Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Trojaner System Repair (https://www.trojaner-board.de/101723-trojaner-system-repair.html)

Baumijunior 26.07.2011 13:04
Trojaner System Repair
 
Hallo habe folgendes Problem.

Mein Rechner hat einen Virus und zwar den System Repair, das konnte ich von Eurer Seite aus raus lesen. Symtome wie folgt: Datein verschinden, Rechner meldet das die Festplatte defekt ist und der Ram speicher.
Ist mein erstes mal das ich sowas hier mache hoffe Ihr könnt mir helfen und ich habe dies richtig gemacht.

Baumijunior 26.07.2011 13:14
So noch die benötigten Logfiles


Code:
OTL logfile created on: 26.07.2011 13:27:29 - Run 1
OTL by OldTimer - Version 3.2.26.1    Folder = C:\Users\Oma & Opa\Downloads
Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 61,06% Memory free
6,19 Gb Paging File | 5,09 Gb Available in Paging File | 82,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 87,07 Gb Free Space | 60,44% Space Free | Partition Type: NTFS
Drive D: | 7,39 Gb Total Space | 2,80 Gb Free Space | 37,82% Space Free | Partition Type: FAT32
Drive E: | 140,50 Gb Total Space | 136,63 Gb Free Space | 97,25% Space Free | Partition Type: NTFS
Drive K: | 298,09 Gb Total Space | 297,99 Gb Free Space | 99,97% Space Free | Partition Type: NTFS
 
Computer Name: ASPIRE8920 | User Name: Oma & Opa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.07.26 13:25:12 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Oma & Opa\Downloads\OTL.exe
PRC - [2011.06.27 18:46:55 | 000,924,632 | -H-- | M] (Mozilla Corporation) -- C:\ Firefox\firefox.exe
PRC - [2011.06.15 00:12:41 | 003,337,728 | -H-- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Programme\Acer\Acer Bio Protection\CompPtcVUI.exe
PRC - [2011.03.09 13:29:16 | 000,366,000 | ---- | M] (Eastman Kodak Company) -- C:\Programme\Kodak\AiO\Center\EKAiOHostService.exe
PRC - [2008.03.07 15:05:10 | 000,024,576 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008.03.04 23:38:34 | 000,500,784 | -H-- | M] (Egis Incorporated) -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008.02.15 09:09:30 | 000,595,248 | ---- | M] (Validity Sensors, Inc.) -- C:\Windows\System32\vfsFPService.exe
PRC - [2008.01.21 04:23:48 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:23:48 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.21 04:22:34 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.01.16 18:35:02 | 000,081,504 | ---- | M] () -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2008.01.10 17:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer VCM\RS_Service.exe
PRC - [2007.12.11 05:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2007.12.06 16:15:28 | 000,110,592 | -H-- | M] () -- C:\ACER\Mobility Center\MobilityService.exe
PRC - [2007.10.03 14:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.07.26 13:25:12 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Oma & Opa\Downloads\OTL.exe
MOD - [2010.08.31 17:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] --  -- (McNASvc)
SRV - [2011.03.09 13:29:16 | 000,366,000 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Programme\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)
SRV - [2010.03.25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2008.03.07 15:05:10 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008.03.04 23:38:34 | 000,500,784 | -H-- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008.02.15 09:09:30 | 000,595,248 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService)
SRV - [2008.01.21 04:21:41 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.16 18:35:02 | 000,081,504 | ---- | M] () [Auto | Running] -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2008.01.10 17:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2007.12.11 05:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007.12.06 16:15:28 | 000,110,592 | -H-- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2007.10.03 14:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.06.15 11:03:34 | 000,431,672 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011.06.15 00:12:33 | 000,043,184 | -H-- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\system32\Drivers\AlfaFF.sys -- (AlfaFF)
DRV - [2008.03.11 13:38:00 | 000,048,128 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E60x86.sys -- (L1E)
DRV - [2008.03.07 19:55:00 | 007,480,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.03.05 09:25:30 | 000,041,456 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Programme\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2008.02.29 09:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.02.15 09:09:46 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x)
DRV - [2008.01.16 18:35:08 | 000,122,368 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys -- (NTIPPKernel)
DRV - [2008.01.08 21:10:32 | 002,554,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007.12.18 17:12:12 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2007.12.16 17:57:20 | 000,075,776 | ---- | M] (Wasay) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSVD.sys -- (WSVD)
DRV - [2007.01.26 08:32:18 | 000,069,632 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2006.11.02 15:27:34 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Programme\Launch Manager\DPortIO.sys -- (DritekPortIO)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.intl.acer.yahoo.com
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.google.de"
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\ Firefox\components [2011.07.24 16:15:12 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\ Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\ Firefox\components [2011.07.24 16:15:12 | 000,000,000 | -H-D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\ Firefox\plugins
 
[2011.06.15 01:01:25 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Oma & Opa\AppData\Roaming\mozilla\Extensions
[2011.06.15 11:15:27 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Oma & Opa\AppData\Roaming\mozilla\Firefox\Profiles\f0pc41c2.default\extensions
[2011.06.15 11:13:44 | 000,002,055 | -H-- | M] () -- C:\Users\Oma & Opa\AppData\Roaming\Mozilla\Firefox\Profiles\f0pc41c2.default\searchplugins\daemon-search.xml
File not found (No name found) --
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - Startup: C:\Users\Oma & Opa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll - C:\Programme\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O24 - Desktop WallPaper: C:\Users\Oma & Opa\Pictures\Leon Bilder\ni.jpg
O24 - Desktop BackupWallPaper: C:\Users\Oma & Opa\Pictures\Leon Bilder\ni.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk - C:\Programme\Acer\Acer VCM\AcerVCM.exe - (Acer Incorporated)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe - (Broadcom Corporation.)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: ArcadeDeluxeAgent - hkey= - key= - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
MsConfig - StartUpReg: BkupTray - hkey= - key= - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
MsConfig - StartUpReg: CLMLServer - hkey= - key= - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
MsConfig - StartUpReg: Conime - hkey= - key= -  File not found
MsConfig - StartUpReg: eAudio - hkey= - key= - C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
MsConfig - StartUpReg: eDataSecurity Loader - hkey= - key= - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
MsConfig - StartUpReg: ehTray.exe - hkey= - key= - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
MsConfig - StartUpReg: EKIJ5000StatusMonitor - hkey= - key= -  File not found
MsConfig - StartUpReg: ePower_DMC - hkey= - key= - C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
MsConfig - StartUpReg: IAAnotif - hkey= - key= - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
MsConfig - StartUpReg: irVQprUycRbWhE - hkey= - key= - C:\ProgramData\irVQprUycRbWhE.exe ()
MsConfig - StartUpReg: LManager - hkey= - key= - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
MsConfig - StartUpReg: NvCplDaemon - hkey= - key= -  File not found
MsConfig - StartUpReg: NvMediaCenter - hkey= - key= -  File not found
MsConfig - StartUpReg: PlayMovie - hkey= - key= - C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
MsConfig - StartUpReg: PLFSetI - hkey= - key= - C:\Windows\PLFSetI.exe ()
MsConfig - StartUpReg: RtHDVCpl - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
MsConfig - StartUpReg: SynTPEnh - hkey= - key= - C:\Programme\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
MsConfig - StartUpReg: Windows Defender - hkey= - key= -  File not found
MsConfig - StartUpReg: ZPdtWzdVitaKey MC3000 - hkey= - key= - C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
MsConfig - State: "startup" - 1
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.07.26 13:15:53 | 000,000,000 | ---D | C] -- C:\31c63ce05277c04d8591
[2011.07.26 13:04:32 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011.07.24 17:23:48 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011.07.03 16:05:45 | 000,000,000 | -H-D | C] -- C:\ProgramData\LightScribe
[2011.07.03 16:04:26 | 000,000,000 | -H-D | C] -- C:\ProgramData\NtiDvdCopy
[2011.07.03 16:01:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\PhotoStitch
[2011.07.03 15:56:30 | 000,000,000 | -H-D | C] -- C:\Users\Oma & Opa\AppData\Roaming\ZoomBrowser EX
[2011.07.03 15:54:47 | 000,000,000 | -H-D | C] -- C:\Users\Oma & Opa\AppData\Roaming\CANON INC
[2011.07.03 15:49:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2011.07.03 15:49:37 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2011.07.03 15:48:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Canon
[2011.07.03 15:33:07 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\MCE Logs
[2011.07.03 15:03:22 | 000,000,000 | -H-D | C] -- C:\ProgramData\WindowsSearch
[2011.07.03 14:05:01 | 000,000,000 | -H-D | C] -- C:\Users\Oma & Opa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Johann Lafer Hits aus meiner Küche
[2011.07.03 14:05:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Johann Lafer Hits aus meiner Küche
[2011.07.03 14:05:01 | 000,000,000 | ---D | C] -- C:\Program Files\DNA Digital Media Group
[2011.07.03 14:03:25 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2011.07.03 13:39:02 | 000,000,000 | -H-D | C] -- C:\Users\Oma & Opa\AppData\Roaming\dvdcss
[2011.07.03 11:28:48 | 000,075,776 | ---- | C] (Wasay) -- C:\Windows\System32\drivers\WSVD.sys
[2011.06.28 18:01:02 | 000,000,000 | -H-D | C] -- C:\Users\Oma & Opa\AppData\Local\Eastman_Kodak_Company
[2011.06.28 17:51:28 | 000,000,000 | ---D | C] -- C:\Program Files\PhotoMail Maker
[2011.06.28 17:51:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\PhotoMail
[2011.06.28 17:45:44 | 000,000,000 | -H-D | C] -- C:\Users\Oma & Opa\AppData\Local\IM
[2011.06.28 17:45:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail
[2011.06.28 17:45:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\IncrediMail
[2011.06.28 17:45:01 | 000,000,000 | -H-D | C] -- C:\ProgramData\IM
[2011.06.28 17:31:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak
[2011.06.28 17:26:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\kodak
[2011.06.28 17:01:06 | 000,000,000 | -H-D | C] -- C:\Users\Oma & Opa\Documents\WISO
[2011.06.28 17:00:23 | 000,000,000 | -H-D | C] -- C:\Users\Oma & Opa\Documents\Steuer-Sparbuch
[2011.06.28 16:56:03 | 000,000,000 | -H-D | C] -- C:\Users\Oma & Opa\Documents\Mein Steuer-Sparbuch Heute
[2011.06.28 16:56:02 | 000,000,000 | -H-D | C] -- C:\Users\Oma & Opa\Documents\Sparbuch
[2011.06.28 16:54:35 | 000,000,000 | -H-D | C] -- C:\ProgramData\UAB
[2011.06.28 16:54:32 | 000,000,000 | -H-D | C] -- C:\Users\Oma & Opa\AppData\Local\PC_Drivers_Headquarters
[2011.06.28 16:54:10 | 000,000,000 | -H-D | C] -- C:\ProgramData\Easy Driver Pro
[2011.06.28 16:53:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Driver Pro
[2011.06.28 16:51:48 | 000,000,000 | ---D | C] -- C:\Program Files\Easy Driver Pro
[2011.06.28 16:40:26 | 000,000,000 | ---D | C] -- C:\Program Files\Kodak
[2011.06.28 16:38:45 | 000,000,000 | -H-D | C] -- C:\ProgramData\Kodak
[2011.06.28 16:33:08 | 000,000,000 | -H-D | C] -- C:\Users\Oma & Opa\AppData\Roaming\Temp
[2011.06.28 16:33:07 | 000,000,000 | -H-D | C] -- C:\Users\Oma & Opa\AppData\Local\Eastman Kodak Company
 
========== Files - Modified Within 30 Days ==========
 
[2011.07.26 13:26:09 | 000,618,442 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.07.26 13:26:09 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.07.26 13:26:09 | 000,122,842 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.07.26 13:26:09 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.07.26 13:19:09 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.07.26 13:19:09 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.07.26 13:18:51 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2011.07.26 13:18:16 | 000,382,872 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.07.26 13:18:07 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat
[2011.07.26 13:16:44 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.07.26 13:16:04 | 000,000,020 | ---- | M] () -- C:\Users\Oma & Opa\defogger_reenable
[2011.07.24 13:36:23 | 000,000,232 | -H-- | M] () -- C:\ProgramData\~P1kAlMiG2Kb7Fz
[2011.07.24 13:36:23 | 000,000,184 | -H-- | M] () -- C:\ProgramData\~P1kAlMiG2Kb7Fzr
[2011.07.24 13:36:22 | 000,000,611 | -H-- | M] () -- C:\Users\Oma & Opa\Desktop\System Repair.lnk
[2011.07.24 13:36:21 | 000,000,336 | -H-- | M] () -- C:\ProgramData\P1kAlMiG2Kb7Fz
[2011.07.24 13:36:11 | 000,382,976 | -H-- | M] () -- C:\ProgramData\P1kAlMiG2Kb7Fz.exe
[2011.07.24 13:26:40 | 000,491,520 | -H-- | M] () -- C:\ProgramData\irVQprUycRbWhE.exe
[2011.07.24 13:21:27 | 000,090,143 | -H-- | M] () -- C:\ProgramData\nvModes.001
[2011.07.05 11:17:44 | 000,001,024 | RH-- | M] () -- C:\Users\Public\Documents\NTIMP3.dll
[2011.07.03 16:07:19 | 000,000,000 | -H-- | M] () -- C:\Windows\jcmkr32.INI
[2011.07.03 15:54:13 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2011.07.03 14:41:57 | 000,021,504 | -H-- | M] () -- C:\Users\Oma & Opa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.03 14:34:36 | 000,001,289 | -H-- | M] () -- C:\Users\Oma & Opa\Desktop\Johann Lafer Hits aus meiner Küche.lnk
 
========== Files Created - No Company Name ==========
 
[2011.07.26 13:15:48 | 000,000,020 | ---- | C] () -- C:\Users\Oma & Opa\defogger_reenable
[2011.07.26 13:07:16 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.07.26 13:07:16 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011.07.26 13:07:14 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2011.07.24 13:36:23 | 000,000,184 | -H-- | C] () -- C:\ProgramData\~P1kAlMiG2Kb7Fzr
[2011.07.24 13:36:22 | 000,000,611 | -H-- | C] () -- C:\Users\Oma & Opa\Desktop\System Repair.lnk
[2011.07.24 13:36:22 | 000,000,232 | -H-- | C] () -- C:\ProgramData\~P1kAlMiG2Kb7Fz
[2011.07.24 13:36:21 | 000,000,336 | -H-- | C] () -- C:\ProgramData\P1kAlMiG2Kb7Fz
[2011.07.24 13:36:11 | 000,382,976 | -H-- | C] () -- C:\ProgramData\P1kAlMiG2Kb7Fz.exe
[2011.07.24 13:26:52 | 000,491,520 | -H-- | C] () -- C:\ProgramData\irVQprUycRbWhE.exe
[2011.07.03 16:07:19 | 000,000,000 | -H-- | C] () -- C:\Windows\jcmkr32.INI
[2011.07.03 15:54:13 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2011.07.03 14:05:01 | 000,001,289 | -H-- | C] () -- C:\Users\Oma & Opa\Desktop\Johann Lafer Hits aus meiner Küche.lnk
[2011.06.28 17:26:46 | 000,021,504 | -H-- | C] () -- C:\Users\Oma & Opa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.24 20:23:36 | 000,000,000 | -H-- | C] () -- C:\Users\Oma & Opa\AppData\Roaming\wklnhst.dat
[2011.06.15 11:00:55 | 000,090,143 | -H-- | C] () -- C:\ProgramData\nvModes.dat
[2011.06.15 11:00:55 | 000,090,143 | -H-- | C] () -- C:\ProgramData\nvModes.001
[2011.06.15 11:00:54 | 000,007,592 | -H-- | C] () -- C:\Users\Oma & Opa\AppData\Local\d3d9caps.dat
[2011.06.15 01:07:41 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011.06.15 01:07:41 | 000,000,038 | -H-- | C] () -- C:\Windows\avisplitter.ini
[2011.06.15 01:07:40 | 000,631,808 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011.06.15 01:07:40 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011.06.15 01:07:39 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.06.15 01:01:18 | 000,000,000 | -H-- | C] () -- C:\Windows\nsreg.dat
[2011.06.15 00:24:34 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2011.06.15 00:16:02 | 000,000,057 | -H-- | C] () -- C:\Windows\PidList.ini
[2011.06.15 00:16:01 | 000,200,704 | -H-- | C] () -- C:\Windows\PLFSetI.exe
[2011.06.15 00:12:54 | 001,548,099 | -H-- | C] () -- C:\Windows\System32\VMC3KAPI.dll
[2008.04.08 13:28:17 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008.04.08 13:28:17 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008.04.08 12:36:22 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll
[2008.04.08 12:27:16 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008.04.08 12:18:59 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008.04.08 12:18:59 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2008.04.08 12:16:49 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\RtkHDAud.dat
[2008.04.08 05:55:03 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.01.21 10:24:09 | 000,618,442 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 10:24:09 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 10:24:09 | 000,122,842 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 10:24:09 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.01.21 04:23:41 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en
[2008.01.21 04:23:38 | 000,062,976 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2007.11.14 15:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll
[2007.04.24 18:32:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2007.01.26 08:32:18 | 000,069,632 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2006.11.02 14:55:52 | 000,067,584 | ---- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:46:27 | 000,382,872 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,587,178 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,101,250 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
 
========== LOP Check ==========
 
[2011.06.15 00:34:48 | 000,000,000 | -H-D | M] -- C:\Users\Oma & Opa\AppData\Roaming\Acer
[2008.04.08 12:50:57 | 000,000,000 | -H-D | M] -- C:\Users\Oma & Opa\AppData\Roaming\Acer GameZone Console
[2011.06.15 10:58:49 | 000,000,000 | -H-D | M] -- C:\Users\Oma & Opa\AppData\Roaming\DAEMON Tools Lite
[2011.06.28 16:38:53 | 000,000,000 | -H-D | M] -- C:\Users\Oma & Opa\AppData\Roaming\Temp
[2011.06.24 20:24:03 | 000,000,000 | -H-D | M] -- C:\Users\Oma & Opa\AppData\Roaming\Template
[2011.06.15 00:12:21 | 000,000,000 | -H-D | M] -- C:\Users\Oma & Opa\AppData\Roaming\Validity
[2011.07.26 13:16:44 | 000,030,212 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*. >
[2011.07.26 13:15:48 | 000,000,000 | -H-D | M] -- C:\ Firefox
[2011.06.15 00:07:48 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2011.07.26 13:15:54 | 000,000,000 | ---D | M] -- C:\31c63ce05277c04d8591
[2011.06.15 00:39:47 | 000,000,000 | -H-D | M] -- C:\ACER
[2008.04.08 13:30:20 | 000,000,000 | -H-D | M] -- C:\book
[2008.04.08 05:57:07 | 000,000,000 | -HSD | M] -- C:\Boot
[2011.07.24 16:15:20 | 000,000,000 | -H-D | M] -- C:\CLSetup
[2008.04.08 12:51:51 | 000,000,000 | -H-D | M] -- C:\Convesoft
[2006.11.02 15:00:38 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.06.15 00:03:00 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2008.04.08 12:10:04 | 000,000,000 | -H-D | M] -- C:\Intel
[2008.04.08 12:52:20 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2008.01.21 04:30:50 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.07.26 13:04:32 | 000,000,000 | R--D | M] -- C:\Program Files
[2011.07.24 17:12:01 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.06.15 00:03:00 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.07.26 13:28:43 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.06.15 00:06:19 | 000,000,000 | R--D | M] -- C:\Users
[2011.07.26 13:16:12 | 000,000,000 | -H-D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
 
< MD5 for: EXPLORER.EXE  >
[2008.01.21 04:22:34 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\explorer.exe
[2008.01.21 04:22:34 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
< MD5 for: REGEDIT.EXE  >
[2008.01.21 04:23:00 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\regedit.exe
[2008.01.21 04:23:00 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:22:58 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:22:58 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.21 04:21:52 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 04:21:52 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2008.01.21 04:22:59 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008.01.21 04:22:59 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-07-26 11:15:41
 
<          >

< End of report >
Code:
OTL Extras logfile created on: 26.07.2011 13:27:29 - Run 1
OTL by OldTimer - Version 3.2.26.1    Folder = C:\Users\Oma & Opa\Downloads
Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 61,06% Memory free
6,19 Gb Paging File | 5,09 Gb Available in Paging File | 82,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 87,07 Gb Free Space | 60,44% Space Free | Partition Type: NTFS
Drive D: | 7,39 Gb Total Space | 2,80 Gb Free Space | 37,82% Space Free | Partition Type: FAT32
Drive E: | 140,50 Gb Total Space | 136,63 Gb Free Space | 97,25% Space Free | Partition Type: NTFS
Drive K: | 298,09 Gb Total Space | 297,99 Gb Free Space | 99,97% Space Free | Partition Type: NTFS
 
Computer Name: ASPIRE8920 | User Name: Oma & Opa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\ Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\ Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\ Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\ Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{89FAEAF8-4CF6-4DA1-81EC-C1C380D5E155}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{A2D3F230-28FA-4FB5-8A5D-9015A83A9827}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{BAE425C2-36F3-429F-98E6-5B4683F95959}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{C52F935B-593C-45FD-8AD6-6FE4C4BD606E}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{F91F5C18-E8D5-4522-83B2-3EC5091EDBDE}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01FBBC9E-BDB5-4586-85F6-36E13885CF32}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dungeon siege iii\dungeon siege iii.exe |
"{167D8C0D-6541-41F2-A361-90BFF8DEA0C7}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{21CF27D9-1DC4-4224-8991-8F1EF51F49D5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3799B14C-0775-4250-B444-39402A499CA4}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{43E307A9-3434-4C88-B214-69DFD09EC307}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dungeon siege iii\dungeon siege iii.exe |
"{493B2813-14CB-4700-B3F6-F362E29A4BFE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{537C2F0F-32CA-49D3-80D1-645CDB0CEC51}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe |
"{67E654DF-4DA3-4A60-B8C6-B400845B1A8C}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{821E0A44-A12D-4B79-9546-8240CED23C00}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{8F3641F2-A7EC-4D0D-9319-262FCC370164}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{AAEF00A5-D87B-40A2-A7F4-91F438346DD4}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{AF68CB72-6914-49EB-8708-915754E56BC9}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe |
"{B40BDD69-AAB6-4919-BFE8-E50CC886E83B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{B6B8E840-9661-43BC-A129-5F5EE9AF9A16}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe |
"{C050EF1E-9415-4F81-A536-69A8237238A0}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{C9A60221-D7BF-417B-B8BF-B7BA1320191C}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{D492B3E7-B681-42F1-820B-0C00D37C7D2F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{DF73D121-922A-4327-AD68-CD829FFF067D}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{E768CB21-58C1-4E4E-9C95-07B805D57412}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{EA841B75-76A8-4BC3-AE41-3BF7DC9DE026}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{FC9912F9-AB84-4869-9D43-5086D79062FC}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.5000
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{0645A454-AD44-4F0D-99CF-6B762735AD1F}" = aioprnt
"{0BF78E88-A7C9-4406-89CF-0BA473BA7821}" = Orion
"{10934A28-0CC6-4B98-A14F-76B3546003AF}" = ksDIP
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{567E8236-C414-4888-8211-3D61608D57AE}" = Validity Sensors software
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75AE8014-1184-4BC0-B279-C879540719EE}" = PhotoMail Maker
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}" = Backspin Billiards
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials
"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.55.312
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK All-in-One Software
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver
"{FD27D456-ED8A-4027-A1E4-BBF95FAF4799}" = Easy Driver Pro
"{FE24086F-3B0C-4C47-A874-97A7B8E2FBBE}" = aioscnnr
"Acer Acer Bio Protection 6.0.00.08" = Acer Bio Protection

AAV 6.0.00.08
"Acer GameZone Console_is1" = Acer GameZone Console 2.0.1.1
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"CameraWindowDC8" = Canon Utilities CameraWindow DC 8
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"GridVista" = Acer GridVista
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Johann Lafer Hits aus meiner Küche" = Johann Lafer Hits aus meiner Küche
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.1.0 (Full)
"LManager" = Launch Manager
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"MyCamera" = Canon Utilities MyCamera
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PhotoMail" = PhotoMail Maker
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox 5.0 (x86 de)" = Mozilla Firefox 5.0 (x86 de)
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 24.07.2011 07:40:58 | Computer Name = Aspire8920 | Source = VSS | ID = 12289
Description =
 
Error - 24.07.2011 07:40:58 | Computer Name = Aspire8920 | Source = VSS | ID = 12289
Description =
 
Error - 24.07.2011 07:41:02 | Computer Name = Aspire8920 | Source = VSS | ID = 12289
Description =
 
Error - 24.07.2011 07:41:02 | Computer Name = Aspire8920 | Source = VSS | ID = 12289
Description =
 
Error - 24.07.2011 07:41:02 | Computer Name = Aspire8920 | Source = VSS | ID = 12289
Description =
 
Error - 24.07.2011 08:46:25 | Computer Name = Aspire8920 | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung P1kAlMiG2Kb7Fz.exe, Version 0.1.0.0, Zeitstempel
 0x4e1c0ed2, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
 Ausnahmecode 0xc0000005, Fehleroffset 0x00200070,  Prozess-ID 0x9cc, Anwendungsstartzeit
 01cc49ffac23e5a7.
 
Error - 24.07.2011 08:53:40 | Computer Name = Aspire8920 | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung CompileMOF.exe, Version 3.0.2000.0, Zeitstempel
 0x474a325e, fehlerhaftes Modul CompileMOF.exe, Version 3.0.2000.0, Zeitstempel
0x474a325e, Ausnahmecode 0xc000000d, Fehleroffset 0x00002a7f,  Prozess-ID 0x8f4, Anwendungsstartzeit
 01cc4a00b5557410.
 
Error - 24.07.2011 08:53:47 | Computer Name = Aspire8920 | Source = WinMgmt | ID = 10
Description =
 
Error - 24.07.2011 10:02:14 | Computer Name = Aspire8920 | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung CompileMOF.exe, Version 3.0.2000.0, Zeitstempel
 0x474a325e, fehlerhaftes Modul CompileMOF.exe, Version 3.0.2000.0, Zeitstempel
0x474a325e, Ausnahmecode 0xc000000d, Fehleroffset 0x00002a7f,  Prozess-ID 0x900, Anwendungsstartzeit
 01cc4a0a49996a14.
 
Error - 24.07.2011 10:02:22 | Computer Name = Aspire8920 | Source = WinMgmt | ID = 10
Description =
 
[ System Events ]
Error - 24.07.2011 11:05:23 | Computer Name = Aspire8920 | Source = Service Control Manager | ID = 7023
Description =
 
Error - 24.07.2011 11:07:32 | Computer Name = Aspire8920 | Source = Service Control Manager | ID = 7000
Description =
 
Error - 24.07.2011 11:12:05 | Computer Name = Aspire8920 | Source = Microsoft-Windows-Eventlog | ID = 22
Description =
 
Error - 24.07.2011 11:12:07 | Computer Name = Aspire8920 | Source = HTTP | ID = 15016
Description =
 
Error - 24.07.2011 11:12:13 | Computer Name = Aspire8920 | Source = Service Control Manager | ID = 7023
Description =
 
Error - 24.07.2011 11:14:21 | Computer Name = Aspire8920 | Source = Service Control Manager | ID = 7000
Description =
 
Error - 24.07.2011 11:24:43 | Computer Name = Aspire8920 | Source = Microsoft-Windows-Eventlog | ID = 22
Description =
 
Error - 24.07.2011 11:24:44 | Computer Name = Aspire8920 | Source = HTTP | ID = 15016
Description =
 
Error - 24.07.2011 11:24:51 | Computer Name = Aspire8920 | Source = Service Control Manager | ID = 7023
Description =
 
Error - 24.07.2011 11:26:50 | Computer Name = Aspire8920 | Source = Service Control Manager | ID = 7000
Description =
 
 
< End of report >
Code:
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2011-07-26 14:06:23
Windows 6.0.6001 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 WDC_WD3200BEVT-22ZCT0 rev.11.01A11
Running: kruohd5i.exe; Driver: C:\Users\OMA&OP~1\AppData\Local\Temp\pgldifod.sys


---- Kernel code sections - GMER 1.0.15 ----

.text          C:\Windows\system32\DRIVERS\nvlddmkm.sys                                                                    section is writeable [0x8E40C340, 0x3D50E7, 0xE8000020]
                C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl                                                        entry point in "" section [0x8FBE6000]
.clc            C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl                                                        unknown last section [0x8FBE7000, 0x1000, 0x00000000]

---- User code sections - GMER 1.0.15 ----

.text          C:\ Firefox\firefox.exe[2776] ntdll.dll!LdrLoadDll                                                          76FB7933 5 Bytes  JMP 00FE1410 C:\ Firefox\firefox.exe (Firefox/Mozilla Corporation)
.text          C:\Windows\Explorer.EXE[3928] SHELL32.dll!InitNetworkAddressControl + 2939                                  75A30064 4 Bytes  [50, 26, 00, 10] {PUSH EAX; ADD ES:[EAX], DL}

---- Devices - GMER 1.0.15 ----

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                                      Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1                                                                      Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1                                                                      fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2                                                                      fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume3                                                                      fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume4                                                                      fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume5                                                                      fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume7                                                                      fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \FileSystem\fastfat \Fat                                                                                    fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg            HKLM\SYSTEM\CurrentControlSet\Services\BthPort\Parameters\Keys\001f3aec6fdf                                 
Reg            HKLM\SYSTEM\CurrentControlSet\Services\BthPort\Parameters\Keys\001f3aec6fdf@0024ef09613f                    0xA4 0x5F 0xCF 0xBA ...
Reg            HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                           
Reg            HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                          0
Reg            HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                      0x7F 0x49 0x60 0xF6 ...
Reg            HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                          0x00 0x00 0x00 0x00 ...
Reg            HKLM\SYSTEM\ControlSet003\Services\BthPort\Parameters\Keys\001f3aec6fdf (not active ControlSet)             
Reg            HKLM\SYSTEM\ControlSet003\Services\BthPort\Parameters\Keys\001f3aec6fdf@0024ef09613f                        0xA4 0x5F 0xCF 0xBA ...
Reg            HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)       
Reg            HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                              0
Reg            HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                          0x7F 0x49 0x60 0xF6 ...
Reg            HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                              0x00 0x00 0x00 0x00 ...

---- Files - GMER 1.0.15 ----

File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid  65536 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\CiAD0001.000  240 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\CiAD0001.001  65536 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\CiAD0001.002  65536 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\CiMG0004.000  0 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\CiMG0004.001  65536 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\CiMG0004.002  65536 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.ci  155648 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.dir  4096 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid  65536 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010013.ci  0 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010013.dir  49152 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010013.wid  65536 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010013.wsb  65536 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010015.ci  69632 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010015.dir  4096 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010015.wid  65536 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.ci  159744 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Crwl3.gthr        0 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0014A.log                                      131072 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0014B.log                                      0 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0015F.log                                      131072 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00160.log                                      131072 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00161.log                                      131072 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00162.log                                      131072 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00163.log                                      131072 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00164.log                                      131072 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00165.log                                      131072 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00166.log                                      131072 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00167.log                                      131072 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00168.log                                      131072 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00169.log                                      131072 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0016A.log                                      0 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0014C.log                                      0 bytes
File            C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0015E.log                                      131072 bytes
File            C:\Windows\assembly\NativeImages_v2.0.50727_32\index159.dat                                                  0 bytes
File            C:\Windows\assembly\NativeImages_v2.0.50727_32\index15a.dat                                                  0 bytes

---- EOF - GMER 1.0.15 ----
Danke schon mal im vorraus

cosinus 26.07.2011 16:07
Hallo und :hallo:

Bitte routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

Baumijunior 26.07.2011 18:14
So habe ich getan hoffe es hilft.
Code:
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Datenbank Version: 7283

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

26.07.2011 19:11:20
mbam-log-2011-07-26 (19-11-20).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|F:\|K:\|)
Durchsuchte Objekte: 253310
Laufzeit: 35 Minute(n), 48 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\oma & opa\AppData\Local\Temp\tmpDC3A.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.

cosinus 26.07.2011 20:03
Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind.

Baumijunior 27.07.2011 10:57
Hallo nein leiter nicht

cosinus 27.07.2011 11:03
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)


Code:
:OTL
[2011.07.24 13:36:23 | 000,000,232 | -H-- | M] () -- C:\ProgramData\~P1kAlMiG2Kb7Fz
[2011.07.24 13:36:23 | 000,000,184 | -H-- | M] () -- C:\ProgramData\~P1kAlMiG2Kb7Fzr
[2011.07.24 13:36:22 | 000,000,611 | -H-- | M] () -- C:\Users\Oma & Opa\Desktop\System Repair.lnk
[2011.07.24 13:36:21 | 000,000,336 | -H-- | M] () -- C:\ProgramData\P1kAlMiG2Kb7Fz
[2011.07.24 13:36:11 | 000,382,976 | -H-- | M] () -- C:\ProgramData\P1kAlMiG2Kb7Fz.exe
[2011.07.24 13:26:40 | 000,491,520 | -H-- | M] () -- C:\ProgramData\irVQprUycRbWhE.exe
[2011.07.26 13:07:14 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2011.07.24 13:36:23 | 000,000,184 | -H-- | C] () -- C:\ProgramData\~P1kAlMiG2Kb7Fzr
[2011.07.24 13:36:22 | 000,000,611 | -H-- | C] () -- C:\Users\Oma & Opa\Desktop\System Repair.lnk
[2011.07.24 13:36:22 | 000,000,232 | -H-- | C] () -- C:\ProgramData\~P1kAlMiG2Kb7Fz
[2011.07.24 13:36:21 | 000,000,336 | -H-- | C] () -- C:\ProgramData\P1kAlMiG2Kb7Fz
[2011.07.24 13:36:11 | 000,382,976 | -H-- | C] () -- C:\ProgramData\P1kAlMiG2Kb7Fz.exe
[2011.07.24 13:26:52 | 000,491,520 | -H-- | C] () -- C:\ProgramData\irVQprUycRbWhE.exe

:Commands
[purity]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Baumijunior 27.07.2011 11:53
Malwarebytes hat nur die eine Logfile zum vorschein gebracht.

Baumijunior 27.07.2011 12:06
Fehler beim Erstellen des Logfiles

Baumijunior 27.07.2011 12:07
jetzt macht er einen neustart warum auch immer:headbang:

Baumijunior 27.07.2011 12:20
hat geklappt

Code:
========== OTL ==========
C:\ProgramData\~P1kAlMiG2Kb7Fz moved successfully.
C:\ProgramData\~P1kAlMiG2Kb7Fzr moved successfully.
File C:\Users\Oma & Opa\Desktop\System Repair.lnk not found.
C:\ProgramData\P1kAlMiG2Kb7Fz moved successfully.
File C:\ProgramData\P1kAlMiG2Kb7Fz.exe not found.
File C:\ProgramData\irVQprUycRbWhE.exe not found.
C:\Windows\System32\korwbrkr.lex moved successfully.
File C:\ProgramData\~P1kAlMiG2Kb7Fzr not found.
File C:\Users\Oma & Opa\Desktop\System Repair.lnk not found.
File C:\ProgramData\~P1kAlMiG2Kb7Fz not found.
File C:\ProgramData\P1kAlMiG2Kb7Fz not found.
File C:\ProgramData\P1kAlMiG2Kb7Fz.exe not found.
File C:\ProgramData\irVQprUycRbWhE.exe not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.26.1 log created on 07272011_131858

cosinus 27.07.2011 12:28
Ich brauch den Quarantäneordner von OTL. Bitte folgendes machen:

1.) GANZ WICHTIG!! Virenscanner deaktivieren, der darf das Packen nicht beeinflussen!
2.) Ordner MovedFiles in C:\_OTL in eine Datei zippen
3.) Die erstellte ZIP-Datei hier hochladen => http://www.trojaner-board.de/54791-a...ner-board.html
4.) Wenns erfolgreich war Bescheid sagen
5.) Erst dann wieder den Virenscanner einschalten

Baumijunior 27.07.2011 12:55
also ich habe es mit 7 zip gezippt, nur eine frage habe ich, der Link zum Thema im Forum ist doch der der ganz oben steht oder ? Zumindest habe ich den reingeschrieben und losgeschickt es wurde bestädigt das es geklappt hätte aber es steht nichts imn Forum ?:twak::balla:

cosinus 27.07.2011 13:25
Die Datei die du hochgeladen hast soll ja auch nicht öffentlich hier stehen oder willst du dass jeder sich deine Schädlinge anschauen darf! :D

Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - also beide Haken setzen, auf Start scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

http://www.trojaner-board.de/attachm...rnen-start.png


Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

Baumijunior 27.07.2011 13:32
Code:
2011/07/27 14:30:57.0921 2316        TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56
2011/07/27 14:30:58.0155 2316        ================================================================================
2011/07/27 14:30:58.0155 2316        SystemInfo:
2011/07/27 14:30:58.0155 2316       
2011/07/27 14:30:58.0155 2316        OS Version: 6.0.6001 ServicePack: 1.0
2011/07/27 14:30:58.0155 2316        Product type: Workstation
2011/07/27 14:30:58.0155 2316        ComputerName: ASPIRE8920
2011/07/27 14:30:58.0155 2316        UserName: Oma & Opa
2011/07/27 14:30:58.0155 2316        Windows directory: C:\Windows
2011/07/27 14:30:58.0155 2316        System windows directory: C:\Windows
2011/07/27 14:30:58.0155 2316        Processor architecture: Intel x86
2011/07/27 14:30:58.0155 2316        Number of processors: 2
2011/07/27 14:30:58.0155 2316        Page size: 0x1000
2011/07/27 14:30:58.0155 2316        Boot type: Normal boot
2011/07/27 14:30:58.0155 2316        ================================================================================
2011/07/27 14:30:59.0559 2316        Initialize success
2011/07/27 14:31:02.0383 2320        ================================================================================
2011/07/27 14:31:02.0383 2320        Scan started
2011/07/27 14:31:02.0383 2320        Mode: Manual;
2011/07/27 14:31:02.0383 2320        ================================================================================
2011/07/27 14:31:03.0365 2320        ACPI            (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
2011/07/27 14:31:03.0397 2320        adp94xx        (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/07/27 14:31:03.0443 2320        adpahci        (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/07/27 14:31:03.0459 2320        adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/07/27 14:31:03.0490 2320        adpu320        (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/07/27 14:31:03.0553 2320        AFD            (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
2011/07/27 14:31:03.0615 2320        AgereSoftModem  (38325c6aa8eae011897d61ce48ec6435) C:\Windows\system32\DRIVERS\AGRSM.sys
2011/07/27 14:31:03.0677 2320        agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/07/27 14:31:03.0693 2320        aic78xx        (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/07/27 14:31:03.0740 2320        AlfaFF          (8d59617a9c3dbf4650aa44f4e9215744) C:\Windows\system32\Drivers\AlfaFF.sys
2011/07/27 14:31:03.0787 2320        aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/07/27 14:31:03.0818 2320        amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/07/27 14:31:03.0818 2320        amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/07/27 14:31:03.0865 2320        AmdK7          (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/07/27 14:31:03.0880 2320        AmdK8          (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2011/07/27 14:31:03.0927 2320        arc            (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/07/27 14:31:03.0974 2320        arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/07/27 14:31:04.0005 2320        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/07/27 14:31:04.0021 2320        atapi          (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
2011/07/27 14:31:04.0083 2320        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/07/27 14:31:04.0114 2320        blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/07/27 14:31:04.0161 2320        bowser          (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
2011/07/27 14:31:04.0192 2320        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/07/27 14:31:04.0208 2320        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/07/27 14:31:04.0239 2320        Brserid        (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/07/27 14:31:04.0270 2320        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/07/27 14:31:04.0270 2320        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/07/27 14:31:04.0286 2320        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/07/27 14:31:04.0348 2320        BthEnum        (da7b195275bda7f8fcf79b40e0f45dde) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/07/27 14:31:04.0395 2320        BTHMODEM        (5ffa6988ff9597986ff2ada736cc90c0) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/07/27 14:31:04.0411 2320        BthPan          (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
2011/07/27 14:31:04.0473 2320        BthPort        (671134053d59e23704f08db19f11e10b) C:\Windows\system32\Drivers\BTHport.sys
2011/07/27 14:31:04.0520 2320        BTHUSB          (93d7007e2c660dfcca6ae72622740b14) C:\Windows\system32\Drivers\BTHUSB.sys
2011/07/27 14:31:04.0582 2320        btwaudio        (636f45a8500c1438cfa7dee15fc5c184) C:\Windows\system32\drivers\btwaudio.sys
2011/07/27 14:31:04.0613 2320        btwavdt        (bf9256ff01b093a5d90bb7a35ec90410) C:\Windows\system32\drivers\btwavdt.sys
2011/07/27 14:31:04.0645 2320        btwrchid        (0ab8c1ac177afb27309e1072faf34a37) C:\Windows\system32\DRIVERS\btwrchid.sys
2011/07/27 14:31:04.0691 2320        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/07/27 14:31:04.0723 2320        cdrom          (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
2011/07/27 14:31:04.0754 2320        circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
2011/07/27 14:31:04.0785 2320        CLFS            (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
2011/07/27 14:31:04.0847 2320        CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/07/27 14:31:04.0894 2320        cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/07/27 14:31:04.0894 2320        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/07/27 14:31:04.0925 2320        crcdisk        (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/07/27 14:31:04.0957 2320        Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/07/27 14:31:05.0003 2320        CSC            (9a5434125c3dfe42393de4bbb791bd19) C:\Windows\system32\drivers\csc.sys
2011/07/27 14:31:05.0035 2320        DfsC            (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
2011/07/27 14:31:05.0113 2320        disk            (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
2011/07/27 14:31:05.0159 2320        DKbFltr        (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
2011/07/27 14:31:05.0253 2320        DritekPortIO    (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys
2011/07/27 14:31:05.0347 2320        drmkaud        (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/07/27 14:31:05.0518 2320        DXGKrnl        (f8bf50a8d862f8cc089080bec509bca6) C:\Windows\System32\drivers\dxgkrnl.sys
2011/07/27 14:31:05.0581 2320        E1G60          (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/07/27 14:31:05.0627 2320        Ecache          (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
2011/07/27 14:31:05.0674 2320        elxstor        (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/07/27 14:31:05.0705 2320        ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/07/27 14:31:05.0737 2320        exfat          (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
2011/07/27 14:31:05.0768 2320        fastfat        (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
2011/07/27 14:31:05.0815 2320        fdc            (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/07/27 14:31:05.0846 2320        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/07/27 14:31:05.0893 2320        Filetrace      (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/07/27 14:31:05.0908 2320        flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/07/27 14:31:05.0955 2320        FltMgr          (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
2011/07/27 14:31:05.0986 2320        Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/07/27 14:31:06.0002 2320        fvevol          (1400c747e2b73966b100fdce5426b7b2) C:\Windows\system32\DRIVERS\fvevol.sys
2011/07/27 14:31:06.0033 2320        gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/07/27 14:31:06.0064 2320        HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/07/27 14:31:06.0095 2320        HDAudBus        (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/07/27 14:31:06.0127 2320        HidBth          (204c3b1846e9cbaaef88b8e1f86782f8) C:\Windows\system32\DRIVERS\hidbth.sys
2011/07/27 14:31:06.0158 2320        HidIr          (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys
2011/07/27 14:31:06.0205 2320        HidUsb          (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
2011/07/27 14:31:06.0236 2320        HpCISSs        (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/07/27 14:31:06.0267 2320        HTTP            (406c027c18e98a396faa1963dad5ff70) C:\Windows\system32\drivers\HTTP.sys
2011/07/27 14:31:06.0283 2320        i2omp          (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/07/27 14:31:06.0329 2320        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/07/27 14:31:06.0376 2320        iaStor          (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys
2011/07/27 14:31:06.0407 2320        iaStorV        (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/07/27 14:31:06.0439 2320        iirsp          (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/07/27 14:31:06.0470 2320        int15          (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\Windows\system32\drivers\int15.sys
2011/07/27 14:31:06.0579 2320        IntcAzAudAddService (92bcc487f16892cda495dbd8160272d9) C:\Windows\system32\drivers\RTKVHDA.sys
2011/07/27 14:31:06.0657 2320        intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/07/27 14:31:06.0688 2320        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/07/27 14:31:06.0719 2320        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/07/27 14:31:06.0766 2320        IPMIDRV        (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/07/27 14:31:06.0797 2320        IPNAT          (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/07/27 14:31:06.0844 2320        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/07/27 14:31:06.0891 2320        isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/07/27 14:31:06.0922 2320        iScsiPrt        (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/07/27 14:31:06.0953 2320        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/07/27 14:31:06.0985 2320        itecir          (8bcd857c7932ad005d5f9c89329da2e1) C:\Windows\system32\DRIVERS\itecir.sys
2011/07/27 14:31:07.0016 2320        iteraid        (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/07/27 14:31:07.0047 2320        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/07/27 14:31:07.0063 2320        kbdhid          (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/07/27 14:31:07.0109 2320        KSecDD          (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
2011/07/27 14:31:07.0172 2320        L1E            (999ff607e8870f3d6106ae93b41c2cd5) C:\Windows\system32\DRIVERS\L1E60x86.sys
2011/07/27 14:31:07.0203 2320        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/07/27 14:31:07.0250 2320        LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/07/27 14:31:07.0265 2320        LSI_SAS        (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/07/27 14:31:07.0312 2320        LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/07/27 14:31:07.0328 2320        luafv          (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/07/27 14:31:07.0390 2320        MBAMProtector  (eca00eed9ab95489007b0ef84c7149de) C:\Windows\system32\drivers\mbam.sys
2011/07/27 14:31:07.0453 2320        megasas        (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/07/27 14:31:07.0484 2320        MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/07/27 14:31:07.0546 2320        Modem          (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/07/27 14:31:07.0577 2320        monitor        (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/07/27 14:31:07.0609 2320        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/07/27 14:31:07.0624 2320        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/07/27 14:31:07.0655 2320        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/07/27 14:31:07.0687 2320        mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/07/27 14:31:07.0718 2320        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/07/27 14:31:07.0733 2320        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/07/27 14:31:07.0749 2320        MRxDAV          (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
2011/07/27 14:31:07.0796 2320        mrxsmb          (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/07/27 14:31:07.0811 2320        mrxsmb10        (cf6e972f8e0d0f2970360a17572b366b) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/07/27 14:31:07.0827 2320        mrxsmb20        (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/07/27 14:31:07.0858 2320        msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2011/07/27 14:31:07.0889 2320        msdsm          (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/07/27 14:31:07.0921 2320        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/07/27 14:31:07.0967 2320        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/07/27 14:31:07.0999 2320        MSKSSRV        (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/07/27 14:31:08.0045 2320        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/07/27 14:31:08.0061 2320        MSPQM          (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/07/27 14:31:08.0092 2320        MsRPC          (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
2011/07/27 14:31:08.0108 2320        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/07/27 14:31:08.0123 2320        MSTEE          (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/07/27 14:31:08.0155 2320        Mup            (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
2011/07/27 14:31:08.0233 2320        NativeWifiP    (dd721f8635191132992e7ceaa3c43c84) C:\Windows\system32\DRIVERS\nwifi.sys
2011/07/27 14:31:08.0311 2320        NDIS            (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
2011/07/27 14:31:08.0342 2320        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/07/27 14:31:08.0373 2320        Ndisuio        (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/07/27 14:31:08.0404 2320        NdisWan        (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/07/27 14:31:08.0420 2320        NDProxy        (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/07/27 14:31:08.0435 2320        NetBIOS        (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/07/27 14:31:08.0467 2320        netbt          (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
2011/07/27 14:31:08.0576 2320        NETw4v32        (caaea35dae7f4c19db05481dac22c2ba) C:\Windows\system32\DRIVERS\NETw4v32.sys
2011/07/27 14:31:08.0654 2320        nfrd960        (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/07/27 14:31:08.0685 2320        Npfs            (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
2011/07/27 14:31:08.0701 2320        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/07/27 14:31:08.0747 2320        Ntfs            (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
2011/07/27 14:31:08.0825 2320        NTIDrvr        (2757d2ba59aee155209e24942ab127c9) C:\Windows\system32\DRIVERS\NTIDrvr.sys
2011/07/27 14:31:08.0935 2320        NTIPPKernel    (547bfa3591c70674b0bfc99354ab78b3) C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys
2011/07/27 14:31:09.0075 2320        ntrigdigi      (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/07/27 14:31:09.0153 2320        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/07/27 14:31:09.0543 2320        nvlddmkm        (87a335a444551a432226720d18337ad9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/07/27 14:31:09.0808 2320        nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/07/27 14:31:09.0855 2320        nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/07/27 14:31:09.0886 2320        nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/07/27 14:31:09.0964 2320        ohci1394        (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
2011/07/27 14:31:10.0027 2320        Parport        (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/07/27 14:31:10.0042 2320        partmgr        (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
2011/07/27 14:31:10.0073 2320        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/07/27 14:31:10.0136 2320        pci            (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
2011/07/27 14:31:10.0151 2320        pciide          (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2011/07/27 14:31:10.0183 2320        pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/07/27 14:31:10.0229 2320        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/07/27 14:31:10.0307 2320        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/07/27 14:31:10.0339 2320        Processor      (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2011/07/27 14:31:10.0401 2320        PSched          (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
2011/07/27 14:31:10.0417 2320        PSDFilter      (ab94285ff6c6bc5433407d8d182a4bb4) C:\Windows\system32\DRIVERS\psdfilter.sys
2011/07/27 14:31:10.0479 2320        PSDNServ        (2aaf9a5d7a63d26bfaea853c5f2292bc) C:\Windows\system32\DRIVERS\PSDNServ.sys
2011/07/27 14:31:10.0526 2320        psdvdisk        (0eb8cec99855beae5b0d02c2302619ef) C:\Windows\system32\DRIVERS\PSDVdisk.sys
2011/07/27 14:31:10.0573 2320        ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/07/27 14:31:10.0635 2320        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/07/27 14:31:10.0666 2320        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/07/27 14:31:10.0697 2320        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/07/27 14:31:10.0713 2320        Rasl2tp        (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/07/27 14:31:10.0729 2320        RasPppoe        (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/07/27 14:31:10.0744 2320        RasSstp        (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
2011/07/27 14:31:10.0807 2320        rdbss          (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
2011/07/27 14:31:10.0838 2320        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/07/27 14:31:10.0900 2320        rdpdr          (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\DRIVERS\rdpdr.sys
2011/07/27 14:31:10.0916 2320        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/07/27 14:31:10.0947 2320        RDPWD          (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
2011/07/27 14:31:10.0994 2320        RFCOMM          (34cc78c06587718c2ad6d3aa83b1f072) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/07/27 14:31:11.0009 2320        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/07/27 14:31:11.0041 2320        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/07/27 14:31:11.0103 2320        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/07/27 14:31:11.0150 2320        Serenum        (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/07/27 14:31:11.0165 2320        Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/07/27 14:31:11.0181 2320        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/07/27 14:31:11.0212 2320        sffdisk        (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/07/27 14:31:11.0228 2320        sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/07/27 14:31:11.0243 2320        sffp_sd        (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/07/27 14:31:11.0259 2320        sfloppy        (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/07/27 14:31:11.0290 2320        sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/07/27 14:31:11.0306 2320        SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/07/27 14:31:11.0337 2320        SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/07/27 14:31:11.0368 2320        Smb            (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
2011/07/27 14:31:11.0524 2320        spldr          (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/07/27 14:31:11.0602 2320        srv            (3d7c04aba41ac96ba7e9d123ec8f7fa3) C:\Windows\system32\DRIVERS\srv.sys
2011/07/27 14:31:11.0665 2320        srv2            (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
2011/07/27 14:31:11.0711 2320        srvnet          (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
2011/07/27 14:31:11.0743 2320        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/07/27 14:31:11.0774 2320        Symc8xx        (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/07/27 14:31:11.0805 2320        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/07/27 14:31:11.0852 2320        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/07/27 14:31:11.0914 2320        SynTP          (bf7aa84d5af0faa0978c840e63b17dbf) C:\Windows\system32\DRIVERS\SynTP.sys
2011/07/27 14:31:12.0008 2320        Tcpip          (a6a02ef5b5e40fbd31a1adc577da54bb) C:\Windows\system32\drivers\tcpip.sys
2011/07/27 14:31:12.0055 2320        Tcpip6          (a6a02ef5b5e40fbd31a1adc577da54bb) C:\Windows\system32\DRIVERS\tcpip.sys
2011/07/27 14:31:12.0070 2320        tcpipreg        (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
2011/07/27 14:31:12.0101 2320        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/07/27 14:31:12.0117 2320        TDTCP          (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/07/27 14:31:12.0148 2320        tdx            (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
2011/07/27 14:31:12.0164 2320        TermDD          (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
2011/07/27 14:31:12.0211 2320        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/07/27 14:31:12.0242 2320        tunmp          (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/07/27 14:31:12.0273 2320        tunnel          (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
2011/07/27 14:31:12.0304 2320        uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/07/27 14:31:12.0320 2320        UBHelper        (f763e070843ee2803de1395002b42938) C:\Windows\system32\drivers\UBHelper.sys
2011/07/27 14:31:12.0351 2320        udfs            (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
2011/07/27 14:31:12.0398 2320        uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/07/27 14:31:12.0429 2320        uliahci        (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/07/27 14:31:12.0445 2320        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/07/27 14:31:12.0491 2320        ulsata2        (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/07/27 14:31:12.0523 2320        umbus          (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/07/27 14:31:12.0569 2320        usbaudio        (292a25bb75a568ae2c67169ba2c6365a) C:\Windows\system32\drivers\usbaudio.sys
2011/07/27 14:31:12.0616 2320        usbccgp        (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/07/27 14:31:12.0647 2320        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/07/27 14:31:12.0679 2320        usbehci        (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
2011/07/27 14:31:12.0694 2320        usbhub          (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
2011/07/27 14:31:12.0710 2320        usbohci        (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/07/27 14:31:12.0757 2320        usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/07/27 14:31:12.0819 2320        usbscan        (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/07/27 14:31:12.0850 2320        USBSTOR        (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/07/27 14:31:12.0881 2320        usbuhci        (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/07/27 14:31:12.0928 2320        usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2011/07/27 14:31:12.0975 2320        vfs101x        (4d45a93a7dd638ca2db0a86fbfbf42d1) C:\Windows\system32\drivers\vfs101x.sys
2011/07/27 14:31:13.0006 2320        vga            (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/07/27 14:31:13.0022 2320        VgaSave        (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/07/27 14:31:13.0053 2320        viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/07/27 14:31:13.0084 2320        ViaC7          (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/07/27 14:31:13.0100 2320        viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/07/27 14:31:13.0131 2320        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/07/27 14:31:13.0147 2320        volmgrx        (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
2011/07/27 14:31:13.0178 2320        volsnap        (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
2011/07/27 14:31:13.0209 2320        vsmraid        (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/07/27 14:31:13.0240 2320        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/07/27 14:31:13.0271 2320        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/27 14:31:13.0287 2320        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/27 14:31:13.0334 2320        Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/07/27 14:31:13.0365 2320        Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/07/27 14:31:13.0443 2320        WmiAcpi        (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/07/27 14:31:13.0521 2320        WpdUsb          (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/07/27 14:31:13.0552 2320        ws2ifsl        (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/07/27 14:31:13.0630 2320        WSVD            (0d0367919d12143739cd7ec67a65b6eb) C:\Windows\system32\drivers\WSVD.sys
2011/07/27 14:31:13.0677 2320        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/07/27 14:31:13.0771 2320        {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (5867ce254625645345c833510d24f124) C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl
2011/07/27 14:31:13.0786 2320        MBR (0x1B8)    (f79ef1fa2a5761bf6a7b3a858fc003ee) \Device\Harddisk0\DR0
2011/07/27 14:31:13.0817 2320        MBR (0x1B8)    (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
2011/07/27 14:31:13.0833 2320        Boot (0x1200)  (52429ae9d8def0b815958ee32764a4d9) \Device\Harddisk0\DR0\Partition0
2011/07/27 14:31:13.0864 2320        Boot (0x1200)  (deaebcc655183d68db4bd6ff84a58028) \Device\Harddisk0\DR0\Partition1
2011/07/27 14:31:13.0864 2320        Boot (0x1200)  (9897ad47b7988f85aca5ebb14ef3e76f) \Device\Harddisk1\DR1\Partition0
2011/07/27 14:31:13.0880 2320        ================================================================================
2011/07/27 14:31:13.0880 2320        Scan finished
2011/07/27 14:31:13.0880 2320        ================================================================================
2011/07/27 14:31:13.0880 1292        Detected object count: 0
2011/07/27 14:31:13.0880 1292        Actual detected object count: 0


Alle Zeitangaben in WEZ +1. Es ist jetzt 05:32 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131