Zurück   Trojaner-Board > Web/PC > Alles rund um Windows

Alles rund um Windows: Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter...

Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 - als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows.

Antwort
Alt 24.02.2011, 19:40   #1
79alex23
 
Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter... - Standard

Problem: Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter...



Hallo, wie bereits Stichwortartig in der Überschrift erwähnt habe ich seit ca. 10 Tagen folgendes Problem.
Ich wollte abends den PC herunterfahren und als ich morgens in PC-Zimmer kam war er immer noch am runterfahren (er hat es nicht getan). Ich habe Ihn ausgemacht. Seitdem fährt er ganz langsam hoch, der Lüfter ist fast die ganze Zeit an, und der Explorer, die Programme reagieren GANZ verzögert. Auch wenn ich den PC ausmachen möchte fährt er nicht immer runter! Kann mir vielleicht jemand helfen!? Ich bin absoluter Laie und kann mir nicht erklären woran es liegt. Bei Hilfe bitte für einen Laien Anweisungen geben! Ich danke euch im Vorfeld - bin auch gerne bereit euch hier zu unterstützen! Gruß

Alt 24.02.2011, 21:04   #2
felix1
/// Helfer-Team
 
Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter... - Standard

Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter... Anleitung / Hilfe



Da Du hier nicht ganz neu bist, erspare ich mir jetzt mal die Begrüßungszeremonien. Lese, beachte und poste alle geforderten Angaben.

LG

Der Felix
__________________

__________________

Alt 25.02.2011, 11:45   #3
79alex23
 
Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter... - Standard

Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter... Details



Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5874

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019

25.02.2011 12:31:21
mbam-log-2011-02-25 (12-31-18).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 164839
Laufzeit: 4 Minute(n), 27 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 6
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\program files\internet saving optimizer (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\3.8.1.4690 (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\3.8.1.4690\FF (Adware.DoubleD) -> No action taken.
c:\program files\media access startup (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\2.0.0.1050 (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\2.0.0.1050\FF (Adware.DoubleD) -> No action taken.

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
__________________

Alt 25.02.2011, 11:45   #4
79alex23
 
Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter... - Standard

Lösung: Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter...



OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 25.02.2011 12:49:10 - Run 4
OTL by OldTimer - Version 3.2.21.0     Folder = C:\Users\****\Desktop\MFTools
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 142,16 Gb Total Space | 74,15 Gb Free Space | 52,16% Space Free | Partition Type: NTFS
Drive D: | 142,18 Gb Total Space | 95,16 Gb Free Space | 66,93% Space Free | Partition Type: NTFS
 
Computer Name: ****-PC | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1199916533-2294184880-3576752702-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05FA27B0-56F7-44A1-A07C-8605C1934BB1}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{0CA1894E-A6D0-4A78-8217-58375294475F}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 | 
"{20478DBD-9024-4CD5-BA3A-1A7D4A51C0D6}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{31EFE7E0-A964-44C2-8062-274DAFD017EB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{34432A93-5174-4033-A966-62CC0A15794A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{38446EE4-F760-46FE-97F3-6D346B0D5563}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{3E221D95-9DC3-4823-84AF-C1506F00D4BE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{447B5148-94CD-48F7-AF43-6BD9D38BDA19}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{59911795-2FCC-4B15-A99F-296FEEC436BF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{661DD868-AB6B-4515-837E-FE92F5928E53}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{6D3544AB-79FC-44C2-B1B5-11DEA4B71DC1}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 | 
"{8DBDD998-BA4E-4D66-A65C-FD6AC1CD1816}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | 
"{AFBFD523-C065-4648-A52B-3DCBDF9CEB54}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{C171028B-4B38-488F-B1E0-EF1A2CA508E2}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{C218BD3F-E8B0-458C-9AF3-F46092EB6586}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{C502FF24-D701-40E7-B264-547F646D0A41}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{C56AA661-B5C3-4A7E-8A90-CBB611C23B00}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{C68B436F-6D23-4DAE-A7BF-6378990E6DFC}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{C6BB3CAB-6587-406E-92D1-B8646AC35F90}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{D9139F81-A830-4E78-AE84-E8C1A948DF1A}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{F6DEF7E6-9144-425B-83B0-F761B97EEBA7}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{FC3A7A42-D29E-46A0-8D7E-942003F0F98F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00007600-C351-4D0D-887F-438367E21DD4}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{06FE4965-C693-4AA0-AFC2-147D2DBA0581}" = protocol=6 | dir=in | app=c:\program files\1&1\fboxupd.exe | 
"{0905ED90-EE61-42E8-8A68-72D726715200}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{0940B8D9-3B75-4C9D-A7C6-158B8DD752E8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{0ECD8E47-B254-4345-8824-3F42ED1E28FA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{111A6E94-F28B-438C-A901-408856880B29}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{135C47AA-639F-495F-937F-1A676F9B852A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{1A2792E7-BF7C-477B-AD5F-60F9CC7AE695}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{1E7F6256-261E-4315-B70D-66C88BCE204B}" = protocol=17 | dir=in | app=c:\users\****\appdata\local\apps\2.0\n7vqt6n5.ebo\8nvv6oyj.nph\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe | 
"{2104D361-9B11-400B-BCDB-77ED721745A0}" = protocol=6 | dir=in | app=c:\users\****\appdata\local\apps\2.0\n7vqt6n5.ebo\8nvv6oyj.nph\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe | 
"{2607828D-314B-4021-AEBC-34FDEAB306B4}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{2753E249-444D-47B4-A33F-87E5D4F40E31}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{2B091538-BE58-47EC-8E76-658E532CA181}" = protocol=17 | dir=in | app=c:\program files\1&1\fboxupd.exe | 
"{2CD5B1B2-288F-4190-8952-28D58DA0198E}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung pc share manager\wiselinkpro.exe | 
"{2F3B1B4D-472B-46F4-9544-46F7DC8729AD}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{2FFC394B-3ED6-4118-B466-8981172307A8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{31C244A1-3DF6-4B60-B963-E08D83B7E189}" = protocol=6 | dir=in | app=c:\program files\twonkymedia\twonkymediaserverwatchdog.exe | 
"{31FEDB43-3F17-458A-9736-82A6E52A6E3D}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{36F8E1E1-7493-40B4-8C89-C8934096C679}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{3D0D8BAC-68A3-4B54-9EF1-985CC6B20BA5}" = protocol=17 | dir=in | app=c:\program files\twonkymedia\twonkymediaserverwatchdog.exe | 
"{41454323-A7FA-47D3-B3B3-F31BBE1FE05B}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe | 
"{45F7A61C-EEFB-423C-805F-1B83DDD5D368}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung pc share manager\http_ss_win_pro.exe | 
"{4994F26F-1989-4F45-88A8-8243A84891CF}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{4EBE2879-40B2-4694-8A7A-7BF84B4B3472}" = protocol=6 | dir=in | app=c:\users\****\appdata\local\apps\2.0\n7vqt6n5.ebo\8nvv6oyj.nph\frit..tion_8488884cfbcefd60_0002.0002_9409db79b3f040fd\fritzbox-usb-fernanschluss.exe | 
"{5277B95F-4166-462C-A39C-724DAACCE0E1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{5A819053-ABB6-47E4-9D16-EC89085FA270}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe | 
"{5DB012BB-DF24-4364-8955-39DC01884B89}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{60CCFB14-3D63-480D-ACD2-F0E6FE7F4222}" = protocol=6 | dir=in | app=c:\program files\twonkymedia\mediamanager\twonkymediamanager.exe | 
"{6B2B1A41-97F5-40E9-9F39-BF7F0A31995A}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{6BE11C61-2C1A-457C-92CC-4CFF31E47DB3}" = protocol=6 | dir=in | app=c:\users\****\appdata\local\apps\2.0\n7vqt6n5.ebo\8nvv6oyj.nph\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe | 
"{6CDDAB7B-CE53-4180-BEB0-DAB4A8C4C0C1}" = dir=in | app=c:\windows\system32\lxeccoms.exe | 
"{7243604F-EBD0-4311-B9FA-3DEC34C5C86A}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung pc share manager\http_ss_win_pro.exe | 
"{727DC909-3A31-4704-9E16-A4466D594F7A}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{7494DCAD-E537-42D3-B0DE-E94820A1E397}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{7AAE93A8-1261-4C9C-9A9E-A9033440E3B0}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{7C3692AF-892E-4377-8484-20BFFE47DD25}" = protocol=6 | dir=in | app=c:\program files\twonkymedia\twonkymediaserver.exe | 
"{8054D065-197B-48E1-81D1-8D8CFB2F7103}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung pc share manager\http_ss_win_pro.exe | 
"{848CA979-E55B-4173-A811-2393897DC6C7}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{87C1C5D6-E404-4877-A915-DF3C7B833D1D}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{889E9A21-34ED-4373-B743-9868930ED6CE}" = protocol=6 | dir=in | app=c:\program files\fritz!\igd_finder.exe | 
"{8AB192DE-3AB3-41A6-A19A-9BF7D0D5C7F5}" = protocol=17 | dir=in | app=c:\users\****\appdata\local\apps\2.0\n7vqt6n5.ebo\8nvv6oyj.nph\frit..tion_8488884cfbcefd60_0002.0002_9409db79b3f040fd\fritzbox-usb-fernanschluss.exe | 
"{90F7CCCD-C360-4D36-9DD8-ECD824B55224}" = dir=in | app=c:\windows\system32\lxeccoms.exe | 
"{91EE6C62-A859-4AAE-AF8D-3434749DCE3F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{94C9E0C4-29B5-4ACD-AB83-0D44D8A65865}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{96643B35-92AC-4392-BED0-E4B8A493A3B6}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{9967C727-90D2-4031-96DD-CFBFFD5E1CD5}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung pc share manager\wiselinkpro.exe | 
"{998721AD-C6B4-4BEE-8ADC-12EB26ABB776}" = protocol=6 | dir=in | app=c:\users\****\appdata\local\apps\2.0\n7vqt6n5.ebo\8nvv6oyj.nph\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe | 
"{9BD2B96D-B1F6-4E65-BE2B-858CD90103F8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9BF9575A-6377-48FF-BB19-969C682ED554}" = protocol=17 | dir=in | app=c:\program files\lexmark pro800-pro900 series\lxecfax.exe | 
"{9C073FF2-2595-476C-A405-CB3887575264}" = protocol=6 | dir=in | app=c:\program files\lexmark pro800-pro900 series\lxecfax.exe | 
"{A21F51AC-215C-4F8D-B5EF-AB442B98EE88}" = dir=in | app=c:\windows\system32\lxeccoms.exe | 
"{A3A18F0D-34D9-4C5B-A22E-0421C884C629}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{A6863883-8899-4985-A0DB-39D4C4A4F7EF}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung pc share manager\wiselinkpro.exe | 
"{A76B4BB3-9D76-4CEC-BE79-810A9481F7C1}" = protocol=17 | dir=in | app=c:\program files\1&1\igdctrl.exe | 
"{A8D92FCB-0530-49CC-98C5-6D1DF0769037}" = protocol=17 | dir=in | app=c:\users\****\appdata\local\apps\2.0\n7vqt6n5.ebo\8nvv6oyj.nph\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe | 
"{A93B0B88-D413-405D-B482-D62D07A4AD90}" = protocol=17 | dir=in | app=c:\users\****\appdata\local\apps\2.0\n7vqt6n5.ebo\8nvv6oyj.nph\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe | 
"{AE4838FC-893D-4D02-B33F-447A8E92227E}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung pc share manager\http_ss_win_pro.exe | 
"{AE63E44C-E0D7-489E-96C7-5E8A294D6731}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{AF411229-81D6-44D8-8DF0-9D120D5C4266}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B181E2A3-E5A9-4E6D-851A-9C873693503E}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{B300B767-3959-4018-B248-6D9827E3DA5D}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe | 
"{B7093A8E-38AD-478D-8D58-961F1129BF90}" = protocol=6 | dir=in | app=c:\program files\1&1\webwaigd.exe | 
"{B9AA12C9-3796-4481-BB3A-C0A55CA1B226}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{BA97250D-8A31-4237-B152-5A65892739C5}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe | 
"{BDBC5C69-A72F-40AB-AEFE-4B0E225BADBB}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{BE2B6EC5-9CE9-4741-85A6-B80113B66112}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{BFAE954A-EB78-4868-9DCB-DDA98FB2A0E6}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe | 
"{C3F995EC-3E35-48A0-A264-F20F0D4932C5}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{C3FCA9E0-F281-45E8-9A07-8608DD92A903}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{C65C422E-7C6D-452D-BA1D-2E6ECB0DE451}" = protocol=17 | dir=in | app=c:\program files\twonkymedia\twonkymediaserver.exe | 
"{CF304FD5-34D1-40CA-81CC-557E082F9CD2}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe | 
"{CFF6C3DA-3DA8-44EB-BD22-1BF6250ACACF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{D84C09C5-37E5-4AE8-8880-3AD0C76844FC}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{DCC0A4C5-CA4B-4EBA-A602-DAA8C13EF855}" = protocol=6 | dir=out | app=system | 
"{DCC367BF-E5DD-4089-98EF-0E6A2D91D9FF}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{DE6CAB9B-0BBD-46E3-93A7-D6BC49C3D64E}" = protocol=17 | dir=in | app=c:\program files\fritz!\igd_finder.exe | 
"{E0D8B720-FBB7-4D86-BB31-3177EFF19933}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E14D3977-12C3-43D7-8B56-D61A6684F83D}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{E2109F94-F3D7-48C5-9798-64883A6CA0A3}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{E2252493-C748-4B32-9EB2-B9414FA0A2DF}" = protocol=17 | dir=in | app=c:\program files\twonkymedia\mediamanager\twonkymediamanager.exe | 
"{E2C94B72-AD41-4B85-A7A8-EE8646179521}" = protocol=17 | dir=in | app=c:\program files\1&1\webwaigd.exe | 
"{E9131088-D67C-4FD0-B6BC-07CD8088D9E4}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | 
"{EA35326E-3E14-489D-9BC3-40DA24F4438D}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{EF554C95-4B24-4B81-AFD8-A7278816BAF8}" = dir=in | app=c:\windows\system32\lxeccoms.exe | 
"{F28E033E-6E1C-4971-B4E0-1A1862AF97F0}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung pc share manager\wiselinkpro.exe | 
"{F38A58B3-5AFE-4CE4-8DBF-D0999BB1E5F0}" = protocol=6 | dir=in | app=c:\program files\1&1\igdctrl.exe | 
"TCP Query User{1782D3EA-03E0-4B78-9E88-5C41B98355C8}C:\users\****\appdata\local\temp\_istmp1.dir\_ins5576._mp" = protocol=6 | dir=in | app=c:\users\****\appdata\local\temp\_istmp1.dir\_ins5576._mp | 
"TCP Query User{1C5FF53C-7ABD-4DFE-8BEC-F62DFA5FF6C9}E:\utility\easy_search_utility.exe" = protocol=6 | dir=in | app=e:\utility\easy_search_utility.exe | 
"TCP Query User{25CC73AE-82E9-42F9-A125-A346DAB1FC7B}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{3D3261F8-06C3-486B-B366-837F211A8310}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"TCP Query User{4A640492-E181-4A68-AC6B-69F84F1CA894}C:\program files\twonkymedia\mediamanager\twonkymediamanager.exe" = protocol=6 | dir=in | app=c:\program files\twonkymedia\mediamanager\twonkymediamanager.exe | 
"TCP Query User{5A62CD3D-D341-4E9E-8B75-D9D19FDC6D1E}C:\program files\packetvideo\twonkybeam\tmslite\tms-beam.exe" = protocol=6 | dir=in | app=c:\program files\packetvideo\twonkybeam\tmslite\tms-beam.exe | 
"TCP Query User{6C839082-F97C-416C-832E-2A816CFECA99}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{7F572E42-A0C8-4F4E-9772-02108C693BE1}C:\program files\fritz!\frifax32.exe" = protocol=6 | dir=in | app=c:\program files\fritz!\frifax32.exe | 
"TCP Query User{ADA1CE85-706F-4DC7-8F7D-E9E36DF34749}C:\users\****\appdata\local\temp\_istmp1.dir\_istmp0.dir\igd_finder.exe" = protocol=6 | dir=in | app=c:\users\****\appdata\local\temp\_istmp1.dir\_istmp0.dir\igd_finder.exe | 
"TCP Query User{AF84D7EF-CDD6-4E59-9C25-5D14FFAEE2E1}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{D7159C7C-31A0-4A3B-A560-D7B21D14AE75}C:\program files\mozilla firefox 3.5 beta 4\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox 3.5 beta 4\firefox.exe | 
"TCP Query User{E7925A0F-8101-4ADA-90E2-1A4694B4AA01}C:\program files\sprite software\sprite backup\spriteservice.exe" = protocol=6 | dir=in | app=c:\program files\sprite software\sprite backup\spriteservice.exe | 
"TCP Query User{EB60F51C-9326-42D0-8D47-3E022B275ECF}C:\program files\dap\dap.exe" = protocol=6 | dir=in | app=c:\program files\dap\dap.exe | 
"TCP Query User{FFE25184-5229-4EA1-AE4C-CB5065A6CF53}C:\users\****\appdata\local\apps\2.0\n7vqt6n5.ebo\8nvv6oyj.nph\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe" = protocol=6 | dir=in | app=c:\users\****\appdata\local\apps\2.0\n7vqt6n5.ebo\8nvv6oyj.nph\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe | 
"UDP Query User{096482FB-339F-4249-89D7-E5C555F723B9}C:\program files\dap\dap.exe" = protocol=17 | dir=in | app=c:\program files\dap\dap.exe | 
"UDP Query User{09DBB4BC-B34E-4CC7-ADF6-173765746F94}C:\users\****\appdata\local\temp\_istmp1.dir\_istmp0.dir\igd_finder.exe" = protocol=17 | dir=in | app=c:\users\****\appdata\local\temp\_istmp1.dir\_istmp0.dir\igd_finder.exe | 
"UDP Query User{1BE4496A-B175-4D88-90F4-B07408276983}C:\program files\sprite software\sprite backup\spriteservice.exe" = protocol=17 | dir=in | app=c:\program files\sprite software\sprite backup\spriteservice.exe | 
"UDP Query User{40EFAE30-51C1-43E6-8664-23203F4CD660}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{7257ACDF-A9B0-480D-8547-10C44387CDB1}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"UDP Query User{752072C4-3E91-4259-B0AB-732EF888AA99}C:\program files\mozilla firefox 3.5 beta 4\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox 3.5 beta 4\firefox.exe | 
"UDP Query User{958ADF00-4A01-4BFD-930B-096697CC21E8}C:\users\****\appdata\local\temp\_istmp1.dir\_ins5576._mp" = protocol=17 | dir=in | app=c:\users\****\appdata\local\temp\_istmp1.dir\_ins5576._mp | 
"UDP Query User{95B58524-33AA-4760-8D66-EA4EB09D09F8}E:\utility\easy_search_utility.exe" = protocol=17 | dir=in | app=e:\utility\easy_search_utility.exe | 
"UDP Query User{A377C594-C9E5-46FD-8B09-AD4293B9E08D}C:\program files\fritz!\frifax32.exe" = protocol=17 | dir=in | app=c:\program files\fritz!\frifax32.exe | 
"UDP Query User{ACFA332D-3FF4-42F8-8A33-F26D6DD875DD}C:\program files\twonkymedia\mediamanager\twonkymediamanager.exe" = protocol=17 | dir=in | app=c:\program files\twonkymedia\mediamanager\twonkymediamanager.exe | 
"UDP Query User{B9DB096E-142F-4E8B-9AE3-0CF41AE10364}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{E6AC2B49-633F-4DD6-B46E-AF62EA28C189}C:\users\****\appdata\local\apps\2.0\n7vqt6n5.ebo\8nvv6oyj.nph\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe" = protocol=17 | dir=in | app=c:\users\****\appdata\local\apps\2.0\n7vqt6n5.ebo\8nvv6oyj.nph\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe | 
"UDP Query User{E907B426-2341-4D4C-B186-DA68B16AC816}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"UDP Query User{F0B38877-8CA3-4525-96ED-71F4F0C0A0D7}C:\program files\packetvideo\twonkybeam\tmslite\tms-beam.exe" = protocol=17 | dir=in | app=c:\program files\packetvideo\twonkybeam\tmslite\tms-beam.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Symbolleiste
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{12FE558D-1FE1-4DEC-8C4A-F67C20F279B3}" = Application Suite
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2899C5-8938-4232-98CC-7A075ECB3172}" = t@x 2010 Standard
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 24
"{272253C3-D9DD-4C0C-A586-7E7ABC7E9AA2}" = Presto! BizCard 5
"{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Bing Maps 3D
"{2EF095CE-24AF-4AAA-BB82-85F988EC51C0}" = 1und1 Internet Explorer Add-On
"{302E9B7B-2B6A-4C29-9A02-9F2110649779}" = Nuvoton EC Generic HID Driver
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{41B20968-B2E1-49C0-9508-CC1544D568F5}" = Presto! BizCard Komponente (für Windows CE Gerät)
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{431A5BB6-E5E2-444E-8AF3-70E6BF16DEF6}" = UVC Video Camera
"{44AFDB86-1509-4CDC-9B2E-1C73B2DEE5F0}" = Mobile Broadband Drivers
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}" = FRITZ!Box starter
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{52D3199D-2858-4216-AA1D-B2A9BB9FA31B}" = Sprite Backup HTC
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}" = Vodafone Mobile Connect
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8E5E3330-6746-4A1D-A6BA-043E4D437A59}" = InstallIQ Updater
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A899DA1F-D626-401C-8651-F2921E3B4CB3}" = T-Mobile web'n'walk Manager
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAD47011-8518-4608-9656-951DA35B587B}" = iTunes
"{AC4600DB-4897-4EAF-B153-6335B9AA066D}" = GT HSDPA driver installer
"{AC76BA86-7AD7-2447-0000-900000000003}" = Chinese Simplified Fonts Support For Adobe Reader 9
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B0414A3B-3AE3-47B8-8FC0-2129781FF425}" = t@x 2011
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.57.409
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark 
"{D59E595E-E49D-4908-98BF-E390264147BF}" = 4Team Sync2
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DCBDA0BD-11BA-4AD1-9F82-6B073EABEFCE}" = Presto! BizCard 5
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone-Konfigurationsprogramm
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"1und1 Internet Explorer Add-On" = 1und1 Internet Explorer Add-On
"3D Hausplaner 9_is1" = DATA BECKER 3D Hausplaner 9
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AllMusicConverter_is1" = AllMusicConverter 3.8.5
"Alt WAV MP3 WMA OGG Converter 7.2 Shareware_is1" = Alt WAV MP3 WMA OGG Converter 7.2
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"CYCAS3_is1" = CYCAS 3.90 public for Windows
"doPDF 6  printer_is1" = doPDF 6.2  printer
"etope Lister_is1" = 1.25
"Free CD to MP3 Converter" = Free CD to MP3 Converter
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.0
"FreePDF_XP" = FreePDF (Remove only)
"GPL Ghostscript 9.00" = GPL Ghostscript 9.00
"GridVista" = Acer GridVista
"HandBrake" = HandBrake 0.9.5
"HijackThis" = HijackThis 2.0.2
"Huawei Modems" = Huawei modem
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"Lexmark Pro800-Pro900 Series" = Lexmark Pro800-Pro900 Series
"LIDL Fotoservice_is1" = LIDL Fotoservice
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaMonkey_is1" = MediaMonkey 3.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.5.13)" = Mozilla Firefox (3.5.13)
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24)
"Novatel_V20051Installer" = Novatel driver package V2.00.51
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OptionHsxpa72_PCCardInstaller" = Option Globetrotter HSXPA 7.2 PC-Cards
"OptionPCCardInstaller_tmcc" = Option PC Cards driver package
"OptionPluss_PCCardInstaller" = Option GT HSDPA driver suit
"Protect Disc License Helper" = Protect Disc License Helper 1.0.118
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Sierra Wireless AirCards" = Sierra Wireless AirCards
"Sweet Home 3D_is1" = Sweet Home 3D version 2.4
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"T-Mobile Internet Manager" = T-Mobile Internet Manager
"TomTom HOME" = TomTom HOME 2.7.0.1785
"VLC media player" = VLC media player 1.0.0-rc3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f018cf21c0452c64" = AVM FRITZ!Box USB-Fernanschluss
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 01.01.2011 16:43:53 | Computer Name = ****-PC | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Users\****\Downloads\1257762534-1257770034-8177b5-B-f10d543540072eb0103609cd967afb83.exe".
 Fehler in Manifest- oder Richtliniendatei "C:\Users\****\Downloads\1257762534-1257770034-8177b5-B-f10d543540072eb0103609cd967afb83.exe"
 in Zeile 0.  Ungültige XML-Syntax.
 
Error - 02.01.2011 07:08:51 | Computer Name = ****-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 02.01.2011 07:08:51 | Computer Name = ****-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 02.01.2011 07:09:37 | Computer Name = ****-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 02.01.2011 13:47:30 | Computer Name = ****-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 02.01.2011 13:47:30 | Computer Name = ****-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 02.01.2011 13:48:38 | Computer Name = ****-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 03.01.2011 06:11:49 | Computer Name = ****-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 03.01.2011 06:11:49 | Computer Name = ****-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 03.01.2011 06:12:57 | Computer Name = ****-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 25.02.2011 03:21:12 | Computer Name = ****-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 24.02.2011 um 20:55:35 unerwartet heruntergefahren.
 
Error - 25.02.2011 03:22:00 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 25.02.2011 03:22:00 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 25.02.2011 03:22:00 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 25.02.2011 03:22:19 | Computer Name = ****-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 25.02.2011 07:01:21 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7034
Description = 
 
Error - 25.02.2011 07:06:23 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 25.02.2011 07:06:23 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 25.02.2011 07:06:23 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 25.02.2011 07:06:44 | Computer Name = ****-PC | Source = DCOM | ID = 10016
Description = 
 
 
< End of report >
         
--- --- ---

Geändert von 79alex23 (25.02.2011 um 11:52 Uhr)

Alt 25.02.2011, 11:53   #5
79alex23
 
Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter... - Standard

Wie Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter...



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 25.02.2011 12:49:10 - Run 4
OTL by OldTimer - Version 3.2.21.0     Folder = C:\Users\****\Desktop\MFTools
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 142,16 Gb Total Space | 74,15 Gb Free Space | 52,16% Space Free | Partition Type: NTFS
Drive D: | 142,18 Gb Total Space | 95,16 Gb Free Space | 66,93% Space Free | Partition Type: NTFS
 
Computer Name: ****-PC | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.02.25 12:07:05 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\****\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2011.02.25 11:59:06 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Users\****\Desktop\MFTools\OTL.exe
PRC - [2011.02.02 13:15:26 | 001,085,952 | ---- | M] (W3i, LLC) -- C:\Programme\W3i\InstallIQUpdater\InstallIQUpdater.exe
PRC - [2011.01.05 11:59:50 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.12.21 11:16:27 | 000,535,152 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2011\taxaktuell.exe
PRC - [2010.12.20 18:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010.12.12 20:41:44 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\plugin-container.exe
PRC - [2010.12.12 20:41:43 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2010.12.11 12:15:28 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.11.18 13:57:12 | 003,753,168 | ---- | M] (4Team Corporation) -- C:\Programme\4Team Corporation\Sync2\Sync2.exe
PRC - [2010.11.06 08:56:32 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.11.06 08:56:32 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2010.10.16 07:20:46 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Programme\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2010.08.12 21:51:10 | 001,422,168 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office14\WINWORD.EXE
PRC - [2010.07.16 17:23:30 | 006,638,080 | ---- | M] () -- C:\Programme\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
PRC - [2010.06.17 20:56:44 | 000,370,176 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe
PRC - [2010.06.09 15:15:34 | 000,417,906 | ---- | M] () -- C:\Programme\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe
PRC - [2010.04.07 08:01:28 | 001,053,848 | ---- | M] () -- C:\Windows\System32\ieconfig_1und1_svc.exe
PRC - [2010.03.16 02:58:36 | 000,718,208 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office14\MSOSYNC.EXE
PRC - [2010.03.11 09:02:02 | 000,208,528 | ---- | M] (Geek Software GmbH) -- C:\Programme\pdf24\pdf24.exe
PRC - [2010.01.18 10:27:10 | 000,139,944 | ---- | M] () -- C:\Programme\Lexmark Pro800-Pro900 Series\ezprint.exe
PRC - [2010.01.18 10:26:56 | 000,770,728 | ---- | M] () -- C:\Programme\Lexmark Pro800-Pro900 Series\lxecmon.exe
PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
PRC - [2010.01.07 14:36:50 | 000,598,696 | ---- | M] ( ) -- C:\Windows\System32\lxeccoms.exe
PRC - [2009.12.16 19:39:36 | 000,249,856 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Programme\Huawei Modems\DataCardMonitor.exe
PRC - [2009.08.07 15:31:40 | 000,247,144 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2009.08.07 15:31:40 | 000,092,008 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2009.07.20 11:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPoint\SetPoint.exe
PRC - [2009.07.10 11:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Programme\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2009.07.03 11:40:32 | 000,009,216 | ---- | M] (Vodafone) -- C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
PRC - [2009.06.23 16:43:40 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\****\AppData\Roaming\T-Mobile Internet Manager\ouc.exe
PRC - [2009.05.05 16:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.01.08 14:10:00 | 000,187,456 | ---- | M] (DATA BECKER GmbH & Co KG) -- C:\Programme\Common Files\DATA BECKER Shared\DBService.exe
PRC - [2008.12.17 07:37:06 | 000,858,632 | ---- | M] (Dritek System Inc.) -- C:\Programme\Launch Manager\LManager.exe
PRC - [2008.11.28 10:56:06 | 000,024,576 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008.11.28 10:08:46 | 000,417,792 | ---- | M] (Acer Inc.) -- C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2008.10.04 04:09:02 | 000,069,632 | ---- | M] () -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2008.09.19 04:00:10 | 006,294,048 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.08.01 17:00:16 | 007,540,736 | ---- | M] (Alcor Micro Corp.) -- C:\Programme\UVC Video Camera\EffectDir\UVCTray.exe
PRC - [2008.08.01 14:50:14 | 000,245,760 | ---- | M] (Alcor Micro Corp.) -- C:\Programme\UVC Video Camera\UVCSti.exe
PRC - [2008.07.29 17:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008.04.25 21:36:20 | 000,045,056 | ---- | M] (NewTech InfoSystems, Inc.) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
PRC - [2008.04.25 21:36:20 | 000,028,672 | ---- | M] () -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
PRC - [2008.04.25 21:36:02 | 000,131,072 | ---- | M] () -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
PRC - [2008.03.31 18:58:06 | 000,009,728 | ---- | M] () -- C:\Programme\UVC Video Camera\RunEffect.exe
PRC - [2008.03.03 13:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
PRC - [2008.01.21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007.12.07 16:08:26 | 000,778,240 | ---- | M] (AVM Berlin) -- C:\Programme\1&1\Stcenter.exe
PRC - [2007.12.06 16:15:28 | 000,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2007.10.25 17:49:44 | 000,457,248 | ---- | M] (Birdstep Technology) -- C:\Programme\T-Mobile\web'n'walk Manager\AutoUpdateSrv.exe
PRC - [2007.10.25 16:09:18 | 000,087,344 | ---- | M] (AVM Berlin) -- C:\Programme\1&1\IGDCTRL.EXE
PRC - [2007.05.31 09:21:28 | 000,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdcBase.exe
PRC - [2007.02.09 14:48:26 | 000,176,128 | ---- | M] (OptionNV) -- C:\Programme\Common Files\GtFlashSwitch\GtFlashSwitch.exe
PRC - [2003.06.19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.02.25 11:59:06 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Users\****\Desktop\MFTools\OTL.exe
MOD - [2010.08.31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2009.04.11 07:21:38 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\GdiPlus.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011.01.20 14:44:03 | 000,797,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2011.01.05 11:59:50 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.12.11 12:15:28 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.11.06 08:56:32 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.07.16 17:23:30 | 006,638,080 | ---- | M] () [Auto | Running] -- C:\Programme\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe -- (AllShare)
SRV - [2010.04.07 08:01:28 | 001,053,848 | ---- | M] () [Auto | Running] -- C:\Windows\System32\ieconfig_1und1_svc.exe -- (serviceIEConfig)
SRV - [2010.03.25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010.03.18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.07 14:36:50 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxeccoms.exe -- (lxec_device)
SRV - [2010.01.07 14:36:45 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxecserv.exe -- (lxecCATSCustConnectService)
SRV - [2009.08.07 15:31:40 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009.07.20 11:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009.07.03 11:40:32 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2009.05.28 13:57:22 | 000,245,760 | ---- | M] (SMServer) [On_Demand | Stopped] -- C:\Windows\System32\snmvtsvc.exe -- (SMServer)
SRV - [2009.01.08 14:10:00 | 000,187,456 | ---- | M] (DATA BECKER GmbH & Co KG) [Auto | Running] -- C:\Programme\Common Files\DATA BECKER Shared\DBService.exe -- (DBService)
SRV - [2008.11.28 10:56:06 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008.10.04 04:09:02 | 000,069,632 | ---- | M] () [Auto | Running] -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2008.07.29 17:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008.04.25 21:36:20 | 000,045,056 | ---- | M] (NewTech InfoSystems, Inc.) [Auto | Running] -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc)
SRV - [2008.04.25 21:36:02 | 000,131,072 | ---- | M] () [Auto | Running] -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc)
SRV - [2008.03.31 18:58:06 | 000,009,728 | ---- | M] () [Auto | Running] -- C:\Programme\UVC Video Camera\RunEffect.exe -- (RunEffect serivce)
SRV - [2008.03.03 13:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe -- (BUNAgentSvc)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.12.06 16:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2007.10.25 16:09:18 | 000,087,344 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files\1&1\IGDCTRL.EXE -- (IGDCTRL)
SRV - [2007.05.31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007.02.09 14:48:26 | 000,176,128 | ---- | M] (OptionNV) [Auto | Running] -- C:\Program Files\Common Files\GtFlashSwitch\GtFlashSwitch.exe -- (GtFlashSwitch)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2010.12.26 13:09:49 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.11.24 14:33:04 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.11.07 12:20:54 | 000,101,248 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avmaudio.sys -- (avmaudio)
DRV - [2010.04.30 17:48:53 | 000,101,248 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avmaura.sys -- (avmaura)
DRV - [2009.06.17 17:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009.06.17 17:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009.06.17 17:55:58 | 000,010,384 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidEqd.sys -- (LHidEqd)
DRV - [2009.06.17 17:55:50 | 000,040,720 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV - [2009.06.05 10:42:28 | 000,017,408 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2009.05.28 11:59:46 | 000,023,096 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MusCAudio.sys -- (MusCAudio)
DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.02.13 11:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.01.19 19:31:56 | 000,277,544 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2009.01.10 15:11:30 | 000,300,544 | ---- | M] (CamVendor) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cam3820a.sys -- (Cam3820)
DRV - [2008.12.13 11:27:50 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008.11.22 07:07:00 | 007,451,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.10.09 13:50:04 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2008.10.08 10:43:08 | 000,005,632 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidshim.sys -- (hidshim)
DRV - [2008.10.08 10:43:06 | 000,022,528 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nuvotonhidgeneric.sys -- (nuvotonhidgeneric)
DRV - [2008.10.01 10:04:16 | 000,012,832 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008.09.25 14:39:48 | 000,045,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008.09.19 17:43:50 | 000,061,952 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2008.09.19 03:49:28 | 002,169,944 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.07.29 17:53:12 | 000,060,464 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSDVdisk.sys -- (psdvdisk)
DRV - [2008.07.29 17:53:10 | 000,018,992 | ---- | M] (Egis Incorporated) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter)
DRV - [2008.07.29 17:53:10 | 000,016,944 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSDNServ.sys -- (PSDNServ)
DRV - [2008.06.26 01:39:42 | 000,212,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2008.05.21 13:36:12 | 003,663,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008.04.25 19:08:42 | 000,199,472 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2008.01.31 02:52:06 | 000,014,848 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2008.01.31 02:51:50 | 000,013,824 | ---- | M] (NewTech Infosystems Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\UBHelper.sys -- (UBHelper)
DRV - [2008.01.21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008.01.21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008.01.21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008.01.21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008.01.21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008.01.21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008.01.21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008.01.21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008.01.21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008.01.21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008.01.21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008.01.21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008.01.21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008.01.21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008.01.21 03:23:23 | 000,030,720 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nscirda.sys -- (NSCIRDA)
DRV - [2008.01.21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008.01.21 03:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008.01.21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008.01.21 03:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2008.01.21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008.01.21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008.01.21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008.01.21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007.02.01 16:25:30 | 000,158,720 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NWADIenum.sys -- (NWADI)
DRV - [2006.12.22 20:50:24 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006.12.22 20:49:04 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006.12.22 20:48:54 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006.11.29 01:44:52 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006.11.03 06:29:36 | 000,021,264 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DKbFltr.sys -- (DKbFltr)
DRV - [2006.11.02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.09.28 15:32:14 | 000,009,472 | ---- | M] (June Fabrics Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pnetmdm.sys -- (pnetmdm)
DRV - [2002.07.17 15:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0209&m=aspire_8730
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0209&m=aspire_8730
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0209&m=aspire_8730
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.1und1.de/links/home
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: "GMX Suche"
FF - prefs.js..browser.search.order.3: "amazon.de"
FF - prefs.js..browser.search.order.4: "WEB.DE Suche"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.web.de"
FF - prefs.js..extensions.enabledItems: {398e77b8-2304-11dc-8314-0800200c9a66}:0.3.13
FF - prefs.js..extensions.enabledItems: noia2_option@kk.noia:3.76
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76
FF - prefs.js..keyword.URL: "hxxp://go.web.de/suchbox/webdesuche?su="
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\Vodafone\Vodafone Mobile Connect\Optimization Client\addon\ [2009.12.16 20:51:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Components: C:\Program Files\Mozilla Firefox 3.5 Beta 4\components [2010.12.12 13:31:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox 3.5 Beta 4\plugins [2011.02.15 10:38:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.12 20:41:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.02.15 10:38:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.12.12 13:31:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2008.02.22 16:24:06 | 000,095,832 | ---- | M] ()
 
[2009.08.19 17:33:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Extensions
[2009.08.19 17:33:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2011.02.24 16:47:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\kb5tuk1y.default\extensions
[2010.07.05 07:28:57 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\kb5tuk1y.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.07.23 08:37:23 | 000,000,000 | ---D | M] (Minimap Addon) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\kb5tuk1y.default\extensions\{398e77b8-2304-11dc-8314-0800200c9a66}
[2011.02.15 10:46:19 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\kb5tuk1y.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.03.22 07:55:17 | 000,000,000 | ---D | M] (Noia 2.0 (eXtreme)) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\kb5tuk1y.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2010.03.22 07:55:21 | 000,000,000 | ---D | M] (Noia 2.0 eXtreme OPT) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\kb5tuk1y.default\extensions\noia2_option@kk.noia
[2010.09.25 12:37:39 | 000,000,000 | ---D | M] (Personas) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\kb5tuk1y.default\extensions\personas@christopher.beard
[2010.01.22 20:56:11 | 000,005,591 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\kb5tuk1y.default\searchplugins\1und1-suche.xml
[2010.01.22 20:56:11 | 000,001,371 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\kb5tuk1y.default\searchplugins\amazonde.xml
[2010.01.22 20:56:11 | 000,010,605 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\kb5tuk1y.default\searchplugins\gmx-suche.xml
[2010.01.22 20:56:11 | 000,005,588 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\kb5tuk1y.default\searchplugins\webde-suche.xml
[2011.02.23 11:18:42 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.11.09 13:01:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.12 08:51:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.02.23 11:18:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010.11.09 13:01:02 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.12 08:51:50 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.02.23 11:18:42 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2008.02.22 16:24:06 | 000,095,832 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\NPPDLicenseHelper.dll
[2010.10.22 14:01:54 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.10.22 14:01:54 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.10.22 14:01:54 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.10.22 14:01:54 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.10.22 14:01:54 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.11.30 20:22:40 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Programme\Lexmark Printable Web\bho.dll ()
O2 - BHO: (1&&1 Internet AG Browser Configuration by mquadr.at) - {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} - C:\Windows\System32\ieconfig_1und1.dll (mquadr.at software engineering und consulting GmbH)
O2 - BHO: (no name) - {D6E0063B-7B09-45C9-A51D-1FB51840EBE0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll ()
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [BkupTray] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
O4 - HKLM..\Run: [DataCardMonitor] C:\Programme\Huawei Modems\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [ePower_DMC] C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark Pro800-Pro900 Series\ezprint.exe ()
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Lexmark Pro800-Pro900 Series Fax Server] C:\Program Files\Lexmark Pro800-Pro900 Series\fm3032.exe ()
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [lxecmon.exe] C:\Program Files\Lexmark Pro800-Pro900 Series\lxecmon.exe ()
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware  (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDFPrint] C:\Programme\pdf24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [RunUVC] C:\Program Files\UVC Video Camera\RUNUVC.exe ()
O4 - HKLM..\Run: [UVCSti] C:\Program Files\UVC Video Camera\UVCSti.exe (Alcor Micro Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] C:\Program Files\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
O4 - HKCU..\Run: [InstallIQUpdater] C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe (W3i, LLC)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKCU..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [Sync2] C:\Program Files\4Team Corporation\Sync2\Sync2.exe (4Team Corporation)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TwonkyManager.lnk =  File not found
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Programme\AllMusicConverter\YouTubeRipper.dll ()
O9 - Extra 'Tools' menuitem : Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Programme\AllMusicConverter\YouTubeRipper.dll ()
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 -  File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\****\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\****\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.02.25 12:00:14 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.02.25 12:00:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.02.25 12:00:10 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.02.25 11:59:01 | 000,000,000 | ---D | C] -- C:\Users\****\Desktop\MFTools
[2011.02.24 17:24:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011.02.24 17:23:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011.02.24 17:23:14 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011.02.24 17:23:13 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011.02.24 17:23:13 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011.02.24 17:23:12 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011.02.24 17:23:12 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011.02.24 17:23:09 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011.02.24 17:23:09 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011.02.24 17:23:09 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011.02.24 17:23:09 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011.02.24 17:23:09 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011.02.24 17:23:04 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011.02.24 17:23:04 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011.02.24 17:23:04 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011.02.24 17:23:04 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011.02.24 17:23:04 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011.02.23 11:18:57 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java
[2011.02.23 11:18:38 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.02.23 11:18:38 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.02.23 11:18:38 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.02.17 11:04:29 | 000,000,000 | ---D | C] -- C:\Users\****\Documents\gegl-0.0
[2011.02.17 11:04:29 | 000,000,000 | ---D | C] -- C:\Users\****\.gimp-2.6
[2011.02.17 11:04:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
[2011.02.17 11:03:51 | 000,000,000 | ---D | C] -- C:\Programme\GIMP-2.0
[2011.02.15 11:55:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance
[2011.02.15 11:55:16 | 000,000,000 | ---D | C] -- C:\ProgramData\ScanSoft
[2011.02.15 11:55:14 | 000,000,000 | ---D | C] -- C:\Programme\Nuance
[2011.02.15 11:54:51 | 000,000,000 | ---D | C] -- C:\Programme\W3i
[2011.02.15 11:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\W3i
[2011.02.15 11:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater
[2011.02.15 10:48:55 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Nuance
[2011.02.15 10:47:09 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Zeon
[2011.02.15 10:47:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Nuance
[2011.02.15 10:46:33 | 000,000,000 | ---D | C] -- C:\Programme\Free Offers from Freeze.com
[2011.02.12 19:31:46 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Avira
[2011.02.11 08:38:32 | 002,039,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.02.11 08:38:28 | 003,602,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.02.11 08:38:27 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.02.11 08:38:19 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011.02.11 08:38:19 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011.02.11 08:38:19 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2011.02.11 08:38:19 | 000,797,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[2011.02.11 08:38:18 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2011.02.11 08:38:18 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011.02.11 08:38:18 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011.02.11 08:38:18 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2011.02.11 08:38:18 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2011.02.11 08:38:18 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011.02.11 08:38:18 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011.02.11 08:38:18 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011.02.11 08:38:17 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011.02.11 08:38:17 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2011.02.11 08:38:17 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2011.02.11 08:38:17 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011.02.11 08:38:17 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2011.02.11 08:38:17 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2011.02.11 08:38:17 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011.02.11 08:38:17 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2011.02.11 08:38:17 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011.02.11 08:38:16 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2011.02.11 08:38:13 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2011.02.11 08:38:13 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011.02.11 08:38:12 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011.02.11 08:38:04 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.02.11 08:38:04 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.02.11 08:38:03 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.02.11 08:38:03 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011.02.11 08:38:03 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.02.11 08:38:03 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.02.11 08:38:03 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.02.11 08:38:03 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.02.11 08:38:03 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.02.11 08:38:03 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.02.11 08:38:03 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.02.11 08:38:03 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.02.11 08:38:03 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.02.11 08:38:03 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.02.11 08:38:03 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.02.11 08:38:03 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.02.11 08:38:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.02.11 08:37:57 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011.02.11 08:37:57 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011.02.06 20:43:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.02.06 20:42:12 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2011.02.06 20:42:11 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.03.29 20:40:03 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\lxeccoin.dll
[2010.03.29 20:37:06 | 001,048,576 | ---- | C] ( ) -- C:\Windows\System32\lxecserv.dll
[2010.03.29 20:37:06 | 000,847,872 | ---- | C] ( ) -- C:\Windows\System32\lxecusb1.dll
[2010.03.29 20:37:06 | 000,802,816 | ---- | C] ( ) -- C:\Windows\System32\lxeccomc.dll
[2010.03.29 20:37:06 | 000,688,128 | ---- | C] ( ) -- C:\Windows\System32\lxechbn3.dll
[2010.03.29 20:37:06 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxecpmui.dll
[2010.03.29 20:37:06 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxeclmpm.dll
[2010.03.29 20:37:06 | 000,372,736 | ---- | C] ( ) -- C:\Windows\System32\lxeccomm.dll
[2010.03.29 20:37:06 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxecinpa.dll
[2010.03.29 20:37:06 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\LXEChcp.dll
[2010.03.29 20:37:06 | 000,344,064 | ---- | C] ( ) -- C:\Windows\System32\lxeciesc.dll
[2009.02.20 22:49:15 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.02.25 12:43:49 | 000,002,617 | ---- | M] () -- C:\Users\****\Desktop\Microsoft Word 2010.lnk
[2011.02.25 12:26:02 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.02.25 12:12:26 | 000,626,790 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.02.25 12:12:26 | 000,594,224 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.02.25 12:12:26 | 000,126,388 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.02.25 12:12:26 | 000,104,038 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.02.25 12:06:32 | 000,031,776 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.02.25 12:06:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2011.02.25 12:06:04 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.02.25 12:05:42 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.02.25 12:05:42 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.02.25 12:05:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.02.25 12:05:31 | 3215,851,520 | -HS- | M] () -- C:\hiberfil.sys
[2011.02.25 12:03:36 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.02.25 12:00:14 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.02.25 11:59:15 | 000,296,448 | ---- | M] () -- C:\Users\****\Desktop\g2m3e4r.exe
[2011.02.25 11:59:14 | 000,050,477 | ---- | M] () -- C:\Users\****\Desktop\defogger.exe
[2011.02.25 11:58:18 | 000,472,080 | ---- | M] () -- C:\Users\****\Desktop\Load.exe
[2011.02.25 11:49:05 | 000,002,721 | ---- | M] () -- C:\Users\****\Desktop\Microsoft Outlook 2010.lnk
[2011.02.18 21:51:13 | 000,112,640 | ---- | M] () -- C:\Users\****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.18 18:29:40 | 000,023,602 | ---- | M] () -- C:\Users\****\Desktop\Zinsvergleich nk.xlsx
[2011.02.17 21:08:42 | 000,033,261 | ---- | M] () -- C:\Users\****\Desktop\Spk. NK Anfrage.pdf
[2011.02.17 11:04:26 | 000,000,904 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2011.02.15 11:55:18 | 000,000,946 | ---- | M] () -- C:\Users\Public\Desktop\Nuance PDF Reader.lnk
[2011.02.11 21:07:49 | 000,380,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.02.08 08:31:42 | 000,000,125 | -HS- | M] () -- C:\ProgramData\.zreglib
[2011.02.06 20:43:02 | 000,001,668 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.02.02 21:40:39 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.02.02 21:40:38 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.02.02 21:40:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.02.02 21:40:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011.02.02 19:48:22 | 000,088,123 | ---- | M] () -- C:\Users\****\Desktop\LinkClick.pdf
[2011.02.02 17:42:52 | 000,002,619 | ---- | M] () -- C:\Users\****\Desktop\Microsoft Excel 2010.lnk
[2011.02.01 17:49:01 | 000,929,808 | ---- | M] () -- C:\Users\****\Documents\bauherrenhaftpflicht.docx
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.02.25 12:00:14 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.02.25 11:59:15 | 000,296,448 | ---- | C] () -- C:\Users\****\Desktop\g2m3e4r.exe
[2011.02.25 11:59:14 | 000,050,477 | ---- | C] () -- C:\Users\****\Desktop\defogger.exe
[2011.02.25 11:58:18 | 000,472,080 | ---- | C] () -- C:\Users\****\Desktop\Load.exe
[2011.02.24 17:23:05 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011.02.24 17:23:05 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011.02.24 17:23:05 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011.02.17 21:09:04 | 000,033,261 | ---- | C] () -- C:\Users\****\Desktop\Spk. NK Anfrage.pdf
[2011.02.17 11:04:26 | 000,000,904 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2011.02.15 11:55:18 | 000,000,946 | ---- | C] () -- C:\Users\Public\Desktop\Nuance PDF Reader.lnk
[2011.02.09 18:53:07 | 000,023,602 | ---- | C] () -- C:\Users\****\Desktop\Zinsvergleich nk.xlsx
[2011.02.06 20:43:02 | 000,001,668 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.02.02 19:48:22 | 000,088,123 | ---- | C] () -- C:\Users\****\Desktop\LinkClick.pdf
[2011.02.01 17:49:01 | 000,929,808 | ---- | C] () -- C:\Users\****\Documents\bauherrenhaftpflicht.docx
[2011.01.03 13:08:14 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.01.01 21:05:27 | 000,000,011 | ---- | C] () -- C:\ProgramData\.tv6
[2010.12.24 13:48:21 | 000,001,164 | ---- | C] () -- C:\Users\****\AppData\Local\crc32list11.txt
[2010.10.24 08:20:15 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2010.04.19 16:20:54 | 000,303,104 | ---- | C] () -- C:\Windows\System32\Lib4Dups.dll
[2010.03.29 20:57:07 | 000,000,504 | ---- | C] () -- C:\ProgramData\FastPics.log
[2010.03.29 20:56:03 | 000,045,390 | ---- | C] () -- C:\ProgramData\lxecJSW.log
[2010.03.29 20:40:06 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxecvs.dll
[2010.03.29 20:40:01 | 000,294,912 | ---- | C] () -- C:\Windows\System32\lxeccui.dll
[2010.03.29 20:40:01 | 000,110,592 | ---- | C] () -- C:\Windows\System32\lxeccuir.dll
[2010.03.29 20:40:01 | 000,086,016 | ---- | C] () -- C:\Windows\System32\lxecgcfg.dll
[2010.03.29 20:39:59 | 000,085,533 | ---- | C] () -- C:\ProgramData\lxecscan.log
[2010.03.29 20:38:27 | 000,049,152 | ---- | C] () -- C:\Windows\System32\LXECPMON.DLL
[2010.03.29 20:38:27 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXECFXPU.DLL
[2010.03.29 20:38:07 | 004,485,120 | ---- | C] () -- C:\Windows\System32\LXECoem.dll
[2010.03.29 20:37:19 | 000,000,044 | -H-- | C] () -- C:\Windows\System32\lxecrwrd.ini
[2010.03.29 20:37:07 | 000,327,680 | ---- | C] () -- C:\Windows\System32\LXECinst.dll
[2010.03.29 20:37:06 | 000,323,584 | ---- | C] () -- C:\Windows\System32\lxecins.dll
[2010.03.29 20:37:06 | 000,262,144 | ---- | C] () -- C:\Windows\System32\lxecinsb.dll
[2010.03.29 20:37:06 | 000,253,952 | ---- | C] () -- C:\Windows\System32\lxeccu.dll
[2010.03.29 20:37:06 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxecgrd.dll
[2010.03.29 20:37:06 | 000,114,688 | ---- | C] () -- C:\Windows\System32\lxecinsr.dll
[2010.03.29 20:37:06 | 000,090,112 | ---- | C] () -- C:\Windows\System32\lxeccub.dll
[2010.03.29 20:37:06 | 000,057,344 | ---- | C] () -- C:\Windows\System32\lxecjswr.dll
[2010.03.29 20:37:06 | 000,036,864 | ---- | C] () -- C:\Windows\System32\lxeccur.dll
[2010.03.29 20:32:40 | 000,000,000 | ---- | C] () -- C:\ProgramData\LxWbGwLog.log
[2010.03.29 20:32:40 | 000,000,000 | ---- | C] () -- C:\ProgramData\cmn_upld.log
[2010.03.29 20:32:33 | 000,000,000 | ---- | C] () -- C:\ProgramData\UpdaterLog.txt
[2010.03.29 20:32:15 | 000,024,064 | ---- | C] () -- C:\Windows\System32\LXECsmr.dll
[2010.03.29 20:32:14 | 000,299,008 | ---- | C] () -- C:\Windows\System32\LXECsm.dll
[2010.01.22 18:50:35 | 000,000,645 | ---- | C] () -- C:\Windows\wiso.ini
[2009.10.20 20:11:31 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.07.01 20:27:58 | 000,000,569 | ---- | C] () -- C:\Users\****\AppData\Roaming\mdbu.bin
[2009.07.01 20:16:51 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2009.07.01 20:16:41 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009.06.16 13:25:04 | 000,121,512 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2009.05.31 14:06:04 | 000,001,475 | ---- | C] () -- C:\Users\****\AppData\Local\RecConfig.xml
[2009.05.31 13:55:04 | 000,000,170 | ---- | C] () -- C:\Windows\wininit.ini
[2009.05.30 18:08:42 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009.05.30 18:02:19 | 000,000,000 | ---- | C] () -- C:\Windows\OpPrintServer.INI
[2009.05.30 17:59:44 | 000,007,680 | ---- | C] () -- C:\Windows\System32\CNMVS64.DLL
[2009.05.28 16:51:20 | 000,112,640 | ---- | C] () -- C:\Users\****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.05.27 05:50:45 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.05.26 15:24:33 | 000,031,776 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.05.26 15:24:31 | 000,031,776 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.04.09 16:47:04 | 000,013,824 | ---- | C] () -- C:\Windows\System32\CallSimReader.dll
[2009.04.09 16:46:04 | 000,055,808 | ---- | C] () -- C:\Windows\System32\SimReader.dll
[2009.02.20 14:14:09 | 000,000,033 | ---- | C] () -- C:\Windows\LaunApp.ini
[2009.02.20 14:10:52 | 000,006,073 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe2.log
[2009.02.20 13:59:58 | 000,000,057 | ---- | C] () -- C:\Windows\PidList.ini
[2009.02.20 13:58:56 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2009.01.22 19:28:59 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2009.01.22 19:13:54 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2009.01.22 19:13:54 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008.11.11 04:27:31 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.11.11 04:27:24 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll
[2008.11.11 04:27:24 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll
[2008.11.11 04:26:52 | 000,000,041 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2007.10.22 07:53:12 | 000,466,944 | ---- | C] () -- C:\Windows\System32\RemoveDevice.dll
[2007.10.22 07:53:12 | 000,466,944 | ---- | C] () -- C:\Windows\RemoveDevice.dll
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
 
========== LOP Check ==========
 
[2009.05.27 06:27:21 | 000,000,000 | -HSD | M] -- C:\Users\****\AppData\Roaming\.#
[2011.01.25 12:13:55 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\4Team
[2009.01.22 18:59:31 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Acer GameZone Console
[2009.12.16 19:53:13 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Birdstep Technology
[2009.11.22 14:09:34 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Buhl Data Service
[2009.12.16 20:52:19 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Bytemobile
[2009.05.31 13:50:03 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\eSobi
[2010.06.01 18:33:32 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\FRITZ!
[2011.01.07 20:04:20 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\HandBrake
[2010.09.24 17:02:09 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Leadertech
[2010.07.22 19:45:51 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\LiveCAD3
[2009.07.01 20:18:36 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\MAGIX
[2011.02.15 10:48:55 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Nuance
[2009.05.28 20:06:45 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\PowerCinema
[2010.03.30 17:17:34 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Pro800-Pro900 Series
[2010.07.28 19:59:18 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\ProtectDisc
[2009.05.26 15:44:47 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\SoftDMA
[2009.11.12 18:22:30 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Sprite Software
[2009.12.16 20:18:44 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\T-Mobile
[2010.09.11 12:32:13 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\T-Mobile Internet Manager
[2011.01.25 12:08:04 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\TeamViewer
[2009.05.30 21:02:19 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Thunderbird
[2009.08.20 19:17:31 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\TomTom
[2011.01.01 21:50:01 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\TwonkyMedia
[2009.12.16 20:57:41 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Vodafone
[2009.12.16 21:07:20 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Vodafone Mobile Connect
[2011.02.15 10:47:09 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Zeon
[2011.02.25 12:03:36 | 000,032,628 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:A9662AE0
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:D74B6CF5
@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:753F86A9

< End of report >
         
--- --- ---


Alt 25.02.2011, 12:49   #6
79alex23
 
Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter... - Standard

Wo Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter... Lösung!



In letzter Zeit ist mir aufgefallen, dass ich ab und an das Geräusch am PC höre, als ob ich ein USB Gerät anschließe/entferne ("Dadang") obwohl ich nichts anschließe/entferne!!!

Alt 27.02.2011, 18:24   #7
79alex23
 
Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter... - Standard

Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter...



Hat niemand eine Idee, oder ist nichts Auffälliges in den files?

Antwort

Themen zu Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter...
absoluter, adware.doubled, ausmachen, bereits, erklären, explorer, folge, folgendes, herunterfahren, laien, langsam, lüfter, morgens, pc herunterfahren, programme, reagieren, seitdem, tagen, vista, windows, windows vista, woran



Ähnliche Themen: Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter...


  1. PC fährt immer runter, Virenprogramm läuft nicht
    Plagegeister aller Art und deren Bekämpfung - 21.07.2015 (27)
  2. Netbook,Windows 7Starter läuft langsam oder reagiert gar nicht mehr
    Log-Analyse und Auswertung - 28.04.2015 (55)
  3. Windows 7: Lüfter läuft ungewöhnlich oft + GMER funktioniert nicht
    Log-Analyse und Auswertung - 09.04.2015 (18)
  4. Mein PC läuft immer bei einer CPU Auslastung von 100% bzw meistens - er läuft viel zu langsam
    Plagegeister aller Art und deren Bekämpfung - 25.01.2015 (1)
  5. Sony Vaio i5 mit Windows 7 64-bit - Lüfter läuft ständig
    Log-Analyse und Auswertung - 12.12.2014 (3)
  6. Pc fährt plötzlich herunter und wieder hoch und läuft seitdem langsam
    Plagegeister aller Art und deren Bekämpfung - 28.11.2014 (11)
  7. Windows 7: Windows Version Installer (Schadprogramm); Laptop läuft heiß, Lüfter arbeitet auf Hochleistung; Firefox stürzt ab.
    Log-Analyse und Auswertung - 07.11.2014 (17)
  8. Lüfter läuft ständig auf hochtouren obwohl CPU normal läuft unter w7 home premium 32bit serv.pck 1 DANKE!
    Log-Analyse und Auswertung - 09.09.2014 (12)
  9. PC fährt mehrmals hoch und runter, bis er stabil läuft
    Log-Analyse und Auswertung - 26.05.2014 (19)
  10. Windows Vista läuft sehr langsam und es werden immer (besonders wenn man im Internet ist) Speicherprobleme angezeigt
    Log-Analyse und Auswertung - 22.05.2014 (1)
  11. Vista64bit; Lüfter läuft ständig und malwarebytes startet nicht.
    Log-Analyse und Auswertung - 31.01.2014 (11)
  12. win vista läuft langsam/malwarebytes fund: PUP.optional.tarma und andere
    Log-Analyse und Auswertung - 20.09.2013 (17)
  13. Internet Browser alle total langsam! Restlicher PC läuft ganz normal!
    Plagegeister aller Art und deren Bekämpfung - 08.09.2012 (1)
  14. PC fährt nicht mehr ordentlich runter - Windows Vista
    Alles rund um Windows - 02.08.2012 (7)
  15. Hohe CPU Auslastung, >88 Prozesse, Lüfter läuft ständig, PC langsam
    Netzwerk und Hardware - 10.04.2012 (8)
  16. hilfe mein inet läuft ganz langsam
    Log-Analyse und Auswertung - 26.04.2009 (1)
  17. Vista läuft verdammt langsam Media- und Audioplayer machen Probleme.
    Log-Analyse und Auswertung - 03.11.2008 (2)

Zum Thema Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter... - Hallo, wie bereits Stichwortartig in der Überschrift erwähnt habe ich seit ca. 10 Tagen folgendes Problem. Ich wollte abends den PC herunterfahren und als ich morgens in PC-Zimmer kam war - Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter......
Archiv
Du betrachtest: Windows Vista ganz langsam, Lüfter läuft (und läuft) PC fährt nicht runter... auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.