}\Setup.exe" -l0x9 Remove Samsung Recovery Solution III-->"C:\Program Files\InstallShield Installation Information\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}\setup.exe" -runfromtemp -l0x0007 -removeonly Samsung Update Plus-->"C:\Program Files\InstallShield Installation Information\{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}\setup.exe" -runfromtemp -l0x0409 -removeonly Samsung Update Plus-->MsiExec.exe /X{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7} Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} Sound Blaster X-Fi Surround 5.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12BEF00E-ECFF-4820-BEDF-CCB9CC06A955}\SETUP.EXE" -l0x7 /remove Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall Tunebite-->MsiExec.exe /I{FAB137DB-CCF1-487D-B338-85413AF6FCB8} TuneUp Utilities-->C:\Program Files\TuneUp Utilities 2010\TUInstallHelper.exe --Trigger-Uninstall Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)-->MsiExec.exe /X{07629207-FAA0-4F1A-8092-BF5085BE511F} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" VC 9.0 Runtime-->MsiExec.exe /I{A040AC77-C1AA-4CC9-8931-9F648AF178F6} VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421} Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27} Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT="" VLC media player 1.0.5-->C:\Program Files\VideoLAN\VLC\uninstall.exe VobSub v2.23 (Remove Only)-->"C:\Program Files\Gabest\VobSub\uninstall.exe" Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf WinRAR-->C:\Program Files\WinRAR\uninstall.exe Xvid 1.2.1 final uninstall-->"C:\Program Files\Xvid\unins000.exe" XviD MPEG4 Video Codec (remove only)-->"C:\Program Files\XviD\xvid-uninstall.exe" ZoneAlarm Spy Blocker-->rundll32 C:\PROGRA~1\ZONEAL~1\bar\1.bin\SpyBlock.dll,O ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== FW: ZoneAlarm Firewall AS: ZoneAlarm Anti-Spyware (outdated) AS: Spybot - Search and Destroy AS: Windows Defender ======System event log====== Computer Name: AdriansPC Event Code: 7036 Message: Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" befindet sich jetzt im Status "Ausgeführt". Record Number: 198090 Source Name: Service Control Manager Time Written: 20100806113930.000000-000 Event Type: Informationen User: Computer Name: AdriansPC Event Code: 7036 Message: Dienst "Windows Installer" befindet sich jetzt im Status "Beendet". Record Number: 198091 Source Name: Service Control Manager Time Written: 20100806114315.000000-000 Event Type: Informationen User: Computer Name: AdriansPC Event Code: 7036 Message: Dienst "Volumeschattenkopie" befindet sich jetzt im Status "Beendet". Record Number: 198092 Source Name: Service Control Manager Time Written: 20100806115410.000000-000 Event Type: Informationen User: Computer Name: AdriansPC Event Code: 7036 Message: Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" befindet sich jetzt im Status "Beendet". Record Number: 198093 Source Name: Service Control Manager Time Wri
hijackthis:Code:Logfile of random's system information tool 1.08 (written by random/random) Run by Adrian at 2010-08-06 14:24:22 Microsoft® Windows Vista™ Home Premium Service Pack 1 System drive C: has 20 GB (16%) free of 123 GB Total RAM: 3066 MB (32% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:24:53, on 06.08.2010 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18928) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Windows\System32\rundll32.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\Explorer.exe C:\Users\Adrian\Desktop\RSIT.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\trend micro\Adrian.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.arcor.de R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.arcor.de R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.arcor.de R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.arcor.de R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.arcor.de R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.arcor.de R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.arcor.de R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Arcor AG & Co. KG R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: Tunebite_WebRipPlugin Class - {AA102584-3B97-47e7-B9BC-75D54C110A7D} - C:\Program Files\RapidSolution\Tunebite\plugins\IE\TB_WebRipIePlugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Module Loader] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe -StartUpRun O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [Creative SB Monitoring Utility] RunDll32 sbavmon.dll,SBAVMonitor O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETZWERKDIENST') O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.27.0.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15107/CTPID.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate1c991207be888aa) (gupdate1c991207be888aa) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe -- End of file - 8071 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Google Software Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job C:\Windows\tasks\Spybot - Search & Destroy Updater - Scheduled Task.job C:\Windows\tasks\SupBackGroundTask.job C:\Windows\tasks\User_Feed_Synchronization-{11B9DB15-5320-4462-B9C0-1D5E86CA49FB}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA102584-3B97-47e7-B9BC-75D54C110A7D}] Tunebite_WebRipPlugin Class - C:\Program Files\RapidSolution\Tunebite\plugins\IE\TB_WebRipIePlugin.dll [2008-11-10 144688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-08-21 981904] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1029416] "Module Loader"=C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe [2007-07-18 57344] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792] "IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2009-01-07 1468296] "Creative SB Monitoring Utility"=RunDll32 sbavmon.dll,SBAVMonitor [] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-12-10 216520] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLUA"=0 "dontdisplaylastusername"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=149 "NoDriveAutoRun"=67108803 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-08-06 14:15:00 ----D---- C:\rsit 2010-08-06 14:14:04 ----A---- C:\Windows\system32\drivers\wjsxwb.sys 2010-08-06 13:33:10 ----D---- C:\Program Files\Trend Micro 2010-08-06 13:15:58 ----D---- C:\Users\Adrian\AppData\Roaming\Malwarebytes 2010-08-06 13:15:51 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys 2010-08-06 13:15:49 ----D---- C:\ProgramData\Malwarebytes 2010-08-06 13:15:47 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-08-06 13:15:47 ----A---- C:\Windows\system32\drivers\mbam.sys 2010-08-06 03:02:12 ----D---- C:\ProgramData\Spybot - Search & Destroy 2010-08-06 03:02:12 ----D---- C:\Program Files\Spybot - Search & Destroy 2010-08-06 00:38:54 ----D---- C:\Program Files\MSECache 2010-07-25 12:28:38 ----A---- C:\Windows\USb Missile Launcher Uninstall Log.txt 2010-07-22 12:59:40 ----D---- C:\Users\Adrian\AppData\Roaming\SharePod 2010-07-21 21:49:17 ----D---- C:\Windows\Watson 2010-07-15 14:56:16 ----A---- C:\Windows\WORDPAD.INI 2010-07-13 12:10:35 ----A---- C:\Windows\system32\Log_20100713_121035_1184.txt 2010-07-13 12:10:35 ----A---- C:\Windows\system32\Log_20100713_121035_1154.txt 2010-07-13 12:10:35 ----A---- C:\Windows\system32\Log_20100713_121035_10FC.txt 2010-07-13 12:10:35 ----A---- C:\Windows\system32\Log_20100713_121035_10C4.txt 2010-07-13 12:10:35 ----A---- C:\Windows\system32\Log_20100713_121035_1094.txt 2010-07-13 12:10:34 ----A---- C:\Windows\system32\Log_20100713_121034_FC4.txt 2010-07-13 12:10:34 ----A---- C:\Windows\system32\Log_20100713_121034_C40.txt 2010-07-13 12:10:34 ----A---- C:\Windows\system32\Log_20100713_121034_A04.txt 2010-07-13 12:10:34 ----A---- C:\Windows\system32\Log_20100713_121034_310.txt 2010-07-13 12:10:34 ----A---- C:\Windows\system32\Log_20100713_121034_1070.txt 2010-07-13 12:10:34 ----A---- C:\Windows\system32\Log_20100713_121034_104C.txt 2010-07-13 12:10:34 ----A---- C:\Windows\system32\Log_20100713_121034_101C.txt 2010-07-13 12:10:33 ----A---- C:\Windows\system32\Log_20100713_121033_F38.txt 2010-07-13 12:10:33 ----A---- C:\Windows\system32\Log_20100713_121033_D80.txt 2010-07-13 12:10:33 ----A---- C:\Windows\system32\Log_20100713_121033_CC8.txt 2010-07-13 12:10:33 ----A---- C:\Windows\system32\Log_20100713_121033_99C.txt 2010-07-13 12:10:33 ----A---- C:\Windows\system32\Log_20100713_121033_69C.txt 2010-07-13 12:10:32 ----A---- C:\Windows\system32\Log_20100713_121032_F60.txt 2010-07-13 12:10:32 ----A---- C:\Windows\system32\Log_20100713_121032_D7C.txt 2010-07-13 12:10:32 ----A---- C:\Windows\system32\Log_20100713_121032_D48.txt 2010-07-13 12:10:32 ----A---- C:\Windows\system32\Log_20100713_121032_C58.txt 2010-07-13 12:10:32 ----A---- C:\Windows\system32\Log_20100713_121032_BE4.txt 2010-07-13 12:10:32 ----A---- C:\Windows\system32\Log_20100713_121032_AD8.txt 2010-07-13 12:10:32 ----A---- C:\Windows\system32\Log_20100713_121032_8B8.txt 2010-07-13 12:10:32 ----A---- C:\Windows\system32\Log_20100713_121032_84C.txt 2010-07-13 12:10:32 ----A---- C:\Windows\system32\Log_20100713_121032_7E4.txt 2010-07-13 12:10:32 ----A---- C:\Windows\system32\Log_20100713_121032_624.txt 2010-07-13 12:10:31 ----A---- C:\Windows\system32\Log_20100713_121031_BB8.txt 2010-07-10 18:18:14 ----A---- C:\Windows\system32\Log_20100710_181814_132C.txt 2010-07-10 18:18:13 ----A---- C:\Windows\system32\Log_20100710_181813_68C.txt 2010-07-10 18:18:13 ----A---- C:\Windows\system32\Log_20100710_181813_14CC.txt 2010-07-10 18:18:13 ----A---- C:\Windows\system32\Log_20100710_181813_1428.txt 2010-07-10 18:18:13 ----A---- C:\Windows\system32\Log_20100710_181813_10D8.txt 2010-07-10 18:18:12 ----A---- C:\Windows\system32\Log_20100710_181812_D84.txt 2010-07-10 18:18:12 ----A---- C:\Windows\system32\Log_20100710_181812_1788.txt 2010-07-10 18:18:12 ----A---- C:\Windows\system32\Log_20100710_181812_176C.txt 2010-07-10 18:18:12 ----A---- C:\Windows\system32\Log_20100710_181812_140C.txt 2010-07-10 18:18:12 ----A---- C:\Windows\system32\Log_20100710_181812_10D4.txt 2010-07-10 18:18:11 ----A---- C:\Windows\system32\Log_20100710_181811_9F4.txt 2010-07-10 18:18:11 ----A---- C:\Windows\system32\Log_20100710_181811_6B8.txt 2010-07-10 18:18:11 ----A---- C:\Windows\system32\Log_20100710_181811_1728.txt 2010-07-10 18:18:11 ----A---- C:\Windows\system32\Log_20100710_181811_1160.txt 2010-07-10 18:18:10 ----A---- C:\Windows\system32\Log_20100710_181810_A08.txt 2010-07-10 18:18:10 ----A---- C:\Windows\system32\Log_20100710_181810_8BC.txt 2010-07-10 18:18:10 ----A---- C:\Windows\system32\Log_20100710_181810_588.txt 2010-07-10 18:18:10 ----A---- C:\Windows\system32\Log_20100710_181810_56C.txt 2010-07-10 18:18:10 ----A---- C:\Windows\system32\Log_20100710_181810_133C.txt 2010-07-10 18:18:09 ----A---- C:\Windows\system32\Log_20100710_181809_FC0.txt 2010-07-10 18:18:09 ----A---- C:\Windows\system32\Log_20100710_181809_F5C.txt 2010-07-10 18:18:09 ----A---- C:\Windows\system32\Log_20100710_181809_8B0.txt 2010-07-10 18:18:09 ----A---- C:\Windows\system32\Log_20100710_181809_360.txt 2010-07-10 18:18:09 ----A---- C:\Windows\system32\Log_20100710_181809_12EC.txt 2010-07-10 18:18:08 ----A---- C:\Windows\system32\Log_20100710_181808_E50.txt 2010-07-10 18:18:08 ----A---- C:\Windows\system32\Log_20100710_181808_1244.txt 2010-07-10 18:18:08 ----A---- C:\Windows\system32\Log_20100710_181808_11F0.txt 2010-07-10 18:18:08 ----A---- C:\Windows\system32\Log_20100710_181808_1110.txt 2010-07-09 14:28:04 ----A---- C:\Windows\system32\Log_20100709_142804_B9C.txt 2010-07-09 14:28:04 ----A---- C:\Windows\system32\Log_20100709_142804_1590.txt 2010-07-09 14:28:04 ----A---- C:\Windows\system32\Log_20100709_142804_13F8.txt 2010-07-09 14:28:04 ----A---- C:\Windows\system32\Log_20100709_142804_1198.txt 2010-07-09 14:28:03 ----A---- C:\Windows\system32\Log_20100709_142803_179C.txt 2010-07-09 14:28:03 ----A---- C:\Windows\system32\Log_20100709_142803_1390.txt 2010-07-09 14:28:03 ----A---- C:\Windows\system32\Log_20100709_142803_1384.txt 2010-07-09 14:28:03 ----A---- C:\Windows\system32\Log_20100709_142803_11B4.txt 2010-07-09 14:28:02 ----A---- C:\Windows\system32\Log_20100709_142802_1440.txt 2010-07-09 14:28:02 ----A---- C:\Windows\system32\Log_20100709_142802_13FC.txt 2010-07-09 14:28:02 ----A---- C:\Windows\system32\Log_20100709_142802_13A8.txt 2010-07-09 14:28:02 ----A---- C:\Windows\system32\Log_20100709_142802_12E8.txt 2010-07-09 14:28:01 ----A---- C:\Windows\system32\Log_20100709_142801_EC4.txt 2010-07-09 14:28:01 ----A---- C:\Windows\system32\Log_20100709_142801_B0C.txt 2010-07-09 14:28:01 ----A---- C:\Windows\system32\Log_20100709_142801_140C.txt 2010-07-09 14:28:01 ----A---- C:\Windows\system32\Log_20100709_142801_1320.txt 2010-07-09 14:28:00 ----A---- C:\Windows\system32\Log_20100709_142800_F3C.txt 2010-07-09 14:28:00 ----A---- C:\Windows\system32\Log_20100709_142800_348.txt 2010-07-09 14:28:00 ----A---- C:\Windows\system32\Log_20100709_142800_2FC.txt 2010-07-09 14:28:00 ----A---- C:\Windows\system32\Log_20100709_142800_1780.txt 2010-07-09 14:28:00 ----A---- C:\Windows\system32\Log_20100709_142800_176C.txt 2010-07-09 14:27:59 ----A---- C:\Windows\system32\Log_20100709_142759_FBC.txt 2010-07-09 14:27:59 ----A---- C:\Windows\system32\Log_20100709_142759_C78.txt 2010-07-09 14:27:59 ----A---- C:\Windows\system32\Log_20100709_142759_1744.txt 2010-07-09 14:27:59 ----A---- C:\Windows\system32\Log_20100709_142759_1650.txt 2010-07-09 14:27:58 ----A---- C:\Windows\system32\Log_20100709_142758_F8C.txt 2010-07-09 14:27:58 ----A---- C:\Windows\system32\Log_20100709_142758_1654.txt 2010-07-09 14:27:58 ----A---- C:\Windows\system32\Log_20100709_142758_1100.txt 2010-07-07 15:32:33 ----A---- C:\Windows\system32\Log_20100707_153233_490.txt 2010-07-07 15:32:33 ----A---- C:\Windows\system32\Log_20100707_153233_17A0.txt 2010-07-07 15:32:33 ----A---- C:\Windows\system32\Log_20100707_153233_16F0.txt 2010-07-07 15:32:32 ----A---- C:\Windows\system32\Log_20100707_153232_498.txt 2010-07-07 15:32:32 ----A---- C:\Windows\system32\Log_20100707_153232_1754.txt 2010-07-07 15:32:32 ----A---- C:\Windows\system32\Log_20100707_153232_1224.txt 2010-07-07 15:32:31 ----A---- C:\Windows\system32\Log_20100707_153231_E60.txt 2010-07-07 15:32:31 ----A---- C:\Windows\system32\Log_20100707_153231_1600.txt 2010-07-07 15:32:31 ----A---- C:\Windows\system32\Log_20100707_153231_150C.txt 2010-07-07 15:32:30 ----A---- C:\Windows\system32\Log_20100707_153230_14DC.txt 2010-07-07 15:32:30 ----A---- C:\Windows\system32\Log_20100707_153230_1454.txt 2010-07-07 15:32:30 ----A---- C:\Windows\system32\Log_20100707_153230_1288.txt 2010-07-07 15:32:29 ----A---- C:\Windows\system32\Log_20100707_153229_B5C.txt 2010-07-07 15:32:29 ----A---- C:\Windows\system32\Log_20100707_153229_1714.txt 2010-07-07 15:32:29 ----A---- C:\Windows\system32\Log_20100707_153229_1028.txt 2010-07-07 15:32:28 ----A---- C:\Windows\system32\Log_20100707_153228_17E4.txt 2010-07-07 15:32:28 ----A---- C:\Windows\system32\Log_20100707_153228_1650.txt 2010-07-07 15:32:28 ----A---- C:\Windows\system32\Log_20100707_153228_14BC.txt 2010-07-07 15:32:28 ----A---- C:\Windows\system32\Log_20100707_153228_13D8.txt 2010-07-07 15:32:28 ----A---- C:\Windows\system32\Log_20100707_153228_1354.txt 2010-07-07 15:32:27 ----A---- C:\Windows\system32\Log_20100707_153227_2D8.txt 2010-07-07 15:32:27 ----A---- C:\Windows\system32\Log_20100707_153227_1680.txt 2010-07-07 15:32:27 ----A---- C:\Windows\system32\Log_20100707_153227_1118.txt 2010-07-07 15:32:26 ----A---- C:\Windows\system32\Log_20100707_153226_878.txt 2010-07-07 15:32:26 ----A---- C:\Windows\system32\Log_20100707_153226_1640.txt 2010-07-07 15:32:26 ----A---- C:\Windows\system32\Log_20100707_153226_12E8.txt 2010-07-07 15:32:26 ----A---- C:\Windows\system32\Log_20100707_153226_1234.txt 2010-07-07 15:32:25 ----A---- C:\Windows\system32\Log_20100707_153225_1044.txt 2010-07-07 15:28:40 ----A---- C:\Windows\system32\Log_20100707_152840_1094.txt 2010-07-07 15:28:40 ----A---- C:\Windows\system32\Log_20100707_152840_107C.txt 2010-07-07 15:28:39 ----A---- C:\Windows\system32\Log_20100707_152839_544.txt 2010-07-07 15:28:39 ----A---- C:\Windows\system32\Log_20100707_152839_1F8.txt 2010-07-07 15:28:39 ----A---- C:\Windows\system32\Log_20100707_152839_159C.txt 2010-07-07 15:28:39 ----A---- C:\Windows\system32\Log_20100707_152839_13D0.txt 2010-07-07 15:28:39 ----A---- C:\Windows\system32\Log_20100707_152839_100C.txt 2010-07-07 15:28:38 ----A---- C:\Windows\system32\Log_20100707_152838_5B0.txt 2010-07-07 15:28:38 ----A---- C:\Windows\system32\Log_20100707_152838_1608.txt 2010-07-07 15:28:38 ----A---- C:\Windows\system32\Log_20100707_152838_1218.txt 2010-07-07 15:28:38 ----A---- C:\Windows\system32\Log_20100707_152838_102C.txt 2010-07-07 15:28:37 ----A---- C:\Windows\system32\Log_20100707_152837_CCC.txt 2010-07-07 15:28:37 ----A---- C:\Windows\system32\Log_20100707_152837_780.txt 2010-07-07 15:28:37 ----A---- C:\Windows\system32\Log_20100707_152837_1568.txt 2010-07-07 15:28:37 ----A---- C:\Windows\system32\Log_20100707_152837_1400.txt 2010-07-07 15:28:37 ----A---- C:\Windows\system32\Log_20100707_152837_115C.txt 2010-07-07 15:28:36 ----A---- C:\Windows\system32\Log_20100707_152836_818.txt 2010-07-07 15:28:36 ----A---- C:\Windows\system32\Log_20100707_152836_1720.txt 2010-07-07 15:28:36 ----A---- C:\Windows\system32\Log_20100707_152836_1614.txt 2010-07-07 15:28:36 ----A---- C:\Windows\system32\Log_20100707_152836_157C.txt 2010-07-07 15:28:36 ----A---- C:\Windows\system32\Log_20100707_152836_104C.txt 2010-07-07 15:28:35 ----A---- C:\Windows\system32\Log_20100707_152835_167C.txt 2010-07-07 15:28:35 ----A---- C:\Windows\system32\Log_20100707_152835_1638.txt 2010-07-07 15:28:35 ----A---- C:\Windows\system32\Log_20100707_152835_1240.txt 2010-07-07 15:28:35 ----A---- C:\Windows\system32\Log_20100707_152835_1220.txt 2010-07-07 15:28:35 ----A---- C:\Windows\system32\Log_20100707_152835_1084.txt 2010-07-07 15:28:34 ----A---- C:\Windows\system32\Log_20100707_152834_152C.txt 2010-07-07 15:28:34 ----A---- C:\Windows\system32\Log_20100707_152834_1454.txt ======List of files/folders modified in the last 1 months====== 2010-08-06 14:24:45 ----D---- C:\Windows\Temp 2010-08-06 14:21:18 ----SHD---- C:\Windows\Installer 2010-08-06 14:21:18 ----SD---- C:\Users\Adrian\AppData\Roaming\Microsoft 2010-08-06 14:16:15 ----D---- C:\Windows\Internet Logs 2010-08-06 14:14:04 ----D---- C:\Windows\system32\drivers 2010-08-06 14:14:04 ----D---- C:\Windows\Speech 2010-08-06 14:13:55 ----D---- C:\Program Files\JDownloader 2010-08-06 13:33:10 ----RD---- C:\Program Files 2010-08-06 13:15:49 ----HD---- C:\ProgramData 2010-08-06 13:01:24 ----D---- C:\Windows\Prefetch 2010-08-06 12:42:44 ----D---- C:\Windows\Tasks 2010-08-06 12:42:44 ----D---- C:\Windows\system32\Tasks 2010-08-06 12:15:28 ----D---- C:\Program Files\Mozilla Firefox 2010-08-06 03:55:31 ----D---- C:\Windows\system32\drivers\etc 2010-08-06 03:23:06 ----D---- C:\Windows\System32 2010-08-06 03:23:06 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-08-06 03:23:05 ----D---- C:\Windows\inf 2010-08-06 03:20:57 ----D---- C:\Users\Adrian\AppData\Roaming\vlc 2010-08-06 03:20:14 ----D---- C:\Users\Adrian\AppData\Roaming\dvdcss 2010-08-06 02:52:13 ----D---- C:\ProgramData\Google Updater 2010-08-06 00:39:19 ----D---- C:\Program Files\Microsoft Office 2010-08-05 15:38:52 ----D---- C:\Program Files\Mozilla Thunderbird 2010-08-04 21:20:49 ----D---- C:\Program Files\Microsoft Games 2010-08-04 00:49:33 ----AD---- C:\Windows 2010-08-04 00:49:30 ----A---- C:\Windows\BRWMARK.INI 2010-08-04 00:49:30 ----A---- C:\Windows\BRPP2KA.INI 2010-07-25 12:31:40 ----D---- C:\Program Files\QIP 2010-07-21 21:53:42 ----D---- C:\Windows\winsxs 2010-07-21 21:49:38 ----RSD---- C:\Windows\Fonts 2010-07-19 21:43:00 ----D---- C:\Program Files\TuneUp Utilities 2010 2010-07-15 14:57:45 ----D---- C:\Windows\system32\catroot 2010-07-15 14:57:38 ----D---- C:\Program Files\Windows Mail 2010-07-14 15:12:22 ----D---- C:\Windows\system32\catroot2 2010-07-09 11:26:56 ----D---- C:\Users\Adrian\AppData\Roaming\iTSfv ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-07-22 319000] R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-07-26 43872] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-04-12 717296] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-03-01 124784] R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2008-07-21 24392] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2008-08-21 294288] R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-02-16 60936] R2 KMDFMEMIO;SAMSUNG Kernel Driver; C:\Windows\system32\DRIVERS\kmdfmemio.sys [2007-05-23 13312] R2 NPF_devolo;NetGroup Packet Filter Driver (devolo); C:\Windows\system32\drivers\npf_devolo.sys [2007-02-07 35840] R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2008-12-29 103360] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-09-13 755712] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-17 2098904] R3 ksaud;Creative USB Audio Driver; C:\Windows\system32\drivers\ksaud.sys [2008-12-09 802176] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-08-06 44576] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-07-27 7548000] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-12-06 196400] R3 tbhsd;Tunebite High-Speed Dubbing; C:\Windows\system32\drivers\tbhsd.sys [2008-10-30 44320] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064] R3 usbvideo;USB-Videogerät (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016] R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2008-01-24 19336] R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2008-01-24 48904] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-28 298496] S0 qxirkirx;qxirkirx; C:\Windows\System32\drivers\wjsxwb.sys [2010-08-06 54016] S3 ADDMEM;ADDMEM; \??\C:\Windows\TEMP\__Samsung_Update\ADDMEM.SYS [] S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888] S3 aiwwyxxw;aiwwyxxw; C:\Windows\system32\drivers\aiwwyxxw.sys [] S3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056] S3 BthEnum;Bluetooth-Anforderungsblocktreiber; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 19456] S3 BthPan;Bluetooth-Gerät (PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160] S3 BTHPORT;Bluetooth-Porttreiber; C:\Windows\System32\Drivers\BTHport.sys [2008-01-21 219648] S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\Windows\System32\Drivers\BTHUSB.sys [2008-01-21 29184] S3 btwaudio;Bluetooth-Audiogerät; C:\Windows\system32\drivers\btwaudio.sys [] S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [] S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [] S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [] S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664] S3 NETw5v32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows Vista 32-Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-05-20 3663360] S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-02-09 17664] S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-02-09 22016] S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2009-03-19 136704] S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816] S3 Point32;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point32k.sys [2008-12-20 30088] S3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-02-21 50688] S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:\Windows\system32\DRIVERS\s125bus.sys [2007-04-24 83336] S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s125mdfl.sys [2007-04-24 15112] S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s125mdm.sys [2007-04-24 108680] S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s125mgmt.sys [2007-04-24 100488] S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s125obex.sys [2007-04-24 98696] S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448] S3 usbaudio;USB-Audiotreiber (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-21 73088] S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328] S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2008-01-21 28160] S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808] S3 VMC302;Vimicro Camera Service VMC302; C:\Windows\System32\Drivers\VMC302.sys [] S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2008-01-24 28168] S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2008-01-24 14728] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-20 267432] R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2008-10-31 307200] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-05-23 819200] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-07-27 196608] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-05-23 466944] R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-07-06 1051968] R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504] R2 vsmon;TrueVector Internet Monitor; C:\Windows\System32\ZoneLabs\vsmon.exe [2008-08-21 2405776] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate1c991207be888aa;Google Update Service (gupdate1c991207be888aa); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-17 133104] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280] S2 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-02-22 79360] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-10-13 654848] S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-21 21504] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2008-06-30 241734] S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-07-19 435008] S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712] S4 Bonjour Service;Bonjour-Dienst; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] S4 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2008-11-07 79360] S4 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2010-02-15 545576] S4 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952] -----------------EOF-----------------
hjtscanlist:Code:Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:45:13, on 07.08.2010 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18928) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Windows\System32\rundll32.exe C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\taskeng.exe C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\Windows\system32\wuauclt.exe C:\Windows\Explorer.exe C:\Program Files\Trend Micro\HijackThis\Trend Micro\HiJackThis\hjt2010.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.arcor.de R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.arcor.de R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.arcor.de R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.arcor.de R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.arcor.de R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.arcor.de R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.arcor.de R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Arcor AG & Co. KG R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: Tunebite_WebRipPlugin Class - {AA102584-3B97-47e7-B9BC-75D54C110A7D} - C:\Program Files\RapidSolution\Tunebite\plugins\IE\TB_WebRipIePlugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Module Loader] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe -StartUpRun O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [Creative SB Monitoring Utility] RunDll32 sbavmon.dll,SBAVMonitor O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETZWERKDIENST') O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.27.0.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15107/CTPID.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate1c991207be888aa) (gupdate1c991207be888aa) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe -- End of file - 7505 bytes
gmer (automatischer scan am anfang):Code:$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ º º hjtscanlist v2.0 º º $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ Microsoft Windows [Version 6.0.6001] C: C:\hiberfil.sys --------- C:\pagefile.sys --------- 07.08.2010 16:02 C:\Program Files --------- 32768 06.08.2010 15:40 C:\Windows --------- 40960 06.08.2010 14:15 C:\rsit --------- 0 06.08.2010 13:15 C:\ProgramData --------- 20480 26.04.2010 14:56 C:\Users --------- 4096 22.04.2010 10:31 C:\WirelessDiagLog.csv --------- 271 20.03.2010 00:02 C:\System Volume Information --------- 28672 15.11.2009 23:30 C:\Samsung --------- 0 27.10.2009 23:51 C:\graph.log --------- 8888 03.10.2009 12:46 C:\994f6d7e636e6b180e3e --------- 4096 20.09.2009 21:44 C:\Boot --------- 8192 20.06.2009 02:38 C:\WdfCoInstaller01000.dll --------- 1060424 20.06.2009 02:38 C:\memio32.cat --------- 7962 20.06.2009 02:38 C:\KStartMem.exe --------- 229376 20.06.2009 02:38 C:\kmdfmemio.sys --------- 13312 20.06.2009 02:38 C:\kmdfmemio.inf --------- 2047 20.06.2009 02:38 C:\ChkSec1.dll --------- 65536 20.06.2009 02:31 C:\LGSInst.Log --------- 4471 04.05.2009 21:57 C:\Setup.log --------- 86 28.04.2009 22:38 C:\$Recycle.Bin --------- 4096 12.04.2009 00:45 C:\divx --------- 0 27.02.2009 16:06 C:\NVIDIA --------- 0 16.02.2009 18:41 C:\6145190fa40a441bb4d7 --------- 4096 12.10.2008 18:31 C:\logwmemory.bin --------- 0 10.10.2008 14:30 C:\Programme --------- 0 10.10.2008 14:30 C:\Dokumente und Einstellungen --------- 0 15.09.2008 08:15 C:\MSDOS.SYS --------- 0 15.09.2008 08:15 C:\IO.SYS --------- 0 08.07.2008 16:56 C:\avs contents --------- 0 08.07.2008 16:26 C:\MyWorks --------- 0 08.07.2008 16:16 C:\RHDSetup.log --------- 366 08.07.2008 16:11 C:\Intel --------- 0 08.02.2008 11:31 C:\BOOTSECT.BAK --------- 8192 21.01.2008 04:32 C:\PerfLogs --------- 0 21.01.2008 04:24 C:\bootmgr --------- 333203 02.11.2006 15:02 C:\Documents and Settings --------- 0 18.09.2006 23:43 C:\config.sys --------- 10 18.09.2006 23:43 C:\autoexec.bat --------- 24 ---------------------------------------- C:\Windows 07.08.2010 16:11 C:\Windows\WindowsUpdate.log --------- 1175796 07.08.2010 16:07 C:\Windows\bootstat.dat --------- 67584 07.08.2010 16:06 C:\Windows\bthservsdp.dat --------- 12 07.08.2010 15:06 C:\Windows\PFRO.log --------- 3516 04.08.2010 00:49 C:\Windows\setupact.log --------- 0 04.08.2010 00:49 C:\Windows\BRPP2KA.INI --------- 27 04.08.2010 00:49 C:\Windows\BRWMARK.INI --------- 530 25.07.2010 12:28 C:\Windows\USb Missile Launcher Uninstall Log.txt --------- 2565 23.07.2010 00:49 C:\Windows\ctfile.rfc --------- 241 15.07.2010 14:56 C:\Windows\WORDPAD.INI --------- 510 31.05.2010 21:20 C:\Windows\CD_Start.INI --------- 32 04.03.2010 19:30 C:\Windows\INI2=No --------- 7 04.03.2010 19:30 C:\Windows\INI1=No --------- 7 28.01.2010 01:09 C:\Windows\SLAY.INI --------- 343 24.01.2010 19:24 C:\Windows\Setup1.exe --------- 290816 01.01.2010 19:20 C:\Windows\Missing.ini --------- 17 26.11.2009 21:58 C:\Windows\SIERRA.INI --------- 25 10.10.2009 17:34 C:\Windows\USb Missile Launcher Setup Log.txt --------- 6180 10.07.2009 18:02 C:\Windows\control.ini --------- 0 15.06.2009 19:23 C:\Windows\TETRIS.INI --------- 38 06.06.2009 11:24 C:\Windows\musi.ini --------- 2069 01.05.2009 19:58 C:\Windows\HotFixList.ini --------- 2598 13.02.2009 17:58 C:\Windows\ODBC.INI --------- 400 27.12.2008 20:41 C:\Windows\sbwin.ini --------- 72 09.12.2008 13:06 C:\Windows\APOIM32.exe --------- 597506 07.11.2008 20:13 C:\Windows\wsdebug.ini --------- 152 04.11.2008 21:15 C:\Windows\win.ini --------- 219 29.10.2008 08:29 C:\Windows\explorer.exe --------- 2927104 18.10.2008 15:22 C:\Windows\ST6UNST.EXE --------- 74752 10.10.2008 18:10 C:\Windows\nsreg.dat --------- 0 09.07.2008 03:21 C:\Windows\Report.htm --------- 17532 08.07.2008 16:36 C:\Windows\Csup.txt --------- 10 08.07.2008 16:16 C:\Windows\DIFxAPI.dll --------- 319456 08.07.2008 16:16 C:\Windows\HideWin.exe --------- 315392 08.07.2008 14:54 C:\Windows\CBS.log.bootstrap.perf --------- 16384 08.07.2008 14:54 C:\Windows\CBS.log.bootstrap.dpx --------- 16384 08.07.2008 14:54 C:\Windows\CBS.log.bootstrap --------- 49152 08.07.2008 14:54 C:\Windows\CBS.log.perf --------- 49152 08.07.2008 14:54 C:\Windows\CBS.log.dpx --------- 32768 17.04.2008 04:50 C:\Windows\RtHDVCpl.exe --------- 6111232 11.04.2008 04:03 C:\Windows\SetDisplayResolution.exe --------- 307200 02.04.2008 02:27 C:\Windows\RtlUpd.exe --------- 1196032 05.03.2008 11:07 C:\Windows\RtlExUpd.dll --------- 520192 21.01.2008 04:43 C:\Windows\WindowsShell.Manifest --------- 749 21.01.2008 04:24 C:\Windows\regedit.exe --------- 134656 21.01.2008 04:24 C:\Windows\bfsvc.exe --------- 58880 21.01.2008 04:24 C:\Windows\fveupdate.exe --------- 13312 21.01.2008 04:24 C:\Windows\HelpPane.exe --------- 498176 21.01.2008 04:23 C:\Windows\notepad.exe --------- 151040 18.12.2007 09:31 C:\Windows\HotfixChecker.exe --------- 405504 13.12.2007 18:45 C:\Windows\ksaudGER.reg --------- 24446 11.12.2007 19:47 C:\Windows\ksaudENG.reg --------- 23292 14.11.2007 08:18 C:\Windows\USetup.iss --------- 553 05.07.2007 11:27 C:\Windows\MixerName.reg --------- 2630 12.03.2007 05:15 C:\Windows\SetDisplayResolution.xml --------- 3282 03.12.2006 10:00 C:\Windows\SMCM.dll --------- 172032 02.11.2006 14:52 C:\Windows\setuperr.log --------- 0 02.11.2006 14:35 C:\Windows\WMSysPr9.prx --------- 316640 02.11.2006 14:34 C:\Windows\twunk_16.exe --------- 49680 02.11.2006 14:34 C:\Windows\twunk_32.exe --------- 31232 02.11.2006 14:34 C:\Windows\twain_32.dll --------- 50688 02.11.2006 14:34 C:\Windows\twain.dll --------- 94784 02.11.2006 11:45 C:\Windows\winhlp32.exe --------- 9216 02.11.2006 11:45 C:\Windows\hh.exe --------- 14848 02.11.2006 09:46 C:\Windows\mib.bin --------- 43131 26.10.2006 07:08 C:\Windows\agrsmdel.exe --------- 50752 06.10.2006 15:17 C:\Windows\Ctregrun.exe --------- 53248 19.09.2006 13:41 C:\Windows\HomePremium.xml --------- 8328 18.09.2006 23:46 C:\Windows\system.ini --------- 219 18.09.2006 23:43 C:\Windows\_default.pif --------- 707 18.09.2006 23:43 C:\Windows\winhelp.exe --------- 256192 18.09.2006 23:30 C:\Windows\msdfmap.ini --------- 1405 13.09.2006 07:21 C:\Windows\ebm.reg --------- 2438 11.12.2002 21:11 C:\Windows\WMPrfDeu.prx --------- 33820 23.06.2000 13:46 C:\Windows\WMPrfJpn.prx --------- 23304 23.06.2000 13:46 C:\Windows\WMPrfKor.prx --------- 22338 23.06.2000 13:46 C:\Windows\WMPrfIta.prx --------- 35680 23.06.2000 13:46 C:\Windows\WMPrfFra.prx --------- 37916 23.06.2000 13:46 C:\Windows\WMPrfEsp.prx --------- 35590 23.06.2000 13:46 C:\Windows\WMPrfCht.prx --------- 18804 23.06.2000 13:46 C:\Windows\WMPrfChs.prx --------- 19492 29.05.1999 10:54 C:\Windows\UniFish3.exe --------- 45568 01.10.1998 15:22 C:\Windows\uninst.exe --------- 299520 08.02.1996 19:06 C:\Windows\unin0407.exe --------- 284160 ---------------------------------------- C:\Windows\System 02.11.2006 14:34 C:\Windows\System\mciseq.drv --------- 25264 02.11.2006 14:34 C:\Windows\System\mciwave.drv --------- 28160 02.11.2006 14:34 C:\Windows\System\avifile.dll --------- 109456 02.11.2006 14:34 C:\Windows\System\avicap.dll --------- 69584 02.11.2006 14:34 C:\Windows\System\mciavi.drv --------- 73376 02.11.2006 14:34 C:\Windows\System\msvideo.dll --------- 126912 02.11.2006 09:10 C:\Windows\System\OLESVR.DLL --------- 24064 02.11.2006 09:10 C:\Windows\System\WFWNET.DRV --------- 12704 02.11.2006 09:10 C:\Windows\System\COMMDLG.DLL --------- 32816 02.11.2006 09:10 C:\Windows\System\TIMER.DRV --------- 4048 02.11.2006 09:10 C:\Windows\System\MMSYSTEM.DLL --------- 68992 02.11.2006 09:10 C:\Windows\System\mmtask.tsk --------- 1152 02.11.2006 09:10 C:\Windows\System\mouse.drv --------- 2032 02.11.2006 09:10 C:\Windows\System\vga.drv --------- 2176 02.11.2006 09:10 C:\Windows\System\sound.drv --------- 1744 02.11.2006 09:10 C:\Windows\System\keyboard.drv --------- 2000 02.11.2006 09:10 C:\Windows\System\SHELL.DLL --------- 5120 02.11.2006 09:10 C:\Windows\System\system.drv --------- 3360 18.09.2006 23:43 C:\Windows\System\ver.dll --------- 9008 18.09.2006 23:43 C:\Windows\System\olecli.dll --------- 82944 18.09.2006 23:43 C:\Windows\System\lzexpand.dll --------- 9936 18.09.2006 23:35 C:\Windows\System\stdole.tlb --------- 5532 ---------------------------------------- C:\Windows\System32 07.08.2010 16:08 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 --------- 4784 07.08.2010 16:08 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 --------- 4784 07.08.2010 14:57 C:\Windows\system32\dmlg.dat --------- 686 06.08.2010 22:06 C:\Windows\system32\perfh009.dat --------- 607226 06.08.2010 22:06 C:\Windows\system32\perfc009.dat --------- 108306 06.08.2010 22:06 C:\Windows\system32\perfh007.dat --------- 640578 06.08.2010 22:06 C:\Windows\system32\perfc007.dat --------- 130856 06.08.2010 22:06 C:\Windows\system32\PerfStringBackup.INI --------- 1478030 06.08.2010 20:39 C:\Windows\system32\Tasks --------- 8192 06.08.2010 15:39 C:\Windows\system32\drivers --------- 65536 22.07.2010 01:19 C:\Windows\system32\FNTCACHE.DAT --------- 1747888 15.07.2010 14:57 C:\Windows\system32\catroot --------- 4096 14.07.2010 15:12 C:\Windows\system32\catroot2 --------- 65536 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121035_1184.txt --------- 122 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121035_1154.txt --------- 122 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121035_10FC.txt --------- 122 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121035_10C4.txt --------- 122 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121035_1094.txt --------- 122 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121034_1070.txt --------- 122 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121034_104C.txt --------- 122 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121034_101C.txt --------- 122 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121034_A04.txt --------- 120 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121034_C40.txt --------- 120 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121034_FC4.txt --------- 120 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121034_310.txt --------- 120 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121033_99C.txt --------- 120 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121033_CC8.txt --------- 120 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121033_69C.txt --------- 120 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121033_D80.txt --------- 120 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121033_F38.txt --------- 120 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121032_AD8.txt --------- 120 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121032_D48.txt --------- 120 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121032_BE4.txt --------- 120 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121032_624.txt --------- 120 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121032_7E4.txt --------- 120 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121032_C58.txt --------- 120 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121032_8B8.txt --------- 120 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121032_84C.txt --------- 120 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121032_F60.txt --------- 120 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121032_D7C.txt --------- 120 13.07.2010 12:10 C:\Windows\system32\Log_20100713_121031_BB8.txt --------- 120 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181814_132C.txt --------- 120 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181813_68C.txt --------- 120 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181813_1428.txt --------- 122 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181813_14CC.txt --------- 122 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181813_10D8.txt --------- 120 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181812_10D4.txt --------- 122 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181812_140C.txt --------- 122 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181812_D84.txt --------- 122 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181812_176C.txt --------- 122 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181812_1788.txt --------- 120 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181811_1160.txt --------- 122 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181811_1728.txt --------- 120 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181811_9F4.txt --------- 122 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181811_6B8.txt --------- 120 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181810_133C.txt --------- 122 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181810_8BC.txt --------- 122 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181810_A08.txt --------- 120 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181810_588.txt --------- 122 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181810_56C.txt --------- 120 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181809_F5C.txt --------- 120 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181809_12EC.txt --------- 120 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181809_FC0.txt --------- 122 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181809_8B0.txt --------- 122 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181809_360.txt --------- 120 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181808_11F0.txt --------- 122 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181808_1244.txt --------- 120 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181808_E50.txt --------- 120 10.07.2010 18:18 C:\Windows\system32\Log_20100710_181808_1110.txt --------- 122 09.07.2010 14:28 C:\Windows\system32\Log_20100709_142804_13F8.txt --------- 120 09.07.2010 14:28 C:\Windows\system32\Log_20100709_142804_1590.txt --------- 120 09.07.2010 14:28 C:\Windows\system32\Log_20100709_142804_1198.txt --------- 122 09.07.2010 14:28 C:\Windows\system32\Log_20100709_142804_B9C.txt --------- 120 09.07.2010 14:28 C:\Windows\system32\Log_20100709_142803_179C.txt --------- 120 09.07.2010 14:28 C:\Windows\system32\Log_20100709_142803_11B4.txt --------- 122 09.07.2010 14:28 C:\Windows\system32\Log_20100709_142803_1390.txt --------- 120 09.07.2010 14:28 C:\Windows\system32\Log_20100709_142803_1384.txt --------- 122 09.07.2010 14:28 C:\Windows\system32\Log_20100709_142802_1440.txt --------- 120 09.07.2010 14:28 C:\Windows\system32\Log_20100709_142802_13FC.txt --------- 120 09.07.2010 14:28 C:\Windows\system32\Log_20100709_142802_12E8.txt --------- 120 09.07.2010 14:28 C:\Windows\system32\Log_20100709_142802_13A8.txt --------- 120 09.07.2010 14:28 C:\Windows\system32\Log_20100709_142801_1320.txt --------- 122 09.07.2010 14:28 C:\Windows\system32\Log_20100709_142801_EC4.txt --------- 122 09.07.2010 14:28 C:\Windows\system32\Log_20100709_142801_B0C.txt --------- 122 09.07.2010 14:28 C:\Windows\system32\Log_20100709_142801_140C.txt --------- 122 09.07.2010 14:28 C:\Windows\system32\Log_20100709_142800_2FC.txt --------- 122 09.07.2010 14:28 C:\Windows\system32\Log_20100709_142800_F3C.txt --------- 120 09.07.2010 14:28 C:\Windows\system32\Log_20100709_142800_176C.txt --------- 120 09.07.2010 14:28 C:\Windows\system32\Log_20100709_142800_1780.txt --------- 120 09.07.2010 14:28 C:\Windows\system32\Log_20100709_142800_348.txt --------- 120 09.07.2010 14:27 C:\Windows\system32\Log_20100709_142759_FBC.txt --------- 120 09.07.2010 14:27 C:\Windows\system32\Log_20100709_142759_1650.txt --------- 122 09.07.2010 14:27 C:\Windows\system32\Log_20100709_142759_1744.txt --------- 122 09.07.2010 14:27 C:\Windows\system32\Log_20100709_142759_C78.txt --------- 122 09.07.2010 14:27 C:\Windows\system32\Log_20100709_142758_1654.txt --------- 122 09.07.2010 14:27 C:\Windows\system32\Log_20100709_142758_1100.txt --------- 122 09.07.2010 14:27 C:\Windows\system32\Log_20100709_142758_F8C.txt --------- 122 07.07.2010 15:32 C:\Windows\system32\Log_20100707_153233_490.txt --------- 122 07.07.2010 15:32 C:\Windows\system32\Log_20100707_153233_17A0.txt --------- 120 07.07.2010 15:32 C:\Windows\system32\Log_20100707_153233_16F0.txt --------- 122 ---------------------------------------- C:\Windows\Prefetch 07.08.2010 16:11 C:\Windows\Prefetch\WUAUCLT.EXE-70318591.pf --------- 37340 07.08.2010 16:11 C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf --------- 40130 07.08.2010 16:11 C:\Windows\Prefetch\CMD.EXE-4A81B364.pf --------- 15542 07.08.2010 16:11 C:\Windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf --------- 14102 07.08.2010 16:10 C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf --------- 18392 07.08.2010 16:10 C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf --------- 25092 07.08.2010 16:10 C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf --------- 24530 07.08.2010 16:10 C:\Windows\Prefetch\OSE.EXE-533D8AC9.pf --------- 13846 07.08.2010 16:10 C:\Windows\Prefetch\GOOGLEUPDATERSERVICE.EXE-09540BCD.pf --------- 26194 07.08.2010 16:10 C:\Windows\Prefetch\MSCORSVW.EXE-C3C515BD.pf --------- 16312 07.08.2010 16:10 C:\Windows\Prefetch\ReadyBoot --------- 4096 07.08.2010 16:09 C:\Windows\Prefetch\SYNTPHELPER.EXE-0A20AAC4.pf --------- 19484 07.08.2010 16:09 C:\Windows\Prefetch\FIREFOX.EXE-A606B53C.pf --------- 194632 07.08.2010 16:09 C:\Windows\Prefetch\LPKSETUP.EXE-90F505D8.pf --------- 1380 07.08.2010 16:09 C:\Windows\Prefetch\GOOGLEUPDATE.EXE-FE771DDA.pf --------- 36954 07.08.2010 16:09 C:\Windows\Prefetch\EVTENG.EXE-7482F9DF.pf --------- 63416 07.08.2010 16:09 C:\Windows\Prefetch\SVCHOST.EXE-9EFC97F2.pf --------- 52776 07.08.2010 16:09 C:\Windows\Prefetch\GOOGLECRASHHANDLER.EXE-8C113626.pf --------- 19294 07.08.2010 16:06 C:\Windows\Prefetch\AgGlGlobalHistory.db --------- 3919497 07.08.2010 16:06 C:\Windows\Prefetch\AgRobust.db --------- 366692 07.08.2010 16:06 C:\Windows\Prefetch\PfSvPerfStats.bin --------- 508 07.08.2010 16:06 C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf --------- 40166 07.08.2010 16:06 C:\Windows\Prefetch\AVWSC.EXE-4630B658.pf --------- 32746 07.08.2010 16:05 C:\Windows\Prefetch\VSMON.EXE-11F8E439.pf --------- 153596 07.08.2010 16:05 C:\Windows\Prefetch\ZLCLIENT.EXE-48748DD6.pf --------- 83596 07.08.2010 16:05 C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-3527930729-3467667443-3971503972-1003.db --------- 955075 07.08.2010 16:05 C:\Windows\Prefetch\AgGlUAD_S-1-5-21-3527930729-3467667443-3971503972-1003.db --------- 1980585 07.08.2010 16:04 C:\Windows\Prefetch\MSFEEDSSYNC.EXE-6E6FBDF4.pf --------- 27764 07.08.2010 16:01 C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf --------- 134122 07.08.2010 16:00 C:\Windows\Prefetch\ONECLICKSTARTER.EXE-0213EBB7.pf --------- 70400 07.08.2010 15:41 C:\Windows\Prefetch\LOGON.SCR-30601369.pf --------- 30036 07.08.2010 15:22 C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf --------- 57916 07.08.2010 15:11 C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf --------- 30690 07.08.2010 15:06 C:\Windows\Prefetch\AgGlFgAppHistory.db --------- 2206933 07.08.2010 15:06 C:\Windows\Prefetch\AgGlFaultHistory.db --------- 781023 07.08.2010 15:05 C:\Windows\Prefetch\WERFAULT.EXE-E69F695A.pf --------- 100246 07.08.2010 15:00 C:\Windows\Prefetch\AVNOTIFY.EXE-FEC2FEC4.pf --------- 103420 07.08.2010 15:00 C:\Windows\Prefetch\UPDATE.EXE-026DCA13.pf --------- 310242 07.08.2010 14:57 C:\Windows\Prefetch\SUPBACKGROUND.EXE-A09BF4C1.pf --------- 49118 07.08.2010 14:56 C:\Windows\Prefetch\SVCHOST.EXE-A1476A17.pf --------- 176426 07.08.2010 14:55 C:\Windows\Prefetch\VERCLSID.EXE-7C52E31C.pf --------- 13812 07.08.2010 14:48 C:\Windows\Prefetch\ACRORD32.EXE-DE3ACCC1.pf --------- 179710 07.08.2010 14:46 C:\Windows\Prefetch\NOTEPAD.EXE-D8414F97.pf --------- 21432 07.08.2010 14:46 C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf --------- 44260 07.08.2010 14:44 C:\Windows\Prefetch\TASKMGR.EXE-5F5F473D.pf --------- 47858 07.08.2010 10:52 C:\Windows\Prefetch\SPYBOTSD.EXE-DC433942.pf --------- 141986 07.08.2010 10:52 C:\Windows\Prefetch\DFRGNTFS.EXE-7E4077FE.pf --------- 61578 07.08.2010 10:52 C:\Windows\Prefetch\DEFRAG.EXE-588F90AD.pf --------- 4724 07.08.2010 05:09 C:\Windows\Prefetch\TUNEUPSYSTEMSTATUSCHECK.EXE-A9FFCA8E.pf --------- 127492 07.08.2010 05:01 C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf --------- 29204 07.08.2010 03:53 C:\Windows\Prefetch\GOOGLEUPDATER.EXE-39628337.pf --------- 53386 07.08.2010 01:34 C:\Windows\Prefetch\MPCMDRUN.EXE-F401FBB4.pf --------- 3020 06.08.2010 22:07 C:\Windows\Prefetch\ITUNES.EXE-2A42B776.pf --------- 125828 06.08.2010 22:06 C:\Windows\Prefetch\RUNDLL32.EXE-1ECC27CF.pf --------- 26750 06.08.2010 22:06 C:\Windows\Prefetch\NOTIMAN.EXE-DB75094B.pf --------- 18608 06.08.2010 22:06 C:\Windows\Prefetch\CONTROL.EXE-817F8F1D.pf --------- 32868 06.08.2010 22:01 C:\Windows\Prefetch\DRVINST.EXE-4CB4314A.pf --------- 62042 06.08.2010 22:01 C:\Windows\Prefetch\RUNDLL32.EXE-6D2968F1.pf --------- 19768 06.08.2010 20:38 C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf --------- 28418 06.08.2010 20:35 C:\Windows\Prefetch\RUNDLL32.EXE-FD126C57.pf --------- 26962 06.08.2010 18:40 C:\Windows\Prefetch\MOBSYNC.EXE-C5E2284F.pf --------- 24126 06.08.2010 17:54 C:\Windows\Prefetch\MOVIEPLAYER.EXE-FBCB7EE0.pf --------- 54554 06.08.2010 17:54 C:\Windows\Prefetch\~F1D055.TMP-7BD052C6.pf --------- 27004 06.08.2010 17:54 C:\Windows\Prefetch\AOMX.EXE-CCBC3620.pf --------- 181204 06.08.2010 17:54 C:\Windows\Prefetch\AOMSETUP.EXE-A3638237.pf --------- 28770 06.08.2010 17:51 C:\Windows\Prefetch\DAEMON.EXE-F6C0F171.pf --------- 57154 06.08.2010 17:35 C:\Windows\Prefetch\HELPER.EXE-8AEDE3E3.pf --------- 25970 06.08.2010 17:34 C:\Windows\Prefetch\AVSCAN.EXE-E289CD20.pf --------- 188718 06.08.2010 17:33 C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf --------- 42638 06.08.2010 15:46 C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-7226D1F8.pf --------- 64656 06.08.2010 14:44 C:\Windows\Prefetch\RUNDLL32.EXE-41CD37D2.pf --------- 20696 06.08.2010 14:26 C:\Windows\Prefetch\RUNDLL32.EXE-1304AE86.pf --------- 25408 06.08.2010 14:21 C:\Windows\Prefetch\MSIEXEC.EXE-A2D55CB6.pf --------- 84114 06.08.2010 13:01 C:\Windows\Prefetch\GFXINFO.EXE-F3205AEC.pf --------- 21468 06.08.2010 13:01 C:\Windows\Prefetch\INSTAPUP.EXE-B651101B.pf --------- 18558 06.08.2010 12:58 C:\Windows\Prefetch\RUNDLL32.EXE-612F7CD5.pf --------- 31890 06.08.2010 12:56 C:\Windows\Prefetch\_AOMG.EXE-4550FF58.pf --------- 14558 06.08.2010 12:51 C:\Windows\Prefetch\MGS6B3A.EXE-C232263B.pf --------- 73362 06.08.2010 12:44 C:\Windows\Prefetch\MSCONFIG.EXE-3A52734E.pf --------- 43916 06.08.2010 12:44 C:\Windows\Prefetch\HELPPANE.EXE-FEDC965B.pf --------- 76644 06.08.2010 12:39 C:\Windows\Prefetch\HH.EXE-0A439DDA.pf --------- 53940 06.08.2010 11:54 C:\Windows\Prefetch\SEARCHINDEXER.EXE-4A6353B9.pf --------- 33604 06.08.2010 11:54 C:\Windows\Prefetch\DLLHOST.EXE-C8C8968A.pf --------- 19134 06.08.2010 11:47 C:\Windows\Prefetch\SDSHRED.EXE-1A8BF133.pf --------- 37310 06.08.2010 11:10 C:\Windows\Prefetch\Layout.ini --------- 973946 06.08.2010 03:39 C:\Windows\Prefetch\TASKMGR.EXE-A6374288.pf --------- 38798 06.08.2010 03:20 C:\Windows\Prefetch\VLC.EXE-A11F73EE.pf --------- 220374 06.08.2010 03:18 C:\Windows\Prefetch\RUNDLL32.EXE-29A59975.pf --------- 1664 06.08.2010 03:07 C:\Windows\Prefetch\TEATIMER.EXE-F32D0BF9.pf --------- 59376 06.08.2010 03:06 C:\Windows\Prefetch\ADVCHECK165.EXE-6957D095.pf --------- 17400 06.08.2010 03:06 C:\Windows\Prefetch\ADVCHECK165.TMP-EFD360F4.pf --------- 34438 06.08.2010 03:06 C:\Windows\Prefetch\TEATIMER166.EXE-52EB857C.pf --------- 18058 06.08.2010 03:06 C:\Windows\Prefetch\TEATIMER166.TMP-3BEF0229.pf --------- 48544 06.08.2010 03:06 C:\Windows\Prefetch\UPDATE.EXE-EBE74E11.pf --------- 31002 06.08.2010 03:06 C:\Windows\Prefetch\SDUPDATE.EXE-3B52587C.pf --------- 75498 06.08.2010 03:05 C:\Windows\Prefetch\REGISTRYEDITOR.EXE-A9128FCE.pf --------- 93142 06.08.2010 03:05 C:\Windows\Prefetch\INTEGRATOR.EXE-CFCE8DC1.pf --------- 237336 06.08.2010 03:02 C:\Windows\Prefetch\SDWINSEC.EXE-97872DD2.pf --------- 30714 06.08.2010 03:02 C:\Windows\Prefetch\NET.EXE-DF44F913.pf --------- 16404 06.08.2010 03:02 C:\Windows\Prefetch\NET1.EXE-849DA590.pf --------- 15778 06.08.2010 03:02 C:\Windows\Prefetch\SPYBOTSD_INCLUDES.EXE-4DB81CEE.pf --------- 83602 06.08.2010 03:00 C:\Windows\Prefetch\SPYBOTSD162.TMP-4478D7CB.pf --------- 34620 06.08.2010 03:00 C:\Windows\Prefetch\SPYBOTSD162.EXE-E2B2785C.pf --------- 18984 06.08.2010 02:00 C:\Windows\Prefetch\WORDCONV.EXE-8AA626C1.pf --------- 64388 06.08.2010 01:54 C:\Windows\Prefetch\SNDVOL.EXE-5D4CC7D6.pf --------- 27060 06.08.2010 00:54 C:\Windows\Prefetch\EXCEL.EXE-804D5D87.pf --------- 94240 06.08.2010 00:54 C:\Windows\Prefetch\WEBUPDATE.EXE-17A1889E.pf --------- 43134 06.08.2010 00:39 C:\Windows\Prefetch\DKCORE.EXE-693B3151.pf --------- 50970 06.08.2010 00:39 C:\Windows\Prefetch\WINWORD.EXE-71DAFA5C.pf --------- 105994 06.08.2010 00:38 C:\Windows\Prefetch\FILEFORMATCONVERTERS.EXE-A6CFD74B.pf --------- 22830 06.08.2010 00:35 C:\Windows\Prefetch\RUNDLL32.EXE-C5BBF35E.pf --------- 42770 06.08.2010 00:35 C:\Windows\Prefetch\RUNDLL32.EXE-4F35CA42.pf --------- 83576 06.08.2010 00:35 C:\Windows\Prefetch\RUNDLL32.EXE-3C040FCB.pf --------- 83888 06.08.2010 00:35 C:\Windows\Prefetch\RUNDLL32.EXE-7EEF5D31.pf --------- 42438 05.08.2010 22:19 C:\Windows\Prefetch\RUNDLL32.EXE-71ACB87C.pf --------- 44744 05.08.2010 22:03 C:\Windows\Prefetch\MMC.EXE-F5DC4F82.pf --------- 43506 05.08.2010 22:03 C:\Windows\Prefetch\HDWWIZ.EXE-AA21B149.pf --------- 24974 05.08.2010 21:53 C:\Windows\Prefetch\MMC.EXE-2BBF6D0C.pf --------- 44482 05.08.2010 21:53 C:\Windows\Prefetch\MMC.EXE-D5033898.pf --------- 43386 05.08.2010 21:52 C:\Windows\Prefetch\MMC.EXE-90BE6942.pf --------- 46354 05.08.2010 21:51 C:\Windows\Prefetch\SYSTEMPROPERTIESADVANCED.EXE-68C7C4F0.pf --------- 29994 05.08.2010 21:50 C:\Windows\Prefetch\MMC.EXE-D557C836.pf --------- 117176 05.08.2010 21:47 C:\Windows\Prefetch\RUNDLL32.EXE-1FFB5A98.pf --------- 22530 05.08.2010 21:34 C:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pf --------- 119228 05.08.2010 21:33 C:\Windows\Prefetch\NAPSTER.EXE-0A1A44C8.pf --------- 138774 05.08.2010 20:08 C:\Windows\Prefetch\DLLHOST.EXE-7ED62AA2.pf --------- 18560 05.08.2010 20:08 C:\Windows\Prefetch\SOFTWAREUPDATE.EXE-631B74E4.pf --------- 51588 05.08.2010 20:02 C:\Windows\Prefetch\RUNDLL32.EXE-BF1A352E.pf --------- 28092 05.08.2010 16:25 C:\Windows\Prefetch\PHOTOSHOP.EXE-B0641B9D.pf --------- 169538 05.08.2010 15:51 C:\Windows\Prefetch\GEPLUGIN.EXE-92045D26.pf --------- 110998 05.08.2010 15:46 C:\Windows\Prefetch\FNPLICENSINGSERVICE.EXE-FAD19408.pf --------- 19086 05.08.2010 15:44 C:\Windows\Prefetch\ONECLICK.EXE-92403A76.pf --------- 133162 05.08.2010 15:39 C:\Windows\Prefetch\THUNDERBIRD.EXE-5119524C.pf --------- 117554 05.08.2010 15:38 C:\Windows\Prefetch\RUNDLL32.EXE-3073043C.pf --------- 46302 05.08.2010 15:38 C:\Windows\Prefetch\CNMSE9Z.EXE-6246F74A.pf --------- 15584 05.08.2010 15:37 C:\Windows\Prefetch\RUNDLL32.EXE-0CCE3411.pf --------- 37056 04.08.2010 19:46 C:\Windows\Prefetch\MOVIEPLAYER.EXE-DDD94947.pf --------- 57124 23.07.2010 22:37 C:\Windows\Prefetch\AgCx_SC1.db --------- 672645 23.07.2010 22:36 C:\Windows\Prefetch\AgCx_SC1.db.trx --------- 170448 22.07.2010 12:53 C:\Windows\Prefetch\AgCx_SC2.db --------- 920895 28.04.2009 22:35 C:\Windows\Prefetch\AgCx_S1_S-1-5-21-3527930729-3467667443-3971503972-1003.snp.db --------- 2028542 10.10.2008 14:30 C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf --------- 757722 10.10.2008 14:30 C:\Windows\Prefetch\AgAppLaunch.db --------- 332116 ---------------------------------------- C:\Windows\Tasks 07.08.2010 16:10 C:\Windows\Tasks\Google Software Updater.job --------- 1052 07.08.2010 16:09 C:\Windows\Tasks\User_Feed_Synchronization-{9E3C876E-BE45-4853-957B-F713486B7614}.job --------- 398 07.08.2010 16:08 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job --------- 1092 07.08.2010 16:08 C:\Windows\Tasks\SupBackGroundTask.job --------- 416 07.08.2010 16:08 C:\Windows\Tasks\SA.DAT --------- 6 07.08.2010 16:06 C:\Windows\Tasks\SCHEDLGU.TXT --------- 32534 07.08.2010 15:44 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job --------- 1096 07.08.2010 14:43 C:\Windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job --------- 382 06.08.2010 12:42 C:\Windows\Tasks\Spybot - Search & Destroy Updater - Scheduled Task.job --------- 268 ---------------------------------------- C:\Windows\Temp 07.08.2010 16:09 C:\Windows\Temp\lpksetup-20100807-160926-0.log --------- 624 07.08.2010 16:09 C:\Windows\Temp\lpksetup-20100807-160810-0.log --------- 30912 07.08.2010 16:08 C:\Windows\Temp\ZLT0252e.TMP --------- 256 07.08.2010 15:08 C:\Windows\Temp\lpksetup-20100807-150843-0.log --------- 624 07.08.2010 15:08 C:\Windows\Temp\lpksetup-20100807-150729-0.log --------- 30912 07.08.2010 14:57 C:\Windows\Temp\lpksetup-20100807-145756-0.log --------- 624 07.08.2010 14:57 C:\Windows\Temp\lpksetup-20100807-145717-0.log --------- 30912 07.08.2010 01:34 C:\Windows\Temp\MpCmdRun.log --------- 1192 07.08.2010 01:34 C:\Windows\Temp\MPTelemetrySubmit --------- 0 06.08.2010 21:03 C:\Windows\Temp\lpksetup-20100806-210236-0.log --------- 624 06.08.2010 21:02 C:\Windows\Temp\lpksetup-20100806-203610-0.log --------- 30912 06.08.2010 17:33 C:\Windows\Temp\lpksetup-20100806-173333-0.log --------- 624 06.08.2010 17:33 C:\Windows\Temp\lpksetup-20100806-173213-0.log --------- 30912 06.08.2010 15:42 C:\Windows\Temp\lpksetup-20100806-154228-0.log --------- 624 06.08.2010 15:42 C:\Windows\Temp\lpksetup-20100806-154041-0.log --------- 30912 06.08.2010 15:40 C:\Windows\Temp\ZLT04200.TMP --------- 256 06.08.2010 03:33 C:\Windows\Temp\lpksetup-20100806-033247-0.log --------- 624 06.08.2010 03:32 C:\Windows\Temp\lpksetup-20100806-033113-0.log --------- 30912 06.08.2010 03:31 C:\Windows\Temp\ZLT013a9.TMP --------- 256 06.08.2010 03:08 C:\Windows\Temp\CRF001 --------- 0 06.08.2010 03:08 C:\Windows\Temp\CRF000 --------- 0 05.08.2010 16:42 C:\Windows\Temp\Adobe --------- 0 05.08.2010 15:51 C:\Windows\Temp\ge484 --------- 0 05.08.2010 15:19 C:\Windows\Temp\ZLT06419.TMP --------- 256 02.11.2009 10:40 C:\Windows\Temp\History --------- 0 10.10.2008 14:34 C:\Windows\Temp\Temporary Internet Files --------- 0 ---------------------------------------- C:\Users\Adrian\AppData\Local\Temp 07.08.2010 16:09 C:\Users\Adrian\AppData\Local\Temp\~DF3910.tmp --------- 98304 07.08.2010 16:08 C:\Users\Adrian\AppData\Local\Temp\WPDNSE --------- 0 07.08.2010 16:08 C:\Users\Adrian\AppData\Local\Temp\Adrian.bmp --------- 31832 07.08.2010 16:06 C:\Users\Adrian\AppData\Local\Temp\~DFBCF3.tmp --------- 98304 07.08.2010 16:05 C:\Users\Adrian\AppData\Local\Temp\sarscan.log --------- 362 07.08.2010 16:03 C:\Users\Adrian\AppData\Local\Temp\samples.sar --------- 8 07.08.2010 14:48 C:\Users\Adrian\AppData\Local\Temp\Acr8C7F.tmp --------- 358 07.08.2010 14:48 C:\Users\Adrian\AppData\Local\Temp\plugtmp-3 --------- 0 07.08.2010 14:45 C:\Users\Adrian\AppData\Local\Temp\~DF459C.tmp --------- 98304 07.08.2010 14:44 C:\Users\Adrian\AppData\Local\Temp\~DFFABA.tmp --------- 114688 06.08.2010 17:38 C:\Users\Adrian\AppData\Local\Temp\Acr8EE7.tmp --------- 358 06.08.2010 17:38 C:\Users\Adrian\AppData\Local\Temp\plugtmp-2 --------- 0 06.08.2010 15:42 C:\Users\Adrian\AppData\Local\Temp\~DF9C99.tmp --------- 98304 06.08.2010 14:31 C:\Users\Adrian\AppData\Local\Temp\nse73C5.tmp --------- 0 06.08.2010 03:32 C:\Users\Adrian\AppData\Local\Temp\~DFC373.tmp --------- 98304 06.08.2010 03:08 C:\Users\Adrian\AppData\Local\Temp\VBE --------- 0 05.08.2010 21:33 C:\Users\Adrian\AppData\Local\Temp\Low --------- 0 05.08.2010 15:23 C:\Users\Adrian\AppData\Local\Temp\plugtmp-1 --------- 0 05.08.2010 15:20 C:\Users\Adrian\AppData\Local\Temp\~DFED6F.tmp --------- 98304 25.07.2010 13:39 C:\Users\Adrian\AppData\Local\Temp\.cleanup.tmp --------- 0 25.07.2010 12:30 C:\Users\Adrian\AppData\Local\Temp\hsperfdata_Adrian --------- 0 24.07.2010 01:36 C:\Users\Adrian\AppData\Local\Temp\plugtmp --------- 0 22.07.2010 12:58 C:\Users\Adrian\AppData\Local\Temp\SharePodLib --------- 0 15.07.2010 15:18 C:\Users\Adrian\AppData\Local\Temp\Adobe --------- 0 23.08.2009 14:10 C:\Users\Adrian\AppData\Local\Temp\lilo3 --------- 1024 22.07.2009 23:29 C:\Users\Adrian\AppData\Local\Temp\lilo2 --------- 1024 ---------------------------------------- C:\Program Files 07.08.2010 16:02 C:\Program Files\Sophos --------- 0 06.08.2010 14:24 C:\Program Files\Trend Micro --------- 4096 06.08.2010 14:13 C:\Program Files\JDownloader --------- 8192 06.08.2010 13:15 C:\Program Files\Malwarebytes' Anti-Malware --------- 4096 06.08.2010 12:15 C:\Program Files\Mozilla Firefox --------- 28672 06.08.2010 03:06 C:\Program Files\Spybot - Search & Destroy --------- 8192 06.08.2010 00:39 C:\Program Files\Microsoft Office --------- 4096 06.08.2010 00:38 C:\Program Files\MSECache --------- 0 05.08.2010 15:38 C:\Program Files\Mozilla Thunderbird --------- 28672 04.08.2010 21:20 C:\Program Files\Microsoft Games --------- 4096 25.07.2010 12:31 C:\Program Files\QIP --------- 4096 19.07.2010 21:43 C:\Program Files\TuneUp Utilities 2010 --------- 65536 15.07.2010 14:57 C:\Program Files\Windows Mail --------- 4096 26.06.2010 08:20 C:\Program Files\Microsoft.NET --------- 0 13.06.2010 00:19 C:\Program Files\Internet Explorer --------- 4096 10.06.2010 11:57 C:\Program Files\Lavalys --------- 0 10.06.2010 11:57 C:\Program Files\InstallShield Installation Information --------- 28672 10.06.2010 11:57 C:\Program Files\CyberLink --------- 4096 17.05.2010 10:48 C:\Program Files\Google --------- 4096 09.05.2010 16:54 C:\Program Files\Logitech --------- 0 09.05.2010 16:51 C:\Program Files\Any DVD Converter Professional --------- 4096 28.04.2010 17:26 C:\Program Files\JavaEditor --------- 4096 28.04.2010 17:26 C:\Program Files\Monitor Calibration Wizard --------- 4096 21.04.2010 10:52 C:\Program Files\AutoGK --------- 4096 21.04.2010 10:52 C:\Program Files\Xvid --------- 4096 21.04.2010 10:51 C:\Program Files\AviSynth 2.5 --------- 4096 21.04.2010 10:51 C:\Program Files\Gabest --------- 0 29.03.2010 16:04 C:\Program Files\CanonBJ --------- 0 11.03.2010 23:45 C:\Program Files\DivX --------- 8192 11.03.2010 18:40 C:\Program Files\Movie Maker --------- 4096 25.02.2010 22:59 C:\Program Files\iTunes --------- 4096 25.02.2010 22:58 C:\Program Files\iPod --------- 0 25.02.2010 22:55 C:\Program Files\QuickTime --------- 4096 28.01.2010 18:20 C:\Program Files\Common Files --------- 8192 28.01.2010 18:17 C:\Program Files\Guitar Pro 5 --------- 4096 26.01.2010 21:59 C:\Program Files\Napster --------- 4096 11.01.2010 23:22 C:\Program Files\Java --------- 4096 10.01.2010 21:06 C:\Program Files\Sun --------- 0 20.12.2009 17:06 C:\Program Files\Microsoft IntelliPoint --------- 8192 01.12.2009 17:56 C:\Program Files\Duden --------- 0 01.12.2009 17:56 C:\Program Files\Office-Bibliothek --------- 8192 19.11.2009 22:40 C:\Program Files\TA3D --------- 0 18.11.2009 19:23 C:\Program Files\Samsung --------- 4096 18.11.2009 19:22 C:\Program Files\MediaMonkey --------- 0 16.11.2009 18:03 C:\Program Files\EarMaster --------- 4096 15.11.2009 00:03 C:\Program Files\MSXML 4.0 --------- 0 10.11.2009 20:16 C:\Program Files\Nokia --------- 4096 02.11.2009 18:00 C:\Program Files\iTunes Agent --------- 0 02.11.2009 17:58 C:\Program Files\DAEMON Tools Toolbar --------- 4096 30.10.2009 16:18 C:\Program Files\NOS --------- 0 27.10.2009 23:55 C:\Program Files\Windows Media Player --------- 4096 30.09.2009 14:23 C:\Program Files\4Easysoft Studio --------- 0 30.09.2009 13:56 C:\Program Files\Nidesoft Studio --------- 0 24.09.2009 15:02 C:\Program Files\Adobe --------- 4096 12.08.2009 16:20 C:\Program Files\AGEIA Technologies --------- 0 26.07.2009 12:50 C:\Program Files\DIFX --------- 0 26.07.2009 04:48 C:\Program Files\Sony Ericsson USB --------- 4096 26.07.2009 04:19 C:\Program Files\MyPhoneExplorer --------- 4096 07.07.2009 15:04 C:\Program Files\TuneUpPortable --------- 4096 20.06.2009 02:30 C:\Program Files\UnderCoverXP --------- 0 20.06.2009 02:30 C:\Program Files\TGeb --------- 0 12.06.2009 16:00 C:\Program Files\ZoneAlarmSB --------- 0 12.06.2009 15:58 C:\Program Files\Zone Labs --------- 0 07.06.2009 16:09 C:\Program Files\Avira --------- 0 03.06.2009 13:24 C:\Program Files\Elaborate Bytes --------- 0 03.06.2009 13:20 C:\Program Files\SlySoft --------- 0 13.04.2009 21:14 C:\Program Files\OpenAL --------- 0 12.04.2009 14:12 C:\Program Files\DAEMON Tools Lite --------- 4096 29.03.2009 21:45 C:\Program Files\QIP Infium --------- 4096 15.03.2009 19:04 C:\Program Files\Bonjour --------- 0 09.03.2009 00:00 C:\Program Files\Hamachi --------- 0 22.02.2009 16:40 C:\Program Files\Creative --------- 4096 17.02.2009 18:29 C:\Program Files\Lavasoft --------- 0 16.02.2009 20:32 C:\Program Files\Microsoft Works --------- 0 16.02.2009 18:24 C:\Program Files\Vidalia Bundle --------- 4096 13.02.2009 17:53 C:\Program Files\Microsoft Visual Studio --------- 0 10.02.2009 20:13 C:\Program Files\Microsoft Small Business --------- 0 17.01.2009 19:40 C:\Program Files\VideoLAN --------- 0 10.01.2009 15:32 C:\Program Files\Synaptics --------- 0 06.01.2009 16:35 C:\Program Files\devolo --------- 4096 01.12.2008 16:49 C:\Program Files\Zero G Registry --------- 0 13.11.2008 21:38 C:\Program Files\PixiePack Codec Pack --------- 12288 10.11.2008 19:03 C:\Program Files\Creative Installation Information --------- 0 09.11.2008 18:46 C:\Program Files\RapidSolution --------- 0 06.11.2008 00:28 C:\Program Files\Microsoft SQL Server --------- 0 22.10.2008 22:17 C:\Program Files\DAMN NFO Viewer --------- 4096 11.10.2008 17:28 C:\Program Files\WinRAR --------- 4096 11.10.2008 13:37 C:\Program Files\Skype --------- 0 10.10.2008 16:16 C:\Program Files\Apple Software Update --------- 4096 10.10.2008 14:30 C:\Program Files\Gemeinsame Dateien --------- 0 10.10.2008 14:30 C:\Program Files\Windows NT --------- 4096 08.07.2008 16:34 C:\Program Files\MSSOAP --------- 0 08.07.2008 16:18 C:\Program Files\Cisco --------- 0 08.07.2008 16:18 C:\Program Files\Intel --------- 0 08.07.2008 16:18 C:\Program Files\Atheros WLAN Client --------- 0 08.07.2008 16:16 C:\Program Files\Realtek --------- 0 08.07.2008 14:53 C:\Program Files\Windows Sidebar --------- 4096 08.07.2008 14:53 C:\Program Files\Windows Calendar --------- 0 08.07.2008 14:53 C:\Program Files\Windows Journal --------- 4096 08.07.2008 14:53 C:\Program Files\Windows Photo Gallery --------- 4096 08.07.2008 14:53 C:\Program Files\Windows Defender --------- 4096 21.01.2008 04:43 C:\Program Files\desktop.ini --------- 174 02.11.2006 15:01 C:\Program Files\Uninstall Information --------- 0 02.11.2006 14:37 C:\Program Files\MSBuild --------- 0 02.11.2006 14:37 C:\Program Files\Reference Assemblies --------- 0 ---------------------------------------- C:\ProgramData\.. Adrian Public Gast Default desktop.ini ---------------------------------------- C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ::1 localhost 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com 127.0.0.1 www.123moviedownload.com 127.0.0.1 123simsen.com 127.0.0.1 www.123simsen.com 127.0.0.1 123topsearch.com 127.0.0.1 www.123topsearch.com 127.0.0.1 125sms.co.uk 127.0.0.1 www.125sms.co.uk 127.0.0.1 125sms.com 127.0.0.1 www.125sms.com 127.0.0.1 132.com 127.0.0.1 www.132.com 127.0.0.1 1337crew.info 127.0.0.1 www.1337crew.info 127.0.0.1 www.1337-crew.to 127.0.0.1 1337-crew.to 127.0.0.1 136136.net 127.0.0.1 www.136136.net 127.0.0.1 150freesms.de 127.0.0.1 www.150freesms.de 127.0.0.1 163ns.com 127.0.0.1 www.163ns.com 127.0.0.1 171203.com 127.0.0.1 17concepts.info 127.0.0.1 www.17concepts.info 127.0.0.1 17-plus.com 127.0.0.1 www.1800searchonline.com 127.0.0.1 1800searchonline.com 127.0.0.1 180searchassistant.com 127.0.0.1 www.180searchassistant.com 127.0.0.1 180solutions.com 127.0.0.1 www.180solutions.com 127.0.0.1 181.365soft.info 127.0.0.1 www.181.365soft.info 127.0.0.1 1987324.com 127.0.0.1 www.1987324.com 127.0.0.1 www.1-domains-registrations.com 127.0.0.1 1-domains-registrations.com 127.0.0.1 www.1ghporn.info 127.0.0.1 1ghporn.info 127.0.0.1 www.1importantiamreal.com 127.0.0.1 1importantiamreal.com 127.0.0.1 www.1mybigdreamnowreal.com 127.0.0.1 1mybigdreamnowreal.com 127.0.0.1 www.1sexparty.com 127.0.0.1 1sexparty.com 127.0.0.1 www.1sms.de 127.0.0.1 1sms.de 127.0.0.1 www.1spybot.com 127.0.0.1 1spybot.com 127.0.0.1 www.1stantivirus.com 127.0.0.1 1stantivirus.com ---------------------------------------- Abbildname PID Sitzungsname Sitz.-Nr. Speichernutzung ========================= ======== ================ =========== =============== System Idle Process 0 Services 0 12 K System 4 Services 0 16.452 K smss.exe 452 Services 0 748 K csrss.exe 520 Services 0 6.212 K wininit.exe 572 Services 0 4.936 K csrss.exe 580 Console 1 10.232 K services.exe 616 Services 0 7.680 K lsass.exe 628 Services 0 8.832 K lsm.exe 636 Services 0 4.824 K winlogon.exe 668 Console 1 6.528 K svchost.exe 816 Services 0 6.604 K nvvsvc.exe 884 Services 0 4.016 K svchost.exe 912 Services 0 6.860 K svchost.exe 972 Services 0 42.480 K svchost.exe 1048 Services 0 12.896 K svchost.exe 1128 Services 0 76.412 K svchost.exe 1160 Services 0 36.580 K audiodg.exe 1232 Services 0 3.520 K CTAudSvc.exe 1296 Services 0 4.328 K svchost.exe 1316 Services 0 5.416 K SLsvc.exe 1332 Services 0 10.508 K rundll32.exe 1388 Console 1 6.572 K svchost.exe 1404 Services 0 12.276 K svchost.exe 1632 Services 0 19.300 K vsmon.exe 1720 Services 0 19.192 K dwm.exe 1844 Console 1 4.476 K explorer.exe 1880 Console 1 38.876 K taskeng.exe 12 Services 0 5.996 K spoolsv.exe 632 Services 0 12.044 K sched.exe 1156 Services 0 388 K taskeng.exe 1224 Console 1 10.888 K avguard.exe 1216 Services 0 69.944 K SUPBackGround.exe 1596 Console 1 8.296 K svchost.exe 1644 Services 0 10.924 K MagicDoctorKbdHk.exe 1804 Console 1 4.160 K EasyBatteryMgr3.exe 1764 Console 1 4.260 K GoogleCrashHandler.exe 1756 Services 0 888 K dmhkcore.exe 736 Console 1 8.764 K EasySpeedUpManager.exe 2064 Console 1 5.316 K avshadow.exe 2192 Services 0 6.736 K svchost.exe 2368 Services 0 4.144 K EvtEng.exe 2404 Services 0 16.684 K MDM.EXE 2612 Services 0 4.844 K RegSrvc.exe 2692 Services 0 4.588 K svchost.exe 2776 Services 0 6.628 K TuneUpUtilitiesService32. 2832 Services 0 11.028 K VSSVC.exe 2876 Services 0 8.400 K TuneUpUtilitiesApp32.exe 2960 Console 1 6.388 K SearchIndexer.exe 3000 Services 0 19.480 K SDWinSec.exe 3100 Services 0 8.452 K TrustedInstaller.exe 3400 Services 0 8.960 K zlclient.exe 3880 Console 1 3.068 K SynTPEnh.exe 3888 Console 1 12.196 K DLLML.exe 3896 Console 1 11.684 K avgnt.exe 3908 Console 1 3.760 K ipoint.exe 3916 Console 1 18.060 K rundll32.exe 3924 Console 1 6.828 K TeaTimer.exe 3976 Console 1 90.432 K dpupdchk.exe 2784 Console 1 3.724 K SynTPHelper.exe 2588 Console 1 3.048 K OSE.EXE 1068 Services 0 3.508 K SearchProtocolHost.exe 3244 Services 0 9.020 K SearchFilterHost.exe 1360 Services 0 5.728 K WmiPrvSE.exe 3516 Services 0 8.248 K cmd.exe 2144 Console 1 4.432 K tasklist.exe 1456 Console 1 5.116 K ***** Ende des Scans 07.08.2010 um 16:12:34,12 ***
OTL-Extras:Code:GMER 1.0.15.15281 - http://www.gmer.net Rootkit quick scan 2010-08-07 15:09:47 Windows 6.0.6001 Service Pack 1 Running: 5erhe6do.exe; Driver: C:\Users\Adrian\AppData\Local\Temp\uxtyqpod.sys ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation) AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation) ---- EOF - GMER 1.0.15 ----
OTL-OTL:Code:OTL Extras logfile created on: 07.08.2010 14:59:01 - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Adrian\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18928) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 120,09 Gb Total Space | 19,16 Gb Free Space | 15,96% Space Free | Partition Type: NTFS Drive D: | 168,00 Gb Total Space | 61,12 Gb Free Space | 36,38% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ADRIANSPC Current User Name: Adrian Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0D13CE83-A320-4060-8D9E-0675509F300F}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{133F2E38-D47A-4A90-93C6-DEC08FFA8439}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{15BA836D-EB1E-4ADD-ABD9-89F1B7BBC3E6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{17C9712C-B0FF-4DE2-8825-DACFF07A2A6D}" = lport=445 | protocol=6 | dir=in | app=system | "{1ACC8B81-4A32-4952-B23E-3B83139AA64F}" = lport=138 | protocol=17 | dir=in | app=system | "{20000877-69F7-4346-B4CE-B9E1BB47C55E}" = rport=138 | protocol=17 | dir=out | app=system | "{2677158A-5F0E-4049-969B-0CF2018C79DB}" = rport=445 | protocol=6 | dir=out | app=system | "{2BAE6F44-0EDA-4E01-B688-8D3A23DC4FF5}" = lport=10300 | protocol=6 | dir=in | app=c:\program files\devolo\informer\devinf.exe | "{3FD0B431-FA3C-48C4-97FD-5484C4111559}" = rport=137 | protocol=17 | dir=out | app=system | "{5A5CACB9-A9DC-4CA0-8C73-6ADEB81F3B58}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{5C34DD82-2182-4193-A7E7-E068229F5139}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{61F116FD-B5FA-444B-9F8A-DCE5B35B2EBE}" = lport=12346 | protocol=6 | dir=in | app=c:\program files\devolo\easyshare\easyshare.exe | "{7529F380-9A96-4C26-BCD8-785140F29213}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{8709FD04-0B51-4F7A-AED7-968F508EA163}" = lport=10301 | protocol=17 | dir=in | app=c:\program files\devolo\informer\devinf.exe | "{AB41589A-343F-40D1-8ED4-C080FCF7C8CA}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{B90197B0-98B8-4132-BB41-BF493DD0CD59}" = lport=139 | protocol=6 | dir=in | app=system | "{C644570E-17B8-4601-A65F-E80EE9425ABE}" = lport=137 | protocol=17 | dir=in | app=system | "{D0C7A255-9E3C-48E6-A946-A3F4D20664CD}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{D5EA43CF-C1EF-4981-B7FE-4CFB5363835A}" = lport=12345 | protocol=17 | dir=in | app=c:\program files\devolo\easyshare\easyshare.exe | "{DF7A02EA-A1E4-4696-A37A-FDFF4E331E3D}" = lport=19375 | protocol=17 | dir=in | app=c:\program files\devolo\dlanwlancfg\dlanwlancfg.exe | "{E912E8C0-725B-4AAE-89C4-D664C62E8944}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{F7F4FE63-BABD-4B76-AC3C-A6B2BCE2859D}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{FC0AEC55-BED7-4381-B956-96A224A80686}" = rport=139 | protocol=6 | dir=out | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{035B8F23-1302-472B-81D1-418C7A9D4815}" = dir=in | app=c:\program files\cyberlink\powerdvd8\powerdvd8.exe | "{193C5F0E-FBF8-44AE-BBDB-3E72CBBE590F}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{1C4941F9-C336-4D75-8632-6D31C4F221BC}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "{291D306C-48AA-4223-B4A4-5D53D8E45FDD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{35A3779F-1D36-4A27-B8DA-0771AF95C0DF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{36EFD9B2-05BF-4011-9DD0-B2BF3866E81B}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{4099CA8D-6D30-4A20-80C8-AE327031481E}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{43BE6B35-2FF7-4F31-9A7F-7A203D7BAADE}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{44431EBB-DB2B-447C-99B1-81BE3563B2E8}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{6779FCAE-5815-46CF-89C3-D6A107FAA6AC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{6C708175-E552-40D1-A8A6-13CFD9899760}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{8E9A5126-ABC4-4F6E-BEB6-4A5337B87A2A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{9578EB01-8CAF-438D-B654-2AF293891F76}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{A684DB4B-277F-47A4-9694-61A7BE6305DB}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{A7E94E71-A03D-4ED4-9A15-7996FAC77B9D}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{B8BF5E8F-2902-42FA-AB22-E9491BB90C7D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{CD6CC61E-92FF-4D94-A43C-6407620ED20A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{E373957B-7BD7-4A84-A88C-208441292EAD}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "{E9FC1C5B-5018-4609-AF97-D951B30F54F9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{EA769EAC-A76E-4386-858F-AB34962EB8FF}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{ECCF9A9F-DA3D-4F1B-9EBD-775DC50F9573}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{EE36165C-0C03-4307-9D7E-37D8B645C176}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{F6DF2EF6-D584-4B6C-9C02-84908D678BF7}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "TCP Query User{27E01C15-50B5-4C85-9EBA-B44328A21148}C:\program files\napster\napster.exe" = protocol=6 | dir=in | app=c:\program files\napster\napster.exe | "TCP Query User{E4A895A6-741C-4DE4-ACA9-B7F5501DC167}C:\program files\qip\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip\qip.exe | "UDP Query User{5CC5CD7A-A75A-4DA1-BD47-D7E71308FEE6}C:\program files\qip\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip\qip.exe | "UDP Query User{E364C290-AC85-4FB4-898C-BF80EF253CE3}C:\program files\napster\napster.exe" = protocol=17 | dir=in | app=c:\program files\napster\napster.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser "{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3 "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers "{12BEF00E-ECFF-4820-BEDF-CCB9CC06A955}" = Sound Blaster X-Fi Surround 5.1 "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime "{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III "{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin "{1D1D8ADC-BF08-4E61-9393-5FA305B16864}" = Microsoft SQL Server Native Client "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{2218B96C-ABA2-45D9-A0B4-56B71F5303DB}" = Nokia Ovi Suite "{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2 "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16 "{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3 "{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3 "{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8 "{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6 "{32A3A4F4-B792-11D6-A78A-00B0D0160170}" = Java(TM) SE Development Kit 6 Update 17 "{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor "{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "{42B74521-4706-412A-9A27-AED12B83E886}" = Nokia Ovi Application Installer "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{45D4F727-43B5-49CD-B474-B9866A8F4FB8}" = Nokia Map Loader "{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}" = Nokia Software Updater "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver "{541E5E15-7186-4395-9593-16D02765FF27}" = Duden Korrektor PLUS "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3 "{5C759B74-34F4-43C6-A5D9-039CB754C5E9}" = Microsoft SQL Server VSS Writer "{5C81B189-5456-40C4-9313-7FE6FA6DD64C}" = Office-Bibliothek "{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8 "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{6442DEDF-AC2F-4CBA-85DE-42E459C5006C}" = Nokia Ovi Content Copier "{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All "{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings "{6EB6C056-02BB-453E-8448-EC90B9794180}" = Nokia Multimedia Common Components 2.4 "{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager "{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3 "{7035F31B-20DA-4522-B0DB-3CA18B46DD77}" = Nokia Music "{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE) "{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3 "{81063354-9060-42B2-A000-1EBE96778AA9}" = iTunes "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{91110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{926C96FB-9D0A-4504-8000-C6D3A4A3118E}" = Java DB 10.4.2.1 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{A040AC77-C1AA-4CC9-8931-9F648AF178F6}" = VC 9.0 Runtime "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific "{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}" = Samsung Update Plus "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support "{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings "{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.3 - Deutsch "{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup "{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}" = PixiePack Codec Pack "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3 "{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "{C7DDA8E7-AD3D-4F51-AC1E-B0FF57002192}" = Microsoft IntelliPoint 6.3 "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities "{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager "{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth "{F9EA1C47-64A6-45E4-9A80-8CC1575B971D}" = Nokia Ovi System Utilities "{FAB137DB-CCF1-487D-B338-85413AF6FCB8}" = Tunebite "{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings "504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2 "Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3 "Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings "Age of Empires 2.0" = Microsoft Age of Empires II "Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion "Age of Mythology Expansion Pack 1.0" = Age of Mythology Gold "Agere Systems Soft Modem" = Agere Systems HDA Modem "AnyDVD" = AnyDVD "AudioCS" = Creative Audio-Systemsteuerung "AutoGK" = Auto Gordian Knot 2.55 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "AviSynth" = AviSynth 2.5 "BSW" = BrettspielWelt "CloneDVD2" = CloneDVD2 "Console Launcher" = Creative Konsole Starter "Creative Entertainment Center" = Creative Entertainment Center "Creative Software AutoUpdate" = Creative Software AutoUpdate "Creative Sound Blaster Properties" = Eigenschaften von Creative Sound Blaster "dlanconf" = devolo dLAN-Konfigurationsassistent "dlanwlancfg" = devolo dLAN Wireless extender Konfiguration "dslmon" = devolo Informer "EarMaster Pro 4 (trial)_is1" = EarMaster Pro 4 "easyshare" = devolo EasyShare "Google Updater" = Google Updater "Host OpenAL" = Host OpenAL "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8 "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0 "InstallShield_{541E5E15-7186-4395-9593-16D02765FF27}" = Duden Korrektor PLUS "InstallShield_{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}" = Samsung Update Plus "InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector "iTSfv_is1" = iTSfv 5.45.4.5 "JDownloader" = JDownloader "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "Mozilla Thunderbird (3.0.6)" = Mozilla Thunderbird (3.0.6) "MPE" = MyPhoneExplorer "Nokia Maps Updater_is1" = Nokia Maps Updater 1.0.10 "Nokia Ovi Application Installer" = Nokia Ovi Application Installer 6.85.3011 "Nokia Ovi Content Copier" = Nokia Ovi Content Copier 6.85.3011 "Nokia Ovi System Utilities" = Nokia Ovi System Utilities 6.85.3018 "OpenAL" = OpenAL "ProInst" = Intel PROSet Wireless "Remote Control System" = Fernbedienungssystem "ShockwaveFlash" = Adobe Flash Player 9 ActiveX "SynTPDeinstKey" = Synaptics Pointing Device Driver "TuneUp Utilities" = TuneUp Utilities "VLC media player" = VLC media player 1.0.5 "VobSub" = VobSub v2.23 (Remove Only) "WinRAR archiver" = WinRAR "XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only) "Xvid_is1" = Xvid 1.2.1 final uninstall "ZoneAlarm" = ZoneAlarm "ZoneAlarmSB Uninstall" = ZoneAlarm Spy Blocker ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 23.07.2010 14:33:30 | Computer Name = AdriansPC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 23.07.2010 14:33:30 | Computer Name = AdriansPC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 23.07.2010 15:00:27 | Computer Name = AdriansPC | Source = | ID = 0 Description = Error - 23.07.2010 15:49:19 | Computer Name = AdriansPC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 23.07.2010 16:36:29 | Computer Name = AdriansPC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 23.07.2010 16:36:29 | Computer Name = AdriansPC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 23.07.2010 16:39:28 | Computer Name = AdriansPC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 23.07.2010 16:39:45 | Computer Name = AdriansPC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 23.07.2010 16:45:35 | Computer Name = AdriansPC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 23.07.2010 16:45:44 | Computer Name = AdriansPC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = [ System Events ] Error - 06.08.2010 11:37:24 | Computer Name = AdriansPC | Source = Service Control Manager | ID = 7022 Description = Error - 06.08.2010 14:35:24 | Computer Name = AdriansPC | Source = Service Control Manager | ID = 7023 Description = Error - 06.08.2010 14:38:15 | Computer Name = AdriansPC | Source = Service Control Manager | ID = 7022 Description = Error - 06.08.2010 14:38:15 | Computer Name = AdriansPC | Source = Service Control Manager | ID = 7001 Description = Error - 06.08.2010 14:38:16 | Computer Name = AdriansPC | Source = Service Control Manager | ID = 7032 Description = Error - 06.08.2010 15:01:56 | Computer Name = AdriansPC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 07.08.2010 08:57:56 | Computer Name = AdriansPC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 07.08.2010 08:58:16 | Computer Name = AdriansPC | Source = Service Control Manager | ID = 7032 Description = Error - 07.08.2010 08:58:16 | Computer Name = AdriansPC | Source = Service Control Manager | ID = 7032 Description = Error - 07.08.2010 09:01:16 | Computer Name = AdriansPC | Source = Service Control Manager | ID = 7032 Description = < End of report >
Code:OTL Extras logfile created on: 07.08.2010 14:59:01 - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Adrian\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18928) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 120,09 Gb Total Space | 19,16 Gb Free Space | 15,96% Space Free | Partition Type: NTFS Drive D: | 168,00 Gb Total Space | 61,12 Gb Free Space | 36,38% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ADRIANSPC Current User Name: Adrian Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0D13CE83-A320-4060-8D9E-0675509F300F}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{133F2E38-D47A-4A90-93C6-DEC08FFA8439}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{15BA836D-EB1E-4ADD-ABD9-89F1B7BBC3E6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{17C9712C-B0FF-4DE2-8825-DACFF07A2A6D}" = lport=445 | protocol=6 | dir=in | app=system | "{1ACC8B81-4A32-4952-B23E-3B83139AA64F}" = lport=138 | protocol=17 | dir=in | app=system | "{20000877-69F7-4346-B4CE-B9E1BB47C55E}" = rport=138 | protocol=17 | dir=out | app=system | "{2677158A-5F0E-4049-969B-0CF2018C79DB}" = rport=445 | protocol=6 | dir=out | app=system | "{2BAE6F44-0EDA-4E01-B688-8D3A23DC4FF5}" = lport=10300 | protocol=6 | dir=in | app=c:\program files\devolo\informer\devinf.exe | "{3FD0B431-FA3C-48C4-97FD-5484C4111559}" = rport=137 | protocol=17 | dir=out | app=system | "{5A5CACB9-A9DC-4CA0-8C73-6ADEB81F3B58}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{5C34DD82-2182-4193-A7E7-E068229F5139}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{61F116FD-B5FA-444B-9F8A-DCE5B35B2EBE}" = lport=12346 | protocol=6 | dir=in | app=c:\program files\devolo\easyshare\easyshare.exe | "{7529F380-9A96-4C26-BCD8-785140F29213}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{8709FD04-0B51-4F7A-AED7-968F508EA163}" = lport=10301 | protocol=17 | dir=in | app=c:\program files\devolo\informer\devinf.exe | "{AB41589A-343F-40D1-8ED4-C080FCF7C8CA}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{B90197B0-98B8-4132-BB41-BF493DD0CD59}" = lport=139 | protocol=6 | dir=in | app=system | "{C644570E-17B8-4601-A65F-E80EE9425ABE}" = lport=137 | protocol=17 | dir=in | app=system | "{D0C7A255-9E3C-48E6-A946-A3F4D20664CD}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{D5EA43CF-C1EF-4981-B7FE-4CFB5363835A}" = lport=12345 | protocol=17 | dir=in | app=c:\program files\devolo\easyshare\easyshare.exe | "{DF7A02EA-A1E4-4696-A37A-FDFF4E331E3D}" = lport=19375 | protocol=17 | dir=in | app=c:\program files\devolo\dlanwlancfg\dlanwlancfg.exe | "{E912E8C0-725B-4AAE-89C4-D664C62E8944}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{F7F4FE63-BABD-4B76-AC3C-A6B2BCE2859D}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{FC0AEC55-BED7-4381-B956-96A224A80686}" = rport=139 | protocol=6 | dir=out | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{035B8F23-1302-472B-81D1-418C7A9D4815}" = dir=in | app=c:\program files\cyberlink\powerdvd8\powerdvd8.exe | "{193C5F0E-FBF8-44AE-BBDB-3E72CBBE590F}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{1C4941F9-C336-4D75-8632-6D31C4F221BC}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "{291D306C-48AA-4223-B4A4-5D53D8E45FDD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{35A3779F-1D36-4A27-B8DA-0771AF95C0DF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{36EFD9B2-05BF-4011-9DD0-B2BF3866E81B}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{4099CA8D-6D30-4A20-80C8-AE327031481E}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{43BE6B35-2FF7-4F31-9A7F-7A203D7BAADE}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{44431EBB-DB2B-447C-99B1-81BE3563B2E8}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{6779FCAE-5815-46CF-89C3-D6A107FAA6AC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{6C708175-E552-40D1-A8A6-13CFD9899760}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{8E9A5126-ABC4-4F6E-BEB6-4A5337B87A2A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{9578EB01-8CAF-438D-B654-2AF293891F76}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{A684DB4B-277F-47A4-9694-61A7BE6305DB}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{A7E94E71-A03D-4ED4-9A15-7996FAC77B9D}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{B8BF5E8F-2902-42FA-AB22-E9491BB90C7D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{CD6CC61E-92FF-4D94-A43C-6407620ED20A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{E373957B-7BD7-4A84-A88C-208441292EAD}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "{E9FC1C5B-5018-4609-AF97-D951B30F54F9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{EA769EAC-A76E-4386-858F-AB34962EB8FF}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{ECCF9A9F-DA3D-4F1B-9EBD-775DC50F9573}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{EE36165C-0C03-4307-9D7E-37D8B645C176}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{F6DF2EF6-D584-4B6C-9C02-84908D678BF7}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "TCP Query User{27E01C15-50B5-4C85-9EBA-B44328A21148}C:\program files\napster\napster.exe" = protocol=6 | dir=in | app=c:\program files\napster\napster.exe | "TCP Query User{E4A895A6-741C-4DE4-ACA9-B7F5501DC167}C:\program files\qip\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip\qip.exe | "UDP Query User{5CC5CD7A-A75A-4DA1-BD47-D7E71308FEE6}C:\program files\qip\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip\qip.exe | "UDP Query User{E364C290-AC85-4FB4-898C-BF80EF253CE3}C:\program files\napster\napster.exe" = protocol=17 | dir=in | app=c:\program files\napster\napster.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser "{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3 "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers "{12BEF00E-ECFF-4820-BEDF-CCB9CC06A955}" = Sound Blaster X-Fi Surround 5.1 "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime "{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III "{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin "{1D1D8ADC-BF08-4E61-9393-5FA305B16864}" = Microsoft SQL Server Native Client "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{2218B96C-ABA2-45D9-A0B4-56B71F5303DB}" = Nokia Ovi Suite "{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2 "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16 "{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3 "{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3 "{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8 "{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6 "{32A3A4F4-B792-11D6-A78A-00B0D0160170}" = Java(TM) SE Development Kit 6 Update 17 "{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor "{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "{42B74521-4706-412A-9A27-AED12B83E886}" = Nokia Ovi Application Installer "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{45D4F727-43B5-49CD-B474-B9866A8F4FB8}" = Nokia Map Loader "{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}" = Nokia Software Updater "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver "{541E5E15-7186-4395-9593-16D02765FF27}" = Duden Korrektor PLUS "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3 "{5C759B74-34F4-43C6-A5D9-039CB754C5E9}" = Microsoft SQL Server VSS Writer "{5C81B189-5456-40C4-9313-7FE6FA6DD64C}" = Office-Bibliothek "{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8 "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{6442DEDF-AC2F-4CBA-85DE-42E459C5006C}" = Nokia Ovi Content Copier "{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All "{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings "{6EB6C056-02BB-453E-8448-EC90B9794180}" = Nokia Multimedia Common Components 2.4 "{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager "{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3 "{7035F31B-20DA-4522-B0DB-3CA18B46DD77}" = Nokia Music "{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE) "{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3 "{81063354-9060-42B2-A000-1EBE96778AA9}" = iTunes "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{91110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{926C96FB-9D0A-4504-8000-C6D3A4A3118E}" = Java DB 10.4.2.1 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{A040AC77-C1AA-4CC9-8931-9F648AF178F6}" = VC 9.0 Runtime "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific "{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}" = Samsung Update Plus "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support "{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings "{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.3 - Deutsch "{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup "{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}" = PixiePack Codec Pack "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3 "{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "{C7DDA8E7-AD3D-4F51-AC1E-B0FF57002192}" = Microsoft IntelliPoint 6.3 "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities "{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager "{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth "{F9EA1C47-64A6-45E4-9A80-8CC1575B971D}" = Nokia Ovi System Utilities "{FAB137DB-CCF1-487D-B338-85413AF6FCB8}" = Tunebite "{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings "504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2 "Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3 "Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings "Age of Empires 2.0" = Microsoft Age of Empires II "Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion "Age of Mythology Expansion Pack 1.0" = Age of Mythology Gold "Agere Systems Soft Modem" = Agere Systems HDA Modem "AnyDVD" = AnyDVD "AudioCS" = Creative Audio-Systemsteuerung "AutoGK" = Auto Gordian Knot 2.55 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "AviSynth" = AviSynth 2.5 "BSW" = BrettspielWelt "CloneDVD2" = CloneDVD2 "Console Launcher" = Creative Konsole Starter "Creative Entertainment Center" = Creative Entertainment Center "Creative Software AutoUpdate" = Creative Software AutoUpdate "Creative Sound Blaster Properties" = Eigenschaften von Creative Sound Blaster "dlanconf" = devolo dLAN-Konfigurationsassistent "dlanwlancfg" = devolo dLAN Wireless extender Konfiguration "dslmon" = devolo Informer "EarMaster Pro 4 (trial)_is1" = EarMaster Pro 4 "easyshare" = devolo EasyShare "Google Updater" = Google Updater "Host OpenAL" = Host OpenAL "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8 "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0 "InstallShield_{541E5E15-7186-4395-9593-16D02765FF27}" = Duden Korrektor PLUS "InstallShield_{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}" = Samsung Update Plus "InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector "iTSfv_is1" = iTSfv 5.45.4.5 "JDownloader" = JDownloader "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "Mozilla Thunderbird (3.0.6)" = Mozilla Thunderbird (3.0.6) "MPE" = MyPhoneExplorer "Nokia Maps Updater_is1" = Nokia Maps Updater 1.0.10 "Nokia Ovi Application Installer" = Nokia Ovi Application Installer 6.85.3011 "Nokia Ovi Content Copier" = Nokia Ovi Content Copier 6.85.3011 "Nokia Ovi System Utilities" = Nokia Ovi System Utilities 6.85.3018 "OpenAL" = OpenAL "ProInst" = Intel PROSet Wireless "Remote Control System" = Fernbedienungssystem "ShockwaveFlash" = Adobe Flash Player 9 ActiveX "SynTPDeinstKey" = Synaptics Pointing Device Driver "TuneUp Utilities" = TuneUp Utilities "VLC media player" = VLC media player 1.0.5 "VobSub" = VobSub v2.23 (Remove Only) "WinRAR archiver" = WinRAR "XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only) "Xvid_is1" = Xvid 1.2.1 final uninstall "ZoneAlarm" = ZoneAlarm "ZoneAlarmSB Uninstall" = ZoneAlarm Spy Blocker ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 23.07.2010 14:33:30 | Computer Name = AdriansPC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 23.07.2010 14:33:30 | Computer Name = AdriansPC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 23.07.2010 15:00:27 | Computer Name = AdriansPC | Source = | ID = 0 Description = Error - 23.07.2010 15:49:19 | Computer Name = AdriansPC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 23.07.2010 16:36:29 | Computer Name = AdriansPC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 23.07.2010 16:36:29 | Computer Name = AdriansPC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 23.07.2010 16:39:28 | Computer Name = AdriansPC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 23.07.2010 16:39:45 | Computer Name = AdriansPC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 23.07.2010 16:45:35 | Computer Name = AdriansPC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 23.07.2010 16:45:44 | Computer Name = AdriansPC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = [ System Events ] Error - 06.08.2010 11:37:24 | Computer Name = AdriansPC | Source = Service Control Manager | ID = 7022 Description = Error - 06.08.2010 14:35:24 | Computer Name = AdriansPC | Source = Service Control Manager | ID = 7023 Description = Error - 06.08.2010 14:38:15 | Computer Name = AdriansPC | Source = Service Control Manager | ID = 7022 Description = Error - 06.08.2010 14:38:15 | Computer Name = AdriansPC | Source = Service Control Manager | ID = 7001 Description = Error - 06.08.2010 14:38:16 | Computer Name = AdriansPC | Source = Service Control Manager | ID = 7032 Description = Error - 06.08.2010 15:01:56 | Computer Name = AdriansPC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 07.08.2010 08:57:56 | Computer Name = AdriansPC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 07.08.2010 08:58:16 | Computer Name = AdriansPC | Source = Service Control Manager | ID = 7032 Description = Error - 07.08.2010 08:58:16 | Computer Name = AdriansPC | Source = Service Control Manager | ID = 7032 Description = Error - 07.08.2010 09:01:16 | Computer Name = AdriansPC | Source = Service Control Manager | ID = 7032 Description = < End of report >
Ich kenne mich mit Malware usw. wirklich nicht aus, und da wo die Scanner das Problem nicht in den Griff kriegen bin ich erstmal ziemlich aufgeschmissen. Ich hoffe jemand kann mir helfen.
Vielen Dank im vorraus!
Adrian
