nach Trojanerbefall alle Dateien verschwunden, Screnn schwarz, Fehlermeldungen

OTL Extras logfile created on: 29.04.2011 17:22:04 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Perner\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 62,00% Paging File free
Paging file location(s): c:\pagefile.sys 600 1000 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,44 Gb Total Space | 57,35 Gb Free Space | 51,46% Space Free | Partition Type: NTFS
Drive D: | 104,90 Gb Total Space | 99,47 Gb Free Space | 94,82% Space Free | Partition Type: NTFS
 
Computer Name: PERNER-PC | User Name: Perner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A4BFD0C-F6ED-4C9E-AAC7-F166C307D972}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{3A21C308-D0EF-4BB9-9AF0-B2138E2A767C}" = lport=139 | protocol=6 | dir=in | app=system | 
"{3F27FB54-C417-4CB9-9461-7379A6DBC9EF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{433168B7-CAFE-40CD-8AEC-0C5F1E0343BE}" = rport=139 | protocol=6 | dir=out | app=system | 
"{59A46FD8-0CA6-439B-835F-917AC1B5C962}" = rport=138 | protocol=17 | dir=out | app=system | 
"{6B5E840C-B0AC-41C8-A793-B85A4CAD1D20}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{876C7AC6-AA8B-4577-A853-0EFF638C3672}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{9C591C32-0FC8-409C-A7B7-255CEAB656BD}" = rport=445 | protocol=6 | dir=out | app=system | 
"{B3470D62-038A-427D-8864-F18BBD16D841}" = lport=445 | protocol=6 | dir=in | app=system | 
"{C3156178-71C0-4BFE-A24F-7199BD354452}" = lport=137 | protocol=17 | dir=in | app=system | 
"{DEB6A856-8FC4-4AB0-A542-618DAF63707B}" = rport=137 | protocol=17 | dir=out | app=system | 
"{E1597DCB-64F9-4E90-845B-4B2E30740CB4}" = lport=138 | protocol=17 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04A3A56B-6C82-4FB2-B8D3-3ADDA818DF38}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{177F2E88-6176-407D-B1F2-883E6E607FCC}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe | 
"{1C2158D1-4371-4057-869D-2F6E70F519DA}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe | 
"{2490DF97-7871-49B2-8D49-3947E02C8FFF}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{277AA5D8-DFF9-4103-AE45-1A3C5855C39E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{280DF023-979C-468A-BC34-3F648F2DE1DD}" = protocol=17 | dir=in | app=c:\program files\ubisoft\die siedler - aufstieg eines königreichs\play settlers 6.exe | 
"{34D57345-043F-40FA-AF98-9A250A6754C1}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{3E4BFDCE-E39C-42D1-BAC7-197FC7865DBF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{3F327FC4-334D-442F-AC1D-BFEA489A265F}" = protocol=6 | dir=in | app=c:\program files\ubisoft\die siedler - aufstieg eines königreichs\play settlers 6.exe | 
"{3F96D564-BABC-47BD-A99D-78A5E29167A5}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{460806F9-3EAA-4A8B-92A8-43D44940A6B7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{6F6B3DA8-8EBE-485B-9FD2-FFC4F8681EC4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{7184E325-445B-4C2F-BFF9-A1A1B571D85B}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{7A036DBC-8E61-442A-A28D-EEC4A438DE80}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{7DDF55E2-6274-4E94-A98D-687CE3654286}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe | 
"{8E4DFA17-43A2-4594-9AD9-B3376833B1EE}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{8E6CFBF4-E76D-4592-BF44-0DB83C3BFE87}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe | 
"{8E7BCFF4-CF0C-42AB-9F39-280D2A3E11F7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{923CF2D2-A4C6-4E76-A8A2-B5D639BA1EB6}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe | 
"{956DEF3B-F080-4529-BAA9-16D5A0677C83}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{984C8463-2BCC-4C9F-A5E5-F3B0907BD361}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | 
"{9DC6613B-2D49-4090-B7C0-2DF626579D25}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{A05741E1-B128-42F3-B14C-70194848CAB9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{A38942B0-BD4C-4647-B650-F49F350ACF9F}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{D346F742-28AE-4053-A2CA-D937C87FE578}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{D5E4DFB6-1DFA-4FBF-97B9-99B1D0C66AD9}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{D963477D-FC31-4D43-A73D-C2F446FC78CB}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe | 
"{DCC76BA9-82C6-417E-BC29-A7FD86F0FC6F}" = protocol=6 | dir=in | app=c:\program files\ubisoft\die siedler - aufstieg eines königreichs\base\bin\settlers6.exe | 
"{E9A6E6E6-D8AF-4037-A7B5-77B6299AAD62}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{E9E175FD-2D92-4F79-BC2D-A4807DD37939}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{EBC098B8-534A-45D2-A6A8-C400D29CF75C}" = protocol=17 | dir=in | app=c:\program files\ubisoft\die siedler - aufstieg eines königreichs\base\bin\settlers6.exe | 
"{F31BCE89-8993-4828-8D15-4192EAC315BC}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{FBE4D8CB-DF13-48EA-9696-D5C88CBF4245}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"TCP Query User{0243A497-39FB-44AE-BF09-6C0B73FA9BBB}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe | 
"TCP Query User{06858F76-4C7B-4B5A-B765-1E7490C0E449}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 
"TCP Query User{177700C2-6ADD-4073-849A-3AFD4B664E54}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{2E421398-EBD0-4C5A-85DD-084A539A07EA}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
"TCP Query User{39878B66-9E24-48B2-A9BC-ADB61B33871D}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe | 
"TCP Query User{3BE6E431-B85C-41CF-98D1-30A03D1B7B88}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"TCP Query User{4B0625E5-0C55-4996-9B83-335B536E79B3}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe | 
"TCP Query User{5A02DFA5-8956-4978-AC16-1A5C94853154}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{68E13B8D-2F43-4E40-B150-ED3544C7A376}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"TCP Query User{720EC313-B811-42E0-8900-C676FEC66B1C}C:\program files\anno 1701 demo\anno1701_demo.exe" = protocol=6 | dir=in | app=c:\program files\anno 1701 demo\anno1701_demo.exe | 
"TCP Query User{7B7B19EE-BD8D-484D-8111-0883675931FF}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
"TCP Query User{A9ED317D-0115-4C66-ABAD-7AC04A7B6860}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"TCP Query User{B44C23C9-7EBC-4718-8A15-E3C0FB23A206}C:\program files\live-player\live-player.exe" = protocol=6 | dir=in | app=c:\program files\live-player\live-player.exe | 
"TCP Query User{B9AB534A-97E9-4540-82E6-E7AAB47E09AE}C:\users\perner\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light" = protocol=6 | dir=in | app=c:\users\perner\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light | 
"TCP Query User{BA90BC5D-D2AD-4284-8FD6-1CAE6B738487}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"TCP Query User{C10D493D-44F9-4667-8ACA-FA58D79128FB}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{13A9B464-352F-4519-95FE-8CCAB4012294}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"UDP Query User{26B7FC7A-2F98-4AB8-AB5C-EAFC06C08F69}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"UDP Query User{291E0910-39D1-4798-B9D9-0F09FDE478C3}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe | 
"UDP Query User{2B790DC1-182A-43AB-8040-4D436A8C6196}C:\program files\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | 
"UDP Query User{36A6682E-921F-425E-B186-2D4446244FB0}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"UDP Query User{5D312E9D-F5EE-4FAD-B1B5-84E665D4C398}C:\program files\anno 1701 demo\anno1701_demo.exe" = protocol=17 | dir=in | app=c:\program files\anno 1701 demo\anno1701_demo.exe | 
"UDP Query User{67EDD31F-F824-42E4-8C85-7BF5140251FD}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe | 
"UDP Query User{6D46D279-165B-4BE0-AF95-491B7E201C1C}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{76443088-F01A-4AAB-9D8E-EB5655A36741}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{80D1E8E5-E5F0-405B-A56B-1822200AD0FC}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"UDP Query User{8973C86D-8213-4DCF-B545-BDE5FDBB31F4}C:\program files\live-player\live-player.exe" = protocol=17 | dir=in | app=c:\program files\live-player\live-player.exe | 
"UDP Query User{94A519B0-8357-4954-8039-E99420CB045B}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe | 
"UDP Query User{D5B1FB92-1122-471E-94D8-AE956B9A2021}C:\users\perner\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light" = protocol=17 | dir=in | app=c:\users\perner\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light | 
"UDP Query User{D6660411-D5A0-4664-A2EC-31E1F47F4ED2}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{DBECC00C-03FC-4CAA-85C3-8BBA5BC2C1F9}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
"UDP Query User{EBB2AEC0-7D4F-448F-A034-7EC81A1F30DF}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{005F78AF-110D-398A-8430-BE98950A1E22}" = Google Talk Plugin
"{01C08A7D-4CCD-41F8-B020-4B4BB8C08C68}" = Catalyst Control Center - Branding
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.5000
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{09C468CA-2940-466A-AAE8-DCC0C6E9323C}" = Nokia Software Updater
"{0A1984C3-5036-5B5F-F18E-16453EF5A6E1}" = Catalyst Control Center Localization Swedish
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{155BBB23-C7A5-223C-3B33-289089D6E0A2}" = Catalyst Control Center Localization Finnish
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19B4BDE9-0F2B-44FF-FDC4-987E1B33D03C}" = CCC Help English
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{24F149E4-D897-9046-48A5-87CD67F81865}" = CCC Help Polish
"{25C1AF96-1F59-A1CE-3135-B38AFAA5C614}" = CCC Help Czech
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 24
"{26E2E4FB-F26A-549E-5496-14BAE4E2BA67}" = Catalyst Control Center Graphics Full Existing
"{27B7371A-7AA2-CC5B-6377-72161660F0BE}" = CCC Help Chinese Traditional
"{29F3D466-E05F-CBB6-63E9-01C85C083FCD}" = CCC Help French
"{29F563F4-8807-4496-8463-441EAA0E96AB}" = PC Connectivity Solution
"{2CB2E1AE-B62A-3F43-9DD0-EF73467977AC}" = Catalyst Control Center Localization Hungarian
"{30BDD0BE-6A51-6DDD-197D-EFCE3B0EF79D}" = CCC Help German
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{358C26F2-5B99-A7E9-18CF-2AE6BC97289B}" = Catalyst Control Center Localization Czech
"{3C277F75-605E-BFFE-4F87-27709C92370C}" = Catalyst Control Center Localization Portuguese
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BD4AA8B-3C63-26AB-1CA3-010475A9EA72}" = CCC Help Portuguese
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP v3.2
"{50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF}" = Nokia Ovi Player
"{5262BAD6-5AB7-1490-A65C-D06368F07FF1}" = Catalyst Control Center Localization Italian
"{53F44183-B716-8D7D-053E-CB8039B38E74}" = CCC Help Hungarian
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{5539EBB1-4BB9-21E5-921B-16E8886639D3}" = Catalyst Control Center Localization Chinese Traditional
"{567E8236-C414-4888-8211-3D61608D57AE}" = Validity Sensors software
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5A89D38C-B9FE-ECFF-B90E-B9DEC8C8F2D8}" = Catalyst Control Center Localization Greek
"{5B1519C1-265C-C636-C414-F1E150B4F0AA}" = CCC Help Turkish
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support
"{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}" = Suite
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6184B5A4-1355-A8D6-CE24-8F7EE887CBF3}" = CCC Help Norwegian
"{650BDC60-79C7-383B-2E9C-B8FF3909A127}" = Catalyst Control Center Localization Spanish
"{653F6FEA-643C-457F-774A-64D4DAAE1028}" = Catalyst Control Center Graphics Previews Vista
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{74224F8D-4A17-4816-9EDB-7BB854DE532C}" = NVIDIA PhysX v8.04.25
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{790DA23A-126B-91A9-FAB7-13EF66724253}" = CCC Help Swedish
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7DBDAAAB-8639-B59D-798A-32458B7380F9}" = Catalyst Control Center Localization Norwegian
"{7E96828D-B970-B1A9-3D9F-7EC3624785D0}" = Catalyst Control Center Localization German
"{7ECBF19A-78EC-1665-7E1C-B3E92B07F7CC}" = CCC Help Japanese
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{80C1F369-F876-3D19-7816-B7800E7A6961}" = CCC Help Greek
"{827CFE4D-8687-9E1E-0A72-587BFF0B0D3A}" = CCC Help Thai
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}" = Backspin Billiards
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{862ACB14-04CE-46BC-8652-9EA203178DD7}" = STOPzilla
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A9DBEBC-C800-4776-A970-D76D6AA405B1}" = PHOTOfunSTUDIO -viewer-
"{9AF60AF6-B109-D3A4-4367-B3620CBA37A7}" = CCC Help Finnish
"{9ED61802-0F47-F846-FA23-67CE3E4BD427}" = CCC Help Italian
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.5
"{A79CB508-2DD7-F717-8787-C6382C274082}" = Catalyst Control Center Graphics Light
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AACF5D06-EF3A-1941-3492-1E60589CA444}" = ccc-utility
"{AAD47011-8518-4608-9656-951DA35B587B}" = iTunes
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AE2C968B-8A14-ABA2-D742-14E575104BCD}" = Catalyst Control Center Localization Korean
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B6988D5B-4325-F1F7-B0E5-C4CCCD01E6B8}" = Catalyst Control Center Localization Thai
"{B734B040-25BB-02CA-39BD-FD6D070EDDAB}" = Catalyst Control Center Localization Danish
"{B86EE516-7CB4-E4C3-8382-010D4F2807F5}" = CCC Help Korean
"{BB01F512-272A-3C70-DA60-884C8BBC39DD}" = Catalyst Control Center Localization Chinese Standard
"{BCB0CE1E-7510-3948-4834-99BBA689CF62}" = Catalyst Control Center Core Implementation
"{BD5106DF-C061-5736-F1A5-F114BAA63759}" = CCC Help Russian
"{C03A43DF-CEE0-6D82-D2D3-781CCE1FC24E}" = Catalyst Control Center Localization Japanese
"{C76DAFAE-5E59-44AB-2764-70BC79E0D4B2}" = Skins
"{C8256DAF-828E-7E91-FB83-D900AA8E3C86}" = CCC Help Danish
"{C9429012-1CBE-E0CA-0955-CC53E0F2115F}" = CCC Help Chinese Standard
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB9B619A-EEA1-BFAB-6CA5-1FC655E2A0DA}" = Catalyst Control Center Localization Turkish
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D013644E-F890-49A4-0DE9-8E4BBD18A406}" = ATI Catalyst Install Manager
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}" = DIE SIEDLER - Aufstieg eines Königreichs
"{D7C49EC6-4DEA-7A7A-860D-78D613C68B8C}" = ccc-core-static
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E08C03D7-AE05-0458-2D14-78F219316933}" = Catalyst Control Center Localization Dutch
"{E4FD0200-A7DB-2D5A-B5B1-DBC0A184C9B2}" = Catalyst Control Center Localization Russian
"{E9BA4A79-BD4C-52E3-F34F-85B1CC62EE15}" = Catalyst Control Center Localization Polish
"{E9D20FA4-7CA6-F243-A503-CA961CCD2277}" = CCC Help Spanish
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EF9E54C1-2D5F-DDA8-8E7B-0CD3EF89C8E4}" = Catalyst Control Center Localization French
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F5A630D4-3D7D-6EEC-5DAE-41835DC0A1DA}" = Catalyst Control Center Graphics Full New
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone-Konfigurationsprogramm
"{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver
"{FD2B6E20-5344-07B4-C210-B57611E02906}" = CCC Help Dutch
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1&1 EasyLogin" = 1&1 EasyLogin
"1&1 Upload-Manager" = 1&1 Upload-Manager
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Acer Acer Bio Protection 6.0.00.12" = Acer Bio Protection
 
AAV 6.0.00.12
"Acer GameZone Console_is1" = Acer GameZone Console 2.0.1.1
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVSKey-Lock_is1" = AVSKey-Lock 1.07
"BILD-de Bundesliga" = BILD-de Bundesliga Bildschirmschoner
"DivX Setup.divx.com" = DivX-Setup
"eBay Icon" = eBay Icon
"ERUNT_is1" = ERUNT 1.1j
"Google Chrome" = Google Chrome
"GridVista" = Acer GridVista
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}" = Suite
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Live-Player" = Live-Player
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MSC" = McAfee SecurityCenter
"NSS" = Norton Security Scan
"RealPlayer 12.0" = RealPlayer
"Sandlot Games Client Services 1.2.2_is1" = Sandlot Games Client Services 1.2.2
"SopCast" = SopCast 3.2.4
"ST6UNST #1" = BEWERBUNGSMASTER
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TomTom HOME" = TomTom HOME 2.7.5.2014
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinGimp-2.0_is1" = GIMP 2.6.6
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 28.04.2011 15:09:16 | Computer Name = Perner-PC | Source = Application Hang | ID = 1002
Description = Programm IEXPLORE.EXE, Version 8.0.6001.19048 arbeitet nicht mehr 
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen 
über das Problem zu suchen. Prozess-ID: 1518 Anfangszeit: 01cc05d6084b86fb Zeitpunkt
der Beendigung: 0
 
Error - 28.04.2011 16:30:21 | Computer Name = Perner-PC | Source = Application Hang | ID = 1002
Description = Programm IEXPLORE.EXE, Version 8.0.6001.19048 arbeitet nicht mehr 
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen 
über das Problem zu suchen. Prozess-ID: 900 Anfangszeit: 01cc05d7c4e1eb5b Zeitpunkt
der Beendigung: 0
 
Error - 28.04.2011 18:30:03 | Computer Name = Perner-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung CompileMOF.exe, Version 3.0.2000.0, Zeitstempel
0x474a325e, fehlerhaftes Modul CompileMOF.exe, Version 3.0.2000.0, Zeitstempel 
0x474a325e, Ausnahmecode 0xc000000d, Fehleroffset 0x00002a7f, Prozess-ID 0xa38, Anwendungsstartzeit
01cc05f3d0da1736.
 
Error - 28.04.2011 18:30:28 | Computer Name = Perner-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 28.04.2011 18:32:45 | Computer Name = Perner-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung SZServer.exe, Version 5.0.90.102, Zeitstempel
0x4d9c945e, fehlerhaftes Modul iS3Base5.dll, Version 5.0.115.0, Zeitstempel 0x4d270bfd,
Ausnahmecode 0xc0000005, Fehleroffset 0x000040b2, Prozess-ID 0x498, Anwendungsstartzeit
01cc05f3c24a9353.
 
Error - 29.04.2011 09:22:05 | Computer Name = Perner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 29.04.2011 09:22:05 | Computer Name = Perner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 41611660
 
Error - 29.04.2011 09:22:05 | Computer Name = Perner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 41611660
 
Error - 29.04.2011 09:37:23 | Computer Name = Perner-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung CompileMOF.exe, Version 3.0.2000.0, Zeitstempel
0x474a325e, fehlerhaftes Modul CompileMOF.exe, Version 3.0.2000.0, Zeitstempel 
0x474a325e, Ausnahmecode 0xc000000d, Fehleroffset 0x00002a7f, Prozess-ID 0xc0c, Anwendungsstartzeit
01cc0672915f5f3d.
 
Error - 29.04.2011 09:37:59 | Computer Name = Perner-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 28.04.2011 18:29:06 | Computer Name = Perner-PC | Source = volsnap | ID = 393241
Description = Die Schattenkopien von Volume "C:" wurden gelöscht, weil der Schattenkopiespeicher
nicht rechtzeitig vergrößert wurde. Sie sollten die E/A-Last auf dem System verringern
oder ein Schattenkopie-Speichervolume, von dem keine Schattenkopie erstellt wird,
auswählen.
 
Error - 28.04.2011 18:30:35 | Computer Name = Perner-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 28.04.2011 18:33:14 | Computer Name = Perner-PC | Source = Service Control Manager | ID = 7034
Description = 
 
Error - 29.04.2011 09:32:07 | Computer Name = Perner-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 29.04.2011 09:34:56 | Computer Name = Perner-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = 
 
Error - 29.04.2011 09:35:47 | Computer Name = Perner-PC | Source = volmgr | ID = 262193
Description = Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist
fehlgeschlagen. Stellen Sie sicher, dass eine Auslagerungsdatei auf der Startpartition
vorhanden ist und dass diese groß genug ist, um den gesamten physikalischen Speicher
abbilden zu können.
 
Error - 29.04.2011 09:35:55 | Computer Name = Perner-PC | Source = volmgr | ID = 262193
Description = Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist
fehlgeschlagen. Stellen Sie sicher, dass eine Auslagerungsdatei auf der Startpartition
vorhanden ist und dass diese groß genug ist, um den gesamten physikalischen Speicher
abbilden zu können.
 
Error - 29.04.2011 09:36:18 | Computer Name = Perner-PC | Source = volsnap | ID = 393241
Description = Die Schattenkopien von Volume "C:" wurden gelöscht, weil der Schattenkopiespeicher
nicht rechtzeitig vergrößert wurde. Sie sollten die E/A-Last auf dem System verringern
oder ein Schattenkopie-Speichervolume, von dem keine Schattenkopie erstellt wird,
auswählen.
 
Error - 29.04.2011 09:38:05 | Computer Name = Perner-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 29.04.2011 11:11:15 | Computer Name = Perner-PC | Source = Service Control Manager | ID = 7034
Description = 
 
 
< End of report >
         

OTL logfile created on: 30.04.2011 13:13:10 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Perner\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 50,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 55,00% Paging File free
Paging file location(s): c:\pagefile.sys 600 1000 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,44 Gb Total Space | 58,27 Gb Free Space | 52,29% Space Free | Partition Type: NTFS
Drive D: | 104,90 Gb Total Space | 99,47 Gb Free Space | 94,82% Space Free | Partition Type: NTFS
 
Computer Name: PERNER-PC | User Name: Perner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.04.30 13:06:54 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Perner\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2011.04.30 13:03:08 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Perner\Desktop\OTL.exe
PRC - [2011.04.28 18:20:06 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2011.04.28 00:35:36 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.04.25 18:17:16 | 000,177,616 | R--- | M] (iS3, Inc.) -- C:\Programme\STOPzilla!\STOPzilla.exe
PRC - [2011.04.25 18:17:12 | 000,062,928 | R--- | M] (iS3, Inc.) -- C:\Programme\Common Files\iS3\Anti-Spyware\SZServer.exe
PRC - [2011.03.17 21:21:47 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.02.25 11:17:35 | 000,304,304 | ---- | M] (Google Inc.) -- C:\Programme\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011.02.16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\SiteAdvisor\McSACore.exe
PRC - [2010.06.24 16:41:38 | 000,092,008 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2010.01.14 23:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.09.07 20:50:36 | 000,206,120 | ---- | M] (CyberLink) -- C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
PRC - [2009.09.07 20:50:28 | 000,152,872 | ---- | M] (CyberLink Corp.) -- C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.06.01 22:20:12 | 000,222,968 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe
PRC - [2009.05.21 15:42:28 | 000,173,288 | ---- | M] (Acer Corp.) -- C:\Programme\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2009.04.16 17:56:36 | 000,075,048 | ---- | M] () -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.07.15 15:28:26 | 003,346,944 | -H-- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Programme\Acer\Acer Bio Protection\CompPtcVUI.exe
PRC - [2008.07.15 15:28:20 | 003,474,432 | -H-- | M] () -- C:\Programme\Acer\Acer Bio Protection\BASVC.exe
PRC - [2008.04.28 13:18:26 | 000,809,480 | ---- | M] (Dritek System Inc.) -- C:\Programme\Launch Manager\LManager.exe
PRC - [2008.04.22 11:02:06 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) -- C:\Windows\System32\vfsFPService.exe
PRC - [2008.03.21 13:22:52 | 000,024,576 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008.03.11 20:30:28 | 000,397,312 | ---- | M] (Acer Inc.) -- C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2008.03.11 11:53:54 | 005,296,128 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.03.07 04:36:12 | 000,544,768 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Empowering Technology\eAudio\eAudio.exe
PRC - [2008.03.05 00:38:34 | 000,500,784 | -H-- | M] (Egis Incorporated) -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008.03.05 00:38:28 | 000,526,896 | -H-- | M] (Egis Incorporated) -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008.01.25 01:38:12 | 002,458,128 | ---- | M] (McAfee, Inc.) -- c:\Programme\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.10 17:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer VCM\RS_Service.exe
PRC - [2008.01.09 15:50:22 | 000,767,976 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\MSC\mcmscsvc.exe
PRC - [2007.12.11 05:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2007.12.06 17:15:28 | 000,110,592 | -H-- | M] () -- C:\ACER\Mobility Center\MobilityService.exe
PRC - [2007.11.26 10:46:14 | 000,023,880 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\MSK\msksrver.exe
PRC - [2007.11.05 16:00:00 | 004,641,634 | -H-- | M] () -- D:\mp\AVSKey-Lock\AVSKey.EXE
PRC - [2007.11.01 18:12:38 | 000,265,040 | ---- | M] (McAfee, Inc.) -- c:\Programme\McAfee\MSC\mcuimgr.exe
PRC - [2007.10.23 10:56:18 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2007.10.03 14:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007.10.03 14:44:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007.08.15 13:36:04 | 000,359,248 | ---- | M] (McAfee, Inc.) -- c:\Programme\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2007.08.03 23:33:14 | 000,582,992 | ---- | M] (McAfee, Inc.) -- c:\Programme\McAfee.com\Agent\mcagent.exe
PRC - [2007.07.24 13:02:14 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\VirusScan\Mcshield.exe
PRC - [2007.07.18 16:54:42 | 000,856,864 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\MPF\MpfSrv.exe
PRC - [2007.04.24 18:50:32 | 000,723,760 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.04.30 13:03:08 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Perner\Desktop\OTL.exe
MOD - [2011.04.08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Programme\McAfee\SiteAdvisor\sahook.dll
MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2010.05.04 21:13:07 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
MOD - [2009.04.11 08:28:24 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2008.03.05 00:38:16 | 000,240,176 | -H-- | M] (Egis Incorporated.) -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
MOD - [2008.03.05 00:38:12 | 000,121,392 | -H-- | M] (Egis Incorporated) -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
MOD - [2008.01.21 04:25:01 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll
MOD - [2008.01.21 04:23:54 | 000,798,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011.04.28 00:35:36 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.04.25 18:17:12 | 000,062,928 | R--- | M] (iS3, Inc.) [Auto | Running] -- C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe -- (szserver)
SRV - [2011.03.17 21:21:47 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.02.16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010.06.24 16:41:38 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010.06.14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.06.01 22:20:12 | 000,222,968 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.04.16 17:56:36 | 000,075,048 | ---- | M] () [Auto | Running] -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2008.07.15 15:28:20 | 003,474,432 | -H-- | M] () [Auto | Running] -- C:\Programme\Acer\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2008.04.22 11:02:06 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService)
SRV - [2008.03.21 13:22:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008.03.05 00:38:34 | 000,500,784 | -H-- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008.01.25 01:38:12 | 002,458,128 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Programme\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.10 17:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2008.01.09 15:50:22 | 000,767,976 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Programme\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2007.12.11 05:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007.12.06 17:15:28 | 000,110,592 | -H-- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2007.12.05 10:04:10 | 000,695,624 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Programme\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2007.11.26 10:46:14 | 000,023,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSK\MskSrver.exe -- (MSK80Service)
SRV - [2007.11.07 09:35:40 | 000,378,184 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2007.11.05 16:00:00 | 004,641,634 | -H-- | M] () [Auto | Running] -- D:\mp\AVSKey-Lock\AVSKey.EXE -- (AvskeyService)
SRV - [2007.10.03 14:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007.08.15 13:36:04 | 000,359,248 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Programme\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2007.07.24 13:02:14 | 000,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Programme\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2007.07.18 16:54:42 | 000,856,864 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.03.17 21:21:48 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.11.22 12:57:28 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.11.12 12:19:40 | 000,144,384 | ---- | M] (1&1 Internet AG) [File_System | System | Running] -- C:\Windows\System32\drivers\ui11rdr.SYS -- (ui11rdr)
DRV - [2010.05.12 18:01:06 | 000,059,280 | R--- | M] (iS3, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\szkgfs.sys -- (szkgfs)
DRV - [2010.02.26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.02.26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.02.26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.02.26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.12.07 17:59:32 | 000,061,328 | R--- | M] (iS3 Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\szkg.sys -- (szkg5)
DRV - [2009.12.07 17:59:32 | 000,061,328 | R--- | M] (iS3 Inc.) [Kernel | Boot | Stopped] -- C:\Windows\system32\drivers\is3srv.sys -- (is3srv)
DRV - [2009.09.11 18:43:38 | 000,087,536 | ---- | M] (CyberLink Corp.) [2011/01/10 13:10:53] [Kernel | Auto | Running] -- C:\Programme\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2009.08.05 07:18:22 | 000,048,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E60x86.sys -- (L1E)
DRV - [2009.06.25 16:05:46 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.06.25 16:05:46 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.05.11 11:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.02.13 12:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.07.15 15:28:15 | 000,043,184 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\system32\Drivers\AlfaFF.sys -- (AlfaFF)
DRV - [2008.05.08 19:01:44 | 003,552,256 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.04.22 11:02:34 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x)
DRV - [2008.04.11 11:55:04 | 000,084,240 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008.03.21 10:48:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008.02.29 09:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.01.16 18:35:08 | 000,122,368 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys -- (NTIPPKernel)
DRV - [2008.01.08 21:10:32 | 002,554,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007.12.18 18:12:12 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2007.12.02 12:51:42 | 000,040,488 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2007.11.22 06:44:08 | 000,201,320 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2007.11.22 06:44:08 | 000,079,304 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2007.11.22 06:44:08 | 000,035,240 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2007.11.22 06:44:04 | 000,033,832 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2007.07.13 10:21:12 | 000,125,728 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2006.11.02 15:27:34 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Programme\Launch Manager\DPortIO.sys -- (DritekPortIO)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.intl.acer.yahoo.com
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com/?fr=fp-yie9
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/?fr=fp-yie9
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: MapShare-status@tomtom.com:1.7
FF - prefs.js..extensions.enabledItems: baseTheme@tomtom.com:1.0.2
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011.04.27 20:20:53 | 000,000,000 | ---D | M]
 
[2009.08.04 09:09:43 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Perner\AppData\Roaming\mozilla\Extensions
[2009.08.04 09:09:43 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Perner\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2010.08.11 19:46:43 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\MAPSHARE-STATUS@TOMTOM.COM
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (McAfee Phishing Filter) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\Programme\McAfee\MSK\mcapbho.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (STOPzilla Browser Helper Object) - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Programme\STOPzilla!\SZIEBHO.dll (iS3, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {081230F8-EA50-42A9-983C-D22ABC2EED3B} - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Programme\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/de-DE/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://www.fotokasten.de/javaapplet/ImageUploader5.cab (Image Uploader Control)
O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} https://register.facebook.com/controls/contactx.dll (ContactExtractor Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} hxxp://as.photoprintit.de/ips-opdata/layout/default_cms01/activex/IPSUploader4.cab (IPSUploader4 Control)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll - C:\Programme\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O24 - Desktop WallPaper: C:\Users\Perner\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Perner\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a5cc4b67-81f3-11dd-b1a6-00a0d1a86d6c}\Shell\AutoRun\command - "" = E:\.\MigWiz\migsetup.exe
O33 - MountPoints2\{e82d6331-80c3-11de-adfb-00a0d1a86d6c}\Shell\AutoRun\command - "" = G:\InstallTomTomHOME.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.04.29 17:20:21 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.04.29 17:19:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011.04.29 17:19:33 | 000,000,000 | ---D | C] -- C:\Programme\ERUNT
[2011.04.29 17:10:37 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Perner\Desktop\Erunt-setup.exe
[2011.04.29 17:10:37 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Perner\Desktop\OTL.exe
[2011.04.29 17:10:37 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Perner\Desktop\TFC.exe
[2011.04.29 16:45:31 | 000,000,000 | ---D | C] -- C:\Users\Perner\AppData\Roaming\Malwarebytes
[2011.04.29 16:45:14 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.04.29 16:45:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.04.29 16:45:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.04.29 16:45:07 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.04.28 00:40:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STOPzilla
[2011.04.28 00:39:55 | 000,000,000 | ---D | C] -- C:\Programme\STOPzilla!
[2011.04.28 00:39:52 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\iS3
[2011.04.28 00:39:50 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2011.04.25 18:17:06 | 000,546,256 | R--- | C] (iS3, Inc.) -- C:\Windows\System32\SZComp5.dll
[2011.04.25 18:17:06 | 000,132,560 | R--- | C] (iS3, Inc.) -- C:\Windows\System32\IS3HTUI5.dll
[2011.04.25 18:17:06 | 000,022,992 | R--- | C] (iS3, Inc.) -- C:\Windows\System32\SZIO5.dll
[2011.04.25 18:17:04 | 000,452,048 | R--- | C] (iS3, Inc.) -- C:\Windows\System32\SZBase5.dll
[2011.04.25 18:17:04 | 000,398,800 | R--- | C] (iS3, Inc.) -- C:\Windows\System32\IS3DBA5.dll
[2011.04.25 18:17:04 | 000,099,792 | R--- | C] (iS3, Inc.) -- C:\Windows\System32\IS3Svc5.dll
[2011.04.25 18:17:04 | 000,099,792 | R--- | C] (iS3, Inc.) -- C:\Windows\System32\IS3Inet5.dll
[2011.04.25 18:17:04 | 000,067,024 | R--- | C] (iS3, Inc.) -- C:\Windows\System32\IS3Hks5.dll
[2011.04.25 18:17:04 | 000,028,624 | R--- | C] (iS3, Inc.) -- C:\Windows\System32\IS3XDat5.dll
[2011.04.25 18:17:02 | 000,738,768 | R--- | C] (iS3, Inc.) -- C:\Windows\System32\IS3Base5.dll
[2011.04.25 18:17:02 | 000,390,608 | R--- | C] (iS3, Inc.) -- C:\Windows\System32\IS3UI5.dll
[2011.04.25 18:17:02 | 000,230,864 | R--- | C] (iS3, Inc.) -- C:\Windows\System32\IS3Win325.dll
[2011.04.19 23:15:21 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
 
========== Files - Modified Within 30 Days ==========
 
[2011.04.30 13:19:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.04.30 13:08:55 | 000,000,792 | ---- | M] () -- C:\Windows\System32\drivers\kgpcpy.cfg
[2011.04.30 13:07:46 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2011.04.30 13:05:57 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.30 13:05:55 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.30 13:05:53 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.04.30 13:05:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.30 13:05:09 | 3219,578,880 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.30 13:04:15 | 000,020,652 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2011.04.30 13:04:15 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.04.30 13:03:10 | 000,301,568 | ---- | M] () -- C:\Users\Perner\Desktop\g2m3e4r.exe
[2011.04.30 13:03:09 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Perner\Desktop\Erunt-setup.exe
[2011.04.30 13:03:08 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Perner\Desktop\OTL.exe
[2011.04.30 13:03:07 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Perner\Desktop\TFC.exe
[2011.04.30 12:56:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2051833895-3156580812-787731633-1000UA.job
[2011.04.30 10:53:31 | 000,072,290 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.04.30 10:53:31 | 000,025,490 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.30 10:53:31 | 000,020,890 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.04.30 10:53:31 | 000,013,230 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.04.29 20:56:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2051833895-3156580812-787731633-1000Core.job
[2011.04.29 17:19:35 | 000,000,737 | ---- | M] () -- C:\Users\Perner\Desktop\NTREGOPT.lnk
[2011.04.29 17:19:35 | 000,000,718 | ---- | M] () -- C:\Users\Perner\Desktop\ERUNT.lnk
[2011.04.29 17:10:11 | 000,377,282 | ---- | M] () -- C:\Users\Perner\Desktop\Load.exe
[2011.04.29 16:45:15 | 000,000,574 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.29 15:22:11 | 000,000,476 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Perner.job
[2011.04.28 18:20:30 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011.04.28 18:20:30 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011.04.28 18:20:02 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011.04.25 18:17:06 | 000,546,256 | R--- | M] (iS3, Inc.) -- C:\Windows\System32\SZComp5.dll
[2011.04.25 18:17:06 | 000,132,560 | R--- | M] (iS3, Inc.) -- C:\Windows\System32\IS3HTUI5.dll
[2011.04.25 18:17:06 | 000,022,992 | R--- | M] (iS3, Inc.) -- C:\Windows\System32\SZIO5.dll
[2011.04.25 18:17:04 | 000,452,048 | R--- | M] (iS3, Inc.) -- C:\Windows\System32\SZBase5.dll
[2011.04.25 18:17:04 | 000,398,800 | R--- | M] (iS3, Inc.) -- C:\Windows\System32\IS3DBA5.dll
[2011.04.25 18:17:04 | 000,099,792 | R--- | M] (iS3, Inc.) -- C:\Windows\System32\IS3Svc5.dll
[2011.04.25 18:17:04 | 000,099,792 | R--- | M] (iS3, Inc.) -- C:\Windows\System32\IS3Inet5.dll
[2011.04.25 18:17:04 | 000,067,024 | R--- | M] (iS3, Inc.) -- C:\Windows\System32\IS3Hks5.dll
[2011.04.25 18:17:04 | 000,028,624 | R--- | M] (iS3, Inc.) -- C:\Windows\System32\IS3XDat5.dll
[2011.04.25 18:17:02 | 000,738,768 | R--- | M] (iS3, Inc.) -- C:\Windows\System32\IS3Base5.dll
[2011.04.25 18:17:02 | 000,390,608 | R--- | M] (iS3, Inc.) -- C:\Windows\System32\IS3UI5.dll
[2011.04.25 18:17:02 | 000,230,864 | R--- | M] (iS3, Inc.) -- C:\Windows\System32\IS3Win325.dll
[2011.04.16 12:34:57 | 000,323,488 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.04.13 09:00:47 | 000,001,399 | -H-- | M] () -- C:\Users\Perner\Desktop\DivX Movies.lnk
[2011.04.08 20:36:01 | 000,000,680 | -H-- | M] () -- C:\Users\Perner\AppData\Local\d3d9caps.dat
[2011.04.06 11:22:43 | 000,263,256 | -H-- | M] () -- C:\Users\Perner\Desktop\artikel01.pdf
 
========== Files Created - No Company Name ==========
 
[2011.04.30 13:07:44 | 000,000,792 | ---- | C] () -- C:\Windows\System32\drivers\kgpcpy.cfg
[2011.04.29 17:19:35 | 000,000,737 | ---- | C] () -- C:\Users\Perner\Desktop\NTREGOPT.lnk
[2011.04.29 17:19:35 | 000,000,718 | ---- | C] () -- C:\Users\Perner\Desktop\ERUNT.lnk
[2011.04.29 17:10:37 | 000,301,568 | ---- | C] () -- C:\Users\Perner\Desktop\g2m3e4r.exe
[2011.04.29 17:10:10 | 000,377,282 | ---- | C] () -- C:\Users\Perner\Desktop\Load.exe
[2011.04.29 16:45:15 | 000,000,574 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.28 18:20:02 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.04.06 11:22:43 | 000,263,256 | -H-- | C] () -- C:\Users\Perner\Desktop\artikel01.pdf
[2010.07.26 10:13:40 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.06.23 12:35:52 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.06.23 12:35:52 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.04.28 22:36:19 | 000,002,299 | -H-- | C] () -- C:\Users\Perner\AppData\Roaming\acervcmtmp.ini
[2009.11.09 22:21:31 | 000,000,099 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009.11.09 22:20:23 | 000,000,770 | ---- | C] () -- C:\ProgramData\ss.ini
[2009.11.08 22:35:07 | 000,000,034 | -H-- | C] () -- C:\Users\Perner\AppData\Roaming\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini
[2009.11.08 22:35:04 | 000,000,033 | ---- | C] () -- C:\ProgramData\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini
[2009.10.23 19:38:02 | 000,296,748 | -H-- | C] () -- C:\Users\Perner\AppData\Local\llqpuuz_nav.dat
[2009.10.23 19:38:02 | 000,005,069 | -H-- | C] () -- C:\Users\Perner\AppData\Local\llqpuuz_navps.dat
[2009.10.23 19:38:02 | 000,003,428 | -H-- | C] () -- C:\Users\Perner\AppData\Local\llqpuuz.dat
[2009.09.24 09:15:34 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.24 09:15:34 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.08.28 21:34:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.08.16 10:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.08.03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009.07.20 11:30:32 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2009.07.20 11:30:32 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2009.07.20 11:30:32 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2009.07.20 11:30:32 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2009.07.20 11:30:32 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2009.07.20 11:30:32 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2009.07.20 11:30:32 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2009.07.20 11:30:32 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2009.07.20 11:30:32 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2009.07.20 11:30:32 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2009.07.20 11:30:32 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2009.07.20 11:30:32 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2009.07.20 11:30:32 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2009.07.20 11:30:32 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2009.07.20 11:30:32 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009.07.20 11:30:31 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2009.07.20 11:30:31 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2009.07.20 11:30:31 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2009.07.20 11:30:31 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2009.07.15 11:55:42 | 000,000,091 | -H-- | C] () -- C:\Users\Perner\AppData\Local\kkuyk.bat
[2009.05.12 15:51:03 | 000,000,089 | -H-- | C] () -- C:\Users\Perner\AppData\Local\aooci.bat
[2008.12.01 16:27:29 | 000,000,648 | -H-- | C] () -- C:\Users\Perner\AppData\Roaming\wklnhst.dat
[2008.09.15 16:21:14 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2008.09.15 16:21:13 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2008.09.15 10:42:57 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008.09.14 09:32:17 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.09.14 09:26:22 | 000,048,640 | -H-- | C] () -- C:\Users\Perner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.09.13 20:22:16 | 000,000,680 | -H-- | C] () -- C:\Users\Perner\AppData\Local\d3d9caps.dat
[2008.07.15 15:32:59 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2008.07.15 15:32:59 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2008.07.15 15:32:59 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2008.07.15 15:28:39 | 001,548,099 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll
[2008.07.15 15:19:18 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008.05.16 07:50:46 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008.05.16 07:50:46 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008.05.16 07:50:44 | 000,168,883 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008.05.16 07:50:43 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2008.04.28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.04.28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.04.28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.04.28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.04.28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.04.28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.04.28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.04.28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.04.28 11:11:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008.03.29 05:40:18 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008.03.29 05:40:18 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008.03.29 04:51:53 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll
[2008.03.29 04:48:04 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008.03.29 04:43:49 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008.03.29 04:43:49 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2008.03.29 04:42:36 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\RtkHDAud.dat
[2008.03.28 21:22:41 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.01.21 09:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 09:15:58 | 000,072,290 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 09:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.01.21 09:15:58 | 000,020,890 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2007.11.14 16:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll
[2007.04.24 18:32:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2007.02.05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,323,488 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:33:01 | 000,025,490 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,013,230 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001.12.26 17:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001.09.04 00:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 17:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 23:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
 
========== LOP Check ==========
 
[2009.01.18 21:53:04 | 000,000,000 | -HSD | M] -- C:\Users\Perner\AppData\Roaming\.#
[2011.03.18 09:55:39 | 000,000,000 | -H-D | M] -- C:\Users\Perner\AppData\Roaming\1&1
[2008.03.29 05:06:10 | 000,000,000 | -H-D | M] -- C:\Users\Perner\AppData\Roaming\Acer GameZone Console
[2009.09.23 22:10:36 | 000,000,000 | -H-D | M] -- C:\Users\Perner\AppData\Roaming\Amazon
[2009.11.08 22:35:04 | 000,000,000 | -H-D | M] -- C:\Users\Perner\AppData\Roaming\Desktopicon
[2008.09.13 20:17:43 | 000,000,000 | -H-D | M] -- C:\Users\Perner\AppData\Roaming\eSobi
[2009.08.04 21:38:14 | 000,000,000 | -H-D | M] -- C:\Users\Perner\AppData\Roaming\gtk-2.0
[2010.07.16 20:00:58 | 000,000,000 | -H-D | M] -- C:\Users\Perner\AppData\Roaming\Happyville__
[2009.05.12 15:52:02 | 000,000,000 | -H-D | M] -- C:\Users\Perner\AppData\Roaming\live-player
[2010.08.13 20:41:30 | 000,000,000 | -H-D | M] -- C:\Users\Perner\AppData\Roaming\Magic3
[2010.08.16 12:31:51 | 000,000,000 | -H-D | M] -- C:\Users\Perner\AppData\Roaming\Nokia
[2010.07.18 15:36:06 | 000,000,000 | -H-D | M] -- C:\Users\Perner\AppData\Roaming\Nokia Ovi Suite
[2010.08.16 12:34:11 | 000,000,000 | -H-D | M] -- C:\Users\Perner\AppData\Roaming\OpenOffice.org
[2009.07.20 11:30:59 | 000,000,000 | -H-D | M] -- C:\Users\Perner\AppData\Roaming\Panasonic
[2010.07.18 15:07:23 | 000,000,000 | -H-D | M] -- C:\Users\Perner\AppData\Roaming\PC Suite
[2008.11.25 20:53:48 | 000,000,000 | -H-D | M] -- C:\Users\Perner\AppData\Roaming\PlayFirst
[2011.03.23 18:01:47 | 000,000,000 | -H-D | M] -- C:\Users\Perner\AppData\Roaming\PowerCinema
[2011.03.24 21:23:22 | 000,000,000 | -H-D | M] -- C:\Users\Perner\AppData\Roaming\SoftDMA
[2009.02.15 13:14:42 | 000,000,000 | -H-D | M] -- C:\Users\Perner\AppData\Roaming\Template
[2009.08.04 09:09:40 | 000,000,000 | -H-D | M] -- C:\Users\Perner\AppData\Roaming\TomTom
[2008.09.13 19:32:54 | 000,000,000 | -H-D | M] -- C:\Users\Perner\AppData\Roaming\Validity
[2010.08.16 19:05:55 | 000,000,000 | -H-D | M] -- C:\Users\Perner\AppData\Roaming\VistaCodecs
[2009.11.15 11:50:41 | 000,000,372 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2011.01.01 11:19:25 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
[2011.04.30 13:04:17 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:E36F5B57
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:4F636E25
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:4CF61E54
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:2B99FE60
 
< End of report >