Home » Spyware & Browser Hijacker Support Forum » h9fa3.dll Fehlermeldung beim Windowsstart, und nun? » Themenansicht

Firefox Tipp: Instantfox - Quick Search Add-On!

Seite(n): 1 2

Antworten

h9fa3.dll Fehlermeldung beim Windowsstart, und nun?

Thema ist geschlossen!

03.05.2010, 09:50

carsteng

Member

Themenstarter

Beiträge: 17

#16

Code

OTL logfile created on: 03.05.2010 09:45:39 - Run 1
OTL by OldTimer - Version 3.2.4.1     Folder = C:\Users\Carsten\Desktop\OTL
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,99 Gb Total Space | 424,52 Gb Free Space | 93,10% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: CARSTEN-PC
Current User Name: Carsten
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\Carsten\Desktop\OTL\OTL.exe (OldTimer Tools)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Users\Carsten\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe (Google)
PRC - C:\Programme\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\MPF\MpfSrv.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\MSK\msksrver.exe (McAfee, Inc.)
PRC - c:\Programme\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
PRC - c:\Programme\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
PRC - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerTray.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerEvent.exe (Acer Incorporated)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Programme\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.)
PRC - C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
PRC - C:\Programme\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
PRC - C:\Programme\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Programme\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
PRC - C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Programme\McAfee\SiteAdvisor\McSACore.exe ()
PRC - C:\Windows\PLFSetI.exe ()
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - C:\Users\Carsten\Desktop\OTL\OTL.exe (OldTimer Tools)
MOD - C:\Programme\Acer\Acer PowerSmart Manager\SysHook.dll (Acer Incorporated)
MOD - C:\Programme\McAfee\SiteAdvisor\sahook.dll ()
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (GoogleDesktopManager-110309-193829) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (Partner Service) -- C:\ProgramData\Partner\partner.exe (Google Inc.)
SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (McShield) -- C:\Programme\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
SRV - (McSysmon) -- C:\Programme\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Programme\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SRV - (MpfService) -- C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SRV - (MSK80Service) -- C:\Program Files\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
SRV - (McProxy) -- c:\Programme\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
SRV - (McNASvc) -- c:\Programme\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (MWLService) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (NTI IScheduleSvc) -- C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (CLHNService) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
SRV - (NTISchedulerSvc) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.)
SRV - (NTIBackupSvc) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfesmfk) -- C:\Windows\System32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\Windows\System32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (MPFP) -- C:\Windows\System32\drivers\Mpfp.sys (McAfee, Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.)
DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (mwlPSDVDisk) -- C:\Windows\System32\drivers\mwlPSDVDisk.sys (Egis Incorporated.)
DRV - (mwlPSDFilter) -- C:\Windows\System32\drivers\mwlPSDFilter.sys (Egis Incorporated.)
DRV - (mwlPSDNServ) -- C:\Windows\System32\drivers\mwlPSDNserv.sys (Egis Incorporated.)
DRV - (RTSTOR) -- C:\Windows\System32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.)
DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (k57nd60x) Broadcom NetLink (TM) -- C:\Windows\System32\drivers\k57nd60x.sys (Broadcom Corporation)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (UBHelper) -- C:\Windows\System32\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (NSCIRDA) -- C:\Windows\System32\drivers\nscirda.sys (National Semiconductor Corporation)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0510&m=aspire_5738
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0510&m=aspire_5738
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0510&m=aspire_5738
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010.05.02 19:50:07 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\Programme\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\partner.dll (Google Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\3.1.415.1646\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH)
O4 - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mwlDaemon] C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Lokales Intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll ()
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010.05.03 09:44:45 | 000,000,000 | ---D | C] -- C:\Users\Carsten\Desktop\OTL
[2010.05.03 09:32:11 | 000,000,000 | ---D | C] -- C:\Users\Carsten\AppData\Roaming\Malwarebytes
[2010.05.03 09:32:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.05.03 09:32:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.05.03 09:32:00 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.05.03 09:30:44 | 000,000,000 | ---D | C] -- C:\Users\Carsten\Desktop\MBAM
[2010.05.03 05:04:34 | 000,380,928 | ---- | C] (Acer Incorporated) -- C:\Windows\AcerStore.exe
[2010.05.03 05:04:34 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[2010.05.03 05:04:18 | 000,199,176 | ---- | C] (Dritek System Inc.) -- C:\Windows\GVUni.exe
[2010.05.03 05:03:44 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2010.05.03 05:03:44 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2010.05.03 05:03:09 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
[2010.05.03 05:03:09 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll
[2010.05.03 05:03:09 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll
[2010.05.03 05:03:09 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2010.05.03 05:03:09 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2010.05.03 05:03:09 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2010.05.03 05:01:02 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2010.05.03 05:01:02 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2010.05.03 05:00:39 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010.05.03 05:00:39 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2010.05.03 05:00:39 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2010.05.03 05:00:39 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2010.05.03 05:00:39 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2010.05.03 05:00:39 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010.05.03 05:00:39 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2010.05.03 05:00:13 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2010.05.03 05:00:13 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2010.05.03 04:56:20 | 002,927,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\zh-TW
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\zh-HK
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\zh-CN
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\uk-UA
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\tr-TR
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\th-TH
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\sv-SE
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\sr-Latn-CS
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\sl-SI
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\sk-SK
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ru-RU
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ro-RO
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\pt-PT
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\pt-BR
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\pl-PL
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nl-NL
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nb-NO
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\lv-LV
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\lt-LT
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ko-KR
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ja-JP
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\it-IT
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\hu-HU
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\hr-HR
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\he-IL
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\fr-FR
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\fi-FI
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\et-EE
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\es-ES
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\en-US
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\el-GR
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\da-DK
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\cs-CZ
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\bg-BG
[2010.05.03 04:53:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ar-SA
[2010.05.03 04:53:47 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2010.05.03 04:53:47 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys
[2010.05.03 04:53:44 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\th-TH\bthport.sys.mui
[2010.05.03 04:53:44 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\uk-UA\bthport.sys.mui
[2010.05.03 04:53:44 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tr-TR\bthport.sys.mui
[2010.05.03 04:53:44 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\zh-TW\bthport.sys.mui
[2010.05.03 04:53:44 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\zh-HK\bthport.sys.mui
[2010.05.03 04:53:44 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\zh-CN\bthport.sys.mui
[2010.05.03 04:53:43 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ro-RO\bthport.sys.mui
[2010.05.03 04:53:43 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\bthport.sys.mui
[2010.05.03 04:53:43 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-BR\bthport.sys.mui
[2010.05.03 04:53:43 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\bthport.sys.mui
[2010.05.03 04:53:43 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sr-Latn-CS\bthport.sys.mui
[2010.05.03 04:53:43 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sl-SI\bthport.sys.mui
[2010.05.03 04:53:43 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sk-SK\bthport.sys.mui
[2010.05.03 04:53:43 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ru-RU\bthport.sys.mui
[2010.05.03 04:53:42 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\nl-NL\bthport.sys.mui
[2010.05.03 04:53:42 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pl-PL\bthport.sys.mui
[2010.05.03 04:53:42 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\bthport.sys.mui
[2010.05.03 04:53:42 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\nb-NO\bthport.sys.mui
[2010.05.03 04:53:42 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\lv-LV\bthport.sys.mui
[2010.05.03 04:53:42 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\lt-LT\bthport.sys.mui
[2010.05.03 04:53:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ko-KR\bthport.sys.mui
[2010.05.03 04:53:41 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\bthport.sys.mui
[2010.05.03 04:53:41 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hu-HU\bthport.sys.mui
[2010.05.03 04:53:41 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hr-HR\bthport.sys.mui
[2010.05.03 04:53:41 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\da-DK\bthport.sys.mui
[2010.05.03 04:53:41 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bg-BG\bthport.sys.mui
[2010.05.03 04:53:41 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fi-FI\bthport.sys.mui
[2010.05.03 04:53:41 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\et-EE\bthport.sys.mui
[2010.05.03 04:53:41 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\cs-CZ\bthport.sys.mui
[2010.05.03 04:53:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\he-IL\bthport.sys.mui
[2010.05.03 04:53:40 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll
[2010.05.03 04:53:40 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2010.05.03 04:53:40 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
[2010.05.03 04:53:40 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll
[2010.05.03 04:53:40 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\bthport.sys.mui
[2010.05.03 04:53:40 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\bthport.sys.mui
[2010.05.03 04:53:40 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\bthport.sys.mui
[2010.05.03 04:53:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\bthport.sys.mui
[2010.05.03 04:53:40 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ja-JP\bthport.sys.mui
[2010.05.03 04:53:39 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll
[2010.05.03 04:53:39 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2010.05.03 04:53:39 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll
[2010.05.03 04:53:39 | 000,291,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll
[2010.05.03 04:53:39 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll
[2010.05.03 04:53:39 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe
[2010.05.03 04:53:39 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll
[2010.05.03 04:53:39 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2010.05.03 04:53:39 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
[2010.05.03 04:53:39 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll
[2010.05.03 04:52:41 | 000,309,768 | ---- | C] (Dritek System Inc.) -- C:\Windows\UNINST32.EXE
[2010.05.03 04:52:41 | 000,021,000 | ---- | C] (Dritek System Inc.) -- C:\Windows\System32\drivers\DKbFltr.sys
[2010.05.03 04:52:39 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll
[2010.05.03 04:52:38 | 000,206,120 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\SynCtrl.dll
[2010.05.03 04:52:38 | 000,204,976 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\drivers\SynTP.sys
[2010.05.03 04:52:38 | 000,169,256 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\SynCOM.dll
[2010.05.03 04:52:38 | 000,161,064 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\SynTPAPI.dll
[2010.05.03 04:52:38 | 000,120,104 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\SynTPCo4.dll
[2010.05.03 04:52:21 | 003,666,432 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\NETw5v32.sys
[2010.05.03 04:52:20 | 002,756,608 | ---- | C] (Intel Corporation) -- C:\Windows\System32\NETw5r32.dll
[2010.05.03 04:52:20 | 000,663,552 | ---- | C] (Intel Corporation) -- C:\Windows\System32\NETw5c32.dll
[2010.05.03 04:51:40 | 001,202,560 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\AGRSM.sys
[2010.05.03 04:51:40 | 000,054,824 | ---- | C] (Agere Systems) -- C:\Windows\agrsmdel.exe
[2010.05.03 04:51:40 | 000,013,312 | ---- | C] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
[2010.05.03 04:51:40 | 000,013,312 | ---- | C] (Agere Systems) -- C:\Windows\System32\agrscoin.dll
[2010.05.03 04:51:26 | 000,329,752 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\iaStor.sys
[2010.05.03 04:51:24 | 000,223,232 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\b57nd60x.sys
[2010.05.03 04:51:20 | 011,376,640 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\atioglxx.dll
[2010.05.03 04:51:20 | 004,934,144 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2010.05.03 04:51:20 | 003,174,400 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2010.05.03 04:51:20 | 003,064,832 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\atiumdag.dll
[2010.05.03 04:51:20 | 002,847,744 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\atiumdva.dll
[2010.05.03 04:51:20 | 002,411,008 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\atidxx32.dll
[2010.05.03 04:51:20 | 000,442,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2010.05.03 04:51:20 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2010.05.03 04:51:20 | 000,335,872 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe
[2010.05.03 04:51:20 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Difxapi.dll
[2010.05.03 04:51:20 | 000,176,128 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2010.05.03 04:51:20 | 000,172,032 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
[2010.05.03 04:51:20 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atibtmon.exe
[2010.05.03 04:51:20 | 000,103,936 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2010.05.03 04:51:20 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2010.05.03 04:51:20 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2010.05.03 04:51:20 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2010.05.03 04:51:20 | 000,051,712 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2010.05.03 04:51:20 | 000,051,712 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2010.05.03 04:51:20 | 000,050,176 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
[2010.05.03 04:51:20 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2010.05.03 04:51:20 | 000,029,696 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
[2010.05.03 04:51:20 | 000,029,696 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
[2010.05.03 04:51:20 | 000,015,360 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2010.05.03 04:51:20 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2010.05.03 04:51:20 | 000,011,776 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2010.05.03 04:50:51 | 000,020,480 | ---- | C] (Wistron Corp.) -- C:\Windows\PATCHFUL.EXE
[2010.05.03 04:50:51 | 000,000,000 | ---D | C] -- C:\Windows\Lan
[2010.05.02 21:35:23 | 000,000,000 | ---D | C] -- C:\Users\Carsten\AppData\Local\Microsoft Games
[2010.05.02 21:04:31 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.05.02 21:01:50 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.05.02 21:01:49 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010.05.02 21:01:44 | 000,181,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.05.02 20:55:55 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Acer
[2010.05.02 20:24:56 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.05.02 20:24:56 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.05.02 20:24:55 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.05.02 20:24:55 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.05.02 20:24:55 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.05.02 20:24:55 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.05.02 20:24:55 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.05.02 20:24:54 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.05.02 20:24:54 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.05.02 20:24:54 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.05.02 20:24:54 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.05.02 20:24:54 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.05.02 20:24:54 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.05.02 20:24:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.05.02 20:24:53 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.05.02 20:23:13 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2010.05.02 20:23:13 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2010.05.02 20:23:12 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2010.05.02 20:23:12 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2010.05.02 20:23:12 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2010.05.02 20:23:12 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2010.05.02 20:23:12 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2010.05.02 20:23:12 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2010.05.02 20:23:11 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010.05.02 20:23:11 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2010.05.02 20:23:11 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2010.05.02 20:23:11 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2010.05.02 20:23:11 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2010.05.02 20:23:11 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2010.05.02 20:23:11 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2010.05.02 20:23:11 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.05.02 20:23:10 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010.05.02 20:23:10 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2010.05.02 20:23:09 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2010.05.02 20:23:09 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.05.02 20:23:09 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2010.05.02 20:23:09 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2010.05.02 20:23:09 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2010.05.02 20:23:09 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2010.05.02 20:23:09 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2010.05.02 20:11:16 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2010.05.02 20:11:16 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2010.05.02 20:11:15 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2010.05.02 20:11:15 | 000,043,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.05.02 20:11:15 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2010.05.02 20:11:15 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2010.05.02 20:11:14 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2010.05.02 20:11:13 | 000,326,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.05.02 20:09:45 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.05.02 20:08:39 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010.05.02 20:07:41 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.05.02 20:07:37 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2010.05.02 20:07:36 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2010.05.02 20:06:32 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010.05.02 20:06:31 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010.05.02 20:03:30 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2010.05.02 20:03:19 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2010.05.02 20:03:19 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2010.05.02 20:03:18 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010.05.02 20:03:16 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010.05.02 20:03:16 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.05.02 20:03:11 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010.05.02 20:03:11 | 000,511,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010.05.02 20:03:11 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010.05.02 20:03:11 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010.05.02 20:03:11 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010.05.02 20:03:11 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010.05.02 20:03:11 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2010.05.02 20:03:11 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010.05.02 20:03:11 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010.05.02 20:03:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.05.02 20:02:01 | 003,598,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.05.02 20:02:01 | 003,545,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.05.02 20:01:50 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010.05.02 20:01:49 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010.05.02 20:01:45 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010.05.02 20:01:45 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2010.05.02 20:01:31 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2010.05.02 20:01:31 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2010.05.02 20:01:31 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2010.05.02 20:01:31 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2010.05.02 20:01:31 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2010.05.02 20:01:31 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2010.05.02 20:01:31 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TCPSVCS.EXE
[2010.05.02 20:01:31 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2010.05.02 20:01:30 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010.05.02 20:00:57 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.05.02 20:00:57 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.05.02 20:00:57 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.05.02 20:00:57 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2010.05.02 20:00:53 | 001,256,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010.05.02 20:00:47 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2010.05.02 20:00:47 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2010.05.02 20:00:47 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2010.05.02 20:00:37 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2010.05.02 20:00:37 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2010.05.02 20:00:28 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010.05.02 20:00:28 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2010.05.02 20:00:28 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010.05.02 20:00:28 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010.05.02 20:00:28 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2010.05.02 20:00:22 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2010.05.02 20:00:20 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2010.05.02 20:00:20 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2010.05.02 20:00:16 | 000,636,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2010.05.02 20:00:14 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010.05.02 20:00:07 | 002,035,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.05.02 19:59:59 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2010.05.02 19:59:44 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2010.05.02 19:59:43 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2010.05.02 19:59:43 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2010.05.02 19:59:43 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2010.05.02 19:59:42 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.05.02 19:48:01 | 000,114,688 | ---- | C] (Abstract Software) -- C:\Users\Public\Desktop\Internet-Erlebniswelt.exe
[2010.05.02 19:45:39 | 000,000,000 | ---D | C] -- C:\Users\Carsten\AppData\Local\EgisTec
[2010.05.02 19:45:32 | 000,000,000 | ---D | C] -- C:\ProgramData\EgisTec
[2010.05.02 19:42:23 | 000,000,000 | ---D | C] -- C:\Programme\Acer Inc
[2010.05.02 19:39:57 | 000,000,000 | ---D | C] -- C:\ProgramData\eSobi
[2010.05.02 19:39:42 | 000,000,000 | ---D | C] -- C:\Programme\eSobi
[2010.05.02 19:37:46 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\EgisTec
[2010.05.02 19:37:45 | 000,000,000 | ---D | C] -- C:\Programme\EgisTec Egis Software Update
[2010.05.02 19:37:36 | 000,000,000 | ---D | C] -- C:\Programme\EgisTec
[2010.05.02 19:37:06 | 000,000,000 | ---D | C] -- C:\Users\Carsten\AppData\Local\Acer ePower Management V4
[2010.05.02 19:36:54 | 000,000,000 | ---D | C] -- C:\Programme\Acer
[2010.05.02 19:33:06 | 000,000,000 | ---D | C] -- C:\Users\Carsten\AppData\Roaming\Macromedia
[2010.05.02 19:33:05 | 000,000,000 | ---D | C] -- C:\Windows\Screensavers
[2010.05.02 19:32:31 | 000,000,000 | ---D | C] -- C:\Programme\Launch Manager
[2010.05.02 19:32:06 | 000,000,000 | ---D | C] -- C:\Programme\Synaptics
[2010.05.02 19:32:02 | 000,000,000 | ---D | C] -- C:\Users\Carsten\AppData\Roaming\Google
[2010.05.02 19:31:18 | 001,380,352 | ---- | C] (SuYin) -- C:\Windows\Acer Crystal Eye webcam.EXE
[2010.05.02 19:31:06 | 000,000,000 | ---D | C] -- C:\Users\Carsten\AppData\Roaming\InstallShield
[2010.05.02 19:29:26 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2010.05.02 19:29:26 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2010.05.02 19:29:21 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2010.05.02 19:29:00 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2010.05.02 19:28:58 | 002,381,824 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkHDMI.dll
[2010.05.02 19:28:58 | 000,154,272 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RtHDMIV.sys
[2010.05.02 19:28:57 | 000,950,272 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RHDMIExt.dll
[2010.05.02 19:28:57 | 000,034,304 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RHCoInst.dll
[2010.05.02 19:28:55 | 001,777,664 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2010.05.02 19:28:55 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2010.05.02 19:28:55 | 000,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2010.05.02 19:28:55 | 000,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2010.05.02 19:28:55 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2010.05.02 19:28:55 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2010.05.02 19:28:54 | 000,185,776 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2010.05.02 19:28:54 | 000,167,936 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2010.05.02 19:28:52 | 000,551,456 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2010.05.02 19:28:52 | 000,282,112 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\RTPCEE32.dll
[2010.05.02 19:28:51 | 002,323,680 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys
[2010.05.02 19:28:51 | 000,998,432 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2010.05.02 19:28:51 | 000,045,600 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2010.05.02 19:28:50 | 000,326,176 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2010.05.02 19:28:49 | 002,523,680 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2010.05.02 19:28:44 | 001,933,312 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2010.05.02 19:28:43 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2010.05.02 19:28:43 | 000,159,744 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2010.05.02 19:28:43 | 000,126,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2010.05.02 19:28:43 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2010.05.02 19:28:40 | 000,159,232 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\FMAPO.dll
[2010.05.02 19:28:39 | 000,141,312 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2010.05.02 19:28:39 | 000,060,416 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2010.05.02 19:28:39 | 000,000,000 | ---D | C] -- C:\Programme\Realtek
[2010.05.02 19:28:38 | 000,528,384 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2010.05.02 19:28:38 | 000,000,000 | -H-D | C] -- C:\Programme\Temp
[2010.05.02 19:28:21 | 000,000,000 | ---D | C] -- C:\Users\Carsten\AppData\Roaming\Adobe
[2010.05.02 19:28:17 | 000,000,000 | ---D | C] -- C:\Users\Carsten\AppData\Roaming\ATI
[2010.05.02 19:28:17 | 000,000,000 | ---D | C] -- C:\Users\Carsten\AppData\Local\ATI
[2010.05.02 19:28:17 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010.05.02 19:28:16 | 000,000,000 | ---D | C] -- C:\Programme\ATI
[2010.05.02 19:27:21 | 000,000,000 | ---D | C] -- C:\Programme\ATI Technologies
[2010.05.02 19:27:06 | 000,000,000 | ---D | C] -- C:\Users\Carsten\Documents\Eigene Google Gadgets
[2010.05.02 19:27:05 | 000,000,000 | ---D | C] -- C:\Users\Carsten\AppData\Local\Google
[2010.05.02 19:26:53 | 000,000,000 | ---D | C] -- C:\Users\Carsten\AppData\Roaming\PowerCinema
[2010.05.02 19:26:42 | 000,000,000 | ---D | C] -- C:\Programme\Convesoft
[2010.05.02 19:26:41 | 000,000,000 | R--D | C] -- C:\Users\Carsten\Searches
[2010.05.02 19:26:33 | 000,000,000 | ---D | C] -- C:\Users\Carsten\AppData\Roaming\Identities
[2010.05.02 19:26:31 | 000,000,000 | R--D | C] -- C:\Users\Carsten\Contacts
[2010.05.02 19:26:30 | 000,000,000 | ---D | C] -- C:\Users\Carsten\AppData\Local\VirtualStore
[2010.05.02 19:26:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Partner
[2010.05.02 19:26:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2010.05.02 19:26:17 | 000,000,000 | ---D | C] -- C:\Programme\Google
[2010.05.02 19:25:11 | 000,000,000 | -HSD | C] -- C:\Users\Carsten\Vorlagen
[2010.05.02 19:25:11 | 000,000,000 | -HSD | C] -- C:\Users\Carsten\AppData\Local\Verlauf
[2010.05.02 19:25:11 | 000,000,000 | -HSD | C] -- C:\Users\Carsten\AppData\Local\Temporary Internet Files
[2010.05.02 19:25:11 | 000,000,000 | -HSD | C] -- C:\Users\Carsten\Startmenü
[2010.05.02 19:25:11 | 000,000,000 | -HSD | C] -- C:\Users\Carsten\SendTo
[2010.05.02 19:25:11 | 000,000,000 | -HSD | C] -- C:\Users\Carsten\Recent
[2010.05.02 19:25:11 | 000,000,000 | -HSD | C] -- C:\Users\Carsten\Netzwerkumgebung
[2010.05.02 19:25:11 | 000,000,000 | -HSD | C] -- C:\Users\Carsten\Lokale Einstellungen
[2010.05.02 19:25:11 | 000,000,000 | -HSD | C] -- C:\Users\Carsten\Documents\Eigene Videos
[2010.05.02 19:25:11 | 000,000,000 | -HSD | C] -- C:\Users\Carsten\Documents\Eigene Musik
[2010.05.02 19:25:11 | 000,000,000 | -HSD | C] -- C:\Users\Carsten\Eigene Dateien
[2010.05.02 19:25:11 | 000,000,000 | -HSD | C] -- C:\Users\Carsten\Documents\Eigene Bilder
[2010.05.02 19:25:11 | 000,000,000 | -HSD | C] -- C:\Users\Carsten\Druckumgebung
[2010.05.02 19:25:11 | 000,000,000 | -HSD | C] -- C:\Users\Carsten\Cookies
[2010.05.02 19:25:11 | 000,000,000 | -HSD | C] -- C:\Users\Carsten\AppData\Local\Anwendungsdaten
[2010.05.02 19:25:11 | 000,000,000 | -HSD | C] -- C:\Users\Carsten\Anwendungsdaten
[2010.05.02 19:25:11 | 000,000,000 | ---D | C] -- C:\Users\Carsten\AppData\Local\Temp
[2010.05.02 19:25:11 | 000,000,000 | ---D | C] -- C:\Users\Carsten\AppData\Local\Microsoft
[2010.05.02 19:25:10 | 000,000,000 | --SD | C] -- C:\Users\Carsten\AppData\Roaming\Microsoft
[2010.05.02 19:25:10 | 000,000,000 | R--D | C] -- C:\Users\Carsten\Videos
[2010.05.02 19:25:10 | 000,000,000 | R--D | C] -- C:\Users\Carsten\Saved Games
[2010.05.02 19:25:10 | 000,000,000 | R--D | C] -- C:\Users\Carsten\Pictures
[2010.05.02 19:25:10 | 000,000,000 | R--D | C] -- C:\Users\Carsten\Music
[2010.05.02 19:25:10 | 000,000,000 | R--D | C] -- C:\Users\Carsten\Links
[2010.05.02 19:25:10 | 000,000,000 | R--D | C] -- C:\Users\Carsten\Favorites
[2010.05.02 19:25:10 | 000,000,000 | R--D | C] -- C:\Users\Carsten\Downloads
[2010.05.02 19:25:10 | 000,000,000 | R--D | C] -- C:\Users\Carsten\Documents
[2010.05.02 19:25:10 | 000,000,000 | R--D | C] -- C:\Users\Carsten\Desktop
[2010.05.02 19:25:10 | 000,000,000 | -H-D | C] -- C:\Users\Carsten\AppData
[2010.05.02 19:25:10 | 000,000,000 | ---D | C] -- C:\Users\Carsten\AppData\Roaming\Media Center Programs
[2010.05.02 19:25:10 | 000,000,000 | ---D | C] -- C:\Users\Carsten\AppData\Roaming\Acer GameZone Console
[2010.05.02 19:21:41 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.05.02 19:21:41 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.05.02 19:21:41 | 000,000,000 | -HSD | C] -- C:\Programme
[2010.05.02 19:21:41 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.05.02 19:21:41 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.05.02 19:21:41 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.05.02 19:21:41 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.05.02 19:21:41 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.05.02 19:21:41 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2010.05.02 19:21:41 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.05.02 19:21:41 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2010.05.02 19:21:41 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010.05.03 09:47:52 | 001,048,576 | -HS- | M] () -- C:\Users\Carsten\NTUSER.DAT
[2010.05.03 09:43:12 | 000,007,391 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2010.05.03 09:42:02 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.03 09:42:02 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.03 09:41:58 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.05.03 09:41:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.05.03 09:41:45 | 3213,746,176 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.03 09:41:06 | 000,524,288 | -HS- | M] () -- C:\Users\Carsten\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.05.03 09:41:06 | 000,065,536 | -HS- | M] () -- C:\Users\Carsten\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.05.03 09:41:02 | 001,868,987 | -H-- | M] () -- C:\Users\Carsten\AppData\Local\IconCache.db
[2010.05.03 09:32:04 | 000,000,692 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.03 09:28:17 | 001,418,806 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.05.03 09:28:17 | 000,618,442 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.05.03 09:28:17 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.05.03 09:28:17 | 000,122,842 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.05.03 09:28:17 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.05.03 05:03:44 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hcrstco.dll
[2010.05.03 05:03:44 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hccoin.dll
[2010.05.03 05:03:44 | 000,005,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2010.05.03 05:03:43 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2010.05.03 05:03:09 | 000,397,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
[2010.05.03 05:03:09 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll
[2010.05.03 05:03:09 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll
[2010.05.03 05:03:09 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2010.05.03 05:03:09 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2010.05.03 05:03:09 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2010.05.03 05:01:02 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2010.05.03 05:01:02 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2010.05.03 05:00:39 | 000,666,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010.05.03 05:00:39 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2010.05.03 05:00:39 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2010.05.03 05:00:39 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2010.05.03 05:00:39 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2010.05.03 05:00:39 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010.05.03 05:00:39 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2010.05.03 05:00:13 | 000,562,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2010.05.03 05:00:13 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2010.05.03 04:56:20 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.05.03 04:53:44 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\th-TH\bthport.sys.mui
[2010.05.03 04:53:44 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\uk-UA\bthport.sys.mui
[2010.05.03 04:53:44 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tr-TR\bthport.sys.mui
[2010.05.03 04:53:44 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\zh-TW\bthport.sys.mui
[2010.05.03 04:53:44 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\zh-HK\bthport.sys.mui
[2010.05.03 04:53:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\zh-CN\bthport.sys.mui
[2010.05.03 04:53:43 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ro-RO\bthport.sys.mui
[2010.05.03 04:53:43 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\bthport.sys.mui
[2010.05.03 04:53:43 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-BR\bthport.sys.mui
[2010.05.03 04:53:43 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\bthport.sys.mui
[2010.05.03 04:53:43 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sr-Latn-CS\bthport.sys.mui
[2010.05.03 04:53:43 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sl-SI\bthport.sys.mui
[2010.05.03 04:53:43 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sk-SK\bthport.sys.mui
[2010.05.03 04:53:43 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ru-RU\bthport.sys.mui
[2010.05.03 04:53:42 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nl-NL\bthport.sys.mui
[2010.05.03 04:53:42 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pl-PL\bthport.sys.mui
[2010.05.03 04:53:42 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\bthport.sys.mui
[2010.05.03 04:53:42 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nb-NO\bthport.sys.mui
[2010.05.03 04:53:42 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\lv-LV\bthport.sys.mui
[2010.05.03 04:53:42 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\lt-LT\bthport.sys.mui
[2010.05.03 04:53:42 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ko-KR\bthport.sys.mui
[2010.05.03 04:53:41 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\bthport.sys.mui
[2010.05.03 04:53:41 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hu-HU\bthport.sys.mui
[2010.05.03 04:53:41 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hr-HR\bthport.sys.mui
[2010.05.03 04:53:41 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\da-DK\bthport.sys.mui
[2010.05.03 04:53:41 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bg-BG\bthport.sys.mui
[2010.05.03 04:53:41 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fi-FI\bthport.sys.mui
[2010.05.03 04:53:41 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\et-EE\bthport.sys.mui
[2010.05.03 04:53:41 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\cs-CZ\bthport.sys.mui
[2010.05.03 04:53:41 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\he-IL\bthport.sys.mui
[2010.05.03 04:53:40 | 002,134,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll
[2010.05.03 04:53:40 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2010.05.03 04:53:40 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
[2010.05.03 04:53:40 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll
[2010.05.03 04:53:40 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\bthport.sys.mui
[2010.05.03 04:53:40 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\bthport.sys.mui
[2010.05.03 04:53:40 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\bthport.sys.mui
[2010.05.03 04:53:40 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\bthport.sys.mui
[2010.05.03 04:53:40 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\bthport.sys.mui
[2010.05.03 04:53:40 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ja-JP\bthport.sys.mui
[2010.05.03 04:53:39 | 000,968,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll
[2010.05.03 04:53:39 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2010.05.03 04:53:39 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll
[2010.05.03 04:53:39 | 000,291,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll
[2010.05.03 04:53:39 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll
[2010.05.03 04:53:39 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe
[2010.05.03 04:53:39 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll
[2010.05.03 04:53:39 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2010.05.03 04:53:39 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2010.05.03 04:53:39 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
[2010.05.03 04:53:39 | 000,025,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys
[2010.05.03 04:53:39 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll
[2010.05.02 21:08:15 | 000,001,593 | ---- | M] () -- C:\Users\Public\Desktop\Browserwahl.lnk
[2010.05.02 20:55:35 | 000,070,744 | ---- | M] () -- C:\Users\Carsten\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.05.02 20:53:06 | 000,298,088 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.05.02 20:16:36 | 000,060,826 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010.05.02 20:13:38 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010.05.02 19:48:05 | 000,000,193 | ---- | M] () -- C:\Windows\USER.XML
[2010.05.02 19:47:08 | 000,000,594 | ---- | M] () -- C:\Users\Public\Desktop\Acer Store.lnk
[2010.05.02 19:45:54 | 000,007,160 | ---- | M] () -- C:\Users\Carsten\AppData\Local\d3d9caps.dat
[2010.05.02 19:43:23 | 000,524,288 | -HS- | M] () -- C:\Users\Carsten\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010.05.02 19:42:50 | 000,000,206 | ---- | M] () -- C:\Windows\Factory.xml
[2010.05.02 19:42:47 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\Acer GameZone Console.lnk
[2010.05.02 19:42:24 | 000,000,092 | ---- | M] () -- C:\Windows\GridV.UNI
[2010.05.02 19:39:49 | 000,001,948 | ---- | M] () -- C:\Users\Public\Desktop\eSobi v2.lnk
[2010.05.02 19:38:09 | 000,001,976 | ---- | M] () -- C:\Users\Public\Desktop\MyWinLocker.lnk
[2010.05.02 19:35:26 | 000,000,855 | ---- | M] () -- C:\Windows\regfile_I.cmd
[2010.05.02 19:35:26 | 000,000,256 | ---- | M] () -- C:\Windows\regfile_E.cmd
[2010.05.02 19:32:34 | 000,000,083 | ---- | M] () -- C:\Windows\LManager.UNI
[2010.05.02 19:32:21 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01007.Wdf
[2010.05.02 19:29:59 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2010.05.02 19:26:44 | 000,001,900 | ---- | M] () -- C:\Users\Public\Desktop\Orion.lnk
[2010.05.02 19:25:11 | 000,000,020 | -HS- | M] () -- C:\Users\Carsten\ntuser.ini
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010.05.03 09:32:04 | 000,000,692 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.03 05:04:36 | 000,012,479 | -HS- | C] () -- C:\Patch.rev
[2010.05.03 04:51:20 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2010.05.03 04:51:20 | 000,189,051 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.05.03 04:51:20 | 000,178,544 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2010.05.03 04:51:20 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2010.05.03 04:51:20 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2010.05.03 04:51:20 | 000,018,026 | ---- | C] () -- C:\Windows\atiogl.xml
[2010.05.03 04:51:20 | 000,000,481 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010.05.03 04:50:51 | 000,000,193 | ---- | C] () -- C:\Windows\USER.XML
[2010.05.02 21:08:15 | 000,001,593 | ---- | C] () -- C:\Users\Public\Desktop\Browserwahl.lnk
[2010.05.02 20:24:54 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010.05.02 20:15:00 | 3213,746,176 | -HS- | C] () -- C:\hiberfil.sys
[2010.05.02 20:13:38 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.05.02 20:00:48 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010.05.02 19:47:08 | 000,000,594 | ---- | C] () -- C:\Users\Public\Desktop\Acer Store.lnk
[2010.05.02 19:45:44 | 000,007,160 | ---- | C] () -- C:\Users\Carsten\AppData\Local\d3d9caps.dat
[2010.05.02 19:42:24 | 000,000,092 | ---- | C] () -- C:\Windows\GridV.UNI
[2010.05.02 19:39:49 | 000,001,948 | ---- | C] () -- C:\Users\Public\Desktop\eSobi v2.lnk
[2010.05.02 19:38:09 | 000,001,976 | ---- | C] () -- C:\Users\Public\Desktop\MyWinLocker.lnk
[2010.05.02 19:37:31 | 000,003,276 | ---- | C] () -- C:\Users\Carsten\AppData\Local\MyWinLockerInstaller.txt-20100502.log
[2010.05.02 19:35:40 | 000,000,855 | ---- | C] () -- C:\Windows\regfile_I.cmd
[2010.05.02 19:35:40 | 000,000,256 | ---- | C] () -- C:\Windows\regfile_E.cmd
[2010.05.02 19:32:34 | 000,000,083 | ---- | C] () -- C:\Windows\LManager.UNI
[2010.05.02 19:32:21 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01007.Wdf
[2010.05.02 19:31:18 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2010.05.02 19:31:18 | 000,222,382 | ---- | C] () -- C:\Windows\Acer Crystal Eye webcam.ico
[2010.05.02 19:31:18 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2010.05.02 19:31:18 | 000,020,480 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe
[2010.05.02 19:31:18 | 000,006,318 | ---- | C] () -- C:\Windows\Suyin.reg
[2010.05.02 19:31:18 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2010.05.02 19:29:00 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2010.05.02 19:28:59 | 000,090,772 | ---- | C] () -- C:\Windows\System32\drivers\RtConvEQ.DAT
[2010.05.02 19:28:59 | 000,000,536 | ---- | C] () -- C:\Windows\System32\drivers\RtHdatEx.dat
[2010.05.02 19:26:44 | 000,001,900 | ---- | C] () -- C:\Users\Public\Desktop\Orion.lnk
[2010.05.02 19:25:11 | 000,524,288 | -HS- | C] () -- C:\Users\Carsten\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010.05.02 19:25:11 | 000,524,288 | -HS- | C] () -- C:\Users\Carsten\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.05.02 19:25:11 | 000,262,144 | -H-- | C] () -- C:\Users\Carsten\ntuser.dat.LOG1
[2010.05.02 19:25:11 | 000,065,536 | -HS- | C] () -- C:\Users\Carsten\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.05.02 19:25:11 | 000,000,020 | -HS- | C] () -- C:\Users\Carsten\ntuser.ini
[2010.05.02 19:25:11 | 000,000,000 | -H-- | C] () -- C:\Users\Carsten\ntuser.dat.LOG2
[2010.05.02 19:25:10 | 001,048,576 | -HS- | C] () -- C:\Users\Carsten\NTUSER.DAT
[2009.03.12 12:32:52 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2009.02.11 22:03:58 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll
[2009.02.11 22:03:58 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll
[2009.02.11 22:03:57 | 000,000,060 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
< End of report >

03.05.2010, 09:52

carsteng

Member

Themenstarter

Beiträge: 17

#17

Code

OTL Extras logfile created on: 03.05.2010 09:45:39 - Run 1
OTL by OldTimer - Version 3.2.4.1     Folder = C:\Users\Carsten\Desktop\OTL
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,99 Gb Total Space | 424,52 Gb Free Space | 93,10% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: CARSTEN-PC
Current User Name: Carsten
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{99C2450F-E428-40FE-9DEC-9DC3729ED491}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{EB066731-22CC-4520-803F-A34E50F4130C}" = lport=2869 | protocol=6 | dir=in | app=system | 
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AD63CA4-E4FB-4FCB-9EE2-9E7B8D955EB7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{3BBD8B34-1006-4F7C-AEA7-E791A986E32A}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe | 
"{4402DD63-92A1-4298-B39C-DF3856A5C25E}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{44313369-55A3-4DAD-880E-2106C1031AB1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{565654F8-F40D-4390-93C6-8058E1ACD914}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{590C0619-0518-4595-8DDF-19EF077A6A17}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{59D7ECC3-1D25-4D86-A5C5-E7571576410B}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{6E3A109D-AC1A-485F-800A-32582D09EFA8}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe | 
"{763F5E67-36E2-44FA-B037-B18A2F7547F6}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{7BE655D9-687E-47F1-98AB-025C96B0D274}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe | 
"{8D514C19-9B7F-4B3D-9039-760270250D49}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{96C11CA6-84DB-4D58-B2C8-98F463EBA933}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe | 
"{AE4AF426-0752-41FE-A533-F7886DE302D8}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{BEA626B6-140C-4DC4-AD06-572D004D03BF}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe | 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033F0CE1-B6FC-EC7A-7914-81F14C8DBA0F}" = Catalyst Control Center Core Implementation
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05B95480-732A-1081-8A94-D924326AF36F}" = CCC Help English
"{0945589B-6CC4-FA00-3CBE-BD6028B26063}" = CCC Help Turkish
"{0EAE6EF9-010E-0734-D0A0-2BB8040F90EA}" = CCC Help French
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{133C8002-B64F-C9E7-7DAC-21BAE58DC041}" = CCC Help Russian
"{150715F0-2800-A3C5-836E-F4F98AE3A775}" = ccc-core-static
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22EFABF6-7373-7755-4EA4-5240E7CCEEF7}" = Catalyst Control Center Graphics Previews Vista
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{270629EB-D776-04FC-0631-256177B7A021}" = CCC Help Swedish
"{29D2987A-9FBC-1BD3-E463-12D50D94DBFC}" = Catalyst Control Center Graphics Full New
"{2AB22900-5718-4617-523B-9DFDECB4749D}" = CCC Help Italian
"{3956AEA0-9299-CA45-5BF1-5A721F8E3A21}" = CCC Help Chinese Traditional
"{3C152296-D7E4-59F4-B07E-43587CE985FE}" = CCC Help Norwegian
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{502D4628-92AD-416A-0580-00D64320DBB7}" = ATI Catalyst Install Manager
"{51B83F5C-5660-4B73-AB18-C68993FEDEB3}" = Catalyst Control Center - Branding
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{66CB1DC8-FBA1-7436-08F3-061F7CB72C80}" = Skins
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{6C497312-7C1E-BB3C-D143-B8FD0C894CF1}" = CCC Help Polish
"{71C2828F-2678-4675-BDEC-895424861262}_is1" = C:\Program Files\Acer GameZone\GameConsole
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110184263}" = Puzzle Express
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11037623}" = Tradewinds 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111205743}" = Tri-Peaks Solitaire To Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111232687}" = Ocean Express
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11170417}" = Luxor 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11219217}" = Cradle of Rome
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112270203}" = Dream Day Wedding
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113056167}" = Dream Day Honeymoon
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113297350}" = Cake Mania 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113494430}" = Wedding Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}" = Airport Mania First Flight
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115443300}" = Cooking Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11551977}" = Parking Dash
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{88FC0C01-E4AA-3C3E-4612-3F11E69EF188}" = CCC Help German
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{58FC5E37-DD28-4D4A-A549-125744C6763C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98E3A37D-D424-C725-E06A-71C1151F682A}" = CCC Help Finnish
"{9AF0B106-56F1-461B-A270-95BC1682E282}" = Broadcom Gigabit NetLink Controller
"{A141F87A-A73B-368D-AB65-A997B3D1D2C4}" = CCC Help Spanish
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam
"{AAD2CA33-F716-4D1B-31F9-B52A847C4AF1}" = CCC Help Hungarian
"{AB104276-19BC-D12E-90EE-D358003A4EAF}" = CCC Help Greek
"{ABBD20D8-60E7-885B-734A-DE745BFDF43B}" = CCC Help Czech
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{AEE701D3-6AF7-A8D5-145E-D0C01D528FAD}" = ccc-utility
"{B5080F69-EE95-49DC-F8A1-B7CBB2B5028D}" = CCC Help Korean
"{B5BCBD49-202F-4238-8398-D83D423A48B4}" = Windows Live Anmelde-Assistent
"{B6CB5308-3B67-9861-97F5-0EB31CE21E63}" = CCC Help Chinese Standard
"{B7020783-0AB1-8D67-E850-673BD0C61E7F}" = CCC Help Thai
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0354121-07AF-DE06-1D0F-7490EFE2F67A}" = Catalyst Control Center Graphics Full Existing
"{DA163DB8-C795-9EF2-7CF2-8B570BA9E39E}" = CCC Help Portuguese
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E36BE564-B727-A80D-E9F0-7FFEB69120E5}" = CCC Help Dutch
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5A56A6C-7656-969C-457A-E7600A6F169B}" = Catalyst Control Center Graphics Light
"{E5D9A29A-8903-968F-6394-CB8CC151084C}" = Catalyst Control Center Localization All
"{EE03DA2C-2154-7298-4461-F76C615932A9}" = CCC Help Japanese
"{EE9DEA81-3B77-7135-0E5B-B8C3092FE88A}" = CCC Help Danish
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"Acer Screensaver" = Acer ScreenSaver
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Google Desktop" = Google Desktop
"GridVista" = Acer GridVista
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSC" = McAfee SecurityCenter
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinLiveSuite_Wave3" = Windows Live Essentials
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 02.05.2010 14:56:07 | Computer Name = Carsten-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 02.05.2010 14:56:07 | Computer Name = Carsten-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 02.05.2010 15:08:19 | Computer Name = Carsten-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 02.05.2010 15:31:21 | Computer Name = Carsten-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 03.05.2010 03:25:21 | Computer Name = Carsten-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 03.05.2010 03:42:38 | Computer Name = Carsten-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 03.05.2010 03:42:40 | Computer Name = Carsten-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 03.05.2010 03:42:41 | Computer Name = Carsten-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 03.05.2010 03:42:41 | Computer Name = Carsten-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 03.05.2010 03:43:30 | Computer Name = Carsten-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 02.05.2010 15:10:47 | Computer Name = Carsten-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 02.05.2010 15:10:50 | Computer Name = Carsten-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 02.05.2010 15:10:52 | Computer Name = Carsten-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 02.05.2010 15:30:00 | Computer Name = Carsten-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 02.05.2010 15:31:22 | Computer Name = Carsten-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 02.05.2010 15:41:23 | Computer Name = Carsten-PC | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 03.05.2010 03:23:47 | Computer Name = Carsten-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 03.05.2010 03:25:22 | Computer Name = Carsten-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 03.05.2010 03:41:58 | Computer Name = Carsten-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 03.05.2010 03:43:30 | Computer Name = Carsten-PC | Source = Service Control Manager | ID = 7000
Description = 
 
 
< End of report >

03.05.2010, 09:53

carsteng

Member

Themenstarter

Beiträge: 17

#18 Ok hier sind dann nochmal die OTL.Txt und Extras.Txt logfiles in Code-Tags.
Hoffentlich ist nun alles behoben.

03.05.2010, 12:27

Swisstreasure

Moderator

Beiträge: 5694

#19 Mach bitte noch folgende Onlinescans: FSecure, Bitdefender, ESET
http://forum.hijackthis.de/allgemeines/25893-kostenlose-online-scanner.html

03.05.2010, 16:53

carsteng

Member

Themenstarter

Beiträge: 17

#20 BitDefender Online Scanner - Echtzeit-Virenmeldung

Erstellt am: Mon, May 03, 2010 - 16:51:35
Prüf-Info

Geprüfte Dateien
86072

Infizierte Dateien
0

Erkannte Viren
Keine Viren gefunden

Diese Zusammenfassung des Prüfvorgangs wird vom BitDefender Virus Labor dazu verwendet detaillierte Berichte über die weltweite Aktivität von Viren zu erstellen.

03.05.2010, 18:50

carsteng

Member

Themenstarter

Beiträge: 17

#21 ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=e514198b5657834bb65ef7ccd2f941f2
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-05-03 04:47:17
# local_time=2010-05-03 06:47:17 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6001 NT Service Pack 1
# compatibility_mode=5121 16776637 83 96 69036 25265019 0 0
# compatibility_mode=5892 16776573 100 100 2625 110431799 0 0
# compatibility_mode=8192 67108863 100 0 85 85 0 0
# scanned=124066
# found=0
# cleaned=0
# scan_time=6165

03.05.2010, 20:19

carsteng

Member

Themenstarter

Beiträge: 17

#22 Da der Text zu lnag ist hba ich ihn als txt.-datei im anhang beigefügt.

Anhang: FSecure - Scanbericht - Montag, Mai 3, 2010 200821.txt

03.05.2010, 20:20

carsteng

Member

Themenstarter

Beiträge: 17

#23 die 6 spywear-sachen wurden wohl erfolgreich entfernt...kommt jetzt noch etwas auf mich zu oder kann ich wieder "bedenkenlos" mein laptop online verwenden?

04.05.2010, 11:05

Swisstreasure

Moderator

Beiträge: 5694

#24 Das waren nur Cookies

Nachsorge

Um Dein System vor Malware zu schützen, gebe ich Dir im Anschluss eine Kurzversion mit Tipps und Hinweisen auf Tools, die Dir helfen werden, Dein System abzusichern und in Zukunft frei von Infektionen zu halten. Wenn Dein System infiziert war, rate ich Dir, Deine Passwörter zu ändern. Bitte betrachte die Tipps als Vorschläge und nicht als Nonplusultra

.

Erstelle einen neuen Systemwiederherstellungspunkt

Das ist ein guter Zeitpunkt, die Systemwiederherstellung zu leeren und einen neuen sauberen Wiederherstellungspunkt zu erstellen (Anleitung für Vista-User).
• Start => Alle Programme => Zubehör => Systemprogramme => Systemwiederherstellung
• Wähle "Einen Wiederherstellungspunkt erstellen" => Weiter
• Gebe als Beschreibung z. B. "Nach_Bereinigung" ein => Erstellen => Schließen.
• Nun Start => Ausführen => cleanmgr (reinschreiben) => OK => Reiter Weitere Optionen
• Klicke unter Systemwiederherstellung auf Bereinigen und bestätige das Löschen mit Ja => OK.
Das wird alle Wiederherstellungspunkte bis auf den letzten neu erstellten löschen.

Diesen Punkt kannst Du weglassen, falls Du das System gerade neu aufgesetzt hast oder Combofix benutzt und ordentlich deinstalliert wurde, da Combofix das schon erledigt.

Massnahmen:

Um Dein System vor Malware zu schützen, gebe ich Dir im Anschluss eine Kurzversion mit Tipps und Hinweisen auf Tools, die Dir helfen werden, Dein System abzusichern und in Zukunft frei von Infektionen zu halten. Wenn Dein System infiziert war, rate ich Dir, Deine Passwörter zu ändern. Bitte betrachte die Tipps als Vorschläge und nicht als Nonplusultra

.

Falls bei Dir noch nicht installiert, solltest Du Dir die folgenden Programme installieren. Spybot Search&Destroy ist ein gutes Tool, welches bösartige Software sucht und unschädlich macht. Bei der Installation darauf achten, dass der TeaTimer nicht aktiviert wird. Lasse das Tool in regelmäßige Abständen (z. B. einmal pro Woche) laufen und lasse vor der Überprüfung immer nach Updates suchen, Details siehe ausführliche Anleitung. Um Dein System frei von temporären Dateien zu halten, empfehle ich [url="http://www.CCleaner.de"]CCleaner[/url], (Toolbar nicht mitinstallieren) eine Freeware-Software zur Optimierung und zum Aufräumen von Windows, Einzelheiten siehe die Anleitung von Hijackthis-Forum.de. Bei Java (Sun) immer nur die aktuellste Version auf dem Rechner haben, alle anderen deinstallieren.

Verwende einen alternativen Browser, ich empfehle Firefox. Es gibt eine große Anzahl von Erweiterungen, wie z. B. Adblock Plus und NoScript. Mit der Erweiterung IE Tab ist sogar das Windows- und Office-Upate über Firefox möglich. Die Erweiterung QuickJava sorgt dafür, dass Du Java und Java-Skript nur bei Bedarf einschalten kannst. Eine alternatives E-Mail-Programm ist Thunderbird. Auch dafür gibt es viele sehr gute Erweiterungen.

Als Alternative für die ganzen Messenger kommen Miranda-IM oder Trillian infrage. Miranda ist ein malwarefreier OpenSource Instant-Messenger, der mit Protokollen von AOL, ICQ, IRC, MSN und Yahoo zusammen arbeitet. Mit dem ebenfalls malwarefreien Trillian kannst du mit Nutzern von ICQ, AIM, Yahoo Messenger, MSN und IRC chatten.

"Wie konnte die Malware auf meinen Rechner kommen?", ist die wohl am häufigsten gestellte Frage. Malware gelangt in erster Linie über sogenannte Browser Exploits auf einen Rechner, also über Sicherheitslücken im Browser selbst. Weitere Schleusen sind E-Mail-Anhänge, Lecks im Betriebssystem oder Dateidownloads aus unsicheren Quellen.

Durch Einsatz Deines Köpfchens und folgende simple Maßnahmen kannst Du den Schutz optimieren:

• System immer auf aktuellem Stand halten (Windows Update regelmäßig machen und Software aktualisieren).
• Programme wenn möglich "benutzerdefiniert" installieren und Toolbars und Sponsoren abwählen.
• Internet Explorer sicher konfigurieren.
• Nur Original-Software nutzen und auf Programme aus dubiosen Quellen konsequent verzichten.
• Programme, die Du nicht mehr nutzt, über Systemsteuerung => Software entfernen/deinstallieren.
• Nicht alles anklicken, wo klickmich draufsteht!
• Gesunden Menschenverstand und Vorsicht walten lassen,
• insbesondere bei Dateien, die Du Dir auf den PC holst, also E-Mails, Downloads etc.,
• am besten auf Filesharing über P2P-Programme ganz verzichten.
• Router durch Vergabe eines Kennwortes vor Änderungen von außen schützen.
• Nicht benötigte Dienste und Programme gar nicht erst starten.
Bezüglich der Dienste ist es allerdings nötig, sich damit ausführlich zu beschäftigen, ansonsten die Dienste lieber lassen, wie sie sind.
• Nicht benötigte "Ports" (am eventuell vorhandenen DSL-Router), Freigaben u. ä. schließen.
• Port-Scan-Test.
• WLAN absichern.
• Sichere Passwörter vergeben.
• Nicht mehr als einen Virenscanner mit Hintergrundwächter installieren.
• Nicht mehr als ein Antispyware-Programm mit Hintergrundwächter ständig laufen lassen.
• Das System hin und wieder zusätzlich mit einem dieser kostenlosen Online Scanner überprüfen.
• Datensicherung nicht vergessen!
Immer eine saubere Datensicherung als zurückspielbares Image auf Lager haben.

Spenden:

Da häufig die Frage nach einer Spendenmöglichkeit auftaucht, hier ein kleiner Hinweis dazu: Wenn Dir unser Support gefallen hat und Du dazu beitragen möchtest, dass dieser kostenlose Service aufrecht erhalten wird, kannst Du das mit einer freiwilligen kleinen Spende an Protecus tun. Entscheidest Du Dich für einen Zustupf an meine Wenigkeit dann geht dies über dieses Pay-Pal Konto.

04.05.2010, 18:49

carsteng

Member

Themenstarter

Beiträge: 17

#25 OK. vielen vielen Dank ohne Dich hätte ich das niemals geschafft. Auch sehr vielen Dank für die Onlinscan-sachen und letzeren Tipps. Bin sehr begeistert von CCleaner (sofern ich das richtig verstanden habe

)...
Werde die Tage meinen Laptop wohl nochmal platten, da eh schon alles runter ist hab ich nun einen anlass mir windows 7 zu holen

.
also bis zum nächsten mal

...ich hoffe doch nciht, dass ich keine Probleme mehr haben werde.
dir noch einen schönen abend
mfg carsten

Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:

Seite(n): 1 2