Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Flacor.dat entdeckt

Flacor.dat entdeckt


Plagegeister aller Art und deren Bekämpfung: Flacor.dat entdeckt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 30.07.2010, 19:31   #1
partyarti
 
Flacor.dat entdeckt - Standard

Flacor.dat entdeckt


hallo leute,

ich habe vor ca. 1 Woche festgestellt, dass sich der pc automatisch hunterfährt nach einem kurzen hinweis. Seit dem kam immer eine Fehlermeldung
mit der datei flacor.dat.

Nach ein wenig googeln wusste ich dann was ich mir da eingefangen hab,
daraufhin einen vollständigen scan mit Malwarebytes gemacht und die
datei flacor.dat entfernt:

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4370

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

30.07.2010 19:46:54
mbam-log-2010-07-30 (19-46-54).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Durchsuchte Objekte: 310734
Laufzeit: 1 Stunde(n), 28 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 3

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\getdo (Trojan.Agent) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Users\Arthur\AppData\Roaming\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> Quarantined and deleted successfully.
C:\Users\Arthur\AppData\Roaming\Adobe\Update\flacor.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Arthur\AppData\Local\Temp\services.exe (Password.Stealer) -> Quarantined and deleted successfully.
danach wie hier im Forum beschrieben OTL durchlaufen lassen:

file1
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 30.07.2010 20:25:23 - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Users\Arthur\Desktop\Security & PC Progs
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 80,67 Gb Free Space | 56,01% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 229,14 Gb Free Space | 76,87% Space Free | Partition Type: NTFS
Drive E: | 140,50 Gb Total Space | 57,28 Gb Free Space | 40,77% Space Free | Partition Type: NTFS
Drive F: | 445,64 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ARTHUR-NOTEBOOK
Current User Name: Arthur
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Programme\Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\Arthur\Desktop\Security & PC Progs\OTL.exe (OldTimer Tools)
PRC - C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
PRC - C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe (Google)
PRC - C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Users\Arthur\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
PRC - C:\Programme\Acer\Acer Bio Protection\CompPtcVUI.exe (Arachnoid Biometrics Identification Group Corp.)
PRC - C:\Programme\Acer\Acer Bio Protection\BASVC.exe ()
PRC - C:\Programme\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
PRC - C:\Programme\Winamp\winampa.exe ()
PRC - C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Programme\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
PRC - C:\Programme\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
PRC - C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
PRC - C:\Programme\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
PRC - C:\Programme\Common Files\SPBA\upeksvr.exe (UPEK Inc.)
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
PRC - c:\Programme\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
PRC - C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
PRC - C:\Programme\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
PRC - C:\ACER\Mobility Center\MobilityService.exe ()
PRC - C:\Programme\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\MSK\msksrver.exe (McAfee, Inc.)
PRC - c:\Programme\McAfee\MSC\mcuimgr.exe (McAfee, Inc.)
PRC - C:\Windows\PLFSetI.exe ()
PRC - c:\Programme\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
PRC - c:\Programme\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\MPF\MpfSrv.exe (McAfee, Inc.)
PRC - C:\Programme\AOL 9.0 VRa\shellmon.exe (AOL, LLC.)
PRC - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
PRC - C:\Programme\AOL 9.0 VRa\waol.exe (AOL, LLC.)
PRC - C:\Programme\DAEMON Tools\daemon.exe (DT Soft Ltd.)
PRC - C:\Programme\Common Files\aol\acs\AOLacsd.exe (AOL LLC)
PRC - C:\Programme\Common Files\aol\1223197373\ee\aolsoftware.exe (America Online, Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Arthur\Desktop\Security & PC Progs\OTL.exe (OldTimer Tools)
MOD - c:\Programme\McAfee\SiteAdvisor\sahook.dll (McAfee, Inc.)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (GoogleDesktopManager-110309-193829) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (NMSAccessU) -- C:\Programme\CDBurnerXP\NMSAccessU.exe ()
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (OMSI download service) -- C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (IGBASVC) -- C:\Programme\Acer\Acer Bio Protection\BASVC.exe ()
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (ETService) -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (NTIBackupSvc) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
SRV - (NTISchedulerSvc) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
SRV - (BUNAgentSvc) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
SRV - (McNASvc) -- c:\Programme\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (CLHNService) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
SRV - (RS_Service) -- C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
SRV - (mcmscsvc) -- C:\Programme\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()
SRV - (McSysmon) -- C:\Programme\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
SRV - (MSK80Service) -- C:\Program Files\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (WLSetupSvc) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (usnjsvc) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (McProxy) -- c:\Programme\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
SRV - (McShield) -- C:\Programme\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
SRV - (MpfService) -- C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SRV - (StarWindServiceAE) -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (AOL LLC)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (vaxscsi) -- C:\Windows\System32\Drivers\vaxscsi.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (s0017mdm) -- C:\Windows\System32\drivers\s0017mdm.sys (MCCI Corporation)
DRV - (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM) -- C:\Windows\System32\drivers\s0017unic.sys (MCCI Corporation)
DRV - (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s0017mgmt.sys (MCCI Corporation)
DRV - (s0017obex) -- C:\Windows\System32\drivers\s0017obex.sys (MCCI Corporation)
DRV - (s0017bus) Sony Ericsson Device 0017 driver (WDM) -- C:\Windows\System32\drivers\s0017bus.sys (MCCI Corporation)
DRV - (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS) -- C:\Windows\System32\drivers\s0017nd5.sys (MCCI Corporation)
DRV - (s0017mdfl) -- C:\Windows\System32\drivers\s0017mdfl.sys (MCCI Corporation)
DRV - (L1E) -- C:\Windows\System32\drivers\L1E60x86.sys (Atheros Communications, Inc.)
DRV - (AlfaFF) -- C:\Windows\system32\Drivers\AlfaFF.sys (Alfa Corporation)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Programme\Acer Arcade Deluxe\PlayMovie\000.fcl (Cyberlink Corp.)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (RTSTOR) -- C:\Windows\System32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.)
DRV - (psdvdisk) -- C:\Windows\System32\drivers\PSDVdisk.sys (Egis Incorporated)
DRV - (PSDFilter) -- C:\Windows\system32\DRIVERS\psdfilter.sys (Egis Incorporated)
DRV - (PSDNServ) -- C:\Windows\System32\drivers\PSDNServ.sys (Egis Incorporated)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (TcUsb) -- C:\Windows\System32\drivers\tcusb.sys (UPEK Inc.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (UBHelper) -- C:\Windows\System32\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (NTIPPKernel) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys (Cyberlink Corp.)
DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (mfesmfk) -- C:\Windows\System32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\Windows\System32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (MPFP) -- C:\Windows\System32\drivers\Mpfp.sys (McAfee, Inc.)
DRV - (winbondcir) -- C:\Windows\System32\drivers\winbondcir.sys (Winbond Electronics Corporation)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys ()
DRV - (wanatw) WAN Miniport (ATW) -- C:\Windows\System32\drivers\wanatw4.sys (America Online, Inc.)
DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.intl.acer.yahoo.com
IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWinl.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0908&m=aspire_6930g
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2319825
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWinl.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2319825&SearchSource=13"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&q="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010.06.13 08:35:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Firefox\components [2010.07.30 19:54:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Firefox\plugins [2010.07.30 19:54:02 | 000,000,000 | ---D | M]
 
[2008.10.04 18:02:05 | 000,000,000 | ---D | M] -- C:\Users\Arthur\AppData\Roaming\mozilla\Extensions
[2010.07.30 18:17:16 | 000,000,000 | ---D | M] -- C:\Users\Arthur\AppData\Roaming\mozilla\Firefox\Profiles\u96e3y89.default\extensions
[2009.10.09 11:34:19 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Users\Arthur\AppData\Roaming\mozilla\Firefox\Profiles\u96e3y89.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2009.05.10 11:11:48 | 000,000,000 | ---D | M] -- C:\Users\Arthur\AppData\Roaming\mozilla\Firefox\Profiles\u96e3y89.default\extensions\bloodfire@example.com
[2009.05.10 11:11:35 | 000,000,000 | ---D | M] -- C:\Users\Arthur\AppData\Roaming\mozilla\Firefox\Profiles\u96e3y89.default\extensions\martin@hoerandl.com
[2010.03.24 16:13:02 | 000,000,917 | ---- | M] () -- C:\Users\Arthur\AppData\Roaming\Mozilla\FireFox\Profiles\u96e3y89.default\searchplugins\conduit.xml
[2008.10.04 20:46:29 | 000,001,196 | ---- | M] () -- C:\Users\Arthur\AppData\Roaming\Mozilla\FireFox\Profiles\u96e3y89.default\searchplugins\winamp-search.xml
[2009.04.19 17:55:48 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (McAfee Phishing Filter) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\Programme\McAfee\MSK\mcapbho.dll ()
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWinl.dll (Conduit Ltd.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (TBSB03968 Class) - {AA61DE26-FA67-4575-9033-918671094293} - C:\Users\Arthur\AppData\Roaming\Toolbars\Toolbar fuer eBay\ebay.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (no name) - {D187A56B-A33F-4CBE-9D77-459FC0BAE012} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Toolbar fuer eBay) - {000E148C-F7A7-445A-9044-93BF6CE09ECB} - C:\Users\Arthur\AppData\Roaming\Toolbars\Toolbar fuer eBay\ebay.dll ()
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWinl.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (Toolbar fuer eBay) - {000E148C-F7A7-445A-9044-93BF6CE09ECB} - C:\Users\Arthur\AppData\Roaming\Toolbars\Toolbar fuer eBay\ebay.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BkupTray] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HostManager] C:\Programme\Common Files\aol\1223197373\ee\aolsoftware.exe (America Online, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware  (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Programme\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [AOL Fast Start] C:\Program Files\AOL 9.0 VRa\AOL.EXE (AOL, LLC.)
O4 - HKCU..\Run: [Orb] C:\Program Files\Winamp Remote\bin\OrbTray.exe (Orb Networks)
O4 - HKCU..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range -  5)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\haufereader - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll - C:\Programme\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O20 - Winlogon\Notify\spba: DllName - C:\Program Files\Common Files\SPBA\homefus2.dll - C:\Programme\Common Files\SPBA\homefus2.dll (UPEK Inc.)
O24 - Desktop WallPaper: C:\Users\Arthur\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Arthur\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.09.25 18:44:14 | 000,000,029 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{640eaecc-f6e6-11de-8114-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{640eaecc-f6e6-11de-8114-00038a000015}\Shell\AutoRun\command - "" = I:\iStudio.exe -- File not found
O33 - MountPoints2\{66e672a3-9245-11dd-9f67-001e68d94ab5}\Shell - "" = AutoRun
O33 - MountPoints2\{66e672a3-9245-11dd-9f67-001e68d94ab5}\Shell\AutoRun\command - "" = F:\Start.exe -- [2009.09.29 09:49:28 | 000,557,352 | R--- | M] (Akademische Arbeitsgemeinschaft Verlag)
O33 - MountPoints2\{7533091f-42bd-11de-925b-00038a000015}\Shell\Open\command - "" = H:\resycled\boot.com -- File not found
O33 - MountPoints2\{e86f1b83-7849-11dd-8d34-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e86f1b83-7849-11dd-8d34-806e6f6e6963}\Shell\AutoRun\command - "" = G:\Autorun.exe -- File not found
O33 - MountPoints2\{e92f2883-5bd6-11de-b517-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{e92f2883-5bd6-11de-b517-00038a000015}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.07.30 19:53:18 | 000,000,000 | ---D | C] -- C:\Users\Arthur\AppData\Roaming\SUPERAntiSpyware.com
[2010.07.30 19:53:18 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010.07.30 19:53:13 | 000,000,000 | ---D | C] -- C:\Programme\SUPERAntiSpyware
[2010.07.30 19:51:55 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.07.30 18:12:24 | 000,000,000 | ---D | C] -- C:\Users\Arthur\AppData\Roaming\Malwarebytes
[2010.07.30 18:11:56 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.07.30 18:11:54 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.07.30 18:11:54 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.07.30 18:11:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.07.30 18:05:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2010.07.30 18:05:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2010.07.30 18:05:13 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2010.07.10 15:22:45 | 000,000,000 | ---D | C] -- C:\Users\Arthur\AppData\Roaming\temp
[2010.07.10 15:22:38 | 000,000,000 | ---D | C] -- C:\Users\Arthur\Documents\FUSSBALL MANAGER 09
[2010.07.10 14:21:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2010.07.10 13:55:32 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2008.07.22 10:01:25 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
 
========== Files - Modified Within 30 Days ==========
 
[2010.07.30 20:27:35 | 002,621,440 | -HS- | M] () -- C:\Users\Arthur\ntuser.dat
[2010.07.30 20:00:20 | 000,066,492 | ---- | M] () -- C:\Users\Arthur\Documents\cc_20100730_200003.reg
[2010.07.30 19:55:36 | 001,418,806 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.07.30 19:55:36 | 000,618,442 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.07.30 19:55:36 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.07.30 19:55:36 | 000,122,842 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.07.30 19:55:36 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.07.30 19:51:02 | 000,055,302 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.07.30 19:49:33 | 000,034,355 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2010.07.30 19:49:23 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2010.07.30 19:49:08 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.30 19:49:08 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.30 19:49:08 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.30 19:49:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.30 19:48:51 | 3215,847,424 | -HS- | M] () -- C:\hiberfil.sys
[2010.07.30 19:48:06 | 000,524,288 | -HS- | M] () -- C:\Users\Arthur\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.07.30 19:48:06 | 000,065,536 | -HS- | M] () -- C:\Users\Arthur\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.07.30 19:47:49 | 004,240,145 | -H-- | M] () -- C:\Users\Arthur\AppData\Local\IconCache.db
[2010.07.30 06:33:42 | 000,055,302 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.07.27 18:48:02 | 000,204,023 | ---- | M] () -- C:\Users\Arthur\Desktop\Unbenannt.jpg
[2010.07.26 20:31:11 | 000,021,902 | ---- | M] () -- C:\Users\Arthur\Desktop\xxx048_20100725.pdf
[2010.07.21 21:42:38 | 000,293,673 | ---- | M] () -- C:\Users\Arthur\Desktop\Booking.com_ Bestätigung.pdf
[2010.07.11 13:27:39 | 000,000,578 | ---- | M] () -- C:\Users\Arthur\Desktop\Manager09.exe - Verknüpfung.lnk
[2010.07.10 13:58:00 | 008,707,460 | ---- | M] () -- C:\Users\Arthur\Desktop\FM09DBUpdate.exe
 
========== Files Created - No Company Name ==========
 
[2010.07.30 20:00:05 | 000,066,492 | ---- | C] () -- C:\Users\Arthur\Documents\cc_20100730_200003.reg
[2010.07.27 18:48:02 | 000,204,023 | ---- | C] () -- C:\Users\Arthur\Desktop\Unbenannt.jpg
[2010.07.26 20:31:10 | 000,021,902 | ---- | C] () -- C:\Users\Arthur\Desktop\xxx048_20100725.pdf
[2010.07.21 21:42:37 | 000,293,673 | ---- | C] () -- C:\Users\Arthur\Desktop\Booking.com_ Bestätigung.pdf
[2010.07.11 13:27:39 | 000,000,578 | ---- | C] () -- C:\Users\Arthur\Desktop\Manager09.exe - Verknüpfung.lnk
[2010.07.10 13:57:09 | 008,707,460 | ---- | C] () -- C:\Users\Arthur\Desktop\FM09DBUpdate.exe
[2009.09.06 14:33:46 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2009.06.19 21:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2009.04.19 17:56:52 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2008.12.29 16:05:56 | 000,271,360 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2008.12.29 16:05:48 | 000,018,048 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2008.10.28 18:40:48 | 000,173,552 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2008.10.07 20:54:51 | 000,215,144 | ---- | C] () -- C:\Windows\patchw32.dll
[2008.10.04 20:49:08 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008.09.01 19:46:16 | 000,118,784 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll
[2008.09.01 19:31:46 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2008.09.01 19:31:46 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2008.07.30 12:19:21 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.07.30 04:13:17 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008.07.30 04:13:17 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008.07.30 03:47:56 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll
[2008.07.30 03:42:04 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008.07.30 03:25:14 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2007.01.26 08:32:18 | 000,069,632 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.04.21 11:08:22 | 000,253,952 | ---- | C] () -- C:\Windows\System32\HtmlHelp.dll
[2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:FEBEC560
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:8AB6C1D7
< End of report >
--- --- ---


file 2 OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 30.07.2010 20:25:23 - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Users\Arthur\Desktop\Security & PC Progs
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 80,67 Gb Free Space | 56,01% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 229,14 Gb Free Space | 76,87% Space Free | Partition Type: NTFS
Drive E: | 140,50 Gb Total Space | 57,28 Gb Free Space | 40,77% Space Free | Partition Type: NTFS
Drive F: | 445,64 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ARTHUR-NOTEBOOK
Current User Name: Arthur
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08C1E46D-2625-4746-8E7A-9A34BF05CC6F}" = lport=137 | protocol=17 | dir=in | app=system | 
"{2848F563-7516-4D3E-881A-8802EA9D09DA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{295CD266-869D-4398-AFA7-DBB3FB0F143E}" = rport=445 | protocol=6 | dir=out | app=system | 
"{2B7F49A3-94A2-4ED7-A3B2-E0D93AC795C8}" = lport=445 | protocol=6 | dir=in | app=system | 
"{3CFF4483-BAF5-4251-B77C-C228930E6CB0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{42F9DCB5-1184-4FBD-A535-51EC79B792F1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{4CCE8CA1-9EE1-4DBC-B63D-16E0F05191E8}" = lport=138 | protocol=17 | dir=in | app=system | 
"{7DB057F4-006C-4190-8F34-01F5DD1E0187}" = lport=139 | protocol=6 | dir=in | app=system | 
"{888D8C28-500F-4088-9B1B-9745272451CE}" = rport=137 | protocol=17 | dir=out | app=system | 
"{977EA2FF-A73B-4079-88E1-2B2EB4701536}" = rport=139 | protocol=6 | dir=out | app=system | 
"{B6D1C6EE-A859-4FA9-A44F-FE0DFC00D579}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{C717EB99-0FB1-463F-ADF5-FC1CE7A3B15F}" = rport=138 | protocol=17 | dir=out | app=system | 
"{CF38261F-D626-4294-A3A3-9629DF867E65}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{F648EC3C-F25B-4E64-9F3A-5F6640E1F99F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03C35C00-55E7-4399-923E-88DFFC7CC9BD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{042EBB4A-8168-42B4-947A-003AEDC24F17}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | 
"{0A9C8D79-DE32-49D5-80B3-E168982CC34F}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe | 
"{0C604D7C-A5A6-44A8-82E7-751DFDA272FF}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe | 
"{12775923-6831-4EFF-95E3-BCCF4C3F1088}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe | 
"{15CF8154-9AFC-45AD-AECD-BB3F4420BBD8}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe | 
"{1F42165D-A6C4-47A2-824F-659B7640230C}" = protocol=17 | dir=in | app=d:\spiele\ gta iv\grand theft auto iv\launchgtaiv.exe | 
"{298F0918-FC31-4301-868E-95D0CE4F1D37}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{2BBC3EB7-EE27-4F0E-8566-4A5F16A65A66}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{2D59EDC2-4FDE-4F34-87C2-64D65F2EB82B}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vra\waol.exe | 
"{33257381-F59A-4A11-BB55-40B0CD71A025}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe | 
"{34B344D6-1CAF-45C7-B386-6E2708AB3B93}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{37018BE3-B893-42FE-933D-3A4F96D8FFF6}" = protocol=6 | dir=in | app=d:\spiele\ gta iv\grand theft auto iv\rockstar games social club\rgsclauncher.exe | 
"{37BF63F3-FAA3-40BD-8BD1-DE37743D0E82}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | 
"{3C5D05EF-9CF8-4D9C-983E-24D7AE172113}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe | 
"{3D1B06F1-E2A4-4908-847A-4E08A5D3D88A}" = protocol=17 | dir=in | app=d:\spiele\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe | 
"{400BC84F-AE4D-4546-99B1-F06E1065B085}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe | 
"{40FAB121-09C0-4F4E-8C93-8472610C79CB}" = protocol=6 | dir=in | app=d:\spiele\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe | 
"{445C89F6-67CB-4D0F-BD9A-6B76213FFEF7}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe | 
"{4679EF93-504B-4E15-BEEF-58C073C739B1}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe | 
"{525C3FAE-B638-4915-8F28-12CA541AAC22}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{5B05889E-4C9E-4A92-98AA-63C99F098C9E}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe | 
"{64E74C6C-1ACA-4673-AB97-1417DAC6128F}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe | 
"{705AA1B9-9D82-4DA2-8C25-523CC891AD28}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{70DDBBD2-1B7C-447E-BE81-BBB6073F4218}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe | 
"{732EFC31-663D-45D9-9002-AFC4D4BCA185}" = protocol=6 | dir=in | app=c:\program files\thq\frontlines-fuel of war\binaries\ffow.exe | 
"{77F7F3FD-5E57-4C91-AEE6-B1C6C07BB404}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbstreamerclient.exe | 
"{7A74DC89-7321-42CE-B2DB-16032ED09E48}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe | 
"{7BD65B90-A3F1-4D8C-9E90-4999B8EBA804}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{7F229A7D-24FC-4139-A5FE-CAE250E5BF7C}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe | 
"{853FD655-618C-46F3-B443-509283E271C8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{8717AF46-97FC-465B-9558-1FBF757D97AA}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe | 
"{89E38269-2DCA-4003-9D0F-90296A80820B}" = protocol=17 | dir=in | app=c:\program files\thq\frontlines-fuel of war\binaries\ffow.exe | 
"{8C349E28-6D85-46CC-90D1-1D50D180F408}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe | 
"{9491496B-D1B8-49B6-8309-C0FD869EFBE5}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe | 
"{970E2153-184F-482B-9B86-B46EAE130CBB}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{98181662-5144-4A55-9027-84A051911A42}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | 
"{9B919600-2CC1-4A57-A71F-F40AD808E5A7}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1223197373\ee\aolsoftware.exe | 
"{9E7B9255-6368-4F39-B875-F665968F28D2}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orb.exe | 
"{9F7EC11B-A21C-4D65-8CFE-B2E6C4D03C96}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbir.exe | 
"{A14B209A-17C6-4248-A9FB-25FB8D0185EC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{A380A5CC-72E2-47AD-A854-5EDB5947468F}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | 
"{A3D039F4-D0A2-4B56-A7DE-C864C15B3809}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe | 
"{AB250CBC-C463-467D-801F-3A1C357649C3}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe | 
"{AE7E5E8A-FE47-4891-B88C-4AA8B1B5D971}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vra\waol.exe | 
"{B2A73CFC-2A90-480E-AB62-E8BC44197986}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{B3D45A7D-8AD2-4E2C-8D15-B27610520A8F}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{B728BF01-6707-420C-8DAA-05330F711B8C}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | 
"{BB8FCCEA-42AC-42DC-B1D8-8DC04024F54D}" = protocol=17 | dir=in | app=d:\spiele\ gta iv\grand theft auto iv\rockstar games social club\rgsclauncher.exe | 
"{BEEEEE1F-50B1-48DF-B05F-7ACE0E6D17B3}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{C034BA26-98FD-4664-A027-F79C168A38EA}" = protocol=17 | dir=in | app=d:\spiele\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe | 
"{C4ED8404-09A3-4C14-A19B-6F7D3B257BD5}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe | 
"{C58225F4-B8DD-4ADC-8D1C-13DAEF9C9126}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbstreamerclient.exe | 
"{C61C22C0-EB7B-4B23-8872-F112D2151410}" = protocol=6 | dir=in | app=d:\spiele\ gta iv\grand theft auto iv\launchgtaiv.exe | 
"{CF2140B9-45D1-49E1-9455-8AA34070C1B8}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe | 
"{DBACF3DD-4513-4CF7-842D-2411BD9D3A78}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{DE936308-2D39-438F-87B3-42DF87741D3F}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1223197373\ee\aolsoftware.exe | 
"{E1CDBD55-6EEC-47D2-9F23-07D388DA8C32}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | 
"{E4556682-A11A-475A-9803-C0DE5241D9B3}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe | 
"{E510EA3C-A2F4-48F8-A1C0-E1DB30B71DBD}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{EBCBD4F1-4DA2-49FC-A71B-E88BF1D3F864}" = protocol=6 | dir=in | app=d:\spiele\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe | 
"{F273890D-11CF-4581-B907-C90BAC3D47DC}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | 
"{F379E883-67C7-49F2-8958-99E77B830FD4}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{F5E316CD-8B93-446C-ACE5-C48A122E30E9}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbir.exe | 
"{FC0A464F-FA6D-4EB8-A7F2-2F56F3D0963C}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orb.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{10F498FF-5392-4DF3-8F73-FE172A9F3800}" = Winbond CIR Device Drivers
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 20
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2B091530-69AA-442E-AB09-39ED06B58220}" = Windows Live Messenger
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.009.00
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}" = SimCity 4 Deluxe
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{410AB9BC-B057-4D39-9260-660EE1B4BED2}" = Steuer 2009
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}" = Microsoft Games for Windows - LIVE 
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{4F0C7CCF-5666-474B-B02E-AC514A95EC93}" = NVIDIA GAME System Software 2.8.1
"{56FDB311-6511-11DE-832F-0050560400B1}" = Haufe iDesk-Browser
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5943B7F7-678B-477E-9AEE-6E4C6962322B}" = Sparwelt.de Gutschein Alarm
"{59624372-3B85-47f4-9B04-4911E551DF1E}" = Lexware Info Service
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}" = Windows Live installer
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}" = Backspin Billiards
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{82F2B38B-1426-443D-874C-AC25675E7BEB}" = Windows Live Mail
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.8
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{C3542652-4C59-4A96-982A-06EBB3F47819}" = Steuer-Hilfesammlung 2009
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader  0.83
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{EB5AE940-8E5D-11DE-992A-005056B12123}" = Haufe iDesk-Service
"{ECCD28B2-8798-4D16-8126-625D728294A1}" = SPBA 5.8
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FD052FB9-FE90-4438-B355-15EDC89D8FB1}" = Microsoft Games for Windows - LIVE Redistributable
"Acer Acer Bio Protection 6.0.00.17" = Acer Bio Protection

AAU 6.0.00.17
"Acer GameZone Console_is1" = Acer GameZone Console 2.0.1.1
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
"AOL Deinstallation" = AOL Deinstallation
"AOL Installations-Manager" = AOL Installations-Manager
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"Audiograbber" = Audiograbber 1.83 SE 
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Burn4Free" = Burn4Free CD and DVD
"Burn4Free Toolbar" = Burn4Free Toolbar
"BurnAware Free_is1" = BurnAware Free 2.3.0
"CCleaner" = CCleaner
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"FUSSBALL MANAGER 09" = FUSSBALL MANAGER 09
"Google Desktop" = Google Desktop
"GridVista" = Acer GridVista
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MSC" = McAfee SecurityCenter
"NVIDIA Drivers" = NVIDIA Drivers
"Orb" = Winamp Remote
"PhotoScape" = PhotoScape
"PokerStars" = PokerStars
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TBSB03968.TBSB03968Toolbar" = Toolbar fuer eBay
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 0.9.8a
"VSO DivxToDVD_is1" = DivxToDVD 0.5.2
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar for Internet Explorer
"Winamp Toolbar for Firefox" = Winamp Toolbar for Firefox
"WinGimp-2.0_is1" = GIMP 2.6.6
"Winload Toolbar" = Winload Toolbar
"WinRAR archiver" = WinRAR
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 21.07.2010 12:58:29 | Computer Name = Arthur-Notebook | Source = WinMgmt | ID = 10
Description = 
 
Error - 21.07.2010 12:58:40 | Computer Name = Arthur-Notebook | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 21.07.2010 13:01:53 | Computer Name = Arthur-Notebook | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Manager09.exe, Version 1.2.0.0, Zeitstempel 
0x498842bc, fehlerhaftes Modul Manager09.exe, Version 1.2.0.0, Zeitstempel 0x498842bc,
 Ausnahmecode 0xc0000005, Fehleroffset 0x00bd0163,  Prozess-ID 0x12a0, Anwendungsstartzeit
 01cb28f602be929d.
 
Error - 21.07.2010 13:02:33 | Computer Name = Arthur-Notebook | Source = Application Hang | ID = 1002
Description = Programm Manager09.exe, Version 1.2.0.0 arbeitet nicht mehr mit Windows
 zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
 für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
 zu suchen.  Prozess-ID: 12a0  Anfangszeit: 01cb28f602be929d  Zeitpunkt der Beendigung:
 187
 
Error - 21.07.2010 13:04:20 | Computer Name = Arthur-Notebook | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Manager09.exe, Version 1.2.0.0, Zeitstempel 
0x498842bc, fehlerhaftes Modul Manager09.exe, Version 1.2.0.0, Zeitstempel 0x498842bc,
 Ausnahmecode 0xc0000005, Fehleroffset 0x00bd0163,  Prozess-ID 0xbb4, Anwendungsstartzeit
 01cb28f6849b5aad.
 
Error - 21.07.2010 13:04:39 | Computer Name = Arthur-Notebook | Source = Application Hang | ID = 1002
Description = Programm Manager09.exe, Version 1.2.0.0 arbeitet nicht mehr mit Windows
 zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
 für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
 zu suchen.  Prozess-ID: bb4  Anfangszeit: 01cb28f6849b5aad  Zeitpunkt der Beendigung:
 157
 
Error - 21.07.2010 16:34:41 | Computer Name = Arthur-Notebook | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Manager09.exe, Version 1.2.0.0, Zeitstempel 
0x498842bc, fehlerhaftes Modul Manager09.exe, Version 1.2.0.0, Zeitstempel 0x498842bc,
 Ausnahmecode 0xc0000005, Fehleroffset 0x00bd0163,  Prozess-ID 0xf0c, Anwendungsstartzeit
 01cb290fbc108d7d.
 
Error - 21.07.2010 16:35:01 | Computer Name = Arthur-Notebook | Source = Application Hang | ID = 1002
Description = Programm Manager09.exe, Version 1.2.0.0 arbeitet nicht mehr mit Windows
 zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
 für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
 zu suchen.  Prozess-ID: f0c  Anfangszeit: 01cb290fbc108d7d  Zeitpunkt der Beendigung:
 477
 
Error - 22.07.2010 12:19:34 | Computer Name = Arthur-Notebook | Source = WinMgmt | ID = 10
Description = 
 
Error - 22.07.2010 12:22:59 | Computer Name = Arthur-Notebook | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
[ System Events ]
Error - 29.07.2010 14:02:15 | Computer Name = Arthur-Notebook | Source = Service Control Manager | ID = 7031
Description = 
 
Error - 29.07.2010 14:02:15 | Computer Name = Arthur-Notebook | Source = Service Control Manager | ID = 7031
Description = 
 
Error - 29.07.2010 14:02:15 | Computer Name = Arthur-Notebook | Source = Service Control Manager | ID = 7031
Description = 
 
Error - 29.07.2010 14:02:15 | Computer Name = Arthur-Notebook | Source = Service Control Manager | ID = 7031
Description = 
 
Error - 29.07.2010 14:02:52 | Computer Name = Arthur-Notebook | Source = Service Control Manager | ID = 7032
Description = 
 
Error - 30.07.2010 00:11:29 | Computer Name = Arthur-Notebook | Source = HTTP | ID = 15016
Description = 
 
Error - 30.07.2010 11:58:19 | Computer Name = Arthur-Notebook | Source = HTTP | ID = 15016
Description = 
 
Error - 30.07.2010 12:50:52 | Computer Name = Arthur-Notebook | Source = bowser | ID = 8003
Description = 
 
Error - 30.07.2010 13:49:08 | Computer Name = Arthur-Notebook | Source = HTTP | ID = 15016
Description = 
 
Error - 30.07.2010 14:01:58 | Computer Name = Arthur-Notebook | Source = netbt | ID = 4321
Description = Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.100  registriert werden. Der Computer mit IP-Adresse 192.168.2.1
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
 
< End of report >
--- --- ---



superantisyware hat nichts mehr gefunden, cc-cleaner hab ich auch durchlaufen lassen, passwörter habe ich alle geändert... kann ich jetzt beruigt weitersurfen oder muss ich mir noch sorgen machen???

ich bedanke mich schonmal für die antworten kann erst am montag wieder antworten da ich morgen übers we weg fahre...

grüße Arthur

 

Themen zu Flacor.dat entdeckt
acroiehelper.dll, adware.adon, alternate, antivir, audacity, audiograbber, autorun, avgntflt.sys, avira, bho, bonjour, cdburnerxp, components, conduit, corp./icp, diner dash, ebayshortcuts.exe, error, fast start, firefox, firefox.exe, flash player, format, google, grand theft auto, home, home premium, iastor.sys, install.exe, intranet, ip-adresse, launch, local\temp, location, logfile, mozilla, nvlddmkm.sys, nvstor.sys, oldtimer, otl.exe, password.stealer, phishing, plug-in, popup, programdata, realtek, registry, rundll, saver, scan, sched.exe, searchplugins, security, shell32.dll, siteadvisor, software, sptd.sys, svchost.exe, torrent.exe, usb, usb 2.0, vista, vlc media player, winload toolbar


« Rechner stürzt ab | Accounts wurden gehackt vermute trojaner wie finde ich es heraus? »


Ähnliche Themen: Flacor.dat entdeckt


  1. Trojaner flacor.dat in Adobe updater, ist er neutralisiert?
    Plagegeister aller Art und deren Bekämpfung - 19.12.2010 (14)
  2. flacor.dat Fehlermeldung - wie bekomme ich sie weg?
    Plagegeister aller Art und deren Bekämpfung - 28.11.2010 (1)
  3. flacor.dat (Backdoor- Trojaner) Log- Dateien
    Plagegeister aller Art und deren Bekämpfung - 10.10.2010 (0)
  4. Silentbanker - flacor.dat
    Plagegeister aller Art und deren Bekämpfung - 16.09.2010 (50)
  5. Check der logfiles nach flacor.dat
    Plagegeister aller Art und deren Bekämpfung - 07.09.2010 (5)
  6. flacor.dat -> System neu aufgesetzt
    Plagegeister aller Art und deren Bekämpfung - 29.08.2010 (1)
  7. flacor.dat erwischt - System neu aufsetzen
    Log-Analyse und Auswertung - 17.08.2010 (3)
  8. pc sauber nach flacor.dat?
    Log-Analyse und Auswertung - 14.08.2010 (21)
  9. flacor.dat Problem Trojaner?
    Log-Analyse und Auswertung - 05.08.2010 (8)
  10. Datenrettung bei flacor
    Log-Analyse und Auswertung - 05.08.2010 (3)
  11. Flacor.dat: Richtiges Vorgehen bei Datensicherung etc.
    Plagegeister aller Art und deren Bekämpfung - 30.07.2010 (18)
  12. Trojaner: flacor.dat - Anleitung ausgeführt + Logfiles
    Log-Analyse und Auswertung - 26.07.2010 (4)
  13. flacor.dat - bin ich ihn los?
    Plagegeister aller Art und deren Bekämpfung - 23.07.2010 (4)
  14. FLACOR.DAT -> System neu aufgesetzt -> Logs ok? DANKE!
    Log-Analyse und Auswertung - 20.07.2010 (8)
  15. Flacor.dat - das angegebene Modul wurde nicht gefunden
    Plagegeister aller Art und deren Bekämpfung - 21.06.2010 (26)
  16. Fehlermeldung RUNDLL......flacor.dat Malware?
    Plagegeister aller Art und deren Bekämpfung - 23.05.2010 (60)
  17. flacor.dat - Windows fährt herunter
    Log-Analyse und Auswertung - 19.05.2010 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Flacor.dat entdeckt - hallo leute, ich habe vor ca. 1 Woche festgestellt, dass sich der pc automatisch hunterfährt nach einem kurzen hinweis. Seit dem kam immer eine Fehlermeldung mit der datei flacor.dat. Nach - Flacor.dat entdeckt...
Archiv
Du betrachtest: Flacor.dat entdeckt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130