ich hoffe dich stell jetzt richtige ein
dds
.DDS Logfile:
DDS Logfile:
DDS Logfile:
Code:
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_22
Run by cevin at 11:22:28 on 2012-05-21
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4091.2378 [GMT 2:00]
.
AV: Lavasoft Ad-Watch Live! Virenschutz *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
c:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\LSI SoftModem\agr64svc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
c:\Program Files (x86)\Acer Bio Protection\BASVC.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Join Air\AssistantServices.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
c:\program files (x86)\real\realplayer\Update\realsched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7738&r=27360310a116l0368zq55t47l1w241
mStart Page = hxxp://www.yahoo.com
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
uURLSearchHooks: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll
mURLSearchHooks: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - No File
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID-Anmelde-Hilfsprogramm: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: {40C3CC16-7269-4B32-9531-17F2950FB06F} - No File
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {10954C80-4F0F-11d3-B17C-00C0DFE39736} - c:\Program Files (x86)\Acer Bio Protection\PwdBank.exe
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{E3C88F0F-4CCF-4FDE-A075-4F59C48565FA} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{E3C88F0F-4CCF-4FDE-A075-4F59C48565FA}\4586F6D6F54403034333832373 : DhcpNameServer = 217.68.161.141 217.68.161.171
TCP: Interfaces\{E3C88F0F-4CCF-4FDE-A075-4F59C48565FA}\46C696E6B6 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{E3C88F0F-4CCF-4FDE-A075-4F59C48565FA}\8496D65646D294E6475627E65647 : DhcpNameServer = 172.31.1.1
TCP: Interfaces\{E3C88F0F-4CCF-4FDE-A075-4F59C48565FA}\D4564696365737 : DhcpNameServer = 192.168.178.1
TCP: Interfaces\{E7894928-09EB-4F8D-B77D-8B1A3ED7CEEE} : DhcpNameServer = 192.168.1.1
LSA: Notification Packages = c:\Program Files (x86)\Acer Bio Protection\PwdFilterV64
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
BHO-X64: {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - No File
{3049C3E9-B461-4BC5-8870-4C09146192CA}
{872b5b88-9db5-4310-bdd0-ac189557e5f5}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{872b5b88-9db5-4310-bdd0-ac189557e5f5}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
TB-X64: {40C3CC16-7269-4B32-9531-17F2950FB06F} - No File
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
IE-X64: {10954C80-4F0F-11d3-B17C-00C0DFE39736} - c:\Program Files (x86)\Acer Bio Protection\PwdBank.exe
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Winload Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.gayromeo.com/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&q=
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}\components\RadioWMPCoreGecko19.dll
FF - component: C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}\components\RadioWMPCoreGecko5.dll
FF - component: C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}\components\RadioWMPCoreGecko6.dll
FF - component: C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\components\RadioWMPCoreGecko19.dll
FF - component: C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\components\RadioWMPCoreGecko5.dll
FF - component: C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\components\RadioWMPCoreGecko6.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npyaxmpb.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys --> C:\Windows\system32\DRIVERS\avkmgr.sys [?]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};Power Control [2010/03/08 21:03:01];C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl [2010-3-8 146928]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AntiVirSchedulerService;Avira Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-17 86224]
R2 AntiVirService;Avira Echtzeit Scanner;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-10-17 110032]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-5-21 44768]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-3-8 796192]
R2 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys);C:\Windows\system32\Drivers\FPSensor.sys --> C:\Windows\system32\Drivers\FPSensor.sys [?]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-6-4 1150496]
R2 IGBASVC;EgisTec Service;C:\Program Files (x86)\Acer Bio Protection\BASVC.exe [2009-8-6 3450368]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-12-3 2152152]
R2 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe [2009-8-7 311592]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-8-21 62720]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-6-18 144640]
R2 RS_Service;Raw Socket Service;C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-3-8 253952]
R2 UI Assistant Service;UI Assistant Service;C:\Program Files (x86)\Join Air\AssistantServices.exe [2010-7-19 247152]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-8-22 240160]
R3 hidshim;Service for HID-KMDF Shim layer;C:\Windows\system32\DRIVERS\hidshim.sys --> C:\Windows\system32\DRIVERS\hidshim.sys [?]
R3 k57nd60a;Broadcom NetLink (TM)-Gigabit-Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2010-12-3 17152]
R3 NETw5s64;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 64-Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]
R3 nuvotonhidgeneric;Nuvoton EC Generic HID;C:\Windows\system32\DRIVERS\nuvotonhidgeneric.sys --> C:\Windows\system32\DRIVERS\nuvotonhidgeneric.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
S3 massfilter;Mass Storage Filter Driver;C:\Windows\system32\drivers\massfilter.sys --> C:\Windows\system32\drivers\massfilter.sys [?]
S3 MODRC;PCTV Dib Infrared Receiver;C:\Windows\system32\DRIVERS\modrc.sys --> C:\Windows\system32\DRIVERS\modrc.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-3-17 113120]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 nmwcdcx64;Nokia USB Generic;C:\Windows\system32\drivers\ccdcmbox64.sys --> C:\Windows\system32\drivers\ccdcmbox64.sys [?]
S3 nmwcdx64;Nokia USB Phone Parent;C:\Windows\system32\drivers\ccdcmbx64.sys --> C:\Windows\system32\drivers\ccdcmbx64.sys [?]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-6-18 50432]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
.
=============== Created Last 30 ================
.
2012-05-21 07:19:56 -------- d-----w- C:\Users\cevin\AppData\Local\{79D79EF0-DDCE-427B-BCC4-7288CB8410AA}
2012-05-21 07:19:33 -------- d-----w- C:\Users\cevin\AppData\Local\{A8D79992-95A5-43BA-BBBB-FE63497E742C}
2012-05-21 06:55:08 53080 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-05-21 06:55:07 819032 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-05-21 06:55:03 69976 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-05-21 06:54:29 41184 ----a-w- C:\Windows\avastSS.scr
2012-05-21 06:54:15 -------- d-----w- C:\ProgramData\AVAST Software
2012-05-21 06:54:15 -------- d-----w- C:\Program Files\AVAST Software
2012-05-20 19:19:06 -------- d-----w- C:\Users\cevin\AppData\Local\{8BAF2E15-46AB-40F3-A859-5EBC1FB3B4B5}
2012-05-20 19:18:55 -------- d-----w- C:\Users\cevin\AppData\Local\{4FF331FD-B3EE-46DB-A720-63E73A0B8AE2}
2012-05-20 19:13:14 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-05-20 19:13:14 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-05-20 14:12:37 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{573CAA71-3C79-4EBD-9848-E434A2B73D6B}\offreg.dll
2012-05-20 07:18:41 -------- d-----w- C:\Users\cevin\AppData\Local\{87B9D8CA-85DE-4370-91E2-2180D27D9FE3}
2012-05-20 07:18:11 -------- d-----w- C:\Users\cevin\AppData\Local\{EB1AC1B3-1E64-4629-92DD-4FAE871FF4C4}
2012-05-19 06:24:53 -------- d-----w- C:\Users\cevin\AppData\Local\{8BF0242E-98B6-4EFE-8EC6-5D1BE8E453B4}
2012-05-19 06:24:40 -------- d-----w- C:\Users\cevin\AppData\Local\{AA36E7F9-F655-4581-A157-9DF5F7C8633A}
2012-05-19 00:06:49 1544704 ----a-w- C:\Windows\System32\DWrite.dll
2012-05-19 00:06:49 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-05-19 00:06:46 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-19 00:06:44 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-19 00:06:44 3146240 ----a-w- C:\Windows\System32\win32k.sys
2012-05-19 00:06:43 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-19 00:04:48 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-05-19 00:03:08 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-05-19 00:02:58 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-19 00:02:58 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-05-19 00:02:58 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-19 00:02:57 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-05-19 00:02:57 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-05-19 00:02:45 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{573CAA71-3C79-4EBD-9848-E434A2B73D6B}\mpengine.dll
2012-05-18 21:25:48 -------- d-----w- C:\Program Files (x86)\ESET
2012-05-18 20:59:00 -------- d-----w- C:\Users\cevin\AppData\Roaming\Malwarebytes
2012-05-18 20:58:50 -------- d-----w- C:\ProgramData\Malwarebytes
2012-05-18 20:58:49 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-05-18 18:47:58 -------- d-----w- C:\Users\cevin\AppData\Roaming\Uptgqm
2012-05-18 17:08:02 -------- d-----w- C:\Users\cevin\AppData\Local\{CC81EE7F-CFF4-4C9E-BD18-285540058CDE}
2012-05-18 17:07:27 -------- d-----w- C:\Users\cevin\AppData\Local\{7BEE5CDF-CAAF-49EC-8716-6931F8E68363}
2012-05-17 08:48:23 -------- d-----w- C:\Users\cevin\AppData\Local\{A031B464-98E1-4BAA-AC05-C265816FEF6C}
2012-05-17 08:48:11 -------- d-----w- C:\Users\cevin\AppData\Local\{9B7BF8BD-C0E8-491D-A352-F7FA686DE952}
2012-05-15 05:39:49 -------- d-----w- C:\Users\cevin\AppData\Local\{A3FB2BBD-57FE-4154-94C8-221C2B800662}
2012-05-15 05:39:27 -------- d-----w- C:\Users\cevin\AppData\Local\{7ADD9F9A-43D1-4AE7-90B9-F1D6EDAAD813}
2012-05-13 20:46:04 -------- d-----w- C:\Users\cevin\AppData\Local\{2A9559BD-ED8C-4E0B-AC28-8CD77869C57B}
2012-05-13 20:45:40 -------- d-----w- C:\Users\cevin\AppData\Local\{328C0C6E-5DB0-415E-B9E7-885B585B7BEC}
2012-05-13 08:45:21 -------- d-----w- C:\Users\cevin\AppData\Local\{A001AAD2-DDBA-41CB-B750-DFCD8D81F9B8}
2012-05-13 08:45:08 -------- d-----w- C:\Users\cevin\AppData\Local\{59D9360D-0428-430A-9635-83B881DA1FC1}
2012-05-12 07:22:41 -------- d-----w- C:\Users\cevin\AppData\Local\{59321635-A283-4C22-A9B9-34DA109C7AA0}
2012-05-12 07:22:30 -------- d-----w- C:\Users\cevin\AppData\Local\{58B869F9-FEAA-48EB-AE79-DDEF77136F9A}
2012-05-11 10:45:47 -------- d-----w- C:\Users\cevin\AppData\Local\{15FC525E-3291-4339-9C9E-8E23C8B84C54}
2012-05-11 10:45:36 -------- d-----w- C:\Users\cevin\AppData\Local\{CC3F988D-E21E-4BD5-871E-B62BADACA7D5}
2012-05-11 08:22:44 719872 ----a-w- C:\Windows\SysWow64\devil.dll
2012-05-11 08:22:44 70656 ----a-w- C:\Windows\SysWow64\yv12vfw.dll
2012-05-11 08:22:44 70656 ----a-w- C:\Windows\SysWow64\i420vfw.dll
2012-05-11 08:22:44 369152 ----a-w- C:\Windows\SysWow64\avisynth.dll
2012-05-11 08:22:44 32256 ----a-w- C:\Windows\SysWow64\AVSredirect.dll
2012-05-11 08:22:41 -------- d-----w- C:\Program Files (x86)\AviSynth 2.5
2012-05-11 05:37:30 327749 ----a-w- C:\Windows\SysWow64\drvc.dll
2012-05-11 05:34:10 -------- d-----w- C:\Program Files (x86)\eRightSoft
2012-05-10 16:23:09 -------- d-----w- C:\Users\cevin\AppData\Local\{CC057263-48C7-463E-819E-FD9C3E3B2FF8}
2012-05-10 16:22:56 -------- d-----w- C:\Users\cevin\AppData\Local\{15B4B656-F452-4F90-B7B6-4F8120FC3E2D}
2012-05-09 19:22:55 -------- d-----w- C:\Users\cevin\AppData\Local\{F4572B7D-8D7E-425A-BB85-CC7D099EA27B}
2012-05-09 19:22:42 -------- d-----w- C:\Users\cevin\AppData\Local\{B7891DF8-1955-49F4-A0BE-7CC054B69283}
2012-05-08 18:22:20 -------- d-----w- C:\Users\cevin\AppData\Local\{552E3CC9-4EF3-459D-B020-DD198F6485FF}
2012-05-08 18:22:08 -------- d-----w- C:\Users\cevin\AppData\Local\{4FCAA835-1B7D-4C45-923E-21C0E11CBE55}
2012-05-08 06:21:37 -------- d-----w- C:\Users\cevin\AppData\Local\{B535A341-6977-4AAE-928E-CA7E89909957}
2012-05-08 06:21:25 -------- d-----w- C:\Users\cevin\AppData\Local\{CD6EB024-29ED-455B-9E91-6928BA9E4FDD}
2012-05-07 11:01:17 -------- d-----w- C:\Users\cevin\AppData\Local\{1E497B43-6D49-4987-888F-A20B396C2576}
2012-05-07 11:00:52 -------- d-----w- C:\Users\cevin\AppData\Local\{92DE4D8E-46AF-43E5-B5F6-4A6DAEC3824E}
2012-05-06 18:05:47 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
2012-05-06 18:05:47 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
2012-05-06 12:33:37 -------- d-----w- C:\Users\cevin\AppData\Local\{65DCE943-CFA0-4164-85AA-6F4268D8422F}
2012-05-06 12:33:15 -------- d-----w- C:\Users\cevin\AppData\Local\{73EE1EE5-DF57-42F4-B8CE-C0F73F0C5738}
2012-05-05 12:03:50 -------- d-----w- C:\Users\cevin\AppData\Local\{22810B79-EB99-4000-97AD-B45BF14BCE45}
2012-05-05 12:03:26 -------- d-----w- C:\Users\cevin\AppData\Local\{4BB559DE-14B8-4EAE-AEAB-D1BC85D2EA6A}
2012-05-04 06:08:35 -------- d-----w- C:\Users\cevin\AppData\Local\{784F32CE-9C7C-499A-8B85-C7CDFF334E3F}
2012-05-04 06:08:24 -------- d-----w- C:\Users\cevin\AppData\Local\{1DA62E92-7659-40C3-96A3-D26B18C12A02}
2012-05-03 08:00:19 -------- d-----w- C:\Users\cevin\AppData\Local\{AAB3729D-C23B-4AB5-8C20-DBAE97A68B29}
2012-05-03 08:00:07 -------- d-----w- C:\Users\cevin\AppData\Local\{D279E676-CE9F-40AE-AF4C-201B6019A56D}
2012-05-02 08:53:02 -------- d-----w- C:\Users\cevin\AppData\Local\{399FEF5A-3554-47A1-AA46-10F2941E52D7}
2012-05-02 08:52:50 -------- d-----w- C:\Users\cevin\AppData\Local\{5BB393F1-2C9F-4826-A77F-8B03780D062B}
2012-05-01 12:15:31 -------- d-----w- C:\Users\cevin\AppData\Local\{6E3991D6-946E-4ADC-833D-586E03ED703D}
2012-05-01 12:15:04 -------- d-----w- C:\Users\cevin\AppData\Local\{4EA84C8F-CF7A-4FA9-93F8-1F4CC112C7A9}
2012-04-30 15:12:57 -------- d-----w- C:\Users\cevin\AppData\Local\{71385699-2200-48D7-B49C-84AE3C674F70}
2012-04-30 15:12:34 -------- d-----w- C:\Users\cevin\AppData\Local\{41881EBF-53E0-44D6-912F-876A7B51669A}
2012-04-26 22:06:25 -------- d-----w- C:\Users\cevin\AppData\Local\{4D0F1C19-CFB8-42E7-8019-B5ED60210AE5}
2012-04-26 22:06:04 -------- d-----w- C:\Users\cevin\AppData\Local\{1A1AA245-BE26-401A-BB3B-D7B9218A615C}
2012-04-25 08:40:13 -------- d-----w- C:\Users\cevin\AppData\Local\{5843D96D-DE2E-406F-B721-1DC71A401F34}
2012-04-25 08:39:51 -------- d-----w- C:\Users\cevin\AppData\Local\{47E630D0-931A-4687-B256-8B4BF67CE87B}
2012-04-24 19:43:11 -------- d-----w- C:\Users\cevin\AppData\Local\{FDF14ECC-09CB-4F41-B307-137B28FFA6F3}
2012-04-24 19:42:59 -------- d-----w- C:\Users\cevin\AppData\Local\{5D17E18A-BE4C-433F-8B4A-29CCA8E4BA9E}
2012-04-24 07:42:03 -------- d-----w- C:\Users\cevin\AppData\Local\{848898C6-D547-4469-A7D9-CA2A2F1D3980}
2012-04-24 07:41:36 -------- d-----w- C:\Users\cevin\AppData\Local\{7471934E-F6C7-4DF0-82D2-7ED4FD3CB7DA}
2012-04-23 17:42:00 -------- d-----w- C:\Users\cevin\AppData\Local\{DB5A87C2-B0A5-468C-8117-BF264BCD1838}
2012-04-23 17:41:34 -------- d-----w- C:\Users\cevin\AppData\Local\{BD312D69-0A45-432E-AA28-881A4976A8B7}
2012-04-22 09:33:41 -------- d-----w- C:\Users\cevin\AppData\Local\{73C86F6C-8439-444B-96C6-9074FD6F835D}
2012-04-22 09:33:14 -------- d-----w- C:\Users\cevin\AppData\Local\{D32E2B62-39C0-4D0B-BC40-DA0BFF7E6BD5}
2012-04-21 20:41:29 -------- d-----w- C:\Users\cevin\AppData\Local\{05ECF788-0D10-4483-8762-185F2359A00F}
2012-04-21 20:41:05 -------- d-----w- C:\Users\cevin\AppData\Local\{13C3C499-3D87-480C-9515-B6BFF3389F81}
.
==================== Find3M ====================
.
2012-05-08 15:34:41 98848 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2012-04-16 18:00:27 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2012-04-16 18:00:22 175616 ----a-w- C:\Windows\System32\msclmd.dll
2012-03-20 10:26:07 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-01 06:46:16 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-03-01 06:38:27 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-03-01 06:33:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-03-01 06:28:47 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-03-01 05:37:41 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-03-01 05:33:23 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-03-01 05:29:16 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-02-23 08:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe
.
============= FINISH: 11:26:30,59 ===============
[/CODE]
[/CODE]
--- --- ---
--- --- ---
--- --- ---
.
und
attach
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 08.03.2010 20:47:42
System Uptime: 21.05.2012 08:45:27 (3 hours ago)
.
Motherboard: Acer | | JM70
Processor: Intel(R) Core(TM)2 Quad CPU Q9000 @ 2.00GHz | U2E1 | 1580/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 438 GiB total, 96,829 GiB free.
D: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP391: 21.05.2012 08:53:52 - avast! Free Antivirus Setup
.
==== Installed Programs ======================
.
.
Acer Arcade Deluxe
Acer Arcade Instant On
Acer Backup Manager
Acer Bio Protection
Acer Crystal Eye Webcam
Acer eRecovery Management
Acer GridVista
Acer PowerSmart Manager
Acer Registration
Acer ScreenSaver
Acer Updater
Acer VCM
Acrobat.com
Ad-Aware
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.1.1) - Deutsch
AmIcoSingLun
Any Video Converter 3.0.5
AutoUpdate
avast! Free Antivirus
Avidemux 2.5
Avira Free Antivirus
Backup Manager Basic
Cultures - Die Entdeckung Vinlands
D3DX10
DIE SIEDLER - Aufstieg eines Königreichs
DivX Codec
DVDVideoSoftTB Toolbar
Fingerprint Solution
Free Audio CD Burner version 1.4.7
Free Studio version 5.0.9
Identity Card
Internet-TV für Windows Media Center
Java Auto Updater
Java(TM) 6 Update 22
Join Air
Junk Mail filter update
Launch Manager
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mobile Partner
Mozilla Firefox 13.0 (x86 de)
Mozilla Maintenance Service
MSVC80_x86_v2
MSVC90_x86
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MyWinLocker
Nokia Connectivity Cable Driver
Nokia Photos
Nokia_Multimedia_Common_Components_2_5
NTI Backup Now 5
NTI Backup Now Standard
NTI Media Maker 8
Nuvoton EC Generic HID Driver
NVIDIA PhysX
OpenOffice.org 3.2
PC Connectivity Solution
PDFCreator
Pinnacle TVCenter Pro
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
Spybot - Search & Destroy
Surf & E-Mail-Stick
Uninstall 1.0.0.1
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
VideoReDo/Plus Version 2.5.6.512
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.0.5
Welcome Center
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
.
==== End Of File ===========================