Rundll32.exe stellt großes Problem dar

Diskutiere Rundll32.exe stellt großes Problem dar im Security / Firewall / Virenabwehr Forum im Bereich Software Forum; Hallo und einen guten Tag. Ich schaue nun schon seit einer woche in verschiedenen Foren und Webeinträgen nach meinem Fehler. Folgender: Immer...
A

Am Ende

Threadstarter
Mitglied seit
31.10.2010
Beiträge
7
Hallo und einen guten Tag.
Ich schaue nun schon seit einer woche in verschiedenen Foren und Webeinträgen nach meinem Fehler.

Folgender:
Immer wenn ich z.B. in Systemsteuerung\Anpassung\Anzeige;Design;Fenster und Darstelluing, klicken möchte kommt die Meldung :"Auf das angegebene Gerät bzw. Pfad oder Datei kann nicht zugegriffen werden. Sie verfügen eventuell nicht über ausreichende Berechtigungen, um auf das Element zugreifen zu können" .
Ein anderes Beispiel ist auch wenn ich USB Geräte Anschließe oder das Datum meiner Uhr ändern möchte.
Es kommt mir vor als wurden mir die Berechtigungen als Administrator entzogen.
Denn vor einer Woche hatte ich einen Virus Befall. Diesen konnte ich meiner Meinung nach löschen, doch die Fehlermeldung ist geblieben.
Ich habe schon die Möglichkeit des Besitz übernehmens versucht und diverse Anleitungen probiert doch nichts hat geholfen. Ich benutze Windows Vista Home Premium 32bit



Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:31:09, on 31.10.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18975)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Users\***\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conime.exe
C:\Users\***\Downloads\Load.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\***\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/skins7/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.intl.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) -  - (no file)
F1 - win.ini: load=C:\Windows\SlAsH.bat 
F1 - win.ini: run=C:\Windows\SlAsH.bat 
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [U36VRSFLG6] C:\Users\Martin\AppData\Local\Temp\Pzl.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: SETAUDIO.EXE
O4 - Global Startup: SETRES.EXE
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Alles mit FDM herunterladen - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Datei mit FDM herunterladen - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Videos mit FDM herunterladen - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix: 
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 12535 bytes
außerdem systemscan mit OTL SCAN

Ergebnis von OTL.Txt

Code:
OTL logfile created on: 31.10.2010 15:07:54 - Run 1
OTL by OldTimer - Version 3.2.17.1     Folder = C:\Users\Martin\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): d:\pagefile.sys 4603 4603 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 143,79 Gb Total Space | 13,07 Gb Free Space | 9,09% Space Free | Partition Type: NTFS
Drive D: | 140,29 Gb Total Space | 68,96 Gb Free Space | 49,15% Space Free | Partition Type: NTFS
Drive E: | 3,92 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 465,65 Gb Total Space | 201,87 Gb Free Space | 43,35% Space Free | Partition Type: FAT32
Drive R: | 1023,00 Mb Total Space | 1022,99 Mb Free Space | 100,00% Space Free | Partition Type: FAT32
 
Computer Name: MARTIN-PC | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Martin\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Martin\Desktop\HiJackThis.exe (Trend Micro Inc.)
PRC - C:\Users\Martin\Downloads\Load.exe ()
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\iTunes\iTunes.exe (Apple Inc.)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe (Apple Inc.)
PRC - C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Common Files\Apple\Apple Application Support\distnoted.exe (Apple Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Users\Martin\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Programme\Common Files\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
PRC - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\System32\iashost.exe (Microsoft Corporation)
PRC - C:\Programme\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
PRC - C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
PRC - C:\Acer\Mobility Center\MobilityService.exe ()
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Windows\PLFSetI.exe ()
PRC - C:\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink)
PRC - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer)
PRC - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
PRC - C:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Windows\System32\PSIService.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Martin\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcr80.dll (Microsoft Corporation)
MOD - C:\Programme\Logitech\SetPoint\lgscroll.dll (Logitech, Inc.)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (TuneUp.Defrag) -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (eDataSecurity Service) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (eNet Service) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.)
SRV - (eSettingsService) -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (eLockService) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.)
SRV - (WMIService) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer)
SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
SRV - (PSI_SVC_2) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (ProtexisLicensing) -- C:\Windows\System32\PSIService.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (GGSAFERDriver) -- D:\Garena\plugins\UI\safedrv.sys File not found
DRV - (GarenaPEngine) -- C:\Users\Martin\AppData\Local\Temp\ZMW933C.tmp ()
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (VClone) -- C:\Windows\System32\drivers\VClone.sys (Elaborate Bytes AG)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (RRamdisk) -- C:\Windows\system32\DRIVERS\rramdisk.sys (gavotte)
DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.)
DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.)
DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (winbondcir) -- C:\Windows\System32\drivers\winbondcir.sys (Winbond Electronics Corporation)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (psdvdisk) -- C:\Windows\System32\drivers\PSDVdisk.sys (Egis Incorporated)
DRV - (PSDFilter) -- C:\Windows\system32\DRIVERS\psdfilter.sys (Egis Incorporated)
DRV - (PSDNServ) -- C:\Windows\System32\drivers\PSDNServ.sys (Egis Incorporated)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (NETw4v32) Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys (Acer, Inc.)
DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! Deutschland
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Deutschland
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3760374313-2429106835-967571473-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = QIP: ????? ? ?????????
IE - HKU\S-1-5-21-3760374313-2429106835-967571473-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = QIP: ????? ? ?????????
IE - HKU\S-1-5-21-3760374313-2429106835-967571473-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Acer.com Worldwide - Select your local country or region [binary data]
IE - HKU\S-1-5-21-3760374313-2429106835-967571473-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = QIP: ????? ? ?????????
IE - HKU\S-1-5-21-3760374313-2429106835-967571473-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Acer.com Worldwide - Select your local country or region [binary data]
IE - HKU\S-1-5-21-3760374313-2429106835-967571473-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ICQ.com Suche
IE - HKU\S-1-5-21-3760374313-2429106835-967571473-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3760374313-2429106835-967571473-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = QIP: ????? ? ?????????
IE - HKU\S-1-5-21-3760374313-2429106835-967571473-1000\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3760374313-2429106835-967571473-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-3760374313-2429106835-967571473-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3760374313-2429106835-967571473-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {bee6eb20-01e0-ebd1-da83-080329fb9a3a}:0.1
FF - prefs.js..extensions.enabledItems: vd@bbmao.com:0.8.7
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1
FF - prefs.js..extensions.enabledItems: {b9bfaf1c-a63f-47cd-8b9a-29526ced9060}:1.0.8
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11
FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.7
FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:3.6
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.3
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=skins7&tb_ver=2.0.0.2&q="
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.02.23 20:26:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.10.31 08:00:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.10.31 08:00:52 | 000,000,000 | ---D | M]
 
[2010.02.14 13:38:11 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\mozilla\Extensions
[2010.10.30 19:33:59 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\vejwc9e0.default\extensions
[2010.06.09 18:03:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\vejwc9e0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.08.16 09:01:19 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\vejwc9e0.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010.08.08 16:27:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\vejwc9e0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.10.14 18:57:21 | 000,000,000 | ---D | M] () -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\vejwc9e0.default\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}
[2010.10.14 18:57:26 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\vejwc9e0.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.02.14 13:40:40 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\vejwc9e0.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2010.10.14 18:57:24 | 000,000,000 | ---D | M] (Easy Youtube Video Downloader) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\vejwc9e0.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
[2010.09.10 16:12:57 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\vejwc9e0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.02.14 13:42:45 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\vejwc9e0.default\extensions\vd@bbmao.com
[2010.08.06 10:42:46 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\vejwc9e0.default\extensions\youtube2mp3@mondayx.de
[2010.10.26 15:23:25 | 000,000,950 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\Mozilla\FireFox\Profiles\vejwc9e0.default\searchplugins\icqplugin-1.xml
[2010.10.21 14:00:19 | 000,000,950 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\Mozilla\FireFox\Profiles\vejwc9e0.default\searchplugins\icqplugin-2.xml
[2010.10.31 08:01:03 | 000,000,950 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\Mozilla\FireFox\Profiles\vejwc9e0.default\searchplugins\icqplugin-3.xml
[2010.08.08 16:27:26 | 000,000,168 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\Mozilla\FireFox\Profiles\vejwc9e0.default\searchplugins\icqplugin.gif
[2010.08.08 16:27:26 | 000,000,618 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\Mozilla\FireFox\Profiles\vejwc9e0.default\searchplugins\icqplugin.src
[2010.09.14 13:57:01 | 000,000,945 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\Mozilla\FireFox\Profiles\vejwc9e0.default\searchplugins\icqplugin.xml
[2010.02.27 20:36:30 | 000,002,061 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\Mozilla\FireFox\Profiles\vejwc9e0.default\searchplugins\qipsearch.xml
[2010.10.30 19:33:59 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.09.23 14:16:15 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2006.08.09 11:16:08 | 000,030,408 | ---- | M] ( ) -- C:\Programme\Mozilla Firefox\plugins\npWebLaunch.dll
[2010.07.27 16:45:34 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.07.27 16:45:34 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.07.27 16:45:34 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.04.07 09:00:52 | 000,001,208 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\search.xml
[2010.07.27 16:45:34 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.07.27 16:45:34 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
Hosts file not found
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programme\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdm2.dll ()
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Programme\Orbitdownloader\GrabPro.dll ()
O3 - HKU\S-1-5-21-3760374313-2429106835-967571473-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKU\S-1-5-21-3760374313-2429106835-967571473-1000\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Programme\Orbitdownloader\GrabPro.dll ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [eAudio] C:\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [hpqSRMon]  File not found
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SynTPStart] C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Programme\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3760374313-2429106835-967571473-1000..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-21-3760374313-2429106835-967571473-1000..\Run: [U36VRSFLG6] C:\Users\Martin\AppData\Local\Temp\Pzl.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Martin\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Martin\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005.02.25 17:24:44 | 000,000,051 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2003.05.02 15:47:02 | 000,000,000 | RH-D | M] - G:\autorun -- [ FAT32 ]
O33 - MountPoints2\{4592283f-1723-11df-ab0a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4592283f-1723-11df-ab0a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Install.exe -- [2004.10.21 18:38:02 | 000,126,976 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{7f26d77f-18ca-11df-80db-cc4f4bf07bdd}\Shell - "" = AutoRun
O33 - MountPoints2\{7f26d77f-18ca-11df-80db-cc4f4bf07bdd}\Shell\AutoRun\command - "" = H:\Autorun.EXE -- File not found
O33 - MountPoints2\{fc502e94-4eff-11df-8f92-001e689d491f}\Shell - "" = AutoRun
O33 - MountPoints2\{fc502e94-4eff-11df-8f92-001e689d491f}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe - (Acer Inc.)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AdobeCS4ServiceManager - hkey= - key= - C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: VirtualCloneDrive - hkey= - key= - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
MsConfig - StartUpReg: Windows Defender - hkey= - key= -  File not found
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000 begin_of_the_skype_highlighting              056-444553540000      end_of_the_skype_highlighting begin_of_the_skype_highlighting              056-444553540000 begin_of_the_skype_highlighting              056-444553540000      end_of_the_skype_highlighting      end_of_the_skype_highlighting} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000 begin_of_the_skype_highlighting              056-444553540000      end_of_the_skype_highlighting begin_of_the_skype_highlighting              056-444553540000 begin_of_the_skype_highlighting              056-444553540000      end_of_the_skype_highlighting      end_of_the_skype_highlighting} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.10.31 15:05:42 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
[2010.10.31 14:30:21 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Users\Martin\Desktop\HiJackThis.exe
[2010.10.31 14:27:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\MFtools
[2010.10.31 09:45:47 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\DVDVideoSoft
[2010.10.27 16:48:58 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rundll32 (2).exe
[2010.10.26 18:07:37 | 000,000,000 | ---D | C] -- C:\Programme\NT Registry Optimizer
[2010.10.25 18:27:46 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Malwarebytes
[2010.10.25 18:27:33 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.10.25 18:27:30 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.10.25 18:27:30 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.10.25 18:27:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.10.25 18:03:44 | 016,409,960 | ---- | C] (Safer Networking Limited                                    ) -- C:\Users\Martin\Desktop\spybotsd_1.6.2.46.exe
[2010.10.25 17:40:25 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\HPAppData
[2010.10.25 17:20:09 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Recolored
[2010.10.24 15:23:45 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Steinberg
[2010.10.24 15:23:38 | 001,324,544 | ---- | C] (AD) -- C:\Windows\System32\SYNSOAIR.DLL
[2010.10.24 15:23:38 | 000,368,640 | ---- | C] (Propellerhead Software AB) -- C:\Windows\System32\ReWire.dll
[2010.10.24 15:23:38 | 000,233,472 | ---- | C] (Propellerhead Software AB) -- C:\Windows\System32\Rex Shared Library.dll
[2010.10.24 15:22:43 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\VST3
[2010.10.24 15:22:43 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Steinberg
[2010.10.19 20:35:16 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\ProgSense
[2010.10.19 20:35:14 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\GrabPro
[2010.10.19 20:35:10 | 000,000,000 | ---D | C] -- C:\Programme\Orbitdownloader
[2010.10.19 20:35:10 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Orbit
[2010.10.19 20:25:49 | 000,000,000 | ---D | C] -- C:\Users\Martin\rtmpdump-2.3
[2010.10.14 18:54:58 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.10.14 18:54:57 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.10.14 18:54:57 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.10.14 18:53:05 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2010.10.14 18:52:01 | 000,000,000 | ---D | C] -- C:\Programme\Apple Software Update
[2010.10.14 18:49:29 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010.10.13 16:48:34 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.10.13 16:47:49 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010.10.13 16:47:33 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.10.13 16:47:30 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.10.13 16:47:30 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.10.13 16:47:30 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.10.13 16:47:29 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.10.13 16:47:29 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.10.13 16:47:29 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.10.13 16:47:29 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.10.13 16:47:29 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.10.13 16:47:29 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.10.13 16:47:29 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.10.13 16:47:29 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.10.13 16:47:29 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.10.13 16:47:29 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.10.13 16:47:29 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.10.13 16:47:29 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.10.13 16:47:29 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.10.13 16:47:29 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.10.13 16:47:07 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010.10.13 16:47:07 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010.10.13 16:47:04 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.10.13 16:46:59 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010.10.13 16:46:57 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010.10.13 16:46:50 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\WePrint
[2010.10.13 16:46:49 | 000,000,000 | ---D | C] -- C:\Programme\WePrint
[2010.10.09 18:06:35 | 000,000,000 | ---D | C] -- C:\Users\Martin\Desktop\photoshooting greifswald
[2010.10.08 22:33:47 | 000,000,000 | ---D | C] -- C:\Users\Martin\Desktop\39245 Wrong Turn at Tahoe German 2009 DVDRip XviD-ViDEOWELT
[2010.10.06 17:25:10 | 000,000,000 | ---D | C] -- C:\Programme\iTeleport
[2010.10.03 18:11:20 | 000,000,000 | ---D | C] -- C:\Users\Martin\youlia
[2010.10.01 19:28:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
 
========== Files - Modified Within 30 Days ==========
 
[2010.10.31 15:05:43 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
[2010.10.31 15:04:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.10.31 14:30:42 | 000,247,774 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\nvModes.001
[2010.10.31 14:30:22 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Users\Martin\Desktop\HiJackThis.exe
[2010.10.31 14:27:53 | 000,050,477 | ---- | M] () -- C:\Users\Martin\Desktop\defogger.exe
[2010.10.31 14:27:52 | 000,286,404 | ---- | M] () -- C:\Users\Martin\Desktop\Gmer.zip
[2010.10.31 13:50:33 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.31 13:50:33 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.31 13:02:27 | 000,072,704 | ---- | M] () -- C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.31 12:26:48 | 000,002,231 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.10.31 09:51:43 | 000,028,702 | ---- | M] () -- C:\Users\Martin\518Zbpb6EIL._SL500_AA300_.jpg
[2010.10.31 09:45:55 | 000,001,073 | ---- | M] () -- C:\Users\Martin\Desktop\DVDVideoSoft Free Studio.lnk
[2010.10.31 07:56:54 | 000,618,442 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.10.31 07:56:54 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.10.31 07:56:54 | 000,122,842 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.10.31 07:56:54 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.10.31 07:54:34 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.10.31 07:50:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.31 07:50:27 | 3219,578,880 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.27 14:39:05 | 000,247,774 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\nvModes.dat
[2010.10.27 13:44:34 | 000,000,104 | ---- | M] () -- C:\Users\Martin\Desktop\E-Mail - Verknüpfung.lnk
[2010.10.26 18:33:48 | 003,407,872 | -HS- | M] () -- C:\Users\Martin\ntuser.bak
[2010.10.26 18:07:37 | 000,000,858 | ---- | M] () -- C:\Users\Martin\Desktop\NTREGOPT.lnk
[2010.10.25 18:41:23 | 000,000,095 | ---- | M] () -- C:\Windows\wininit.ini
[2010.10.25 18:27:36 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.25 18:05:44 | 000,001,096 | ---- | M] () -- C:\Users\Martin\Desktop\Spybot - Search & Destroy.lnk
[2010.10.25 18:04:11 | 016,409,960 | ---- | M] (Safer Networking Limited                                    ) -- C:\Users\Martin\Desktop\spybotsd_1.6.2.46.exe
[2010.10.25 17:09:34 | 000,037,996 | ---- | M] () -- C:\Users\Martin\129098752_full,r,470x470.jpg
[2010.10.24 15:23:38 | 000,000,744 | ---- | M] () -- C:\Users\Martin\Desktop\Cubase 4.lnk
[2010.10.22 14:56:29 | 000,064,351 | ---- | M] () -- C:\Users\Martin\517Cb3m9SOL.jpg
[2010.10.21 20:29:36 | 001,416,254 | ---- | M] () -- C:\Users\Martin\Desktop\2.Praise To The LORD, The Almighty † Lobe Den Herren Tune.mp3
[2010.10.21 20:27:47 | 001,239,040 | ---- | M] () -- C:\Users\Martin\Desktop\4.Ave Maria Bach-Gounod ORGAN Solo.mp3
[2010.10.21 20:24:09 | 001,310,302 | ---- | M] () -- C:\Users\Martin\Desktop\1.Kirchenorgel_ Großer Gott wir loben Dich (257).mp3
[2010.10.21 19:55:51 | 003,180,283 | ---- | M] () -- C:\Users\Martin\Desktop\3.J.S. Bach - BWV 720 - Ein feste Burg ist unser Gott.mp3
[2010.10.19 20:36:41 | 000,000,755 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.10.19 20:35:13 | 000,000,889 | ---- | M] () -- C:\Users\Martin\Desktop\Orbit.lnk
[2010.10.19 16:36:17 | 000,536,400 | ---- | M] () -- C:\Users\Martin\Martin.jpg
[2010.10.19 16:32:49 | 002,226,104 | ---- | M] () -- C:\Users\Martin\Angela.jpg
[2010.10.19 16:24:33 | 002,188,373 | ---- | M] () -- C:\Users\Martin\Andreas.jpg
[2010.10.14 19:44:33 | 000,442,148 | ---- | M] () -- C:\Users\Martin\20_07_08_2008_5_22_52_As I Lay Dying - A Long March.jpg
[2010.10.14 18:53:17 | 000,001,767 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.10.14 18:35:51 | 002,245,320 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.10.09 19:29:58 | 000,001,928 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2010.10.07 16:34:58 | 002,895,630 | ---- | M] () -- C:\Users\Martin\DSCF7152.jpg
[2010.10.03 15:54:27 | 002,932,794 | ---- | M] () -- C:\Users\Martin\ScanImage001.jpg
[2010.10.02 18:09:35 | 002,918,540 | ---- | M] () -- C:\Users\Martin\DSCF7223.jpg
 
========== Files Created - No Company Name ==========
 
[2010.10.31 14:27:52 | 000,050,477 | ---- | C] () -- C:\Users\Martin\Desktop\defogger.exe
[2010.10.31 14:27:51 | 000,286,404 | ---- | C] () -- C:\Users\Martin\Desktop\Gmer.zip
[2010.10.31 09:51:42 | 000,028,702 | ---- | C] () -- C:\Users\Martin\518Zbpb6EIL._SL500_AA300_.jpg
[2010.10.27 16:43:40 | 000,005,708 | ---- | C] () -- C:\k9371937.DLL
[2010.10.27 13:44:34 | 000,000,104 | ---- | C] () -- C:\Users\Martin\Desktop\E-Mail - Verknüpfung.lnk
[2010.10.26 18:48:42 | 000,001,433 | ---- | C] () -- C:\Users\Martin\set.txt
[2010.10.26 18:09:39 | 000,262,144 | -H-- | C] () -- C:\Users\Martin\ntuser.tmp.LOG1
[2010.10.26 18:09:39 | 000,000,000 | -H-- | C] () -- C:\Users\Martin\ntuser.tmp.LOG2
[2010.10.26 18:07:37 | 000,000,858 | ---- | C] () -- C:\Users\Martin\Desktop\NTREGOPT.lnk
[2010.10.25 18:41:23 | 000,000,095 | ---- | C] () -- C:\Windows\wininit.ini
[2010.10.25 18:27:36 | 000,000,859 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.25 18:05:44 | 000,001,096 | ---- | C] () -- C:\Users\Martin\Desktop\Spybot - Search & Destroy.lnk
[2010.10.25 17:09:33 | 000,037,996 | ---- | C] () -- C:\Users\Martin\129098752_full,r,470x470.jpg
[2010.10.24 15:23:38 | 000,000,744 | ---- | C] () -- C:\Users\Martin\Desktop\Cubase 4.lnk
[2010.10.22 15:00:01 | 000,027,380 | ---- | C] () -- C:\Users\Martin\Future Trance 53.txt
[2010.10.22 14:56:28 | 000,064,351 | ---- | C] () -- C:\Users\Martin\517Cb3m9SOL.jpg
[2010.10.21 20:29:34 | 001,416,254 | ---- | C] () -- C:\Users\Martin\Desktop\2.Praise To The LORD, The Almighty † Lobe Den Herren Tune.mp3
[2010.10.21 20:27:47 | 001,239,040 | ---- | C] () -- C:\Users\Martin\Desktop\4.Ave Maria Bach-Gounod ORGAN Solo.mp3
[2010.10.21 20:24:08 | 001,310,302 | ---- | C] () -- C:\Users\Martin\Desktop\1.Kirchenorgel_ Großer Gott wir loben Dich (257).mp3
[2010.10.21 19:54:35 | 003,180,283 | ---- | C] () -- C:\Users\Martin\Desktop\3.J.S. Bach - BWV 720 - Ein feste Burg ist unser Gott.mp3
[2010.10.19 20:39:28 | 000,277,812 | ---- | C] () -- C:\Users\Martin\rtlnow_videoplayer09_2.swf
[2010.10.19 20:35:13 | 000,000,889 | ---- | C] () -- C:\Users\Martin\Desktop\Orbit.lnk
[2010.10.19 16:36:17 | 000,536,400 | ---- | C] () -- C:\Users\Martin\Martin.jpg
[2010.10.19 16:32:48 | 002,226,104 | ---- | C] () -- C:\Users\Martin\Angela.jpg
[2010.10.19 16:24:33 | 002,188,373 | ---- | C] () -- C:\Users\Martin\Andreas.jpg
[2010.10.14 19:44:33 | 000,442,148 | ---- | C] () -- C:\Users\Martin\20_07_08_2008_5_22_52_As I Lay Dying - A Long March.jpg
[2010.10.14 18:55:30 | 000,002,231 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.10.14 18:53:17 | 000,001,767 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.10.07 16:34:52 | 002,895,630 | ---- | C] () -- C:\Users\Martin\DSCF7152.jpg
[2010.10.03 15:54:27 | 002,932,794 | ---- | C] () -- C:\Users\Martin\ScanImage001.jpg
[2010.10.02 18:09:31 | 002,918,540 | ---- | C] () -- C:\Users\Martin\DSCF7223.jpg
[2010.08.05 15:23:08 | 000,000,760 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\setup_ldm.iss
[2010.07.30 15:50:13 | 000,045,056 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\chrtmp
[2010.07.30 15:50:09 | 001,429,302 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\Rotating_earth_(large).gif
[2010.05.30 20:06:23 | 000,000,680 | ---- | C] () -- C:\Users\Martin\AppData\Local\d3d9caps.dat
[2010.05.30 17:54:34 | 000,000,600 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\winscp.rnd
[2010.03.21 16:35:39 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.03.09 19:42:59 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.03.09 19:42:59 | 000,000,008 | RHS- | C] () -- C:\ProgramData\C7A98F3B16.sys
[2010.03.09 18:27:04 | 000,001,056 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2010.03.09 18:27:04 | 000,000,088 | RHS- | C] () -- C:\Windows\System32\7CE52A14B3.sys
[2010.02.27 18:31:30 | 000,290,816 | ---- | C] () -- C:\Windows\System32\decdll.dll
[2010.02.20 11:24:08 | 000,000,302 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\wklnhst.dat
[2010.02.16 19:51:25 | 000,001,582 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010.02.13 20:48:18 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.02.12 20:14:02 | 000,247,774 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\nvModes.001
[2010.02.12 19:49:35 | 000,247,774 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\nvModes.dat
[2010.02.12 01:35:17 | 000,000,030 | ---- | C] () -- C:\Windows\SetPanel.ini
[2010.02.12 01:34:22 | 000,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI
[2010.02.11 17:41:54 | 000,072,704 | ---- | C] () -- C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.11 17:09:04 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2010.02.11 17:09:04 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2010.02.11 16:42:18 | 000,001,132 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008.03.26 00:32:43 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2008.03.25 22:00:11 | 000,000,144 | ---- | C] () -- C:\Windows\Alaunch.ini
[2008.03.25 21:59:41 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.03.25 15:21:39 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2008.03.25 15:20:59 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001.12.26 15:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.09.03 22:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 15:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 21:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
 
========== LOP Check ==========
 
[2008.03.25 14:54:34 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Acer GameZone Console
[2010.02.28 17:16:17 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Ashampoo
[2010.02.23 18:34:20 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Blender Foundation
[2010.10.31 09:45:47 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\DVDVideoSoft
[2010.04.21 17:54:30 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Facebook
[2010.08.06 10:37:22 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\FLV Extract
[2010.10.31 15:08:40 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Free Download Manager
[2010.04.06 15:26:53 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\FreeFLVConverter
[2010.05.10 17:20:51 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\FreeVideoConverter
[2010.10.19 20:35:14 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\GrabPro
[2010.10.31 13:01:46 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\ICQ
[2010.03.11 15:03:53 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\IrfanView
[2010.03.04 19:46:03 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Jpeg Resampler
[2010.08.05 15:23:14 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Leadertech
[2010.08.19 22:05:01 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\LG Electronics
[2010.04.22 20:43:38 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\NeatImage SL
[2010.02.14 00:32:43 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\OpenOffice.org
[2010.04.08 14:43:58 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Opera
[2010.10.19 20:42:24 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Orbit
[2010.10.19 20:35:16 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\ProgSense
[2010.10.24 15:51:31 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Publish Providers
[2010.10.25 17:30:20 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Recolored
[2010.04.08 17:12:50 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Sony
[2010.08.19 22:24:53 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Sony Creative Software
[2010.04.07 10:16:42 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Spyware Terminator
[2010.10.24 15:24:01 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Steinberg
[2010.02.20 11:24:11 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Template
[2010.02.28 01:16:34 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\thriXXX
[2010.03.08 16:34:30 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\TuneUp Software
[2010.10.30 21:30:57 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2008.03.25 14:54:34 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Acer GameZone Console
[2010.08.01 19:03:18 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Adobe
[2010.02.25 21:19:22 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Apple Computer
[2010.02.28 17:16:17 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Ashampoo
[2010.03.24 22:57:52 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Avira
[2010.02.23 18:34:20 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Blender Foundation
[2010.03.09 19:55:56 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Corel
[2010.05.25 16:55:43 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\DivX
[2010.10.21 20:14:57 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\dvdcss
[2010.10.31 09:45:47 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\DVDVideoSoft
[2010.04.21 17:54:30 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Facebook
[2010.08.06 10:37:22 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\FLV Extract
[2010.10.31 15:08:40 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Free Download Manager
[2010.04.06 15:26:53 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\FreeFLVConverter
[2010.05.10 17:20:51 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\FreeVideoConverter
[2010.03.13 14:56:07 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Google
[2010.10.19 20:35:14 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\GrabPro
[2010.03.11 14:59:35 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\HP
[2010.10.25 17:40:25 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\HPAppData
[2010.07.18 12:14:02 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\HpUpdate
[2010.10.31 13:01:46 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\ICQ
[2010.02.11 16:54:23 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Identities
[2010.08.19 21:56:38 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\InstallShield
[2010.03.11 15:03:53 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\IrfanView
[2010.03.04 19:46:03 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Jpeg Resampler
[2010.08.05 15:23:14 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Leadertech
[2010.08.19 22:05:01 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\LG Electronics
[2010.08.05 15:23:39 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Logitech
[2010.03.25 20:18:43 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Macromedia
[2010.10.25 18:27:46 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Malwarebytes
[2006.11.02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Media Center Programs
[2010.06.11 15:34:27 | 000,000,000 | --SD | M] -- C:\Users\Martin\AppData\Roaming\Microsoft
[2010.02.14 13:38:11 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Mozilla
[2010.04.22 20:43:38 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\NeatImage SL
[2010.02.14 00:32:43 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\OpenOffice.org
[2010.04.08 14:43:58 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Opera
[2010.10.19 20:42:24 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Orbit
[2010.10.19 20:35:16 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\ProgSense
[2010.10.24 15:51:31 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Publish Providers
[2010.10.25 17:30:20 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Recolored
[2010.10.31 13:58:56 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Skype
[2010.10.31 08:05:14 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\skypePM
[2010.04.08 17:12:50 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Sony
[2010.08.19 22:24:53 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Sony Creative Software
[2010.04.07 10:16:42 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Spyware Terminator
[2010.10.24 15:24:01 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Steinberg
[2010.02.20 11:24:11 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Template
[2010.02.28 01:16:34 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\thriXXX
[2010.03.08 16:34:30 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\TuneUp Software
[2010.10.31 09:23:00 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\vlc
[2010.02.14 21:15:25 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2010.04.21 17:54:30 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Users\Martin\AppData\Roaming\Facebook\uninstall.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.01.21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2007.11.22 09:05:00 | 000,384,024 | ---- | M] (Intel Corporation) MD5=16A4671255CFB842225F0FDB6DBDB414 -- C:\DRV\Robson\Winall\Driver64\IaStor.sys
[2007.11.22 09:05:00 | 000,384,024 | ---- | M] (Intel Corporation) MD5=16A4671255CFB842225F0FDB6DBDB414 -- C:\Programme\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2007.11.22 09:05:00 | 000,384,024 | ---- | M] (Intel Corporation) MD5=16A4671255CFB842225F0FDB6DBDB414 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_108fe68b\iaStor.sys
[2007.11.22 09:05:00 | 000,384,024 | ---- | M] (Intel Corporation) MD5=16A4671255CFB842225F0FDB6DBDB414 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_4f0cb505\iaStor.sys
[2007.11.22 09:05:00 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\DRV\Robson\Winall\Driver\IaStor.sys
[2007.11.22 09:05:00 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Programme\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2007.11.22 09:05:00 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\drivers\iaStor.sys
[2007.11.22 09:05:00 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7baf6192\iaStor.sys
[2007.11.22 09:05:00 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_41af7b1f\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.10 23:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.10 23:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.10 23:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.10 23:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.10 23:28:26 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.10 23:28:26 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2008.01.21 03:24:11 | 001,386,496 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\msvbvm60.dll
[2009.04.10 23:27:48 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009.04.10 23:28:24 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
[2010.03.05 15:01:02 | 000,420,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\vbscript.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 853 bytes -> C:\Users\Martin\Documents\Wir haben Ihre Bestellung erhalten.eml:OECustomProperty
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:5CB1E0D3
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:8173A019
@Alternate Data Stream - 1017 bytes -> C:\Users\Martin\Documents\posterXXL Rechnung (Auftrag DA-a5438-64706).eml:OECustomProperty

< End of report >


Ergebnis von Extras.Txt:

Code:
OTL Extras logfile created on: 31.10.2010 15:07:54 - Run 1
OTL by OldTimer - Version 3.2.17.1     Folder = C:\Users\Martin\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): d:\pagefile.sys 4603 4603 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 143,79 Gb Total Space | 13,07 Gb Free Space | 9,09% Space Free | Partition Type: NTFS
Drive D: | 140,29 Gb Total Space | 68,96 Gb Free Space | 49,15% Space Free | Partition Type: NTFS
Drive E: | 3,92 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 465,65 Gb Total Space | 201,87 Gb Free Space | 43,35% Space Free | Partition Type: FAT32
Drive R: | 1023,00 Mb Total Space | 1022,99 Mb Free Space | 100,00% Space Free | Partition Type: FAT32
 
Computer Name: MARTIN-PC | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [JpegResamplerDir] -- "C:\Program Files\JPEG Resampler\JpegResampler.exe" "%1" (David Macek)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr -- File not found
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption -- File not found
"C:\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption -- File not found
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr -- File not found
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Program Files\Orbitdownloader\orbitdm.exe" = C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files\Orbitdownloader\orbitnet.exe" = C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1305231A-E309-45F3-8C46-82F7F3E17A94}" = lport=137 | protocol=17 | dir=in | app=system | 
"{256E6360-E68A-4629-A20D-93D999B1113F}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{2A8D1F6C-2643-49FD-A2EF-C81B43AE42B8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{34C12DE3-093D-4C0B-86E4-FF799222B986}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{359FE5BC-0EAE-4751-80D1-1026E3D5A95D}" = lport=138 | protocol=17 | dir=in | app=system | 
"{3C84998D-0214-4FFB-A0F0-E8E7AB1BB1AA}" = rport=139 | protocol=6 | dir=out | app=system | 
"{3EDD61B6-A22A-48D7-8EEA-4714BF09B88E}" = rport=445 | protocol=6 | dir=out | app=system | 
"{50E07700-3E99-4927-AD69-0E18A4B5FC60}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{5A859264-EFD7-426E-B4D2-20F7A3162EF8}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | 
"{5C123798-5E4B-4053-8E73-26771C216E00}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{691F8D2F-ABEB-49C6-B20A-909BA001DB90}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{70335C4D-D782-4C27-B5D3-55D3AC48804E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{903E8DC4-D6CF-4FC6-9882-3B74170421DC}" = lport=445 | protocol=6 | dir=in | app=system | 
"{A2C96D3C-1B02-45D5-9334-22CCA38E796D}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{BBA13F6A-5102-447A-9DC6-A515E0B0447D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{C3C8A582-3398-4FE8-96FA-1568A069801B}" = rport=137 | protocol=17 | dir=out | app=system | 
"{CC0B5DBA-F8D0-427F-AB1A-D19B2FF46B5E}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{E5C89230-0AC4-4C6C-9153-EDE272982986}" = rport=138 | protocol=17 | dir=out | app=system | 
"{F03574DD-29DF-48A2-B53F-649AC83E10EE}" = lport=139 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0031A919-3B94-452C-AD55-CCB71B170B23}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe | 
"{0194FEB3-2DBD-40D9-A5B7-DF4D3D4C4F92}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{046C8867-0162-4372-B58E-0F3F9E1FB41D}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{0885DA31-614F-4D3D-A0FC-AC0AA5887E68}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{0CF2B498-582B-4719-8A0D-C6561F3CF3E5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{2A66F375-38FD-4E48-B725-6BE5349985CB}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe | 
"{2E09F79B-03BB-40DF-B25C-1EE775441F59}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | 
"{3563062C-D41B-4943-B6ED-C450609E41AD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{36482A8E-508E-41A1-A1F3-A19E311019AA}" = protocol=17 | dir=in | app=d:\tom clancy´s hawx spiel\hawx_dx10.exe | 
"{3757AA9B-7B61-440F-8179-443CA4CE1F86}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | 
"{385F3ECE-DB09-47BF-B00F-59E0A34E4C74}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3998C1EF-D394-49F3-80A1-8136A2E3320C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3C877229-3C2A-4707-90CF-D8C7DC7E94AF}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{40641522-A184-4FB0-AA09-D549ED52B98C}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe | 
"{432BB57C-9E98-43CE-9538-D22E6FC14B03}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe | 
"{44A3A70A-8EC4-4D40-AA11-CEBDF4637B71}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{47A8BC4A-AD4C-4CD9-A225-34BB99139989}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{47D443E9-1022-4E90-9CF2-4246E46A1AC5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{48106EEC-0EFB-4DAE-B1EE-F22436D7EDA4}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe | 
"{49BC1A93-BB15-4C7A-BB2E-E9760532E2EA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{4BD389D9-87F7-49FB-A1D2-BBF12CDFEBF0}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{51E11E0A-3F18-4C77-8026-68C12C799072}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{56397CDF-E579-42F4-A2B3-8E889697FDFB}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe | 
"{571AEDA5-6A43-4F68-9BC1-0F1E31238384}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5AAB3534-FF0B-44B6-BCB9-E665A701D33D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5E88C601-D247-4C33-A3FA-97E9A16DC151}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5E9F1C2A-8940-4069-B25B-EF506F40DAE0}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | 
"{60B9D033-4E9B-4368-8958-2CC7A5A01F12}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{64C8779C-1809-4AF6-9336-B6745F8975F4}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{65E4A118-BAA9-4E0B-AC85-CEB1CAA3CC29}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe | 
"{67D01BBD-A8F4-400A-9766-269546B4A0C2}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{68E98D11-28D1-4151-ADD9-3E35F41ACA59}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{702B36E7-2B52-4E38-A702-60B27B6E7BB2}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe | 
"{73D40DCF-F1C2-4B8B-ABF8-4BECADC1BC02}" = protocol=6 | dir=in | app=d:\tom clancy´s hawx spiel\hawx_dx10.exe | 
"{7555BC73-ABE2-499E-A78E-614F2826F3E9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe | 
"{782916A0-A41C-440E-AA0B-88CCC1FA174C}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe | 
"{7865990F-A547-4D2C-AD35-D027C95CC858}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe | 
"{79EE2CC0-2C45-4DA0-848C-2BCC1D965479}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{83E51B8C-A428-47DC-8B8B-5E13FB21192A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{88615003-F8FD-4D35-9EFC-1916FB574E0C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{895CF078-65AE-47DD-9FAE-7D887F6924A0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe | 
"{90C5AFC4-D45C-4FA9-A12B-2050417EC9EA}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{90D75476-4A84-42BB-8AC5-457CDDFCFE40}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{925B3524-254E-4C7C-AF68-3B8316EF0BF7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | 
"{97D8EAA6-EA0F-4FFB-B18E-B49104E23F4F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{985880DF-C5F1-439F-81EE-19BFFC82F876}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{98FD8AAF-09A3-4A7A-9DBF-9A60C108EBF4}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe | 
"{9C352274-D317-456A-9FC0-67B333A6B875}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe | 
"{9C829F2C-67E6-4A02-BC27-4869203FBD9A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9FE443B4-8B29-4C66-A0D8-4A11FE952810}" = protocol=17 | dir=in | app=d:\tom clancy´s hawx spiel\hawx.exe | 
"{A25D884A-350B-4008-9DEB-2712A1A84D1E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A5A7C1C8-3AA3-4A90-99A6-1A6A381F50BC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | 
"{A9EDA4A0-A167-42CD-AACE-981E6F6EDED2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | 
"{AC8D8763-D647-4448-8D47-A21D4AFA5C92}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{B08C48FE-5AE4-439A-8878-F70BF4D0E055}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | 
"{B2F8BFEC-2290-448D-854E-F67CBE9DBC67}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{B8315DD7-DF2D-4C43-BFF5-92F865231EAA}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{BDFC26CB-0CBE-4DDD-8356-10858BEC19FC}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{BE708C4E-286C-442C-B932-462FD0BBBDFD}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C4FBB7F6-55D5-415E-98CA-F65BB9B9BE53}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C70AC0C1-AD57-4F7C-992C-D163DD46D640}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{CAB12CA4-F407-45A4-ABA2-5BF27DD3AE25}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe | 
"{CDC2EBC8-BAF2-470D-A532-366D27F0F61E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{DAB187F1-7D75-42BF-B3F6-33BF3B2B276C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{DE5B6DA3-27E4-465F-9958-6F5637A15DDD}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{DFB886EB-00D4-4B65-8753-106C1EA89F62}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe | 
"{E14FE159-CCF0-481E-A694-AA1C6F2A6B98}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{E7918A42-4040-4377-BB73-CFF9331D1B60}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{EAF9788E-032E-4F98-841A-C32F168030CE}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe | 
"{EFDF7E18-629F-4819-8D75-5DCD3A5FC2A4}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe | 
"{F40C1271-02A8-40C3-B5C0-D71E513A5702}" = protocol=6 | dir=in | app=d:\tom clancy´s hawx spiel\hawx.exe | 
"{F6B5442A-9F84-4B46-81E5-E23E697B96FC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F912E999-E162-47BD-9E98-3E9F71705DB9}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{F93444A0-F4C2-4AF1-A66F-80436645A130}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | 
"{FC280E92-0042-411A-802D-9FC11D7C5B14}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{FEBE9473-E71B-4159-9F7A-95E35A34C907}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe | 
"TCP Query User{1C6A2EDA-6A7E-4A91-A938-428BA0B58C0D}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | 
"TCP Query User{233DFC6C-7EAE-44B2-AD30-6BAAFBB57C2C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{256562E9-8180-48C3-8272-78126B163769}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | 
"TCP Query User{325B21CA-48A3-495A-89CD-286C216A72ED}C:\program files\weprint\weprint server.exe" = protocol=6 | dir=in | app=c:\program files\weprint\weprint server.exe | 
"TCP Query User{389F4343-2ABC-4ABA-8B96-DD90F280148D}C:\program files\google\google sketchup 7\sketchup.exe" = protocol=6 | dir=in | app=c:\program files\google\google sketchup 7\sketchup.exe | 
"TCP Query User{5751F598-6D70-464C-84EF-F5429048CDB6}C:\users\martin\appdata\local\temp\rar$ex03.079\rtmpdump-2.3\rtmpsrv.exe" = protocol=6 | dir=in | app=c:\users\martin\appdata\local\temp\rar$ex03.079\rtmpdump-2.3\rtmpsrv.exe | 
"TCP Query User{5A77068B-6AF8-4111-BBFB-E131208D769C}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{6A0EB1D1-A9B6-4A91-97E8-47B5971E96EE}C:\program files\free download manager\fdm.exe" = protocol=6 | dir=in | app=c:\program files\free download manager\fdm.exe | 
"TCP Query User{8DE3020F-D363-4963-BDD3-EB67C7D15624}C:\users\martin\appdata\local\temp\rar$ex01.537\rtmpdump-2.3\rtmpgw.exe" = protocol=6 | dir=in | app=c:\users\martin\appdata\local\temp\rar$ex01.537\rtmpdump-2.3\rtmpgw.exe | 
"TCP Query User{9DD6815F-E05E-4575-AACD-0BD8E1FAF200}D:\counter strike\hl2.exe" = protocol=6 | dir=in | app=d:\counter strike\hl2.exe | 
"TCP Query User{9F426303-E8DB-4493-9B4E-1A0CD4AFD78D}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{CA215AB5-CC1E-4587-8604-C2E1CE834C29}C:\users\martin\appdata\local\temp\rar$ex00.249\rtmpdump-2.3\rtmpgw.exe" = protocol=6 | dir=in | app=c:\users\martin\appdata\local\temp\rar$ex00.249\rtmpdump-2.3\rtmpgw.exe | 
"TCP Query User{D69DCDEB-B556-43DD-A68A-76C25F7F62CC}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"TCP Query User{DFA1A552-53DD-4CF3-A52F-A5F41F2F36A4}C:\users\martin\appdata\local\temp\rar$ex06.294\rtmpdump-2.3\rtmpsuck.exe" = protocol=6 | dir=in | app=c:\users\martin\appdata\local\temp\rar$ex06.294\rtmpdump-2.3\rtmpsuck.exe | 
"TCP Query User{EB0F83EE-A27C-4F3B-B140-913AD1E422BA}D:\garena\garena.exe" = protocol=6 | dir=in | app=d:\garena\garena.exe | 
"TCP Query User{F75D9039-F7CA-4804-A69F-D32FED01CE2E}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{FFB0352E-A8BD-4AAA-AACD-CCC454BDAD8A}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe | 
"UDP Query User{05E696AE-EC89-452C-B8C6-C57148D4FDE0}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{072A1106-6493-4862-A0CC-186082807055}D:\garena\garena.exe" = protocol=17 | dir=in | app=d:\garena\garena.exe | 
"UDP Query User{0AE7B009-B029-42A1-912F-C83E248711E5}C:\users\martin\appdata\local\temp\rar$ex01.537\rtmpdump-2.3\rtmpgw.exe" = protocol=17 | dir=in | app=c:\users\martin\appdata\local\temp\rar$ex01.537\rtmpdump-2.3\rtmpgw.exe | 
"UDP Query User{11CD9A58-8562-44F2-B095-58A00B7F719E}D:\counter strike\hl2.exe" = protocol=17 | dir=in | app=d:\counter strike\hl2.exe | 
"UDP Query User{143E9827-0823-4E73-AD5B-F297DCC17AD9}C:\program files\google\google sketchup 7\sketchup.exe" = protocol=17 | dir=in | app=c:\program files\google\google sketchup 7\sketchup.exe | 
"UDP Query User{2C286D5C-1A1E-4399-9AB6-96623C503C05}C:\program files\free download manager\fdm.exe" = protocol=17 | dir=in | app=c:\program files\free download manager\fdm.exe | 
"UDP Query User{2DD3CCCD-2806-4D02-9CFB-55ACCDFB9E91}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{50155FFF-F492-4389-8760-DB1C03E0BC84}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{5817ADD7-0CFD-4E63-8DD1-BFD5B0D251EE}C:\users\martin\appdata\local\temp\rar$ex00.249\rtmpdump-2.3\rtmpgw.exe" = protocol=17 | dir=in | app=c:\users\martin\appdata\local\temp\rar$ex00.249\rtmpdump-2.3\rtmpgw.exe | 
"UDP Query User{5C4409F3-815F-452E-81C7-CF329B89D9AE}C:\program files\weprint\weprint server.exe" = protocol=17 | dir=in | app=c:\program files\weprint\weprint server.exe | 
"UDP Query User{8036649D-2E42-451F-A96C-BEA9F43FBE6A}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{82D7BB63-3E24-4169-BDCC-75C3FD22580B}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"UDP Query User{A79D53A5-D0E1-4878-B5E6-FA74D04FDF92}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe | 
"UDP Query User{BA679242-A751-4009-8A01-0877459DF2BE}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | 
"UDP Query User{BED8E55B-91B8-414C-A78F-7FA8D4EDD580}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | 
"UDP Query User{C8BCF1F9-60FB-47EC-B17B-BC9985C9614B}C:\users\martin\appdata\local\temp\rar$ex03.079\rtmpdump-2.3\rtmpsrv.exe" = protocol=17 | dir=in | app=c:\users\martin\appdata\local\temp\rar$ex03.079\rtmpdump-2.3\rtmpsrv.exe | 
"UDP Query User{FE2CAB55-D6CA-4160-AAD3-6616555517B9}C:\users\martin\appdata\local\temp\rar$ex06.294\rtmpdump-2.3\rtmpsuck.exe" = protocol=17 | dir=in | app=c:\users\martin\appdata\local\temp\rar$ex06.294\rtmpdump-2.3\rtmpsuck.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{5B51BB5F-4E7C-4275-A653-E98534E9C1D2}" = Corel Painter 11
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{0915B10F-8597-4FE7-BC4D-EA3E2FDA646A}" = PS_AIO_03_C4400_Software_Min
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{0FC9C3C9-443B-4790-BD09-7F871161E9FB}" = iTeleport Connect
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II
"{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1AED4ABF-0852-4B3F-9F87-00CF88F25CE0}" = IconHandler 32 bit
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2217B0B4-35CB-48C6-B640-864DF2F30F99}" = OpenOffice.org 3.2
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{276E3ECB-E9E9-494E-A3F9-173BAD7D9643}" = C4400
"{28F8F8F0-C278-454A-9507-46B344AAD188}" = Corel Painter 11
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3F9170C9-A7C2-408F-A4D8-EC77250040BF}" = Sound Forge Pro 10.0
"{427967BF-09F8-46D5-9275-37001CCBBA5D}" = Winbond CIR Drivers
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A3D0CF8-60FF-4CEF-91A4-A1F001424602}" = DocProc
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}" = Macromedia Fireworks 8
"{4CC59DA1-469B-49A5-9F6B-C4D26990294A}" = PS_AIO_03_C4400_ProductContext
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{4F2F5589-0217-43A6-91E9-B0F172D32CC9}_is1" = MF Shutdown Manager 1.0.1
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01
"{5A3FEF2D-0E14-412E-869C-421AB373EE43}" = C4400_Help
"{5B51BB5F-4E7C-4275-A653-E98534E9C1D2}" = Corel Painter 11 - ICA
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E36A172-06FB-4BC8-B7FC-D30D219E6776}" = Tom Clancy's H.A.W.X
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70E1E357-E57C-4284-B04E-58196DC27BC1}" = PanoStandAlone
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{7EC69F77-5494-4E1F-8BC6-956DAA5A91F2}" = Corel Painter 11 - IPM
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{840BF2FE-033D-437C-89D1-AAA206BA13B6}" = Langauge
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86732AE7-CB91-4f15-B091-FBA3D3926CD6}" = HP Photosmart C4400 All-In-One Driver Software 11.0 Rel .3
"{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACECB7C-5EB2-42B3-A2E1-B91878B6C5D7}" = PS_AIO_03_C4400_Software
"{8CE08C3C-8FF4-45D9-925E-4F3CE2D7FA7D}" = Adobe Setup
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{901C0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Access 2003 Runtime
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.5
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B369483E-0728-405C-8F8C-3427B263B01F}" = Content
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BDBA9828-200B-43A0-AB4F-82DABEE64F94}_is1" = LPS 2009v 3.0 USB
"{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{CA1CA5F8-7500-45C5-9D4C-47D13FBC92D2}" = Adobe Setup
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{D063F201-FAC4-4D5C-B10B-615058ADE5A7}" = HP Update
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{E133E97F-5186-4503-BEC8-752EB9E8EBD7}" = Copy
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{e7394a0f-3f80-45b1-87fc-abcd51893246}" = Python 2.6.4
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{EC1F15E1-F3CC-46EE-B7A5-849A08ED60DC}}_is1" = PantsOff 2.0
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF5B1E83-1403-4F0E-A8E6-C169DF0CCE8C}" = LG PC Suite II
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F0BA9A89-99BE-4BFB-8837-9299010FB216}" = Language - Support Files
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_1710d324011afc3e7658e969025f4ba" = Adobe InDesign CS4
"Adobe_2a31ae7a5c43ff52d8577782dd34e04" = Adobe Illustrator CS4
"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010
"ASIO4ALL" = ASIO4ALL
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Chicken Invaders 3_is1" = Chicken Invaders 3
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"Counter-Strike: Source v17" = Counter-Strike: Source v17
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free Audio Converter_is1" = Free Audio Converter version 2.2.9
"Free Download Manager_is1" = Free Download Manager 3.0
"Free Video Converter_is1" = Free Video Converter V 2.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.3
"Garena" = Garena 2010
"GridVista" = Acer GridVista
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 11.0
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HPExtendedCapabilities" = HP Customer Participation Program 11.0
"HPOCR" = OCR Software by I.R.I.S. 11.0
"ICQToolbar" = ICQ Toolbar
"IrfanView" = IrfanView (remove only)
"JDownloader" = JDownloader
"JPEG Resampler_is1" = JPEG Resampler Vs 5.0
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"nik Color Efex Pro 2.0 Complete" = nik Color Efex Pro 2.0 Complete
"NTREGOPT_is1" = NTREGOPT 1.1j
"NVIDIA Drivers" = NVIDIA Drivers
"Orbit_is1" = Orbit Downloader
"Picasa 3" = Picasa 3
"Steinberg Cubase_is1" = Steinberg Cubase v4.1.3
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TuneUp Utilities" = TuneUp Utilities
"Uninstall_is1" = Uninstall 1.0.0.1
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.0.5
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 4.2.7
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3760374313-2429106835-967571473-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"2a4f70b48f669acd" = AA3Deploy
"Facebook Plug-In" = Facebook Plug-In
"Flash Video Downloader" = Flash Video Downloader
"Google Translator" = Google Translator
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 20.10.2010 17:01:26 | Computer Name = Martin-PC | Source = Bonjour Service | ID = 100
Description = 400: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
 vom Remotehost geschlossen.)
 
Error - 20.10.2010 17:01:26 | Computer Name = Martin-PC | Source = Bonjour Service | ID = 100
Description = 404: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
 vom Remotehost geschlossen.)
 
Error - 20.10.2010 17:01:26 | Computer Name = Martin-PC | Source = Bonjour Service | ID = 100
Description = 408: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
 vom Remotehost geschlossen.)
 
Error - 20.10.2010 17:01:26 | Computer Name = Martin-PC | Source = Bonjour Service | ID = 100
Description = 412: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
 vom Remotehost geschlossen.)
 
Error - 20.10.2010 17:01:26 | Computer Name = Martin-PC | Source = Bonjour Service | ID = 100
Description = 416: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
 vom Remotehost geschlossen.)
 
Error - 21.10.2010 08:54:52 | Computer Name = Martin-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 21.10.2010 08:56:22 | Computer Name = Martin-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 21.10.2010 08:56:22 | Computer Name = Martin-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 22.10.2010 05:32:17 | Computer Name = Martin-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 22.10.2010 05:33:48 | Computer Name = Martin-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
[ System Events ]
Error - 08.08.2010 04:51:00 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 08.08.2010 11:27:34 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7030
Description = 
 
Error - 08.08.2010 11:27:42 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7030
Description = 
 
Error - 14.08.2010 07:16:39 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 14.08.2010 07:17:52 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7043
Description = 
 
Error - 14.08.2010 07:17:57 | Computer Name = Martin-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 14.08.2010 07:17:57 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 14.08.2010 07:17:57 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 15.08.2010 11:41:02 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 15.08.2010 11:42:24 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7022
Description = 
 
 
< End of report >
Malwarybytes logfile vom 26.10.2010

Code:
Infizierte Dateien:
C:\Users\***\prog\Best Hacking Tools AIO By Nawaz For Cyberwarez.com\data\freeze.exe (HackTool.Agent) -> Quarantined and deleted successfully.
C:\Users\***\prog\Best Hacking Tools AIO By Nawaz For Cyberwarez.com\data\YAHOO booter\boot\KewlButtonz.ocx (Hacktool.KewlButtonz) -> Quarantined and deleted successfully.
C:\Users\***\prog\Best Hacking Tools AIO By Nawaz For Cyberwarez.com\data\YAHOO booter\boot\YMSG12ENCRYPT.dll (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Users\***\prog\brutus-aet2\BrutusA2.exe (HackTool.Brutus) -> Quarantined and deleted successfully.
Malwarybytes Logfile von 31.10.2010

Code:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 5007

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975

31.10.2010 17:28:34
mbam-log-2010-10-31 (17-28-34).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 425291
Laufzeit: 1 Stunde(n), 35 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\U36VRSFLG6 (Trojan.FakeAlert) -> No action taken.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\u36vrsflg6 (Trojan.FakeAlert) -> No action taken.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Hilfe??
 
S

Snohomish

Gast
Hallo Am Ende und :welcome


Gibt es einen Grund nach diesem Virusbefall das System nicht neu aufzusetzten?

Selbst wenn man einen Virus gelöscht hat, kann das System bleibende Folgeschäden aufweisen.


mfg
Snohomish
 
A

Am Ende

Threadstarter
Mitglied seit
31.10.2010
Beiträge
7
Hallo...
Ja ich habe das System schon 3 mal neu aufgesetzt... dies hatte unterschiedliche Gründe. z.B. normaler Absturz o.ä.

Aus diesem Grunde möchte ich nicht wieder alle konfigurationen nach einen neu aufsetzen tätigen und einstellungen verändern usw.:wut
 
S

Snohomish

Gast
Du schreibst ja, daß Du schon diverse Anleitungen durchprobiert hast.
Wenn nach all diesen Versuchen nichts gefruchtet hat, solltest Du Dich fragen, auch eingedenk der Zeit die Du dafür aufgewendet hast, ob eine Neuinstallation nicht Sinn macht.

Wobei mich natürlich andere Meinungen hier sehr interessieren würden.

Du hast das System schon 3x neu aufgesetzt?
Innerhalb welches Zeitraumes?
In nicht allzu großen Abständen?

Dann wäre es für Dich hilfreich Dein System und alle Deine Konfigurationen in Zukunft per Backup zu sichern.
Habe mich auch kürzlich dazu entschlossen.


mfg
Snohomish
 
Hups

Hups

Katzennarr
Team
Mitglied seit
01.07.2007
Beiträge
18.316
Standort
D-NRW
Wobei mich natürlich andere Meinungen hier sehr interessieren würden.
Da kann ich leider nicht mit dienen, weil unsere Meinungen identisch sind.

Bevor man so viel Zeit in die Fehlersuche investiert, sollte man lieber direkt das System neu aufsetzen und sich Gedanken um ein Image machen.

Acronis TrueImage würde ich vorschlagen, oder alternativ mal diesen Wiki-Beitrag studieren.
 
A

Am Ende

Threadstarter
Mitglied seit
31.10.2010
Beiträge
7
naja innerhalb von 2 Jahren!!
also ist es ein relativ großer Zeitraum.

Ja das ist aufjedenfall eine Möglichkeit. Daran habe ich auch schon gedacht, doch bloß habe ich da nicht wirklich Lust drauf.

Also ich bin ebenfalls offen für andere Vorschläge
 
Dirk

Dirk

Mitglied seit
27.03.2007
Beiträge
6.205
Standort
Bonn / Germany
Wenn Du dein HijackThis-File in die Auswertung gibst, bekommst Du ein paar Einträge angezeigt, wo Du ggf. mal nachhaken solltest.

http://www.hijackthis.de/#anl

Aber auch wenn Du die Einträge gefixt bekommst, könnten die geänderten Berechtigungen trotzdem bestehen bleiben, denn Du löschst ja nur den Auslöser/Verursacher aber nicht die Veränderungen.

Insofern muss ich meinem Vorredner Recht geben. Nach einem Befall sollte der Rechner spätestens nach einer Datensicherung neu aufgesetzt werden. Man kann auch nach einer Reinigung nie wirklich sicher sein, dass sich nicht irgend etwas als "Schläfer" noch tiefer verbuddelt hat.

Damit man das nicht immer komplett neu machen muss würde Dir, wenn Du dauernd Virenbefälle hast, mal über ein Image nachdenken.

Andererseits sollte Dich dann noch mehr interessieren, warum Du regelmässig Viren / Trojaner auf dem PC hast.
 
A

Am Ende

Threadstarter
Mitglied seit
31.10.2010
Beiträge
7
aufjedenfall Verständlich.

doch wenn ich jetzt ein Image von dem jetzigen Systemstatus mache, habe ich dann nicht automatisch wieder den fehler wenn ich das ganze System neu aufsetze ???
 
Alfiator

Alfiator

On Air
Mitglied seit
27.11.2008
Beiträge
21.186
Standort
Thüringen
..doch wenn ich jetzt ein Image von dem jetzigen Systemstatus mache, habe ich dann nicht automatisch wieder den fehler wenn ich das ganze System neu aufsetze ???
Deswegen sollst Du ja neu installieren und kein Image machen,sondern nur vorher Deine Daten sichern...
 
S

Snohomish

Gast
aufjedenfall Verständlich.

doch wenn ich jetzt ein Image von dem jetzigen Systemstatus mache, habe ich dann nicht automatisch wieder den fehler wenn ich das ganze System neu aufsetze ???
Das Image sollst Du ja machen, wenn Du das System einmal sauber neu aufgesetzt hast!

Ja das ist aufjedenfall eine Möglichkeit. Daran habe ich auch schon gedacht, doch bloß habe ich da nicht wirklich Lust drauf.
Keine Lust?
Na, einmal anständig mit dem Thema befasst, geht das schneller als Du jetzt noch glaubst! ;)
 
A

Am Ende

Threadstarter
Mitglied seit
31.10.2010
Beiträge
7
eine möglichkeit wäre ja, das ich das system im recovery boot fenster, von einem älteren systemspeicherpunkt aus neu boote. ODER?

:blush.. okay.. das könnte natürlich sein wenn ich mich erstmal richtig damit befasst habe.
 
S

Snohomish

Gast
eine möglichkeit wäre ja, das ich das system im recovery boot fenster, von einem älteren systemspeicherpunkt aus neu boote. ODER?
Nur wenn Du einen Punkt hast von einem Zeitpunkt, als Dein System nicht kompromitiert war.
Ansonsten hast Du schon gelöschte Malware wieder drauf.
 
S

Snohomish

Gast
Wie schon erwähnt: Sichere zuallererst Deine persönlichen Daten.

Dann kannst Du ja mal schauen, ob Dir eine Systemwiederherstellung was bringt.
Ich würde in diesem Fall dennoch mein System komplett platt machen und neu.
So manche Malware "frisst" sich einfach zu tief rein.
 
A

Am Ende

Threadstarter
Mitglied seit
31.10.2010
Beiträge
7
ich denke das ich einen Systempunkt habe wo kein Befall zu erkennen war.
 
A

Am Ende

Threadstarter
Mitglied seit
31.10.2010
Beiträge
7
okay...
wie würdest du jetzt konkret vorgehen?... wenn du jetzt dein System Platt machst... und alles neu halt ?? :cheesy
 
R

Ronny

SPONSOREN
Mitglied seit
07.08.2004
Beiträge
12.311
Standort
Rheinland
wie würdest du jetzt konkret vorgehen?... wenn du jetzt dein System Platt machst... und alles neu halt ?
Ich für meinen Teil gehe dann immer möglichst so vor...

1. Ich installiere auf einer leeren Festplatte von Hand mein Betriebssystem inklusive der erforderlichen Treiber sowie einem Antivirus-Programm und richte danach den Internetzugang ein. Danach gehe ich ins Internet und lade alle vorliegenden Updates für das System sowie das AV-Programm herunter und starte das System neu.

2. Ich boote den Rechner nun mit einer CD eines Image-Programms (in diesem Fall Acronis True Image) und erstelle von der Systempartition ein erstes Image (Abbild), das ich auf eine Nicht-Betriebssystem-Partition speichere und sofort anschließend überprüfen lasse. Dieser Gesamtvorgang dauert normalerweise höchstens eine Viertelstunde.

3. Nun habe ich Zeit, um in Ruhe meine gewünschten Anwendungsprogramme zu installieren und in gewissen Abständen jeweils ein weiteres Image zu erstellen, was mir ermöglicht, im Falle eines Problems jederzeit kurfristig einen früheren Zustand wiederherzustellen. Das Zurückschreiben eines Images dauert im Prinzip nicht länger als eine Viertelstunde.

4. Nach ca. 3 Wochen ohne auftretende größeren Probleme, die evtl. eine Neu-Installation erfordern würden, aktiviere ich dann Windows. Das hat den Grund, dass ich nicht unnötigerweise den telefonischen Aktivierungsdienst benutzen muss, was bis heute aber auch noch nicht nötig war.
 
Thema:

Rundll32.exe stellt großes Problem dar

Sucheingaben

rundll32.exe 518 threads

,

C:Windowssystem32Rundll32.exe C:Windowssystem32mscories.dll Install

,

rundll32 driverstore

Rundll32.exe stellt großes Problem dar - Ähnliche Themen

  • rundll32.exe - Fehler in der Anwendung ???

    rundll32.exe - Fehler in der Anwendung ???: Mein Laptop hängt irgendwie, hab das Gefühl, nach einem der Updates. Erst fuhr er selbständig mehrere Male von allein runter und wieder hoch. Dann...
  • Rundll32.exe und 40% CPU-Last beim starten von Oblivion

    Rundll32.exe und 40% CPU-Last beim starten von Oblivion: Hallo Leute, ich hebe seit einigen Tagen ein merkwürdiges Problem. Wenn ich das Spiele Oblivion starten will, startet es nicht stattdessen...
  • GELÖST rundll32.exe zweifach im Taskmanager?

    GELÖST rundll32.exe zweifach im Taskmanager?: Hi, ich habe einen PC, der recht lahm ist. Beim Versuch, aufzuräumen, ist mir u.a. aufgefallen, dass rundll32.exe zweifach als Prozess läuft...
  • RunDll32.exe bei 100% CPU-Auslastung

    RunDll32.exe bei 100% CPU-Auslastung: Ich habe seit einer Woche ein neues Notebook (siehe Sysprofile in der Signatur für Infos zur Hardware). Als OS ist Windows XP Professional...
  • GELÖST rundll32.exe

    GELÖST rundll32.exe: Hallo , habe den Prozess rundll32.exe 3 mal laufen , wollte mal fragen ob das bei euch auch so ist ? kommt mir schon einbisschen spanisch vor ...
  • Ähnliche Themen

    • rundll32.exe - Fehler in der Anwendung ???

      rundll32.exe - Fehler in der Anwendung ???: Mein Laptop hängt irgendwie, hab das Gefühl, nach einem der Updates. Erst fuhr er selbständig mehrere Male von allein runter und wieder hoch. Dann...
    • Rundll32.exe und 40% CPU-Last beim starten von Oblivion

      Rundll32.exe und 40% CPU-Last beim starten von Oblivion: Hallo Leute, ich hebe seit einigen Tagen ein merkwürdiges Problem. Wenn ich das Spiele Oblivion starten will, startet es nicht stattdessen...
    • GELÖST rundll32.exe zweifach im Taskmanager?

      GELÖST rundll32.exe zweifach im Taskmanager?: Hi, ich habe einen PC, der recht lahm ist. Beim Versuch, aufzuräumen, ist mir u.a. aufgefallen, dass rundll32.exe zweifach als Prozess läuft...
    • RunDll32.exe bei 100% CPU-Auslastung

      RunDll32.exe bei 100% CPU-Auslastung: Ich habe seit einer Woche ein neues Notebook (siehe Sysprofile in der Signatur für Infos zur Hardware). Als OS ist Windows XP Professional...
    • GELÖST rundll32.exe

      GELÖST rundll32.exe: Hallo , habe den Prozess rundll32.exe 3 mal laufen , wollte mal fragen ob das bei euch auch so ist ? kommt mir schon einbisschen spanisch vor ...
    Oben