Fehler beim Laden von C:\Wondows\system32\sshnas.dll

RR_Diablo · 10.04.2010, 18:18

Guten Abend

Ich weiß dieses problem wurde des öfteren schon besprochen und audiskutiert aber ich komme einfach nicht weiter.

"Fehler beim Laden von C:\Wondows\system32\sshnas.dll

Das angegebene Modul wurde nicht gefunden "

seit dem diese fehlermeldung kommt öffnet sich auch in unregelmäsigen abständen der Internetexplorer mit eine willkürlichen Werbung von Browsergames Handywerbung und und und.

Ich habe in diesem Forum schon einige antworten gefunden aber es hat mir nicht weiter geholfen

Ich habe schon Antivir durchlaufen lassen und Ad Aware ... leider ohne erfolg !

nun weiß ich auch nichtmehr weiter bitte helft mir

(habe windows7 64bit version ) falls das weiter hilft

LG RR_Diablo

Prevof · 10.04.2010, 21:21

Diese Datei wurde bei mir als Virus angezeigt (sshnas21.dll) ... und habe sie gelöscht. Kann es sein, dass es eine Fehlmeldung ist?

Hat zwar nicht mit deinem Problem zu tun, aber naja.

Chris4You · 10.04.2010, 21:42

Hi,

MAM sollte das Problem lösen können:

Malwarebytes Antimalware (MAM)
Anleitung&Download hier: http://www.trojaner-board.de/51187-m...i-malware.html
Falls der Download nicht klappt, bitte hierüber eine generische Version runterladen:
http://filepony.de/download-chameleon/
Danach bitte update der Signaturdateien (Reiter "Update" -> Suche nach Aktualisierungen")
Fullscan und alles bereinigen lassen! Log posten.

OTL
Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe

Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen

Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output

Unter Extra Registry, wähle bitte Use SafeList

Klicke nun auf Run Scan links oben

Wenn der Scan beendet wurde werden 2 Logfiles erstellt

Poste die Logfiles hier in den Thread

chris

RR_Diablo · 10.04.2010, 21:42

Ja das ist eine fehlermeldung die jedes mal beim hochfahren des PC´s kommt

(hab mich mal nun etwas mehr durchs Forum gewühlt)
und bin dabei öfters auf Malewarebytes gestoßen da habe ich recherschiert und es mal runter geladen, ein scan gemacht PC neu gestartet und nun ist es weg

Aber woher weiß ich nun das dieser Virus/Trojaner was auch immer 100% weg ist? ich tätige ja auch Online Banking am PC...

LG

RR_Diablo · 10.04.2010, 22:21

OTL logfile created on: 10.04.2010 23:14:11 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\Standard\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 341,77 Gb Total Space | 285,90 Gb Free Space | 83,65% Space Free | Partition Type: NTFS
Drive D: | 341,77 Gb Total Space | 294,94 Gb Free Space | 86,30% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DIABLO
Current User Name: Standard
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Standard\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe (Crawler.com)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)
PRC - D:\Datein\Antivir\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - D:\Datein\Antivir\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - D:\Datein\Antivir\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\TouchSettings\TouchPortalOBR.exe (Acer Corp.)
PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe (Microsoft Corporation)
PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.)
PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)

========== Modules (SafeList) ==========

MOD - C:\Users\Standard\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation)
SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation)
SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation)
SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation)
SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation)
SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation)
SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation)
SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)
SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation)
SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation)
SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation)
SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation)
SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation)
SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (sp_rssrv) -- C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe (Crawler.com)
SRV - (AntiVirService) -- D:\Datein\Antivir\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- D:\Datein\Antivir\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (VSS) -- C:\Windows\Vss [2009.07.14 05:20:14 | 000,000,000 | ---D | M]
SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2009.07.14 05:20:14 | 000,000,000 | ---D | M]
SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation)
SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()
SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)

========== Driver Services (SafeList) ==========

DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (Lbd) -- C:\Windows\SysNative\drivers\Lbd.sys (Lavasoft AB)
DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (KSecPkg) -- C:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (hwpolicy) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation)
DRV:64bit: - (FsDepends) -- C:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (WIMMount) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation)
DRV:64bit: - (vhdmp) -- C:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation)
DRV:64bit: - (vdrvroot) -- C:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (rdyboost) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation)
DRV:64bit: - (pcw) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation)
DRV:64bit: - (CNG) -- C:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation)
DRV:64bit: - (fvevol) -- C:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation)
DRV:64bit: - (rdpbus) -- C:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation)
DRV:64bit: - (RDPREFMP) -- C:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV:64bit: - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation)
DRV:64bit: - (WfpLwf) -- C:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation)
DRV:64bit: - (NdisCap) -- C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation)
DRV:64bit: - (vwifimp) -- C:\Windows\SysNative\drivers\vwifimp.sys (Microsoft Corporation)
DRV:64bit: - (vwififlt) -- C:\Windows\SysNative\drivers\vwififlt.sys (Microsoft Corporation)
DRV:64bit: - (vwifibus) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation)
DRV:64bit: - (1394ohci) -- C:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation)
DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
DRV:64bit: - (usbvideo) USB Video Device (WDM) -- C:\Windows\SysNative\drivers\usbvideo.sys (Microsoft Corporation)
DRV:64bit: - (BthPan) Bluetooth-Gerät (PAN) -- C:\Windows\SysNative\drivers\bthpan.sys (Microsoft Corporation)
DRV:64bit: - (BTHPORT) -- C:\Windows\SysNative\drivers\bthport.sys (Microsoft Corporation)
DRV:64bit: - (RFCOMM) Bluetooth-Gerät (RFCOMM-Protokoll-TDI) -- C:\Windows\SysNative\drivers\rfcomm.sys (Microsoft Corporation)
DRV:64bit: - (BthEnum) -- C:\Windows\SysNative\drivers\bthenum.sys (Microsoft Corporation)
DRV:64bit: - (BTHUSB) -- C:\Windows\SysNative\drivers\BTHUSB.SYS (Microsoft Corporation)
DRV:64bit: - (UmPass) -- C:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation)
DRV:64bit: - (mshidkmdf) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV:64bit: - (WudfPf) -- C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)
DRV:64bit: - (MTConfig) -- C:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (Beep) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation)
DRV:64bit: - (AppID) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation)
DRV:64bit: - (scfilter) -- C:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation)
DRV:64bit: - (discache) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HidBatt) -- C:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation)
DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation)
DRV:64bit: - (AcpiPmi) -- C:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation)
DRV:64bit: - (AmdPPM) -- C:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (itecir) -- C:\Windows\SysNative\drivers\itecir.sys (ITE Tech. Inc. )
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (AVPolDIR) -- C:\Windows\SysNative\drivers\AVPolDIR.sys (AVerMedia TECHNOLOGIES, Inc.)
DRV:64bit: - (AVerPola) -- C:\Windows\SysNative\drivers\AVerPola.sys (AVerMedia TECHNOLOGIES, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (NetBIOS) -- C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation)
DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()
DRV - (mwlPSDVDisk) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlPSDVdisk.sys (Egis Technology Inc.)
DRV - (mwlPSDNServ) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlPSDNServ.sys (Egis Technology Inc.)
DRV - (mwlPSDFilter) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlPSDFilter.sys (Egis Technology Inc.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_z5600&r=17360310e700p0347y115w4781t310
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_z5600&r=17360310e700p0347y115w4781t310
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_z5600&r=17360310e700p0347y115w4781t310
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_z5600&r=17360310e700p0347y115w4781t310

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_z5600&r=17360310e700p0347y115w4781t310
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.1&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files (x86)\Crawler\Toolbar\firefox\ [2010.04.10 17:30:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.04.05 11:51:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.04.05 11:51:12 | 000,000,000 | ---D | M]

[2010.03.18 21:31:40 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\mozilla\Extensions
[2010.04.10 22:53:54 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\8siz7289.default\extensions
[2010.04.06 23:40:37 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\8siz7289.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.04.10 18:27:52 | 000,000,947 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\8siz7289.default\searchplugins\icqplugin.xml
[2010.03.18 21:31:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.04.05 11:51:10 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2009.09.21 11:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\crawlersrch.xml
[2010.04.05 11:51:10 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.04.05 11:51:10 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.04.05 11:51:10 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.04.05 11:51:10 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2010.04.10 18:36:13 | 000,000,822 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.4723.1820\swg64.dll (Google Inc.)
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll (Crawler.com)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [TouchORB] C:\Program Files (x86)\TouchSettings\TouchPortalOBR.exe (Acer Corp.)
O4:64bit: - HKLM..\Run: [TouchPortal] C:\Program Files (x86)\Acer\Acer Touch Suite\TouchPortal.exe (Acer Corp.)
O4 - HKLM..\Run: [avgnt] D:\Datein\Antivir\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [SpyHunter Security Suite] C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter3.exe (Enigma Software Group USA, LLC.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [MusicGadget] C:\Program Files (x86)\Acer\Acer Touch Suite\TouchMusic.exe ()
O4 - HKCU..\Run: [PhotoGadget] C:\Program Files (x86)\Acer\Acer Touch Suite\TouchPhotoShow.exe (acer)
O4 - HKCU..\Run: [PhotoGadgetFirstRun] Reg Error: Invalid data type. File not found
O4 - HKCU..\Run: [PhotoGadgetFirstRun_Portal] Reg Error: Invalid data type. File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [TouchMemo] C:\Program Files (x86)\Acer\Acer Touch Suite\TouchMemo.exe (Acer Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll (Crawler.com)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.04.10 23:12:45 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Users\Standard\Desktop\OTL.exe
[2010.04.10 20:33:26 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\Malwarebytes
[2010.04.10 20:33:04 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.04.10 20:33:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.04.10 20:33:01 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.04.10 20:33:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.04.10 18:52:34 | 000,069,152 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys
[2010.04.10 18:52:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010.04.10 18:52:15 | 000,000,000 | -H-D | C] -- C:\ProgramData\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010.04.10 18:52:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010.04.10 18:52:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2010.04.10 18:35:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Enigma Software Group
[2010.04.10 17:30:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Crawler
[2010.04.10 17:30:05 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\Spyware Terminator
[2010.04.10 17:30:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2010.04.10 17:30:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Terminator
[2010.04.10 16:47:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.04.10 16:47:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010.04.05 14:46:21 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\Avira
[2010.04.05 14:41:29 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2010.04.05 14:41:29 | 000,081,072 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2010.04.05 14:41:29 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntdd.sys
[2010.04.05 14:41:29 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntmgr.sys
[2010.04.05 14:41:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010.04.05 14:37:08 | 000,000,000 | -H-D | C] -- C:\Users\Standard\Documents\Runes of Magic
[2010.04.05 14:35:47 | 000,000,000 | ---D | C] -- C:\CrashReport
[2010.04.02 13:05:04 | 000,000,000 | ---D | C] -- C:\RMS-Diamodul
[2010.03.31 09:55:20 | 001,192,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2010.03.31 09:55:20 | 001,026,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstime.dll
[2010.03.31 09:55:20 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstime.dll
[2010.03.31 09:55:19 | 000,977,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2010.03.31 09:55:19 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll
[2010.03.31 09:55:19 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2010.03.31 09:55:19 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll
[2010.03.31 09:55:19 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2010.03.27 16:10:15 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2010.03.27 12:49:48 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\Adobe
[2010.03.25 22:41:15 | 000,000,000 | ---D | C] -- C:\Users\Standard\Documents\Meine empfangenen Dateien
[2010.03.24 01:09:15 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2010.03.23 14:57:42 | 000,000,000 | ---D | C] -- C:\Users\Standard\Documents\SCi
[2010.03.23 14:55:19 | 000,188,416 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\eax.dll
[2010.03.22 11:12:43 | 000,000,000 | ---D | C] -- C:\Users\Standard\Desktop\Mediaplayer Homecinema
[2010.03.21 19:56:51 | 000,000,000 | ---D | C] -- C:\Users\Standard\Desktop\Touch
[2010.03.21 18:21:00 | 000,000,000 | ---D | C] -- C:\Users\Standard\Documents\DVDVideoSoft
[2010.03.21 18:20:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2010.03.21 18:20:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2010.03.21 14:55:02 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\Nero
[2010.03.21 14:04:22 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\Diagnostics
[2010.03.20 00:43:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2010.03.19 21:47:54 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\Gas Powered Games
[2010.03.19 21:32:59 | 014,629,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010.03.19 21:32:58 | 011,406,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010.03.19 21:32:58 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2010.03.19 21:32:57 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010.03.19 21:32:57 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2010.03.19 21:32:56 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010.03.19 21:31:51 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.03.19 21:31:51 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2010.03.19 21:31:51 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2010.03.19 21:23:21 | 000,960,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2010.03.19 21:23:21 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2010.03.19 21:23:21 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2010.03.19 21:23:21 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2010.03.19 21:23:21 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2010.03.19 21:23:21 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010.03.19 21:23:21 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010.03.19 21:22:51 | 000,000,000 | ---D | C] -- C:\Users\Standard\Documents\My Games
[2010.03.19 20:44:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar
[2010.03.19 20:44:05 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2010.03.19 20:39:44 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\ICQ
[2010.03.19 20:39:43 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\AOL
[2010.03.19 20:39:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.0
[2010.03.19 19:54:18 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2010.03.19 19:54:18 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2010.03.19 19:54:18 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2010.03.19 19:54:18 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2010.03.19 19:54:18 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2010.03.19 19:54:18 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2010.03.19 19:54:18 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2010.03.19 19:54:18 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2010.03.19 19:54:18 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2010.03.19 19:54:18 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2010.03.19 19:54:18 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2010.03.19 19:54:18 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2010.03.19 19:54:18 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2010.03.19 19:54:18 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2010.03.19 19:54:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2010.03.19 19:54:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2010.03.19 19:53:03 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010.03.19 19:53:03 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010.03.19 19:53:03 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010.03.19 19:53:03 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010.03.19 19:53:03 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2010.03.19 19:53:03 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2010.03.19 18:51:41 | 000,000,000 | ---D | C] -- C:\Users\Standard\Documents\CyberLink
[2010.03.19 18:51:34 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\PowerCinema
[2010.03.19 18:51:32 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\PowerCinema
[2010.03.19 18:27:06 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2010.03.19 18:27:05 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2010.03.19 18:27:05 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2010.03.19 18:27:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2010.03.19 18:27:05 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2010.03.19 18:27:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2010.03.19 18:13:25 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2010.03.19 18:13:25 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2010.03.19 18:13:25 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2010.03.19 18:13:25 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2010.03.19 18:13:25 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iyuv_32.dll
[2010.03.19 18:13:25 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvidc32.dll
[2010.03.19 18:13:25 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msyuv.dll
[2010.03.19 18:13:25 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrle32.dll
[2010.03.19 18:13:25 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsbyuv.dll
[2010.03.19 18:05:51 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2010.03.19 18:05:50 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2010.03.19 18:02:56 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2010.03.18 22:34:59 | 000,000,000 | ---D | C] -- C:\Users\Standard\Documents\Youcam
[2010.03.18 22:34:59 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\CyberLink
[2010.03.18 22:34:54 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\CyberLink
[2010.03.18 22:30:58 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\Media Player Classic
[2010.03.18 22:11:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2010.03.18 22:02:49 | 000,000,000 | ---D | C] -- C:\Windows\de-DE
[2010.03.18 22:02:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2010.03.18 22:02:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\de-DE
[2010.03.18 22:02:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2010.03.18 22:02:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0407
[2010.03.18 22:02:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0407
[2010.03.18 22:02:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de
[2010.03.18 22:02:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbrpm.sys.mui
[2010.03.18 22:02:27 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\fvevol.sys.mui
[2010.03.18 22:02:22 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\qwavedrv.sys.mui
[2010.03.18 22:02:21 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\nwifi.sys.mui
[2010.03.18 22:02:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\qwavedrv.sys.mui
[2010.03.18 22:02:19 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\volsnap.sys.mui
[2010.03.18 22:02:19 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbport.sys.mui
[2010.03.18 22:02:19 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\processr.sys.mui
[2010.03.18 22:02:19 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\intelppm.sys.mui
[2010.03.18 22:02:19 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdppm.sys.mui
[2010.03.18 22:02:19 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdk8.sys.mui
[2010.03.18 22:02:19 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbhub.sys.mui
[2010.03.18 22:02:19 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\serial.sys.mui
[2010.03.18 22:02:19 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ohci1394.sys.mui
[2010.03.18 22:02:19 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\1394ohci.sys.mui
[2010.03.18 22:02:19 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui
[2010.03.18 22:02:19 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui
[2010.03.18 22:02:19 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\i8042prt.sys.mui
[2010.03.18 22:02:19 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\acpi.sys.mui
[2010.03.18 22:02:19 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\battc.sys.mui
[2010.03.18 22:02:19 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pci.sys.mui
[2010.03.18 22:02:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\IPMIDrv.sys.mui
[2010.03.18 22:02:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\sermouse.sys.mui
[2010.03.18 22:02:19 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\kbdclass.sys.mui
[2010.03.18 22:02:19 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mouclass.sys.mui
[2010.03.18 22:02:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wacompen.sys.mui
[2010.03.18 22:02:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vhdmp.sys.mui
[2010.03.18 22:02:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vdrvroot.sys.mui
[2010.03.18 22:02:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tpm.sys.mui
[2010.03.18 22:02:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\isapnp.sys.mui
[2010.03.18 22:02:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\hdaudbus.sys.mui
[2010.03.18 22:02:19 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\parport.sys.mui
[2010.03.18 22:02:19 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ataport.sys.mui
[2010.03.18 22:02:19 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\umbus.sys.mui
[2010.03.18 22:02:19 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mssmbios.sys.mui
[2010.03.18 22:02:19 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mouhid.sys.mui
[2010.03.18 22:02:19 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vwifibus.sys.mui
[2010.03.18 22:02:19 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ULIAGPKX.SYS.mui
[2010.03.18 22:02:19 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\UAGP35.SYS.mui
[2010.03.18 22:02:19 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\NV_AGP.SYS.mui
[2010.03.18 22:02:19 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\MTConfig.sys.mui
[2010.03.18 22:02:19 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\kbdhid.sys.mui
[2010.03.18 22:02:19 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\GAGP30KX.SYS.mui
[2010.03.18 22:02:19 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\AGP440.sys.mui
[2010.03.18 22:02:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wd.sys.mui
[2010.03.18 22:02:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\disk.sys.mui
[2010.03.18 22:02:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\cdrom.sys.mui
[2010.03.18 22:02:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdide.sys.mui
[2010.03.18 22:02:18 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tcpip.sys.mui
[2010.03.18 22:02:18 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mpio.sys.mui
[2010.03.18 22:02:18 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthport.sys.mui
[2010.03.18 22:02:18 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\msdsm.sys.mui
[2010.03.18 22:02:18 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pcmcia.sys.mui
[2010.03.18 22:02:18 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthpan.sys.mui
[2010.03.18 22:02:18 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui
[2010.03.18 22:02:18 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\portcls.sys.mui
[2010.03.18 22:02:18 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\HdAudio.sys.mui
[2010.03.18 22:02:18 | 000,003,584 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\de-DE\atikmdag.sys.mui
[2010.03.18 22:02:18 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\serscan.sys.mui
[2010.03.18 22:02:18 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rndismpx.sys.mui
[2010.03.18 22:02:18 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rndismp6.sys.mui
[2010.03.18 22:02:18 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\hidbth.sys.mui
[2010.03.18 22:02:18 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pnpmem.sys.mui
[2010.03.18 22:02:18 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\Dot4usb.sys.mui
[2010.03.18 22:02:18 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\BTHUSB.SYS.mui
[2010.03.18 22:02:18 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui
[2010.03.18 22:02:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ws2ifsl.sys.mui
[2010.03.18 22:02:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthenum.sys.mui
[2010.03.18 22:02:15 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bfe.dll.mui
[2010.03.18 22:02:15 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pacer.sys.mui
[2010.03.18 22:02:14 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\modem.sys.mui
[2010.03.18 22:02:12 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\afd.sys.mui
[2010.03.18 22:02:12 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ipnat.sys.mui
[2010.03.18 22:02:12 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\volmgrx.sys.mui
[2010.03.18 22:02:11 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ntfs.sys.mui
[2010.03.18 22:02:11 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tunnel.sys.mui
[2010.03.18 22:02:11 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\luafv.sys.mui
[2010.03.18 22:02:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\ndiscap.sys.mui
[2010.03.18 22:02:11 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rdbss.sys.mui
[2010.03.18 22:02:11 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\srv.sys.mui
[2010.03.18 22:02:11 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\scfilter.sys.mui
[2010.03.18 22:02:10 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndisuio.sys.mui
[2010.03.18 22:02:10 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\partmgr.sys.mui
[2010.03.18 22:02:10 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mountmgr.sys.mui
[2010.03.18 22:02:09 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\tcpip.sys.mui
[2010.03.18 22:02:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndiscap.sys.mui
[2010.03.18 22:02:09 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\RNDISMP.sys.mui
[2010.03.18 22:02:09 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\scfilter.sys.mui
[2010.03.18 22:02:08 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndis.sys.mui
[2010.03.18 22:02:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\fltmgr.sys.mui
[2010.03.18 22:02:08 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wdf01000.sys.mui
[2010.03.18 22:02:07 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\http.sys.mui
[2010.03.18 22:02:07 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\bfe.dll.mui
[2010.03.18 22:02:07 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\pacer.sys.mui
[2010.03.18 22:02:07 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\scsiport.sys.mui
[2010.03.18 21:31:30 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\Mozilla
[2010.03.18 21:31:30 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\Mozilla
[2010.03.18 21:31:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010.03.18 21:28:48 | 000,000,000 | ---D | C] -- C:\Users\Standard\Tracing
[2010.03.18 20:25:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Friends Games
[2010.03.18 20:16:45 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\skypePM
[2010.03.18 20:15:58 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\Skype
[2010.03.18 20:14:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010.03.18 20:14:22 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010.03.18 20:14:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.03.18 20:01:52 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\Microsoft Games
[2010.03.18 19:55:01 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\Adobe
[2010.03.18 19:44:31 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\Google
[2010.03.18 19:44:30 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\Google
[2010.03.18 14:16:45 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Screensaver
[2010.03.18 14:16:45 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\Macromedia
[2010.03.18 14:15:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2010.03.18 14:14:54 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\Microsoft Help
[2010.03.18 14:11:52 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2010.03.18 14:09:05 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2010.03.18 14:09:05 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2010.03.18 14:08:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2010.03.18 14:08:07 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010.03.18 14:08:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2010.03.18 14:07:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2010.03.18 14:07:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2010.03.18 14:05:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2010.03.18 14:04:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2010.03.18 14:02:19 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\Broadcom
[2010.03.18 14:02:19 | 000,000,000 | ---D | C] -- C:\Users\Standard\Documents\Bluetooth-Exchange-Ordner
[2010.03.18 14:02:02 | 000,035,104 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwl2cap.sys
[2010.03.18 14:02:01 | 000,132,648 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwavdt.sys
[2010.03.18 14:02:01 | 000,098,344 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwaudio.sys
[2010.03.18 14:02:01 | 000,021,160 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwrchid.sys
[2010.03.18 14:01:52 | 000,000,000 | ---D | C] -- C:\Programme\WIDCOMM
[2010.03.18 13:59:11 | 000,024,576 | ---- | C] (Conexant Systems Inc.) -- C:\Windows\SysNative\cxtvrate.dll
[2010.03.18 13:59:11 | 000,018,944 | ---- | C] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Windows\SysNative\cpnotify.ax
[2010.03.18 13:57:25 | 000,060,416 | ---- | C] (ITE Tech. Inc. ) -- C:\Windows\SysNative\drivers\itecir.sys
[2010.03.18 13:57:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ITE
[2010.03.18 13:57:15 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\InstallShield
[2010.03.18 13:56:01 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\TouchGadget
[2010.03.18 13:55:55 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\ATI
[2010.03.18 13:55:55 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\ATI
[2010.03.18 13:55:55 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010.03.18 13:55:52 | 000,000,000 | ---D | C] -- C:\ProgramData\McQcModifier-5c47-a7b0
[2010.03.18 13:55:52 | 000,000,000 | ---D | C] -- C:\book
[2010.03.18 13:55:51 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\EgisTec
[2010.03.18 13:55:38 | 000,000,000 | R--D | C] -- C:\Users\Standard\Searches
[2010.03.18 13:55:31 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\Identities
[2010.03.18 13:55:29 | 000,000,000 | R--D | C] -- C:\Users\Standard\Contacts
[2010.03.18 13:55:28 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\VirtualStore
[2010.03.18 13:52:54 | 000,000,000 | ---D | C] -- C:\Programme\Acer Accessory Store
[2010.03.18 13:52:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OEM
[2010.03.18 13:52:22 | 000,000,000 | --SD | C] -- C:\Users\Standard\AppData\Roaming\Microsoft
[2010.03.18 13:52:22 | 000,000,000 | R--D | C] -- C:\Users\Standard\Videos
[2010.03.18 13:52:22 | 000,000,000 | R--D | C] -- C:\Users\Standard\Saved Games
[2010.03.18 13:52:22 | 000,000,000 | R--D | C] -- C:\Users\Standard\Pictures
[2010.03.18 13:52:22 | 000,000,000 | R--D | C] -- C:\Users\Standard\Music
[2010.03.18 13:52:22 | 000,000,000 | R--D | C] -- C:\Users\Standard\Links
[2010.03.18 13:52:22 | 000,000,000 | R--D | C] -- C:\Users\Standard\Favorites
[2010.03.18 13:52:22 | 000,000,000 | R--D | C] -- C:\Users\Standard\Downloads
[2010.03.18 13:52:22 | 000,000,000 | R--D | C] -- C:\Users\Standard\Documents
[2010.03.18 13:52:22 | 000,000,000 | R--D | C] -- C:\Users\Standard\Desktop
[2010.03.18 13:52:22 | 000,000,000 | -HSD | C] -- C:\Users\Standard\Vorlagen
[2010.03.18 13:52:22 | 000,000,000 | -HSD | C] -- C:\Users\Standard\AppData\Local\Verlauf
[2010.03.18 13:52:22 | 000,000,000 | -HSD | C] -- C:\Users\Standard\AppData\Local\Temporary Internet Files
[2010.03.18 13:52:22 | 000,000,000 | -HSD | C] -- C:\Users\Standard\Startmenü
[2010.03.18 13:52:22 | 000,000,000 | -HSD | C] -- C:\Users\Standard\SendTo
[2010.03.18 13:52:22 | 000,000,000 | -HSD | C] -- C:\Users\Standard\Recent
[2010.03.18 13:52:22 | 000,000,000 | -HSD | C] -- C:\Users\Standard\Netzwerkumgebung
[2010.03.18 13:52:22 | 000,000,000 | -HSD | C] -- C:\Users\Standard\Lokale Einstellungen
[2010.03.18 13:52:22 | 000,000,000 | -HSD | C] -- C:\Users\Standard\Documents\Eigene Videos
[2010.03.18 13:52:22 | 000,000,000 | -HSD | C] -- C:\Users\Standard\Documents\Eigene Musik
[2010.03.18 13:52:22 | 000,000,000 | -HSD | C] -- C:\Users\Standard\Eigene Dateien
[2010.03.18 13:52:22 | 000,000,000 | -HSD | C] -- C:\Users\Standard\Documents\Eigene Bilder
[2010.03.18 13:52:22 | 000,000,000 | -HSD | C] -- C:\Users\Standard\Druckumgebung
[2010.03.18 13:52:22 | 000,000,000 | -HSD | C] -- C:\Users\Standard\Cookies
[2010.03.18 13:52:22 | 000,000,000 | -HSD | C] -- C:\Users\Standard\AppData\Local\Anwendungsdaten
[2010.03.18 13:52:22 | 000,000,000 | -HSD | C] -- C:\Users\Standard\Anwendungsdaten
[2010.03.18 13:52:22 | 000,000,000 | -H-D | C] -- C:\Users\Standard\AppData
[2010.03.18 13:52:22 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\Temp
[2010.03.18 13:52:22 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\Microsoft
[2010.03.18 13:52:22 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\Media Center Programs
[2010.03.18 13:52:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.03.18 13:52:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.03.18 13:52:14 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.03.18 13:52:14 | 000,000,000 | -HSD | C] -- C:\Programme
[2010.03.18 13:52:14 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.03.18 13:52:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.03.18 13:52:14 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.03.18 13:52:14 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.03.18 13:52:14 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.03.18 13:52:14 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2010.03.18 13:52:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.03.18 13:52:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2010.03.18 13:31:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2010.03.18 13:31:19 | 000,000,000 | ---D | C] -- C:\Programme\Realtek
[2010.03.18 13:31:15 | 001,603,104 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2010.03.18 13:31:15 | 001,355,808 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2010.03.18 13:31:15 | 001,167,904 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2010.03.18 13:31:15 | 000,611,360 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2010.03.18 13:31:15 | 000,513,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2010.03.18 13:31:15 | 000,417,824 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2010.03.18 13:31:15 | 000,332,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2010.03.18 13:31:15 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2010.03.18 13:31:15 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2010.03.18 13:31:15 | 000,211,376 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2010.03.18 13:31:15 | 000,193,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2010.03.18 13:31:15 | 000,150,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2010.03.18 13:31:15 | 000,149,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2010.03.18 13:31:15 | 000,063,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2010.03.18 13:31:14 | 000,831,488 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2010.03.18 13:31:14 | 000,311,296 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2010.03.18 13:31:14 | 000,294,400 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2010.03.18 13:31:14 | 000,166,400 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2010.03.18 13:31:14 | 000,108,032 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2010.03.18 13:31:14 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2010.03.18 13:31:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010.03.18 13:29:40 | 000,000,000 | ---D | C] -- C:\Programme\ATI
[2010.03.18 13:29:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2010.03.18 13:29:27 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.03.18 13:26:56 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2009.09.16 04:59:59 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe

RR_Diablo · 10.04.2010, 22:22

========== Files - Modified Within 30 Days ==========

[2010.04.10 23:15:27 | 005,505,024 | -HS- | M] () -- C:\Users\Standard\ntuser.dat
[2010.04.10 23:12:57 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Users\Standard\Desktop\OTL.exe
[2010.04.10 23:10:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.04.10 21:10:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.04.10 20:47:42 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.04.10 20:47:42 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.04.10 20:45:09 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.04.10 20:45:09 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.04.10 20:45:09 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.04.10 20:45:09 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.04.10 20:45:09 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.04.10 20:40:28 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.04.10 20:40:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.04.10 20:40:18 | 3219,197,952 | -HS- | M] () -- C:\hiberfil.sys
[2010.04.10 20:39:36 | 003,933,260 | -H-- | M] () -- C:\Users\Standard\AppData\Local\IconCache.db
[2010.04.10 20:33:06 | 000,001,017 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.04.10 18:52:14 | 000,001,154 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010.04.10 18:35:56 | 000,001,254 | ---- | M] () -- C:\Users\Public\Desktop\SpyHunter.lnk
[2010.04.10 17:51:43 | 000,000,269 | ---- | M] () -- C:\Windows\wininit.ini
[2010.04.10 17:34:24 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2010.04.10 17:30:06 | 000,142,592 | ---- | M] () -- C:\Windows\SysWow64\drivers\sp_rsdrv2.sys
[2010.04.10 16:47:51 | 000,001,266 | ---- | M] () -- C:\Users\Standard\Desktop\Spybot - Search & Destroy.lnk
[2010.04.09 21:20:23 | 000,181,248 | ---- | M] () -- C:\Windows\Ofomia.exe
[2010.04.08 15:21:25 | 000,000,772 | ---- | M] () -- C:\Users\Standard\Desktop\Sacred.lnk
[2010.04.05 23:04:20 | 000,001,048 | ---- | M] () -- C:\Users\Standard\Desktop\Runes of Magic.lnk
[2010.04.05 22:54:48 | 000,023,552 | ---- | M] () -- C:\Users\Standard\Documents\Offdöerfer - HH.xls
[2010.04.05 14:41:31 | 000,000,990 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.04.05 01:22:27 | 000,524,288 | -HS- | M] () -- C:\Users\Standard\ntuser.dat{85cd0502-401c-11df-9f84-000df07101d4}.TMContainer00000000000000000002.regtrans-ms
[2010.04.05 01:22:27 | 000,524,288 | -HS- | M] () -- C:\Users\Standard\ntuser.dat{85cd0502-401c-11df-9f84-000df07101d4}.TMContainer00000000000000000001.regtrans-ms
[2010.04.05 01:22:27 | 000,065,536 | -HS- | M] () -- C:\Users\Standard\ntuser.dat{85cd0502-401c-11df-9f84-000df07101d4}.TM.blf
[2010.04.02 13:32:03 | 000,000,755 | ---- | M] () -- C:\Users\Public\Desktop\Far Cry.lnk
[2010.04.01 22:51:42 | 000,007,611 | ---- | M] () -- C:\Users\Standard\AppData\Local\Resmon.ResmonCfg
[2010.03.29 15:24:58 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.03.29 15:24:46 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.03.24 22:24:04 | 000,000,355 | ---- | M] () -- C:\Users\Standard\Desktop\COMPUTER.lnk
[2010.03.23 14:55:28 | 000,000,744 | ---- | M] () -- C:\Users\Public\Desktop\Conflict Vietnam starten.lnk
[2010.03.21 18:21:00 | 000,001,247 | ---- | M] () -- C:\Users\Standard\Desktop\DVDVideoSoft Free Studio.lnk
[2010.03.20 10:43:17 | 000,342,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.03.20 00:41:44 | 000,000,510 | ---- | M] () -- C:\Windows\win.ini
[2010.03.19 23:21:36 | 000,314,373 | ---- | M] () -- C:\Users\Standard\Documents\Lyneath.jpg
[2010.03.18 22:02:41 | 000,295,922 | ---- | M] () -- C:\Windows\SysNative\perfi007.dat
[2010.03.18 22:02:41 | 000,038,104 | ---- | M] () -- C:\Windows\SysNative\perfd007.dat
[2010.03.18 22:02:32 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbrpm.sys.mui
[2010.03.18 22:02:27 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\fvevol.sys.mui
[2010.03.18 22:02:25 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UMDF\de-DE\WpdMtpDr.dll.mui
[2010.03.18 22:02:22 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\qwavedrv.sys.mui
[2010.03.18 22:02:21 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\nwifi.sys.mui
[2010.03.18 22:02:21 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\qwavedrv.sys.mui
[2010.03.18 22:02:19 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\volsnap.sys.mui
[2010.03.18 22:02:19 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbport.sys.mui
[2010.03.18 22:02:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\processr.sys.mui
[2010.03.18 22:02:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\intelppm.sys.mui
[2010.03.18 22:02:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdppm.sys.mui
[2010.03.18 22:02:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdk8.sys.mui
[2010.03.18 22:02:19 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbhub.sys.mui
[2010.03.18 22:02:19 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\serial.sys.mui
[2010.03.18 22:02:19 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ohci1394.sys.mui
[2010.03.18 22:02:19 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\1394ohci.sys.mui
[2010.03.18 22:02:19 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui
[2010.03.18 22:02:19 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui
[2010.03.18 22:02:19 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\i8042prt.sys.mui
[2010.03.18 22:02:19 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\acpi.sys.mui
[2010.03.18 22:02:19 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\battc.sys.mui
[2010.03.18 22:02:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pci.sys.mui
[2010.03.18 22:02:19 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\IPMIDrv.sys.mui
[2010.03.18 22:02:19 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\sermouse.sys.mui
[2010.03.18 22:02:19 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\kbdclass.sys.mui
[2010.03.18 22:02:19 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mouclass.sys.mui
[2010.03.18 22:02:19 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wacompen.sys.mui
[2010.03.18 22:02:19 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vhdmp.sys.mui
[2010.03.18 22:02:19 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vdrvroot.sys.mui
[2010.03.18 22:02:19 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tpm.sys.mui
[2010.03.18 22:02:19 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\isapnp.sys.mui
[2010.03.18 22:02:19 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\hdaudbus.sys.mui
[2010.03.18 22:02:19 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\parport.sys.mui
[2010.03.18 22:02:19 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ataport.sys.mui
[2010.03.18 22:02:19 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\umbus.sys.mui
[2010.03.18 22:02:19 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mssmbios.sys.mui
[2010.03.18 22:02:19 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mouhid.sys.mui
[2010.03.18 22:02:19 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vwifibus.sys.mui
[2010.03.18 22:02:19 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ULIAGPKX.SYS.mui
[2010.03.18 22:02:19 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\UAGP35.SYS.mui
[2010.03.18 22:02:19 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\NV_AGP.SYS.mui
[2010.03.18 22:02:19 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\MTConfig.sys.mui
[2010.03.18 22:02:19 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\kbdhid.sys.mui
[2010.03.18 22:02:19 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\GAGP30KX.SYS.mui
[2010.03.18 22:02:19 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\AGP440.sys.mui
[2010.03.18 22:02:19 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wd.sys.mui
[2010.03.18 22:02:19 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\disk.sys.mui
[2010.03.18 22:02:19 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\cdrom.sys.mui
[2010.03.18 22:02:19 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdide.sys.mui
[2010.03.18 22:02:18 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tcpip.sys.mui
[2010.03.18 22:02:18 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mpio.sys.mui
[2010.03.18 22:02:18 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthport.sys.mui
[2010.03.18 22:02:18 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UMDF\de-DE\WUDFUsbccidDriver.dll.mui
[2010.03.18 22:02:18 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\msdsm.sys.mui
[2010.03.18 22:02:18 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pcmcia.sys.mui
[2010.03.18 22:02:18 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthpan.sys.mui
[2010.03.18 22:02:18 | 000,004,096 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui
[2010.03.18 22:02:18 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\portcls.sys.mui
[2010.03.18 22:02:18 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\HdAudio.sys.mui
[2010.03.18 22:02:18 | 000,003,584 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\de-DE\atikmdag.sys.mui
[2010.03.18 22:02:18 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\serscan.sys.mui
[2010.03.18 22:02:18 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rndismpx.sys.mui
[2010.03.18 22:02:18 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rndismp6.sys.mui
[2010.03.18 22:02:18 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\hidbth.sys.mui
[2010.03.18 22:02:18 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pnpmem.sys.mui
[2010.03.18 22:02:18 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\Dot4usb.sys.mui
[2010.03.18 22:02:18 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\BTHUSB.SYS.mui
[2010.03.18 22:02:18 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui
[2010.03.18 22:02:18 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ws2ifsl.sys.mui
[2010.03.18 22:02:18 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthenum.sys.mui
[2010.03.18 22:02:15 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bfe.dll.mui
[2010.03.18 22:02:15 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pacer.sys.mui
[2010.03.18 22:02:14 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\modem.sys.mui
[2010.03.18 22:02:12 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\afd.sys.mui
[2010.03.18 22:02:12 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ipnat.sys.mui
[2010.03.18 22:02:12 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\volmgrx.sys.mui
[2010.03.18 22:02:11 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ntfs.sys.mui
[2010.03.18 22:02:11 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tunnel.sys.mui
[2010.03.18 22:02:11 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\luafv.sys.mui
[2010.03.18 22:02:11 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\ndiscap.sys.mui
[2010.03.18 22:02:11 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rdbss.sys.mui
[2010.03.18 22:02:11 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\srv.sys.mui
[2010.03.18 22:02:11 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\scfilter.sys.mui
[2010.03.18 22:02:10 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndisuio.sys.mui
[2010.03.18 22:02:10 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\partmgr.sys.mui
[2010.03.18 22:02:10 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mountmgr.sys.mui
[2010.03.18 22:02:09 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\tcpip.sys.mui
[2010.03.18 22:02:09 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndiscap.sys.mui
[2010.03.18 22:02:09 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\RNDISMP.sys.mui
[2010.03.18 22:02:09 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\scfilter.sys.mui
[2010.03.18 22:02:08 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndis.sys.mui
[2010.03.18 22:02:08 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\fltmgr.sys.mui
[2010.03.18 22:02:08 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wdf01000.sys.mui
[2010.03.18 22:02:07 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\http.sys.mui
[2010.03.18 22:02:07 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\bfe.dll.mui
[2010.03.18 22:02:07 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\pacer.sys.mui
[2010.03.18 22:02:07 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\scsiport.sys.mui
[2010.03.18 21:31:33 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010.03.18 21:31:16 | 000,001,947 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.03.18 20:16:46 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010.03.18 20:14:23 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.03.18 14:29:56 | 000,079,152 | ---- | M] () -- C:\Users\Standard\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.03.18 14:29:45 | 000,001,125 | ---- | M] () -- C:\Users\Standard\Desktop\CyberLink YouCam.lnk
[2010.03.18 14:28:24 | 000,524,288 | -HS- | M] () -- C:\Users\Standard\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.03.18 14:28:24 | 000,524,288 | -HS- | M] () -- C:\Users\Standard\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.03.18 14:28:24 | 000,065,536 | -HS- | M] () -- C:\Users\Standard\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.03.18 14:12:55 | 000,002,145 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink PowerCinema.lnk
[2010.03.18 14:08:52 | 000,000,020 | ---- | M] () -- C:\Windows\äø7
[2010.03.18 14:02:07 | 000,000,834 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2010.03.18 13:52:22 | 000,000,020 | -HS- | M] () -- C:\Users\Standard\ntuser.ini
[2010.03.18 13:51:59 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010.03.18 13:51:59 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010.03.18 13:33:16 | 000,000,006 | ---- | M] () -- C:\Windows\SysNative\PLD_Framework.cmd
[2010.03.18 13:27:31 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin

========== Files Created - No Company Name ==========

[2010.04.10 20:33:06 | 000,001,017 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.04.10 19:35:32 | 000,015,880 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe
[2010.04.10 18:52:14 | 000,001,154 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010.04.10 18:35:56 | 000,001,254 | ---- | C] () -- C:\Users\Public\Desktop\SpyHunter.lnk
[2010.04.10 17:34:24 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2010.04.10 17:30:06 | 000,142,592 | ---- | C] () -- C:\Windows\SysWow64\drivers\sp_rsdrv2.sys
[2010.04.10 17:05:22 | 000,000,269 | ---- | C] () -- C:\Windows\wininit.ini
[2010.04.10 16:47:51 | 000,001,266 | ---- | C] () -- C:\Users\Standard\Desktop\Spybot - Search & Destroy.lnk
[2010.04.09 21:20:27 | 000,181,248 | ---- | C] () -- C:\Windows\Ofomia.exe
[2010.04.08 15:21:25 | 000,000,772 | ---- | C] () -- C:\Users\Standard\Desktop\Sacred.lnk
[2010.04.05 22:50:42 | 000,001,048 | ---- | C] () -- C:\Users\Standard\Desktop\Runes of Magic.lnk
[2010.04.05 22:44:56 | 000,023,552 | ---- | C] () -- C:\Users\Standard\Documents\Offdöerfer - HH.xls
[2010.04.05 14:41:31 | 000,000,990 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.04.04 21:02:13 | 000,524,288 | -HS- | C] () -- C:\Users\Standard\ntuser.dat{85cd0502-401c-11df-9f84-000df07101d4}.TMContainer00000000000000000002.regtrans-ms
[2010.04.04 21:02:13 | 000,524,288 | -HS- | C] () -- C:\Users\Standard\ntuser.dat{85cd0502-401c-11df-9f84-000df07101d4}.TMContainer00000000000000000001.regtrans-ms
[2010.04.04 21:02:13 | 000,065,536 | -HS- | C] () -- C:\Users\Standard\ntuser.dat{85cd0502-401c-11df-9f84-000df07101d4}.TM.blf
[2010.04.02 13:32:03 | 000,000,755 | ---- | C] () -- C:\Users\Public\Desktop\Far Cry.lnk
[2010.03.24 22:24:04 | 000,000,355 | ---- | C] () -- C:\Users\Standard\Desktop\COMPUTER.lnk
[2010.03.23 14:55:28 | 000,000,744 | ---- | C] () -- C:\Users\Public\Desktop\Conflict Vietnam starten.lnk
[2010.03.21 18:21:00 | 000,001,247 | ---- | C] () -- C:\Users\Standard\Desktop\DVDVideoSoft Free Studio.lnk
[2010.03.19 23:20:45 | 000,314,373 | ---- | C] () -- C:\Users\Standard\Documents\Lyneath.jpg
[2010.03.18 22:03:05 | 000,643,628 | ---- | C] () -- C:\Windows\SysNative\perfh007.dat
[2010.03.18 22:03:05 | 000,295,922 | ---- | C] () -- C:\Windows\SysNative\perfi007.dat
[2010.03.18 22:03:05 | 000,126,188 | ---- | C] () -- C:\Windows\SysNative\perfc007.dat
[2010.03.18 22:03:05 | 000,038,104 | ---- | C] () -- C:\Windows\SysNative\perfd007.dat
[2010.03.18 21:31:33 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.03.18 21:31:16 | 000,001,947 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.03.18 21:28:35 | 000,001,108 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.03.18 21:28:34 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.03.18 20:16:46 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.03.18 20:14:23 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.03.18 20:05:57 | 000,007,611 | ---- | C] () -- C:\Users\Standard\AppData\Local\Resmon.ResmonCfg
[2010.03.18 14:13:02 | 000,000,114 | ---- | C] () -- C:\ProgramData\{70CC0095-AA68-45BE-AE98-D8170182E9EB}.log
[2010.03.18 14:12:55 | 000,002,145 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink PowerCinema.lnk
[2010.03.18 14:11:59 | 000,000,108 | ---- | C] () -- C:\ProgramData\{2637C347-9DAD-11D6-9EA2-00055D0CA761}.log
[2010.03.18 14:08:52 | 000,000,020 | ---- | C] () -- C:\Windows\äø7
[2010.03.18 14:06:42 | 000,001,125 | ---- | C] () -- C:\Users\Standard\Desktop\CyberLink YouCam.lnk
[2010.03.18 14:01:57 | 000,000,834 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2010.03.18 13:59:11 | 000,016,382 | ---- | C] () -- C:\Windows\SysNative\drivers\MerlinD.rom
[2010.03.18 13:52:22 | 005,505,024 | -HS- | C] () -- C:\Users\Standard\ntuser.dat
[2010.03.18 13:52:22 | 000,524,288 | -HS- | C] () -- C:\Users\Standard\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.03.18 13:52:22 | 000,524,288 | -HS- | C] () -- C:\Users\Standard\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.03.18 13:52:22 | 000,262,144 | -HS- | C] () -- C:\Users\Standard\ntuser.dat.LOG1
[2010.03.18 13:52:22 | 000,065,536 | -HS- | C] () -- C:\Users\Standard\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.03.18 13:52:22 | 000,000,020 | -HS- | C] () -- C:\Users\Standard\ntuser.ini
[2010.03.18 13:52:22 | 000,000,000 | -HS- | C] () -- C:\Users\Standard\ntuser.dat.LOG2
[2010.03.18 13:31:16 | 000,189,796 | ---- | C] () -- C:\Windows\SysNative\drivers\RTConvEQ.dat
[2010.03.18 13:31:16 | 000,001,112 | ---- | C] () -- C:\Windows\SysNative\drivers\RtHdatEx.dat
[2010.03.18 13:27:31 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.03.18 13:26:55 | 3219,197,952 | -HS- | C] () -- C:\hiberfil.sys
[2009.09.16 04:59:39 | 000,192,484 | ---- | C] () -- C:\Program Files (x86)\Common Files\Acer GameZone online.ico
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp

FC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:A8ADE5D8
< End of report >

Chris4You · 10.04.2010, 22:32

Hi,

das sieht nicht schlecht aus, über das hier lässt sich streiten:

Zitat:

O4 - HKLM..\Run: [SpyHunter Security Suite] C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter3.exe (Enigma Software Group USA, LLC.)

Abschließend Cureit:
http://www.trojaner-board.de/59299-a...eb-cureit.html
Nach Beendigung des Scans findes Du das Log unter %USERPROFILE%\DoctorWeb\CureIt.log.
Bevor du irgendwelche Aktionen unternimmst, kopiere bitte den Inhalt des Logs und poste ihn.
Die Log Datei ist sehr groß, ca. über 5MB Text. Benutzt einfach die Suche nach "infiziert" und kopiert betreffende Teile heraus, bevor Du sie postet.

chris

RR_Diablo · 10.04.2010, 22:40

diese Spyhunter3.exe datei ist ein Spyware prgramm was ich gesucht habe um mein Problem zu lösen... (habe das programm nun deinstalliert )

theoretisch müsste dann ja alles wech sein... ?!

Chris4You · 10.04.2010, 23:13

Hi,

die Sicherheit kann Dir leider keiner geben...
Wenn sich der Rechner wieder normal verhält, im Moment sehe ich nichts mehr...

chris

RR_Diablo · 11.04.2010, 13:14

joa tut sich eigentlich auch nichtmehr besonderes... (auffallend schlimmes)

denke mal das Problem ist gelöst

Danke für die schnelle hilfe macht weiter so !!!

LG

laevalalala · 14.04.2010, 12:21

Hallo!

Ich habe genau das gleiche Problem. Habe inzwischen schon das OTL Programm runtergeladen und (hoffentlich) alle Hinweise beachtet.
Wäre nett wenn sich hier mal jemand meldet, dann kann ich die 2 Logfiles posten.

Vielen Dank
lg eva

Chris4You · 14.04.2010, 13:04

Hi,

lass erst MAM laufen und dann mache nochmal ein OTL-Log...
Eigentlich muß ein neuer Thread aufgemacht werden, aber wenn wir es schnell "abhandeln" können lassen wir es mal so...

Malwarebytes Antimalware (MAM)
Anleitung&Download hier: http://www.trojaner-board.de/51187-m...i-malware.html
Falls der Download nicht klappt, bitte hierüber eine generische Version runterladen:
http://filepony.de/download-chameleon/
Danach bitte update der Signaturdateien (Reiter "Update" -> Suche nach Aktualisierungen")
Fullscan und alles bereinigen lassen! Log posten.

chris

laevalalala · 14.04.2010, 16:33

okay danke!

angeblich 16 infizierte Objekte gefunden,
ich hoffe das stimmt so!?:

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Datenbank Version: 3986

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

14.04.2010 17:32:32
mbam-log-2010-04-14 (17-32-32).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 284088
Laufzeit: 3 Stunde(n), 16 Minute(n), 38 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 4
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 3
Infizierte Verzeichnisse: 0
Infizierte Dateien: 7

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\Software\YVIBBBHA8C (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\WEK9EMDHI9 (Trojan.Agent) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yvibbbha8c (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\canaveral (Trojan.Downloader) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Spyware.Zbot) -> Data: c:\windows\system32\sdra64.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Spyware.Zbot) -> Data: system32\sdra64.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.Userinit) -> Bad: (C:\Windows\system32\userinit.exe,C:\Windows\system32\sdra64.exe,) Good: (Userinit.exe) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Users\Eva-Maria\AppData\Local\Temp\Dfz.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Eva-Maria\AppData\Roaming\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> Quarantined and deleted successfully.
C:\Users\Eva-Maria\Downloads\Down.by.the.riverside.piano.sheet.music.pdf.52007.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Eva-Maria\AppData\Local\Temp\Df1.exe (Trojan.FakeAlert) -> Delete on reboot.
C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\System32\sdra64.exe (Spyware.Zbot) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

Chris4You · 14.04.2010, 16:43

Hi,

ja bitte noch ein OTL-Log:

OTL
Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
* Doppelklick auf die OTL.exe
* Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
* Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
* Unter Extra Registry, wähle bitte Use SafeList
* Klicke nun auf Run Scan links oben
* Wenn der Scan beendet wurde werden 2 Logfiles erstellt
* Poste die Logfiles hier in den Thread.

chris

laevalalala · 14.04.2010, 17:27

OTL Extras logfile created on: 14.04.2010 18:19:49 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\Eva-Maria\Documents\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 40,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,99 Gb Total Space | 306,04 Gb Free Space | 67,11% Space Free | Partition Type: NTFS
Drive D: | 126,68 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: EVA-MARIAS-PC
Current User Name: Eva-Maria
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Eva-Maria\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00AE7C7B-DEE9-4307-AAAE-5C5B79B1D543}" = lport=10243 | protocol=6 | dir=in | app=system |
"{28457959-C5B1-4050-806C-F45BCBD67AAF}" = lport=137 | protocol=17 | dir=in | app=system |
"{319BFAA0-A829-4493-93F4-A8DC28B4527D}" = rport=139 | protocol=6 | dir=out | app=system |
"{3B3CD04E-CFC1-412E-AFD1-4D965130282D}" = rport=445 | protocol=6 | dir=out | app=system |
"{3F1A0BED-8B18-4A45-AE50-40CBD862C194}" = rport=137 | protocol=17 | dir=out | app=system |
"{57D393EC-0B2D-49A3-A893-7C6CC26B2EF7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{59EFFD2D-47F1-403F-8324-1E950DA9446D}" = lport=138 | protocol=17 | dir=in | app=system |
"{5EF1CAA7-80A3-4F4F-B865-34C8003C3876}" = rport=10243 | protocol=6 | dir=out | app=system |
"{662B99A0-E963-4A58-98AD-D0927002C35C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{791FB021-ACCB-4E0F-A6BE-23177766673F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7CFF0581-CBE9-451D-9420-C7B44B83A227}" = rport=138 | protocol=17 | dir=out | app=system |
"{7F8C7921-F192-48A4-9BD6-3675E384B18E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8294CCAD-5D5F-4E72-9F07-B7CF6FDFBE24}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{855BED46-727A-4467-8E19-A636917608EF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8CFE33EA-4391-454E-A35F-EA43DCB93F9D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{948598FA-A43C-4A23-A242-F0CCE936BEF9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B8A75402-A86A-4FE8-9160-3FD7A46C5E1B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D4D0BDBE-EC1A-44DE-86A1-CE2BEA8C759A}" = lport=139 | protocol=6 | dir=in | app=system |
"{E64FF6B8-44AD-4436-A9B4-A3110C59EFFE}" = lport=445 | protocol=6 | dir=in | app=system |
"{ED32EEC9-BC99-4489-A67B-743BD2A241E4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FC05A707-C5E0-4425-B211-55FD1F72EA43}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0925BAD3-0FC1-41AE-B808-2F47FD31DAF1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0AD63CA4-E4FB-4FCB-9EE2-9E7B8D955EB7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{118B082C-A442-4D30-AC6B-9AF810566476}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{1468F000-3010-43B9-B82C-3EBD3CD011A2}" = protocol=6 | dir=in | app=c:\program files\vogel verlag\fahren lernen\vogel.fahrenlernenmax.exe |
"{1FD1EE18-9B52-4A6A-BBBF-A6822980A7A6}" = protocol=17 | dir=in | app=c:\program files\vogel verlag\fahren lernen\vogel.fahrenlernenmax.exe |
"{267830C1-404E-4858-AE6C-7E80BBE3DC60}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{284AE749-504A-4C3C-9F79-936BEBA0FA46}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{3A4C30CB-AA9A-4E3F-A0E5-80298DFDE5AD}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{42F9E1FE-FE3B-4CFC-9885-2730634C57DF}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{43081B67-3649-4F44-A436-C411F1846E5E}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe |
"{44313369-55A3-4DAD-880E-2106C1031AB1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{565654F8-F40D-4390-93C6-8058E1ACD914}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{59D7ECC3-1D25-4D86-A5C5-E7571576410B}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{5C455030-3F84-4409-80AE-95CD56A8FEEE}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{5DD2B873-0719-4DF2-8BE8-79CE5621EB19}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5DF823F4-E4C2-4753-B954-03A763E32ACD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{64AA90F1-DA1D-4A45-9561-5BE57A7502A2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{67B40295-FB21-4F49-8E53-4AFBC2424B1C}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{6A9DA5E1-F641-4499-831E-E6F5529AE943}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6E3A109D-AC1A-485F-800A-32582D09EFA8}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{71B74B44-A66F-4720-AAAF-AF4AC989D8D6}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{73F67316-3D9E-484F-84DC-726D7D9551A6}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{817715C2-9EA4-470A-A160-7C75EA2E7009}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe |
"{834DBB9F-6F5D-4316-AC31-E022E1CF4C1A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8584B0DF-8197-4B60-B89A-F4333328230E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8C15EBE6-348E-4AC0-B360-B8B460C77FB1}" = protocol=6 | dir=out | app=system |
"{8D514C19-9B7F-4B3D-9039-760270250D49}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{96C11CA6-84DB-4D58-B2C8-98F463EBA933}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{98C9D060-2C3C-4A5A-8675-38FAB4A0E2BF}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{A50EBAC5-4DB5-426A-B8D7-BB1B83D78E6D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AE4AF426-0752-41FE-A533-F7886DE302D8}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{B2D9231D-A883-44D8-9D0A-F48D59102CBE}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{B629F32A-CBAC-414B-B9C7-A4E2666E5BA2}" = protocol=17 | dir=in | app=c:\program files\vogel verlag\fahren lernen\vogel.fahrenlernenmax.exe |
"{B8F8DC52-D951-45EC-B7A0-F00403310642}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BC825CA3-DCC3-4D47-AE63-282D8037A4FA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{BD4058BF-9111-4856-8D5D-6F948F6BCC76}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{BDF4E89D-B753-4BBC-B26E-148F5CFA5CAB}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{BEA626B6-140C-4DC4-AD06-572D004D03BF}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{C2498091-8D47-4620-BD12-1FF979FEA3E8}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{C85167BD-EBC9-4F31-AC3A-D9A3E6E96F71}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{C90CB239-FB9F-4305-A698-388F84D2D7CD}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{CD5448DB-53EA-4994-ACD0-4D0D1A5912C2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CEC55CBF-E0E4-4DBD-AA4C-5A746BFCF61D}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{D20E9F48-4A8F-4715-A228-4F154F1BD8E8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D34FC609-9D97-40B1-9195-08B57089E5F6}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{DB257940-256D-4C26-B3D9-B209FD460BB2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DDB8395A-3568-4DA3-B60D-12EA9A6CACEF}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{E1C6F362-C3B1-4981-861A-420CCE0B1221}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E4BEE2AC-374B-4A3C-BF95-94D378E8AC9E}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{E5690112-A4EB-46E2-A558-456BA097E986}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E7CB38D5-90FC-4311-8A26-E8D14366EE74}" = protocol=6 | dir=in | app=c:\program files\vogel verlag\fahren lernen\vogel.fahrenlernenmax.exe |
"{F603B287-4208-4C67-9724-B9FE79EC93EE}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{F6F63A39-A5CF-4F08-8607-C070100425CC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FECDE689-582B-4799-8EFC-0A62FB2E8763}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"TCP Query User{00E39D8E-1A09-4F07-B085-BB6F2171425B}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{AE8263FC-8E2E-460A-A464-8402200519EB}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{040A6E85-C23F-4A23-ADBB-821C60C5DF0F}_is1" = Fahren Lernen 1.1
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{056B935A-A03D-D0D8-4CE0-B4B337753156}" = CCC Help Chinese Standard
"{0C362375-1FE0-98C0-2C57-F4D772B8A759}" = Catalyst Control Center Graphics Full New
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1E5E2F9A-17D3-45CA-8FF0-B0C2927D4B03}" = MobileMe Control Panel
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216014F0}" = Java(TM) 6 Update 14
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2BD2FA21-B51D-4F01-94A7-AC16737B2163}" = Adobe Flash Player 10 ActiveX
"{2C973B8B-1BB3-358B-250C-336C81A1926E}" = CCC Help Polish
"{2F2B002A-8BF5-DF1E-6D36-7900B6F868DE}" = ATI Catalyst Install Manager
"{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook
"{360872CE-7A87-A4EE-AF69-EF73E5695D40}" = ccc-utility
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3CCB314A-B67C-82D0-1CC6-6BC4AE6D053E}" = Catalyst Control Center InstallProxy
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{45416928-B205-9812-2065-5794D5AC7338}" = CCC Help French
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{53E12B77-A8AC-1A15-7690-FAA711AA0B50}" = CCC Help Portuguese
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5A64A288-025C-F952-E4E3-12FA6596922F}" = CCC Help Chinese Traditional
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{5D3A59B1-2BBF-66AF-3B5F-FC5BAA42F817}" = CCC Help Italian
"{5F19F78E-274D-8E5C-C49E-2ED722ACF70A}" = CCC Help German
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6078A803-C98F-1F95-CEF7-0132621E6072}" = CCC Help Japanese
"{6234F3C6-F8EF-39FB-AE15-0B88E88B79F0}" = CCC Help Greek
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A0D64D0-CDF4-9C65-A053-6EC86AEB43CC}" = ccc-core-static
"{6A905715-6991-3517-5F04-4392FC18DB76}" = Catalyst Control Center Graphics Previews Vista
"{6EAA466F-6F35-F3B7-60B9-3D6DCA97EE02}" = Catalyst Control Center Localization All
"{71C2828F-2678-4675-BDEC-895424861262}_is1" = C:\Program Files\Acer GameZone\GameConsole
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{742A17A1-8AA4-4DCE-C881-557AC4EB793D}" = CCC Help Spanish
"{75212523-6E47-BF0F-20FF-B65E940A5DDD}" = CCC Help English
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{76BC2442-0002-47FA-9617-43BAD82BEF4C}" = Bonjour
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110184263}" = Puzzle Express
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11037623}" = Tradewinds 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111205743}" = Tri-Peaks Solitaire To Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111232687}" = Ocean Express
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11170417}" = Luxor 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11219217}" = Cradle of Rome
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112270203}" = Dream Day Wedding
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113056167}" = Dream Day Honeymoon
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113297350}" = Cake Mania 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113494430}" = Wedding Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}" = Airport Mania First Flight
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115443300}" = Cooking Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11551977}" = Parking Dash
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90AD0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint 2003 Template Pack 3
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{940F9DF4-A790-EAE9-A4B1-B9F96D3C8CC9}" = CCC Help Finnish
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97BA7028-6FE4-58B5-F254-48C12AA3FBBD}" = CCC Help Swedish
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{987381F2-AA18-EF9C-9DDA-4D403FD7F3E2}" = CCC Help Turkish
"{996A2FAA-7514-4628-9D12-A8FC34A0016E}" = iTunes
"{99C85B2D-DFA4-5704-9A4C-396DDB5C6F1F}" = CCC Help Thai
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9AF0B106-56F1-461B-A270-95BC1682E282}" = Broadcom Gigabit NetLink Controller
"{9E6B5AEA-C8EC-916B-FDFA-91F1274CD695}" = Skins
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}" = Safari
"{A75C2F92-28EC-FE11-3818-81578F3E9596}" = CCC Help Norwegian
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA9732EB-64DD-DBA5-DFC1-705E64D3FB18}" = CCC Help Russian
"{AAE19E03-87A5-6937-F7D7-6806C5FD1D89}" = Catalyst Control Center Graphics Light
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{B15E1629-4B8C-FC02-1118-35034C235F0D}" = CCC Help Korean
"{B5C3B892-0849-476C-9F46-B12F84819D57}" = Apple Mobile Device Support
"{BE0EC61A-02BF-E3E1-D7A8-3DDB7B58FBDF}" = PX Profile Update
"{BF91B300-EEBC-4223-96F3-0FCBF7241B50}" = AmIcoSingLun
"{C10DD83A-CB15-DD3A-FE29-89433A68F55D}" = CCC Help Dutch
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0F3E75D-6BE1-E974-2A8E-A449D3374FDB}" = Catalyst Control Center Graphics Full Existing
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E24DBA75-5452-C0A1-4FF3-CB38F8245919}" = CCC Help Czech
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E430067C-7254-40B6-A8F8-5EEF57A68F1A}" = Catalyst Control Center - Branding
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E86CA8CF-F42D-9569-B2ED-5E6A0F591EA5}" = CCC Help Hungarian
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F557AF38-AB37-84A8-0148-C53B5F870373}" = CCC Help Danish
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FF7027C7-B001-A144-C83B-03618745E975}" = Catalyst Control Center Core Implementation
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Acer Screensaver" = Acer ScreenSaver
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Audacity_is1" = Audacity 1.2.6
"Free Studio_is1" = Free Studio version 4.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"Google Desktop" = Google Desktop
"GridVista" = Acer GridVista
"Gutscheinmieze - Toolbar" = Gutscheinmieze - Toolbar
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"InstallShield_{BF91B300-EEBC-4223-96F3-0FCBF7241B50}" = AmIcoSingLun
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.2pre)" = Mozilla Firefox (3.6.2pre)
"MSC" = McAfee SecurityCenter
"NSS" = Norton Security Scan
"PhotoFiltre" = PhotoFiltre
"PhotoScape" = PhotoScape
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"Security Task Manager" = Security Task Manager 1.7h
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 04.04.2010 15:40:16 | Computer Name = Eva-Marias-PC | Source = WinMgmt | ID = 10
Description =

Error - 04.04.2010 15:43:12 | Computer Name = Eva-Marias-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung AppleSyncNotifier.exe, Version 1.5.0.0, Zeitstempel
0x4a5d2cf8, fehlerhaftes Modul CoreFoundation.dll, Version 6.0.6001.18000, Zeitstempel
0x4791a7a6, Ausnahmecode 0xc0000135, Fehleroffset 0x00009cac, Prozess-ID 0xedc,
Anwendungsstartzeit 01cad42ed61995b1.

Error - 04.04.2010 18:01:11 | Computer Name = Eva-Marias-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Df1.exe, Version 0.0.0.0, Zeitstempel 0x4b9e0314,
fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode
0xc0000005, Fehleroffset 0x0909090d, Prozess-ID 0x1d44, Anwendungsstartzeit 01cad4400cf149a1.

Error - 04.04.2010 18:26:05 | Computer Name = Eva-Marias-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Df1.exe, Version 0.0.0.0, Zeitstempel 0x4b9e0314,
fehlerhaftes Modul Multimedia.api, Version 9.0.0.332, Zeitstempel 0x4850e5c7, Ausnahmecode
0xc0000005, Fehleroffset 0x00042d1c, Prozess-ID 0x1a88, Anwendungsstartzeit 01cad44420818a31.

Error - 04.04.2010 18:29:57 | Computer Name = Eva-Marias-PC | Source = Bonjour Service | ID = 100
Description = 392: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)

Error - 04.04.2010 18:29:57 | Computer Name = Eva-Marias-PC | Source = Bonjour Service | ID = 100
Description = 400: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)

Error - 04.04.2010 18:29:57 | Computer Name = Eva-Marias-PC | Source = Bonjour Service | ID = 100
Description = 404: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)

Error - 04.04.2010 18:29:57 | Computer Name = Eva-Marias-PC | Source = Bonjour Service | ID = 100
Description = 408: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)

Error - 04.04.2010 18:29:57 | Computer Name = Eva-Marias-PC | Source = Bonjour Service | ID = 100
Description = 412: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)

Error - 05.04.2010 05:33:04 | Computer Name = Eva-Marias-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 13.04.2010 15:40:37 | Computer Name = Eva-Marias-PC | Source = HTTP | ID = 15016
Description =

Error - 13.04.2010 15:40:48 | Computer Name = Eva-Marias-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 13.04.2010 15:43:25 | Computer Name = Eva-Marias-PC | Source = BROWSER | ID = 8032
Description =

Error - 14.04.2010 06:51:06 | Computer Name = Eva-Marias-PC | Source = HTTP | ID = 15016
Description =

Error - 14.04.2010 06:51:15 | Computer Name = Eva-Marias-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.35 für die Netzwerkkarte mit der Netzwerkadresse
0017C49EBD42 wurde durch den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).

Error - 14.04.2010 06:51:17 | Computer Name = Eva-Marias-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 14.04.2010 07:12:36 | Computer Name = Eva-Marias-PC | Source = BROWSER | ID = 8032
Description =

Error - 14.04.2010 08:08:11 | Computer Name = Eva-Marias-PC | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.

Error - 14.04.2010 10:29:05 | Computer Name = Eva-Marias-PC | Source = bowser | ID = 8003
Description =

Error - 14.04.2010 11:23:12 | Computer Name = Eva-Marias-PC | Source = BROWSER | ID = 8032
Description =

< End of report >

Fehler beim Laden von C:\Wondows\system32\sshnas.dll

Plagegeister aller Art und deren Bekämpfung: Fehler beim Laden von C:\Wondows\system32\sshnas.dll