Befall mit TR/Crypt.XPACK.Gen und TR/Crypt.XPACK.Gen3
Hi,
als Schock zum Montagmorgen präsentierte AntiVir mir direkt nach dem Hochfahren (sechzehnmal gleichzeitig) die Meldung, dass
C:\Windows\System32\lnksmsdt.dll
das Trojanische Pferd TR/Crypt.XPACK.Gen sei:
hxxp://250kb.de/JxcMbbI
Update: Während des Scans durch 'Malwarebytes Anti-Malware' reichte AntiVir noch die Information nach, dass
C:\Users\Acer\AppData\local\osmskbdi.dll und
C:\Users\AppData\Local\Temp\mdQX.exe
das Trojanische Pferd TR/Crypt.XPACK.Gen3 (ja, jetzt mit 3) sind:
hxxp://250kb.de/FZNdTK8
Jetzt bin ich ein wenig verzweifelt :/
Hier die Ergebnisse der in den FAQ empfohlenen Suchläufe:
MAM: Code:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4655
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000
20.09.2010 08:51:11
mbam-log-2010-09-20 (08-51-11).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 141729
Laufzeit: 12 Minute(n), 25 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 2
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dcuvuxe (Trojan.Hiloti) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yhuyi (Trojan.Agent.U) -> Quarantined and deleted successfully.
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
C:\Users\ACER\AppData\Local\osmskbdi.dll (Trojan.Hiloti) -> Quarantined and deleted successfully.
C:\Users\ACER\AppData\Local\Temp\mdQX.exe (Trojan.Hiloti) -> Quarantined and deleted successfully.
OTL.Txt: Code:
OTL logfile created on: 20.09.2010 08:59:07 - Run 1
OTL by OldTimer - Version 3.2.14.0 Folder = C:\Users\ACER\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 63,58 Gb Free Space | 44,14% Space Free | Partition Type: NTFS
Drive D: | 144,04 Gb Total Space | 143,95 Gb Free Space | 99,93% Space Free | Partition Type: NTFS
Drive E: | 988,78 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 465,65 Gb Total Space | 403,60 Gb Free Space | 86,68% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ACER-PC
Current User Name: ACER
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Users\ACER\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
PRC - C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Users\ACER\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Programme\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Programme\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
PRC - C:\Programme\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe (Avid Development GmbH)
PRC - C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Programme\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
PRC - c:\Programme\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe (Microsoft Corporation)
PRC - C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
PRC - C:\Programme\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
PRC - C:\ACER\Mobility Center\MobilityService.exe ()
PRC - C:\Programme\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\MSK\msksrver.exe (McAfee, Inc.)
PRC - c:\Programme\McAfee\MSC\mcuimgr.exe (McAfee, Inc.)
PRC - C:\Windows\PLFSetI.exe ()
PRC - c:\Programme\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\MPF\MpfSrv.exe (McAfee, Inc.)
PRC - C:\Programme\Lexmark 2300 Series\ezprint.exe (Lexmark International Inc.)
PRC - C:\Programme\Lexmark 2300 Series\lxcgmon.exe (Lexmark International, Inc.)
PRC - C:\Windows\System32\lxcgcoms.exe ( )
========== Modules (SafeList) ==========
MOD - C:\Users\ACER\Desktop\OTL.exe (OldTimer Tools)
MOD - c:\Programme\McAfee\SiteAdvisor\sahook.dll (McAfee, Inc.)
MOD - C:\Windows\System32\SysHook.dll ()
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten)
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (NTIBackupSvc) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
SRV - (NTISchedulerSvc) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
SRV - (ETService) -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (BUNAgentSvc) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
SRV - (McNASvc) -- c:\Programme\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (CLHNService) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
SRV - (mcmscsvc) -- C:\Programme\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()
SRV - (McSysmon) -- C:\Programme\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
SRV - (MSK80Service) -- C:\Program Files\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (McProxy) -- c:\Programme\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
SRV - (McShield) -- C:\Programme\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
SRV - (MpfService) -- C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SRV - (lxcg_device) -- C:\Windows\System32\lxcgcoms.exe ( )
========== Driver Services (SafeList) ==========
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys ()
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (ss_bmdm) -- C:\Windows\System32\drivers\ss_bmdm.sys (MCCI Corporation)
DRV - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\Windows\System32\drivers\ss_bbus.sys (MCCI)
DRV - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\Windows\System32\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.)
DRV - (mod7700) -- C:\Windows\System32\drivers\dvb7700all.sys (DiBcom)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Programme\Acer Arcade Deluxe\PlayMovie\000.fcl (Cyberlink Corp.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corp.)
DRV - (A310) -- C:\Windows\System32\drivers\AVerA310USB.sys (AVerMedia TECHNOLOGIES, Inc.)
DRV - (BDASwCap) -- C:\Windows\System32\drivers\AVerA310Cap.sys (AVerMedia TECHNOLOGIES, Inc.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.)
DRV - (psdvdisk) -- C:\Windows\System32\drivers\PSDVdisk.sys (Egis Incorporated)
DRV - (PSDNServ) -- C:\Windows\System32\drivers\PSDNServ.sys (Egis Incorporated)
DRV - (PSDFilter) -- C:\Windows\system32\DRIVERS\psdfilter.sys (Egis Incorporated)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (UBHelper) -- C:\Windows\System32\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (NTIPPKernel) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys (Cyberlink Corp.)
DRV - (mfesmfk) -- C:\Windows\System32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\Windows\System32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (MPFP) -- C:\Windows\System32\drivers\Mpfp.sys (McAfee, Inc.)
DRV - (winbondcir) -- C:\Windows\System32\drivers\winbondcir.sys (Winbond Electronics Corporation)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1108&m=aspire_7730g
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1108&m=aspire_7730g
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1108&m=aspire_7730g
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.8
FF - prefs.js..extensions.enabledItems: {D3C23E26-C072-418C-8C69-320979274A33}:1.9.1
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010.07.22 23:29:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009.07.27 15:04:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{D3C23E26-C072-418C-8C69-320979274A33}: C:\Users\ACER\AppData\Local\{D3C23E26-C072-418C-8C69-320979274A33} [2010.09.13 17:03:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.09.17 04:21:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.17 04:21:04 | 000,000,000 | ---D | M]
[2009.01.02 21:32:25 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\mozilla\Extensions
[2010.09.19 19:30:05 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\mozilla\Firefox\Profiles\wzcb5rou.default\extensions
[2010.02.21 18:31:25 | 000,000,000 | ---D | M] (Linkification) -- C:\Users\ACER\AppData\Roaming\mozilla\Firefox\Profiles\wzcb5rou.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2010.06.30 15:04:37 | 000,000,000 | ---D | M] (Fast Video Download (with SearchMenu)) -- C:\Users\ACER\AppData\Roaming\mozilla\Firefox\Profiles\wzcb5rou.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
[2010.08.18 21:50:51 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\ACER\AppData\Roaming\mozilla\Firefox\Profiles\wzcb5rou.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.05.31 11:22:12 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\ACER\AppData\Roaming\mozilla\Firefox\Profiles\wzcb5rou.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010.09.19 18:22:36 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2009.03.24 11:10:44 | 000,114,688 | ---- | M] (Zylom) -- C:\Programme\Mozilla Firefox\plugins\npzylomgamesplayer.dll
[2010.06.24 12:41:39 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.06.24 12:41:39 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.06.24 12:41:39 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.06.24 12:41:39 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.06.24 12:41:39 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (McAfee Phishing Filter) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\Programme\McAfee\MSK\mcapbho.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BkupTray] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 2300 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [lxcgmon.exe] C:\Program Files\Lexmark 2300 Series\lxcgmon.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [PMCLoader] C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe (Pinnacle Systems GmbH)
O4 - HKCU..\Run: [PMCRemote] File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: HP Intelligente Auswahl - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 83.169.186.33 83.169.186.97 213.73.91.35
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\ACER\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\ACER\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2002.05.07 21:22:24 | 000,000,212 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{8df28cc3-ab2d-11dd-9d9a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{8df28cc3-ab2d-11dd-9d9a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\_autorun\Autorun.exe -- [2000.02.07 23:20:10 | 000,036,864 | R--- | M] (New World Computing)
O33 - MountPoints2\{8df28cc3-ab2d-11dd-9d9a-806e6f6e6963}\Shell\instDX\command - "" = E:\DirectX\dxsetup.exe -- [2000.10.21 14:39:38 | 000,147,456 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{8df28cc3-ab2d-11dd-9d9a-806e6f6e6963}\Shell\readme\command - "" = notepad readme.txt
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: disketup - (C:\Windows\system32\lnksmsdt.dll) - C:\Windows\System32\lnksmsdt.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.09.20 08:58:36 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Users\ACER\Desktop\OTL.exe
[2010.09.20 08:37:10 | 000,000,000 | ---D | C] -- C:\Users\ACER\AppData\Roaming\Malwarebytes
[2010.09.20 08:36:57 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.09.20 08:36:55 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.09.20 08:36:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.09.20 08:36:54 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.09.13 17:03:37 | 000,000,000 | ---D | C] -- C:\Users\ACER\AppData\Local\{D3C23E26-C072-418C-8C69-320979274A33}
[2010.09.11 23:55:16 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\3DO Shared
[2010.09.11 23:49:24 | 000,000,000 | ---D | C] -- C:\Windows\System\KEEPER
[2009.05.29 10:57:40 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxcginpa.dll
[2009.05.29 10:57:40 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcgiesc.dll
[2009.05.29 10:57:40 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\lxcghcp.dll
[2009.05.29 10:57:39 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxcgserv.dll
[2009.05.29 10:57:39 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\lxcgusb1.dll
[2009.05.29 10:57:39 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxcghbn3.dll
[2009.05.29 10:57:39 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxcgcomc.dll
[2009.05.29 10:57:39 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxcgpmui.dll
[2009.05.29 10:57:39 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxcglmpm.dll
[2009.05.29 10:57:39 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxcgcomm.dll
[2009.05.29 10:57:39 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxcgprox.dll
[2009.05.29 10:57:39 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxcgpplc.dll
[2008.07.22 10:01:25 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
========== Files - Modified Within 30 Days ==========
[2010.09.20 08:59:04 | 002,883,584 | -HS- | M] () -- C:\Users\ACER\NTUSER.DAT
[2010.09.20 08:51:26 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\repc.sys
[2010.09.20 08:40:20 | 000,033,638 | ---- | M] () -- C:\Users\ACER\Desktop\Antivir-Meldung2.jpg
[2010.09.20 08:36:59 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.20 08:16:31 | 000,033,324 | ---- | M] () -- C:\Users\ACER\Desktop\Antivir-Meldung.jpg
[2010.09.20 08:14:44 | 000,026,029 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2010.09.20 08:12:45 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2010.09.20 08:12:39 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2010.09.20 08:12:02 | 000,027,744 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.09.20 08:12:01 | 000,027,744 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.09.20 08:10:25 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.20 08:10:24 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.20 08:10:24 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.20 08:10:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.20 08:10:00 | 3215,847,424 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.19 19:27:10 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\NTUSER.DAT{579a4397-f07c-11de-b4fe-00238b004985}.TMContainer00000000000000000001.regtrans-ms
[2010.09.19 19:27:10 | 000,065,536 | -HS- | M] () -- C:\Users\ACER\NTUSER.DAT{579a4397-f07c-11de-b4fe-00238b004985}.TM.blf
[2010.09.19 19:26:37 | 002,963,412 | -H-- | M] () -- C:\Users\ACER\AppData\Local\IconCache.db
[2010.09.19 17:03:42 | 000,052,348 | ---- | M] () -- C:\Users\ACER\Desktop\Komplett.docx
[2010.09.19 16:47:08 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\ACER\Desktop\OTL.exe
[2010.09.17 05:50:33 | 000,037,155 | ---- | M] () -- C:\Users\ACER\Desktop\Wohnkosten.pdf
[2010.09.16 16:56:39 | 000,001,891 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.09.16 13:24:27 | 000,027,136 | ---- | M] () -- C:\Users\ACER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.16 13:24:18 | 000,000,120 | ---- | M] () -- C:\Users\ACER\AppData\Local\Wmoyusura.dat
[2010.09.16 13:24:18 | 000,000,000 | ---- | M] () -- C:\Users\ACER\AppData\Local\Pqobunepoza.bin
[2010.09.15 01:00:00 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
[2010.09.13 17:01:48 | 000,047,616 | ---- | M] () -- C:\Windows\System32\lnksmsdt.dll
[2010.09.12 21:37:08 | 002,025,721 | ---- | M] () -- C:\Users\ACER\Desktop\Osteo Vortrag.pdf
[2010.09.11 23:56:54 | 000,001,784 | ---- | M] () -- C:\Users\Public\Desktop\Heroes of Might and Magic III Complete.lnk
[2010.09.10 18:11:28 | 000,001,397 | ---- | M] () -- C:\Users\ACER\Desktop\DivX Movies.lnk
[2010.09.10 18:11:10 | 000,000,921 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.08.26 14:51:37 | 001,893,001 | ---- | M] () -- C:\Users\ACER\Desktop\LSV-GreaterBas-ChromatoneRMX.mp3
[2010.08.21 14:45:58 | 001,418,806 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.08.21 14:45:58 | 000,618,442 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.08.21 14:45:58 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.08.21 14:45:58 | 000,122,842 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.08.21 14:45:58 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
========== Files Created - No Company Name ==========
[2010.09.20 08:51:26 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\repc.sys
[2010.09.20 08:40:20 | 000,033,638 | ---- | C] () -- C:\Users\ACER\Desktop\Antivir-Meldung2.jpg
[2010.09.20 08:36:59 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.20 08:16:30 | 000,033,324 | ---- | C] () -- C:\Users\ACER\Desktop\Antivir-Meldung.jpg
[2010.09.19 11:44:54 | 000,052,348 | ---- | C] () -- C:\Users\ACER\Desktop\Komplett.docx
[2010.09.17 05:50:31 | 000,037,155 | ---- | C] () -- C:\Users\ACER\Desktop\Wohnkosten.pdf
[2010.09.13 17:03:38 | 000,000,120 | ---- | C] () -- C:\Users\ACER\AppData\Local\Wmoyusura.dat
[2010.09.13 17:03:38 | 000,000,000 | ---- | C] () -- C:\Users\ACER\AppData\Local\Pqobunepoza.bin
[2010.09.13 17:01:48 | 000,047,616 | ---- | C] () -- C:\Windows\System32\lnksmsdt.dll
[2010.09.12 21:37:04 | 002,025,721 | ---- | C] () -- C:\Users\ACER\Desktop\Osteo Vortrag.pdf
[2010.09.11 23:56:54 | 000,001,784 | ---- | C] () -- C:\Users\Public\Desktop\Heroes of Might and Magic III Complete.lnk
[2010.09.10 18:11:28 | 000,001,397 | ---- | C] () -- C:\Users\ACER\Desktop\DivX Movies.lnk
[2010.09.10 18:11:10 | 000,000,921 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.08.26 14:51:37 | 001,893,001 | ---- | C] () -- C:\Users\ACER\Desktop\LSV-GreaterBas-ChromatoneRMX.mp3
[2010.08.15 14:38:18 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.01.16 19:01:13 | 000,201,488 | ---- | C] () -- C:\Windows\System32\MACD32.DLL
[2010.01.16 19:01:13 | 000,144,144 | ---- | C] () -- C:\Windows\System32\MASE32.DLL
[2010.01.16 19:01:13 | 000,141,584 | ---- | C] () -- C:\Windows\System32\MAMC32.DLL
[2010.01.16 19:01:13 | 000,063,248 | ---- | C] () -- C:\Windows\System32\MASD32.DLL
[2010.01.16 19:01:13 | 000,033,040 | ---- | C] () -- C:\Windows\System32\MA32.DLL
[2010.01.08 13:02:42 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010.01.08 13:02:42 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2009.12.13 23:30:51 | 000,000,272 | ---- | C] () -- C:\Windows\SIERRA.INI
[2009.07.27 14:58:28 | 000,000,788 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2009.07.22 12:49:48 | 000,040,960 | R--- | C] () -- C:\Windows\System32\psfind.dll
[2009.07.16 02:03:43 | 000,007,592 | ---- | C] () -- C:\Users\ACER\AppData\Local\d3d9caps.dat
[2009.06.30 15:33:29 | 000,027,136 | ---- | C] () -- C:\Users\ACER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.05.29 10:57:40 | 000,274,432 | ---- | C] () -- C:\Windows\System32\lxcginst.dll
[2009.02.07 17:32:13 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2009.01.04 13:13:39 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2009.01.03 00:21:45 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2009.01.03 00:21:45 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2009.01.03 00:21:45 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2009.01.02 21:49:13 | 000,027,744 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.01.02 14:53:36 | 000,027,744 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008.11.05 12:53:48 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2008.11.05 12:53:48 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2008.04.18 20:25:22 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.04.18 11:49:14 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008.04.18 11:49:14 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008.04.18 10:56:05 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll
[2008.04.18 10:52:45 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008.04.18 10:42:52 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008.01.21 04:24:21 | 000,197,120 | ---- | C] () -- C:\Users\ACER\AppData\Local\abodiqad.VIR
[2007.10.25 18:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007.02.22 18:32:00 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxcgcoin.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:25:25 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscld.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005.08.18 06:26:46 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxcgvs.dll
[2005.03.13 14:32:14 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxcgcnv4.dll
[2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[1997.06.14 11:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 64 bytes -> C:\Users\ACER\Desktop\Jacques Offenbach Orphe aux Enfers GALOP INFERNAL Can can (480 x 360).mp4:TOC.WMV
< End of report >
OTL Extras.Txt: Code:
OTL Extras logfile created on: 20.09.2010 08:59:07 - Run 1
OTL by OldTimer - Version 3.2.14.0 Folder = C:\Users\ACER\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 63,58 Gb Free Space | 44,14% Space Free | Partition Type: NTFS
Drive D: | 144,04 Gb Total Space | 143,95 Gb Free Space | 99,93% Space Free | Partition Type: NTFS
Drive E: | 988,78 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 465,65 Gb Total Space | 403,60 Gb Free Space | 86,68% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ACER-PC
Current User Name: ACER
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-7420075-3053948626-936591600-1000]
"EnableNotifications" = 1
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04BF22A4-C6A1-40BB-85B6-416822DA9EA0}" = rport=137 | protocol=17 | dir=out | app=system |
"{09192CF9-479E-40DD-BCD3-7613CF252C2C}" = rport=445 | protocol=6 | dir=out | app=system |
"{14CF7768-2A52-4F24-BFA4-4890A8F83B24}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{1AC07984-3473-4C65-9FF8-91BEFC04A95B}" = lport=139 | protocol=6 | dir=in | app=system |
"{38A77539-D477-4814-AC56-7BC8282268DF}" = rport=139 | protocol=6 | dir=out | app=system |
"{4A2AC76F-BA67-4793-B913-63E35E3E7B9C}" = lport=137 | protocol=17 | dir=in | app=system |
"{57716658-BCC7-4E11-85BA-0E5A7B37890F}" = rport=138 | protocol=17 | dir=out | app=system |
"{945ACD29-530E-438F-9715-1A4BAE5242D7}" = lport=138 | protocol=17 | dir=in | app=system |
"{CE2E0AAC-D7ED-4FD3-A649-4EC5FFC361C3}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{CEAB9719-E068-406D-B0FA-B5B6103796DC}" = lport=445 | protocol=6 | dir=in | app=system |
"{D232AC0D-CF44-486B-9EB9-61FE6AF19923}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F96B6E93-2B90-4F55-B32A-01681675BBEC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03EDA29E-15F3-43EC-9D1F-F2DF94F8F422}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{06164584-5B03-4113-93FA-5AE316CAFAF3}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{08A79550-56F9-42EC-81A3-06F5D87F821C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{0ADFB58F-C2E1-4A28-82AE-7B3BCEA3830C}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{10FB71B5-4E15-4BCF-919A-4B7715848ACE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{12184E5A-9CE2-4B47-95F3-2A883A973399}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{1883A6FD-A874-473C-93F6-9E575BF74D2D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1962C344-A6F4-4422-B337-4C7B41D75A63}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{24EDBCEC-A7BC-4BA9-9A5D-33110194461F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{30725DB0-FE78-43B2-8FD1-45C1599AB623}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{33E3E77B-EC79-43F4-AD9A-6B724767AC94}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{36984233-0142-4CBB-8698-04C3C2D0523C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{379EC35C-E9AE-4E04-9C29-8B26F5F447C0}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3A1AD0A6-53E9-480F-A143-07271A4A88C8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3AE8F041-56AE-4075-A345-EE77E43F4E4B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3CA22460-B68D-426D-847F-525E82A6B401}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{3CFBCC3A-EB66-48C9-A1D6-78C3E95A3C6B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{3DE70723-8D4C-451B-8B4F-6CD1A54A2A64}" = protocol=17 | dir=in | app=c:\program files\pinnacle\shared files\programs\strmserver\strmserver.exe |
"{4195D402-85DE-4689-9BD7-E94AD8665D4E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{42547E42-C6DB-4836-948F-1910840A7401}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{42A3AD09-15DC-46C4-A2FD-08A2933C83FB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{449624C0-B221-4970-955C-3D36E9B3DF7E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{44E86C24-8A31-4FA5-9FA5-A2EBBE8AE7C9}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{455A26F0-C6B0-46EF-82ED-33468C2FB9C7}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{48AE5B90-5774-4043-984C-C985460226C0}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe |
"{4E03EC53-8F38-4450-ACD3-A186E0F89E4F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{57364AF3-2209-4A6F-BD9A-C7E77B2DBEDE}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxcgpswx.exe |
"{57FFEA3B-1258-46D5-A824-FBB000A488F1}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{5817F6AE-D602-4074-8604-DA44100785F1}" = protocol=17 | dir=in | app=c:\windows\system32\lxcgcoms.exe |
"{5FD3D973-521D-4A30-B996-8B7E63F35A38}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{607C6FAC-0624-4D8B-B5C3-5DAF98C0ACD3}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe |
"{642003C1-A9F1-4167-8EA6-28C50D615383}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{7546C3DD-D0EE-41BF-AD6D-738D34B51539}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{75D3D0FD-0355-4728-8ABF-ADF498B928EF}" = protocol=6 | dir=in | app=c:\program files\pinnacle\shared files\programs\strmserver\strmserver.exe |
"{77327392-9C9F-4138-99A8-B4067CE7E745}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{86D42E26-1064-4D2B-9F62-27FFF6ADA515}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{86E10664-E6EA-495B-987E-11008B34294E}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{8737DBFA-FFA7-4D38-9D17-1590EC698208}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{8B67F724-9D13-4C6E-997C-CFAF9506F9BF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{94918DAD-5603-44A9-84B4-C855556A0569}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{9565A9BC-7126-42A4-A176-303884131A47}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{95764E7D-0ACA-4F12-9C76-0D6FF381A20A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9C9B655E-CC7A-4BBD-AACB-F1378296CC58}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxcgpswx.exe |
"{9FBBDF7F-D7C9-4732-A203-8714A5887650}" = protocol=6 | dir=in | app=c:\windows\system32\lxcgcoms.exe |
"{A0C311F6-01FE-46EE-BBBB-A31546E2C522}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{A31B2470-ADCD-4445-AB02-426E296D01CE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B1C3A12F-60AC-46D6-99DB-1042BA1EFD04}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B3949B97-1E3A-4108-88BA-1EC635F1187E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B58FD039-889A-4000-9A55-45C758B69FCD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BAD98A9C-44D3-46DB-A8F9-6251E613D9F9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{BC3D4632-0058-4489-A7E2-05D654ED0601}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{CA04CE74-B25B-4924-9C05-A4001889C66D}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{D19013EB-25C4-407B-A663-29CD759FBD90}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D4942B81-0E9C-4C55-9203-5EA2D89EE249}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D7DDF90D-8E93-4952-AE73-D47531F262B6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{DBC71D6E-5325-45CF-8F72-EA52CE052DCC}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{E269DBC0-160B-48A8-98BD-141531794A39}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E5E3C61E-8932-4164-9572-31E9315D8643}" = dir=in | app=e:\setup\hpznui01.exe |
"{E7F26E0B-B124-49FD-AEA9-7E5B2C7DE683}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E997DD8F-6A7E-4EB8-BD4B-5823A7FAC112}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EEF37707-4E68-44BB-AD46-2EC12D65BFE9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{F2EEBE6A-8499-49D0-A216-85A700995754}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F88E3B51-3F02-4177-8337-3F2251A5233B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{0AD84416-63A4-4CF3-BDDF-8FA866711FB0}" = Civilization III
"{10F498FF-5392-4DF3-8F73-FE172A9F3800}" = Winbond CIR Device Drivers
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 17
"{27197499-7680-4208-8FD8-5439CDB0FDC1}" = HPProductAssistant
"{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}" = HPSSupply
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{43C0C354-A185-4D2D-A057-67C9160460E1}" = PS_AIO_04_C4580_Software_Min
"{4A3D0CF8-60FF-4CEF-91A4-A1F001424602}" = DocProc
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{593A6CAF-E114-4e31-884F-74FF349E8E36}" = SolutionCenter
"{5B09F344-4406-11D5-96E8-0050BA84F5F7}" = Baldurs Gate(TM) II - Thron des Bhaal (TM)
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70E1E357-E57C-4284-B04E-58196DC27BC1}" = PanoStandAlone
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7641710F-A4AD-4EAE-889C-4958BE3F169C}" = C4580
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7C7AC2D4-1077-45C8-826A-16445B5E0DB7}" = Pinnacle DistanTV Server
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}" = Backspin Billiards
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{58FC5E37-DD28-4D4A-A549-125744C6763C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A64A5576-D862-44F8-89DC-2B17FCC9B86E}" = Broadcom Gigabit Integrated Controller
"{A6A195F5-BCAB-4F38-8459-DF693303CD8D}" = PS_AIO_04_C4580_ProductContext
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.8
"{A82E3AFE-0BD9-4A17-9A58-9112B5C679C5}" = MyScript Notes Lite
"{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}" = Titan Quest Immortal Throne
"{BED1705F-7558-40f7-9F52-6C6FBD58EA2E}" = HP Photosmart C4500 All-In-One Driver Software 11.0 Rel .4
"{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CC0E1AE3-091D-4969-B151-7AC142062C28}" = SmartWebPrinting
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D063F201-FAC4-4D5C-B10B-615058ADE5A7}" = HP Update
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService
"{D23E2520-0EAA-4AC3-A47E-A551C70D4FED}" = C4580_Help
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D4278897-1541-493E-9D39-59CC6AB0FC09}" = PS_AIO_04_C4580_Software
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{DB833EF9-A198-49BE-970A-BD46F30BFBB4}" = ANNO 1503 GOLD
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}" = Pinnacle TVCenter Pro
"{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer
"{F95F178B-56AD-4fab-87F8-FA81E66C7D68}" = Network
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Acer GameZone Console_is1" = Acer GameZone Console 2.0.1.1
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Empires 2.0" = Microsoft Age of Empires II
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AVerMedia A310 (MiniCard, DVB-T)" = AVerMedia A310 (MiniCard, DVB-T) 1.1.0.27
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Battle.net" = Battle.net
"Beyond Divinity_is1" = Beyond Divinity 1.47
"Diablo" = Diablo
"Diablo II" = Diablo II
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"Dungeon Keeper 2" = Dungeon Keeper 2
"EAX(tm) Unified (SHELL)" = EAX(tm) Unified (SHELL)
"FINAL FANTASY VIII" = FINAL FANTASY VIII
"GridVista" = Acer GridVista
"Heroes of Might and Magic II" = Heroes of Might and Magic II
"Heroes of Might and Magic® III" = Heroes of Might and Magic® III Complete
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 11.0
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 11.0
"HPExtendedCapabilities" = HP Customer Participation Program 11.0
"HPOCR" = OCR Software by I.R.I.S. 11.0
"ImgBurn" = ImgBurn
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Keeper" = Dungeon Keeper
"Lexmark 2300 Series" = Lexmark 2300 Series
"LManager" = Launch Manager
"LogMeIn Hamachi" = LogMeIn Hamachi
"Magic Set Editor 2_is1" = Magic Set Editor 2 - 0.3.8 beta
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"MSC" = McAfee SecurityCenter
"NVIDIA Drivers" = NVIDIA Drivers
"RealPlayer 6.0" = RealPlayer
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"Shockwave" = Shockwave
"Shop for HP Supplies" = Shop for HP Supplies
"Sierra Uninstall" = Sierra On-Line Games (Remove only)
"SUPER ©" = SUPER © Version 2008.bld.33 (Sep 2, 2008)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Tiberian Sun" = Command & Conquer Teil 3: Operation Tiberian Sun
"Warcraft III" = Warcraft III
"Warkeys" = Warkeys 1.13.1.0b
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
"WOLAPI" = Gemeinsam genutzte Internet-Komponenten von Westwood
"Zylom Games Player Plugin" = Zylom Games Player Plugin
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"NoNameScript" = NNScript
"Warcraft III" = Warcraft III: All Products
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 07.09.2010 18:55:44 | Computer Name = ACER-PC | Source = System Restore | ID = 8193
Description =
Error - 07.09.2010 18:55:44 | Computer Name = ACER-PC | Source = System Restore | ID = 8210
Description =
Error - 10.09.2010 12:08:22 | Computer Name = ACER-PC | Source = WinMgmt | ID = 10
Description =
Error - 10.09.2010 12:09:29 | Computer Name = ACER-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung HpqSRmon.exe, Version 11.0.0.142, Zeitstempel
0x47d78822, fehlerhaftes Modul HpqSRmon.exe, Version 11.0.0.142, Zeitstempel 0x47d78822,
Ausnahmecode 0xc0000005, Fehleroffset 0x000033c5, Prozess-ID 0xa48, Anwendungsstartzeit
01cb510241059144.
Error - 10.09.2010 12:09:43 | Computer Name = ACER-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 13.09.2010 09:38:58 | Computer Name = ACER-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung HEROES3.EXE, Version 4.0.0.0, Zeitstempel 0x39b83835,
fehlerhaftes Modul MP3DEC.ASI, Version 3.0.0.0, Zeitstempel 0x36910efa, Ausnahmecode
0xc0000005, Fehleroffset 0x000076f1, Prozess-ID 0x1770, Anwendungsstartzeit 01cb531e2b306fb0.
Error - 14.09.2010 03:34:24 | Computer Name = ACER-PC | Source = WinMgmt | ID = 10
Description =
Error - 14.09.2010 03:35:35 | Computer Name = ACER-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 14.09.2010 12:00:43 | Computer Name = ACER-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung HEROES3.EXE, Version 4.0.0.0, Zeitstempel 0x39b83835,
fehlerhaftes Modul MP3DEC.ASI, Version 3.0.0.0, Zeitstempel 0x36910efa, Ausnahmecode
0xc0000005, Fehleroffset 0x000076f1, Prozess-ID 0x1564, Anwendungsstartzeit 01cb540c198c7554.
Error - 14.09.2010 15:57:52 | Computer Name = ACER-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung HEROES3.EXE, Version 4.0.0.0, Zeitstempel 0x39b83835,
fehlerhaftes Modul MP3DEC.ASI, Version 3.0.0.0, Zeitstempel 0x36910efa, Ausnahmecode
0xc0000005, Fehleroffset 0x000076f1, Prozess-ID 0x3e8, Anwendungsstartzeit 01cb542915ed9d84.
[ OSession Events ]
Error - 24.05.2009 13:58:52 | Computer Name = ACER-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1610
seconds with 1440 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 18.09.2010 08:03:06 | Computer Name = ACER-PC | Source = Service Control Manager | ID = 7031
Description =
Error - 18.09.2010 08:06:17 | Computer Name = ACER-PC | Source = Service Control Manager | ID = 7031
Description =
Error - 18.09.2010 08:10:47 | Computer Name = ACER-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 19.09.2010 05:20:47 | Computer Name = ACER-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.2.3 für die Netzwerkkarte mit der Netzwerkadresse
00238B004985 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).
Error - 19.09.2010 05:20:56 | Computer Name = ACER-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.2.2 für die Netzwerkkarte mit der Netzwerkadresse
00215D5DED84 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).
Error - 19.09.2010 13:28:43 | Computer Name = ACER-PC | Source = HTTP | ID = 15016
Description =
Error - 19.09.2010 13:30:45 | Computer Name = ACER-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 20.09.2010 02:10:19 | Computer Name = ACER-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 20.09.2010 um 02:44:08 unerwartet heruntergefahren.
Error - 20.09.2010 02:10:25 | Computer Name = ACER-PC | Source = HTTP | ID = 15016
Description =
Error - 20.09.2010 02:12:35 | Computer Name = ACER-PC | Source = Service Control Manager | ID = 7022
Description =
< End of report >
Ich verstehe rein gar nichts von Viren und Co., bedanke mich schon im Voraus bei jedem, der mir zu helfen bereit ist und hoffe, dass mir noch zu helfen ist und dass ich den Laptop nicht zur Sicherheit in einem Eimer Flusssäure auflösen sollte. |
