Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Trojaner, was tun? (https://www.trojaner-board.de/94681-trojaner-tun.html)

Aspire5738G 12.01.2011 11:02
Trojaner, was tun?
 
hallo leute.
seid gestern macht mein laptop
wieder einmal probleme.
beim surfen im netz ist er voll larm geworden
und öffnet ab und zu von allein irgendwelche seiten.
habe antivir(kostenlose version) trüber laufen lassen und der
hat 2 trojaner gefunden. irgendenwas von java stand da.
sorry, kenne mich so gut wie gar nicht mit viren und deren bekämpfung aus
und benötige deshalb eure hilfe.
hab schon mal hijackthis und otl laufen lassen.
mfg rene


hijackthis:HiJackthis Logfile:
Code:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 02:52:58, on 12.01.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal
 
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Users\Rene\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\explorer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\werfault.exe
C:\Users\Rene\Downloads\HiJackThis204.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0910&m=aspire_5738
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0910&m=aspire_5738
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0910&m=aspire_5738
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0910&m=aspire_5738
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100904123408.dll
O2 - BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -k
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [mwlDaemon] C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Twainreg] C:\Users\Rene\AppData\Roaming\Advatl\torreg.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Free YouTube Download - C:\Users\Rene\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Rene\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Personal Firewall-Dienst (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: MyWinLocker Service (MWLService) - EgisTec Inc. - C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
 
--
End of file - 13323 bytes
--- --- ---

_________________________________________________________________OTL Logfile:
Code:
OTL logfile created on: 12.01.2011 09:49:17 - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\Rene\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,99 Gb Total Space | 106,66 Gb Free Space | 23,39% Space Free | Partition Type: NTFS
Drive D: | 7,16 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 680,63 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: RENE-PC | User Name: Rene | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Rene\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
PRC - C:\Programme\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe (Google)
PRC - C:\Users\Rene\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Windows\PLFSetI.exe ()
PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Programme\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\SystemCore\mcshield.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
PRC - C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
PRC - C:\Programme\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclIrSrv.exe (Nokia)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Programme\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
PRC - C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerTray.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Apoint2K\Hidfind.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\EgisTec Egis Software Update\EgisUpdate.exe (EgisTec Inc.)
PRC - C:\Programme\EgisTec\MyWinLocker 3\x86\MWLService.exe (EgisTec Inc.)
PRC - C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (EgisTec Inc.)
PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Programme\McAfee\SiteAdvisor\McSACore.exe ()
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Programme\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Programme\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Rene\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Programme\McAfee\SiteAdvisor\sahook.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (GoogleDesktopManager-051210-111108) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV - (mfevtp) -- C:\Programme\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
SRV - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (StarWindServiceAE) -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (CLHNService) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
SRV - (NTI IScheduleSvc) -- C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated)
SRV - (MWLService) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (NTISchedulerSvc) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.)
SRV - (NTIBackupSvc) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (mfehidk) -- C:\Windows\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\Windows\System32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfenlfk) -- C:\Windows\System32\drivers\mfenlfk.sys (McAfee, Inc.)
DRV - (cfwids) -- C:\Windows\System32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (hwusbdev) -- C:\Windows\System32\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (RTSTOR) -- C:\Windows\System32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (mwlPSDVDisk) -- C:\Windows\System32\drivers\mwlPSDVDisk.sys (Egis Incorporated.)
DRV - (mwlPSDFilter) -- C:\Windows\System32\drivers\mwlPSDFilter.sys (Egis Incorporated.)
DRV - (mwlPSDNServ) -- C:\Windows\System32\drivers\mwlPSDNserv.sys (Egis Incorporated.)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (k57nd60x) Broadcom NetLink (TM) -- C:\Windows\System32\drivers\k57nd60x.sys (Broadcom Corporation)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (UBHelper) -- C:\Windows\System32\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (NSCIRDA) -- C:\Windows\System32\drivers\nscirda.sys (National Semiconductor Corporation)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0910&m=aspire_5738
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0910&m=aspire_5738
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0910&m=aspire_5738
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011.01.11 19:26:07 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\McAfee\SystemCore\ScriptSn.20100904123408.dll (McAfee, Inc.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe (EgisTec Inc.)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mwlDaemon] C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (EgisTec Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [AnyDVD] C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [Twainreg] C:\Users\Rene\AppData\Roaming\Advatl\torreg.exe ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Rene\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Rene\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll ()
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Rene\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Rene\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.08.11 10:53:20 | 000,371,864 | R--- | M] (bitComposer Games GmbH) - E:\Autostart.exe -- [ CDFS ]
O32 - AutoRun File - [2010.08.11 10:53:20 | 000,000,106 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{32384a5d-f0e9-11df-a285-0022faa3ce1a}\Shell - "" = AutoRun
O33 - MountPoints2\{32384a5d-f0e9-11df-a285-0022faa3ce1a}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{32384a6f-f0e9-11df-a285-001e101fb4df}\Shell - "" = AutoRun
O33 - MountPoints2\{32384a6f-f0e9-11df-a285-001e101fb4df}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{37f2adc0-f4a0-11df-967f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{37f2adc0-f4a0-11df-967f-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autostart.exe -- [2010.08.11 10:53:20 | 000,371,864 | R--- | M] (bitComposer Games GmbH)
O33 - MountPoints2\{474d49e0-017a-11e0-bb18-001e101faa49}\Shell - "" = AutoRun
O33 - MountPoints2\{474d49e0-017a-11e0-bb18-001e101faa49}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{e7fc84f7-fa69-11df-bb73-001f169743df}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.01.12 09:40:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011.01.11 19:28:01 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011.01.11 19:27:56 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011.01.10 21:17:09 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Roaming\Advatl
[2011.01.08 16:49:37 | 000,000,000 | ---D | C] -- C:\Users\Rene\Tracing
[2010.12.31 19:28:29 | 000,000,000 | ---D | C] -- C:\Users\Rene\Documents\Nero Home
[2010.12.31 13:50:23 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Roaming\Malwarebytes
[2010.12.31 13:50:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.12.31 13:50:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2010.12.31 13:50:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.12.31 13:50:11 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.12.31 13:50:11 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.12.20 17:22:33 | 000,000,000 | ---D | C] -- C:\Users\Rene\Documents\Nero Recode
[2010.12.19 20:24:10 | 000,000,000 | ---D | C] -- C:\Users\Rene\Documents\Meine Scans
[2010.12.19 18:37:23 | 000,117,760 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\System32\hpzll64X.dll
[2010.12.19 18:18:58 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Roaming\HP
[2010.12.19 18:15:52 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\HP
[2010.12.19 01:01:49 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2010.12.19 01:01:48 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2010.12.19 01:01:47 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2010.12.19 01:01:47 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2010.12.19 01:01:46 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010.12.19 01:01:46 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2010.12.19 01:01:44 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2010.12.19 01:01:44 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2010.12.19 01:01:43 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2010.12.19 01:01:42 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2010.12.19 01:01:42 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2010.12.19 01:01:41 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2010.12.19 01:01:41 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2010.12.19 01:01:39 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2010.12.19 01:01:39 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2010.12.19 01:01:39 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2010.12.19 01:01:38 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2010.12.19 01:01:38 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2010.12.19 01:01:38 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2010.12.19 01:01:37 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2010.12.19 01:01:36 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2010.12.19 01:01:36 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2010.12.19 01:01:35 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2010.12.19 01:01:35 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2010.12.19 01:01:35 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2010.12.19 01:01:34 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2010.12.19 01:01:34 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2010.12.19 01:01:33 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2010.12.19 01:01:33 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2010.12.19 01:01:32 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2010.12.19 01:01:32 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2010.12.19 01:01:31 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2010.12.19 01:01:31 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2010.12.19 01:01:30 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2010.12.19 01:01:30 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2010.12.19 01:01:29 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2010.12.19 01:01:29 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2010.12.19 01:01:27 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2010.12.19 01:01:27 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2010.12.19 01:01:27 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2010.12.19 01:01:26 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2010.12.19 01:01:25 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2010.12.19 01:01:25 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2010.12.19 01:01:24 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2010.12.19 01:01:23 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2010.12.19 01:01:23 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2010.12.19 01:01:23 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2010.12.19 01:01:23 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2010.12.19 01:01:22 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2010.12.19 01:01:21 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2010.12.19 01:01:20 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2010.12.19 01:01:20 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2010.12.19 01:01:19 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2010.12.19 01:01:19 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2010.12.19 01:01:18 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2010.12.19 01:01:18 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2010.12.19 01:01:17 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2010.12.19 01:01:17 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2010.12.19 01:01:16 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2010.12.19 01:01:16 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2010.12.19 01:01:15 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2010.12.19 01:01:15 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2010.12.19 01:01:14 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2010.12.19 01:01:14 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2010.12.19 01:00:59 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2010.12.19 01:00:59 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2010.12.19 01:00:59 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2010.12.19 01:00:58 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2010.12.19 01:00:57 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2010.12.19 01:00:55 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2010.12.19 01:00:54 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2010.12.19 01:00:53 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2010.12.19 01:00:51 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2010.12.19 00:58:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bitComposer Games
[2010.12.19 00:57:13 | 000,000,000 | ---D | C] -- C:\Programme\bitComposer Games
[2010.12.19 00:57:13 | 000,000,000 | ---D | C] -- C:\ProgramData\bitComposer Games
[2010.12.15 19:09:02 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.12.15 19:08:58 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2010.12.15 19:08:58 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010.12.15 19:08:58 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010.12.15 19:08:47 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2010.12.15 19:08:45 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.12.15 19:08:45 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.12.15 19:08:45 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.12.15 19:08:38 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.12.15 19:08:38 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.12.15 19:08:37 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.12.15 19:08:37 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.12.15 19:08:37 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.12.15 19:08:37 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.12.15 19:08:34 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.12.15 19:08:33 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.12.15 19:08:33 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.12.15 19:08:33 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.12.15 19:08:33 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.12.15 19:08:33 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.12.15 19:08:33 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.12.15 19:08:33 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.12.15 19:08:33 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.12.15 19:08:33 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.12.15 19:08:33 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.12.15 19:08:23 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.09.04 08:31:45 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.01.12 09:40:51 | 000,001,739 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk
[2011.01.12 09:40:51 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.01.12 09:40:50 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\Final Media Player Update Checker.job
[2011.01.12 09:40:24 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.01.12 09:40:24 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.01.12 09:40:23 | 000,062,804 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.01.12 09:40:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.01.12 09:39:51 | 3215,810,560 | -HS- | M] () -- C:\hiberfil.sys
[2011.01.12 03:30:04 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.01.11 19:21:02 | 000,062,804 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.01.10 11:19:10 | 000,623,280 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.01.10 11:19:10 | 000,591,320 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.01.10 11:19:10 | 000,125,378 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.01.10 11:19:10 | 000,103,194 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.01.08 14:35:04 | 000,007,592 | ---- | M] () -- C:\Users\Rene\AppData\Local\d3d9caps.dat
[2010.12.31 13:50:16 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.28 16:55:03 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.12.19 18:18:13 | 000,159,566 | ---- | M] () -- C:\Windows\hpoins14.dat
[2010.12.19 18:17:22 | 000,159,566 | ---- | M] () -- C:\Windows\hpoins14.dat.temp
[2010.12.19 01:59:53 | 000,000,124 | ---- | M] () -- C:\Users\Rene\Documents\ax_files.xml
[2010.12.19 00:59:08 | 000,002,165 | ---- | M] () -- C:\Users\Public\Desktop\Schlag den Raab.lnk
[2010.12.16 18:38:58 | 000,296,064 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.12.14 15:49:23 | 001,169,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
 
========== Files Created - No Company Name ==========
 
[2010.12.31 13:50:16 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.19 18:16:51 | 000,159,566 | ---- | C] () -- C:\Windows\hpoins14.dat.temp
[2010.12.19 18:16:51 | 000,002,000 | ---- | C] () -- C:\Windows\hpomdl14.dat.temp
[2010.12.19 00:59:08 | 000,002,165 | ---- | C] () -- C:\Users\Public\Desktop\Schlag den Raab.lnk
[2010.10.31 15:24:44 | 000,436,792 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010.10.17 19:02:55 | 000,000,488 | ---- | C] () -- C:\Users\Rene\AppData\Roaming\wklnhst.dat
[2010.10.17 18:29:10 | 000,002,908 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010.10.09 10:27:06 | 000,012,800 | ---- | C] () -- C:\Users\Rene\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.05 10:23:30 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.09.04 17:00:37 | 000,007,592 | ---- | C] () -- C:\Users\Rene\AppData\Local\d3d9caps.dat
[2010.09.04 16:57:32 | 000,062,804 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010.09.04 16:53:38 | 000,062,804 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010.09.03 22:54:41 | 000,003,070 | ---- | C] () -- C:\Users\Rene\AppData\Local\MyWinLockerInstaller.txt-20100903.log
[2010.09.03 22:50:26 | 000,000,074 | ---- | C] () -- C:\Windows\PidList.ini
[2010.05.24 20:33:00 | 004,670,829 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2010.05.24 20:33:00 | 001,529,856 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2010.05.24 20:33:00 | 001,447,921 | ---- | C] () -- C:\Windows\System32\ffmpegmt.dll
[2010.05.24 20:33:00 | 000,877,385 | ---- | C] () -- C:\Windows\System32\ff_x264.dll
[2010.05.24 20:33:00 | 000,810,113 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.05.24 20:33:00 | 000,336,384 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll
[2010.05.24 20:33:00 | 000,324,096 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2010.05.24 20:33:00 | 000,248,320 | ---- | C] () -- C:\Windows\System32\ff_kernelDeint.dll
[2010.05.24 20:33:00 | 000,216,576 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2010.05.24 20:33:00 | 000,151,552 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2010.05.24 20:33:00 | 000,145,408 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2010.05.24 20:33:00 | 000,139,944 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2010.05.24 20:33:00 | 000,121,856 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2010.05.24 20:33:00 | 000,116,736 | ---- | C] () -- C:\Windows\System32\ff_tremor.dll
[2010.05.24 20:33:00 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.05.24 20:33:00 | 000,100,864 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2010.05.24 20:33:00 | 000,097,792 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2010.05.19 21:59:20 | 000,150,528 | ---- | C] () -- C:\Windows\System32\mkx.dll
[2010.05.19 21:59:10 | 000,109,568 | ---- | C] () -- C:\Windows\System32\avi.dll
[2010.05.19 21:59:02 | 000,141,824 | ---- | C] () -- C:\Windows\System32\mp4.dll
[2010.05.19 21:58:52 | 000,123,392 | ---- | C] () -- C:\Windows\System32\ogm.dll
[2010.05.19 21:58:18 | 000,154,112 | ---- | C] () -- C:\Windows\System32\ts.dll
[2010.05.19 21:58:08 | 000,249,856 | ---- | C] () -- C:\Windows\System32\dxr.dll
[2010.05.19 21:57:42 | 000,097,792 | ---- | C] () -- C:\Windows\System32\avs.dll
[2010.05.19 21:57:26 | 000,093,184 | ---- | C] () -- C:\Windows\System32\avss.dll
[2010.05.19 21:55:40 | 000,080,384 | ---- | C] () -- C:\Windows\System32\mkzlib.dll
[2010.05.19 21:55:36 | 000,024,576 | ---- | C] () -- C:\Windows\System32\mkunicode.dll
[2009.06.07 17:24:04 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.03.12 11:32:52 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2009.03.12 04:26:46 | 000,006,818 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe2.log
[2009.02.11 21:03:58 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll
[2009.02.11 21:03:58 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll
[2009.02.11 21:03:57 | 000,000,060 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2009.01.10 23:15:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\mmfinfo.dll
[2008.11.06 16:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007.10.13 10:30:20 | 000,000,137 | ---- | C] () -- C:\Windows\System32\Registration.ini
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
 
========== LOP Check ==========
 
[2010.09.13 01:40:16 | 000,000,000 | -HSD | M] -- C:\Users\Rene\AppData\Roaming\.#
[2009.03.12 04:07:02 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\Acer GameZone Console
[2011.01.11 23:37:39 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\Advatl
[2010.09.26 20:47:22 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.10.31 15:30:05 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\FinalMediaPlayer
[2010.09.12 23:47:37 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\iWin
[2010.10.10 20:11:35 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\Nokia
[2010.10.10 20:11:37 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\PC Suite
[2010.09.05 12:19:11 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\PlayFirst
[2010.09.12 11:06:07 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\PowerCinema
[2010.09.12 11:23:42 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\SoftDMA
[2010.10.17 19:02:57 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\Template
[2011.01.12 09:40:50 | 000,000,384 | ---- | M] () -- C:\Windows\Tasks\Final Media Player Update Checker.job
[2011.01.12 03:42:54 | 000,032,634 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:E1982A23
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:3B3A35EC
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:4F636E25
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:ADE16379
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:798A3728
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:DCAF903C
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:BB24555F
@Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:131C0EE9
 
< End of report >
--- --- ---

_________________________________________________________________OTL Logfile:
Code:
OTL logfile created on: 12.01.2011 10:00:21 - Run 2
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\Rene\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 66,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,99 Gb Total Space | 106,68 Gb Free Space | 23,39% Space Free | Partition Type: NTFS
Drive D: | 7,16 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 680,63 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: RENE-PC | User Name: Rene | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Rene\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
PRC - C:\Programme\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe (Google)
PRC - C:\Users\Rene\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Windows\PLFSetI.exe ()
PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Programme\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\SystemCore\mcshield.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
PRC - C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
PRC - C:\Programme\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclIrSrv.exe (Nokia)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Programme\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
PRC - C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerTray.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Apoint2K\Hidfind.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\EgisTec Egis Software Update\EgisUpdate.exe (EgisTec Inc.)
PRC - C:\Programme\EgisTec\MyWinLocker 3\x86\MWLService.exe (EgisTec Inc.)
PRC - C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (EgisTec Inc.)
PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Programme\McAfee\SiteAdvisor\McSACore.exe ()
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Programme\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Programme\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Rene\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Programme\McAfee\SiteAdvisor\sahook.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (GoogleDesktopManager-051210-111108) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV - (mfevtp) -- C:\Programme\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
SRV - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (StarWindServiceAE) -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (CLHNService) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
SRV - (NTI IScheduleSvc) -- C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated)
SRV - (MWLService) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (NTISchedulerSvc) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.)
SRV - (NTIBackupSvc) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (mfehidk) -- C:\Windows\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\Windows\System32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfenlfk) -- C:\Windows\System32\drivers\mfenlfk.sys (McAfee, Inc.)
DRV - (cfwids) -- C:\Windows\System32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (hwusbdev) -- C:\Windows\System32\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (RTSTOR) -- C:\Windows\System32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (mwlPSDVDisk) -- C:\Windows\System32\drivers\mwlPSDVDisk.sys (Egis Incorporated.)
DRV - (mwlPSDFilter) -- C:\Windows\System32\drivers\mwlPSDFilter.sys (Egis Incorporated.)
DRV - (mwlPSDNServ) -- C:\Windows\System32\drivers\mwlPSDNserv.sys (Egis Incorporated.)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (k57nd60x) Broadcom NetLink (TM) -- C:\Windows\System32\drivers\k57nd60x.sys (Broadcom Corporation)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (UBHelper) -- C:\Windows\System32\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (NSCIRDA) -- C:\Windows\System32\drivers\nscirda.sys (National Semiconductor Corporation)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0910&m=aspire_5738
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0910&m=aspire_5738
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0910&m=aspire_5738
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011.01.11 19:26:07 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\McAfee\SystemCore\ScriptSn.20100904123408.dll (McAfee, Inc.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe (EgisTec Inc.)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mwlDaemon] C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (EgisTec Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [AnyDVD] C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [Twainreg] C:\Users\Rene\AppData\Roaming\Advatl\torreg.exe ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Rene\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Rene\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll ()
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Rene\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Rene\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.08.11 10:53:20 | 000,371,864 | R--- | M] (bitComposer Games GmbH) - E:\Autostart.exe -- [ CDFS ]
O32 - AutoRun File - [2010.08.11 10:53:20 | 000,000,106 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{32384a5d-f0e9-11df-a285-0022faa3ce1a}\Shell - "" = AutoRun
O33 - MountPoints2\{32384a5d-f0e9-11df-a285-0022faa3ce1a}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{32384a6f-f0e9-11df-a285-001e101fb4df}\Shell - "" = AutoRun
O33 - MountPoints2\{32384a6f-f0e9-11df-a285-001e101fb4df}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{37f2adc0-f4a0-11df-967f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{37f2adc0-f4a0-11df-967f-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autostart.exe -- [2010.08.11 10:53:20 | 000,371,864 | R--- | M] (bitComposer Games GmbH)
O33 - MountPoints2\{474d49e0-017a-11e0-bb18-001e101faa49}\Shell - "" = AutoRun
O33 - MountPoints2\{474d49e0-017a-11e0-bb18-001e101faa49}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{e7fc84f7-fa69-11df-bb73-001f169743df}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.01.12 09:40:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011.01.11 19:28:01 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011.01.11 19:27:56 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011.01.10 21:17:09 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Roaming\Advatl
[2011.01.08 16:49:37 | 000,000,000 | ---D | C] -- C:\Users\Rene\Tracing
[2010.12.31 19:28:29 | 000,000,000 | ---D | C] -- C:\Users\Rene\Documents\Nero Home
[2010.12.31 13:50:23 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Roaming\Malwarebytes
[2010.12.31 13:50:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.12.31 13:50:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2010.12.31 13:50:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.12.31 13:50:11 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.12.31 13:50:11 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.12.20 17:22:33 | 000,000,000 | ---D | C] -- C:\Users\Rene\Documents\Nero Recode
[2010.12.19 20:24:10 | 000,000,000 | ---D | C] -- C:\Users\Rene\Documents\Meine Scans
[2010.12.19 18:37:23 | 000,117,760 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\System32\hpzll64X.dll
[2010.12.19 18:18:58 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Roaming\HP
[2010.12.19 18:15:52 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\HP
[2010.12.19 01:01:49 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2010.12.19 01:01:48 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2010.12.19 01:01:47 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2010.12.19 01:01:47 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2010.12.19 01:01:46 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010.12.19 01:01:46 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2010.12.19 01:01:44 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2010.12.19 01:01:44 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2010.12.19 01:01:43 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2010.12.19 01:01:42 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2010.12.19 01:01:42 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2010.12.19 01:01:41 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2010.12.19 01:01:41 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2010.12.19 01:01:39 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2010.12.19 01:01:39 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2010.12.19 01:01:39 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2010.12.19 01:01:38 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2010.12.19 01:01:38 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2010.12.19 01:01:38 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2010.12.19 01:01:37 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2010.12.19 01:01:36 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2010.12.19 01:01:36 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2010.12.19 01:01:35 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2010.12.19 01:01:35 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2010.12.19 01:01:35 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2010.12.19 01:01:34 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2010.12.19 01:01:34 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2010.12.19 01:01:33 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2010.12.19 01:01:33 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2010.12.19 01:01:32 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2010.12.19 01:01:32 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2010.12.19 01:01:31 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2010.12.19 01:01:31 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2010.12.19 01:01:30 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2010.12.19 01:01:30 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2010.12.19 01:01:29 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2010.12.19 01:01:29 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2010.12.19 01:01:27 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2010.12.19 01:01:27 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2010.12.19 01:01:27 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2010.12.19 01:01:26 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2010.12.19 01:01:25 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2010.12.19 01:01:25 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2010.12.19 01:01:24 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2010.12.19 01:01:23 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2010.12.19 01:01:23 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2010.12.19 01:01:23 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2010.12.19 01:01:23 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2010.12.19 01:01:22 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2010.12.19 01:01:21 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2010.12.19 01:01:20 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2010.12.19 01:01:20 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2010.12.19 01:01:19 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2010.12.19 01:01:19 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2010.12.19 01:01:18 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2010.12.19 01:01:18 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2010.12.19 01:01:17 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2010.12.19 01:01:17 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2010.12.19 01:01:16 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2010.12.19 01:01:16 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2010.12.19 01:01:15 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2010.12.19 01:01:15 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2010.12.19 01:01:14 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2010.12.19 01:01:14 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2010.12.19 01:00:59 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2010.12.19 01:00:59 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2010.12.19 01:00:59 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2010.12.19 01:00:58 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2010.12.19 01:00:57 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2010.12.19 01:00:55 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2010.12.19 01:00:54 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2010.12.19 01:00:53 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2010.12.19 01:00:51 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2010.12.19 00:58:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bitComposer Games
[2010.12.19 00:57:13 | 000,000,000 | ---D | C] -- C:\Programme\bitComposer Games
[2010.12.19 00:57:13 | 000,000,000 | ---D | C] -- C:\ProgramData\bitComposer Games
[2010.12.15 19:09:02 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.12.15 19:08:58 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2010.12.15 19:08:58 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010.12.15 19:08:58 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010.12.15 19:08:47 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2010.12.15 19:08:45 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.12.15 19:08:45 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.12.15 19:08:45 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.12.15 19:08:38 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.12.15 19:08:38 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.12.15 19:08:37 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.12.15 19:08:37 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.12.15 19:08:37 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.12.15 19:08:37 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.12.15 19:08:34 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.12.15 19:08:33 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.12.15 19:08:33 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.12.15 19:08:33 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.12.15 19:08:33 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.12.15 19:08:33 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.12.15 19:08:33 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.12.15 19:08:33 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.12.15 19:08:33 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.12.15 19:08:33 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.12.15 19:08:33 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.12.15 19:08:23 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.09.04 08:31:45 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.01.12 09:40:51 | 000,001,739 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk
[2011.01.12 09:40:51 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.01.12 09:40:50 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\Final Media Player Update Checker.job
[2011.01.12 09:40:24 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.01.12 09:40:24 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.01.12 09:40:23 | 000,062,804 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.01.12 09:40:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.01.12 09:39:51 | 3215,810,560 | -HS- | M] () -- C:\hiberfil.sys
[2011.01.12 03:30:04 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.01.11 19:21:02 | 000,062,804 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.01.10 11:19:10 | 000,623,280 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.01.10 11:19:10 | 000,591,320 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.01.10 11:19:10 | 000,125,378 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.01.10 11:19:10 | 000,103,194 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.01.08 14:35:04 | 000,007,592 | ---- | M] () -- C:\Users\Rene\AppData\Local\d3d9caps.dat
[2010.12.31 13:50:16 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.28 16:55:03 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.12.19 18:18:13 | 000,159,566 | ---- | M] () -- C:\Windows\hpoins14.dat
[2010.12.19 18:17:22 | 000,159,566 | ---- | M] () -- C:\Windows\hpoins14.dat.temp
[2010.12.19 01:59:53 | 000,000,124 | ---- | M] () -- C:\Users\Rene\Documents\ax_files.xml
[2010.12.19 00:59:08 | 000,002,165 | ---- | M] () -- C:\Users\Public\Desktop\Schlag den Raab.lnk
[2010.12.16 18:38:58 | 000,296,064 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.12.14 15:49:23 | 001,169,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
 
========== Files Created - No Company Name ==========
 
[2010.12.31 13:50:16 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.19 18:16:51 | 000,159,566 | ---- | C] () -- C:\Windows\hpoins14.dat.temp
[2010.12.19 18:16:51 | 000,002,000 | ---- | C] () -- C:\Windows\hpomdl14.dat.temp
[2010.12.19 00:59:08 | 000,002,165 | ---- | C] () -- C:\Users\Public\Desktop\Schlag den Raab.lnk
[2010.10.31 15:24:44 | 000,436,792 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010.10.17 19:02:55 | 000,000,488 | ---- | C] () -- C:\Users\Rene\AppData\Roaming\wklnhst.dat
[2010.10.17 18:29:10 | 000,002,908 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010.10.09 10:27:06 | 000,012,800 | ---- | C] () -- C:\Users\Rene\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.05 10:23:30 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.09.04 17:00:37 | 000,007,592 | ---- | C] () -- C:\Users\Rene\AppData\Local\d3d9caps.dat
[2010.09.04 16:57:32 | 000,062,804 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010.09.04 16:53:38 | 000,062,804 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010.09.03 22:54:41 | 000,003,070 | ---- | C] () -- C:\Users\Rene\AppData\Local\MyWinLockerInstaller.txt-20100903.log
[2010.09.03 22:50:26 | 000,000,074 | ---- | C] () -- C:\Windows\PidList.ini
[2010.05.24 20:33:00 | 004,670,829 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2010.05.24 20:33:00 | 001,529,856 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2010.05.24 20:33:00 | 001,447,921 | ---- | C] () -- C:\Windows\System32\ffmpegmt.dll
[2010.05.24 20:33:00 | 000,877,385 | ---- | C] () -- C:\Windows\System32\ff_x264.dll
[2010.05.24 20:33:00 | 000,810,113 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.05.24 20:33:00 | 000,336,384 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll
[2010.05.24 20:33:00 | 000,324,096 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2010.05.24 20:33:00 | 000,248,320 | ---- | C] () -- C:\Windows\System32\ff_kernelDeint.dll
[2010.05.24 20:33:00 | 000,216,576 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2010.05.24 20:33:00 | 000,151,552 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2010.05.24 20:33:00 | 000,145,408 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2010.05.24 20:33:00 | 000,139,944 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2010.05.24 20:33:00 | 000,121,856 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2010.05.24 20:33:00 | 000,116,736 | ---- | C] () -- C:\Windows\System32\ff_tremor.dll
[2010.05.24 20:33:00 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.05.24 20:33:00 | 000,100,864 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2010.05.24 20:33:00 | 000,097,792 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2010.05.19 21:59:20 | 000,150,528 | ---- | C] () -- C:\Windows\System32\mkx.dll
[2010.05.19 21:59:10 | 000,109,568 | ---- | C] () -- C:\Windows\System32\avi.dll
[2010.05.19 21:59:02 | 000,141,824 | ---- | C] () -- C:\Windows\System32\mp4.dll
[2010.05.19 21:58:52 | 000,123,392 | ---- | C] () -- C:\Windows\System32\ogm.dll
[2010.05.19 21:58:18 | 000,154,112 | ---- | C] () -- C:\Windows\System32\ts.dll
[2010.05.19 21:58:08 | 000,249,856 | ---- | C] () -- C:\Windows\System32\dxr.dll
[2010.05.19 21:57:42 | 000,097,792 | ---- | C] () -- C:\Windows\System32\avs.dll
[2010.05.19 21:57:26 | 000,093,184 | ---- | C] () -- C:\Windows\System32\avss.dll
[2010.05.19 21:55:40 | 000,080,384 | ---- | C] () -- C:\Windows\System32\mkzlib.dll
[2010.05.19 21:55:36 | 000,024,576 | ---- | C] () -- C:\Windows\System32\mkunicode.dll
[2009.06.07 17:24:04 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.03.12 11:32:52 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2009.03.12 04:26:46 | 000,006,818 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe2.log
[2009.02.11 21:03:58 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll
[2009.02.11 21:03:58 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll
[2009.02.11 21:03:57 | 000,000,060 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2009.01.10 23:15:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\mmfinfo.dll
[2008.11.06 16:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007.10.13 10:30:20 | 000,000,137 | ---- | C] () -- C:\Windows\System32\Registration.ini
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
 
========== LOP Check ==========
 
[2010.09.13 01:40:16 | 000,000,000 | -HSD | M] -- C:\Users\Rene\AppData\Roaming\.#
[2009.03.12 04:07:02 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\Acer GameZone Console
[2011.01.11 23:37:39 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\Advatl
[2010.09.26 20:47:22 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.10.31 15:30:05 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\FinalMediaPlayer
[2010.09.12 23:47:37 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\iWin
[2010.10.10 20:11:35 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\Nokia
[2010.10.10 20:11:37 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\PC Suite
[2010.09.05 12:19:11 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\PlayFirst
[2010.09.12 11:06:07 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\PowerCinema
[2010.09.12 11:23:42 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\SoftDMA
[2010.10.17 19:02:57 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\Template
[2011.01.12 09:40:50 | 000,000,384 | ---- | M] () -- C:\Windows\Tasks\Final Media Player Update Checker.job
[2011.01.12 03:42:54 | 000,032,634 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:E1982A23
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:3B3A35EC
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:4F636E25
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:ADE16379
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:798A3728
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:DCAF903C
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:BB24555F
@Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:131C0EE9
 
< End of report >
--- --- ---

Aspire5738G 12.01.2011 11:52
hie mal die log von malware und paar infos von antivir.

malware:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5505

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

12.01.2011 11:35:06
mbam-log-2011-01-12 (11-35-06).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 275303
Laufzeit: 1 Stunde(n), 24 Minute(n), 20 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)


_________________________________________________________________
antivir:
In der Datei 'C:\Users\Rene\AppData\Roaming\Advatl\torreg.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Inject.ayzl' [trojan] gefunden.
Ausgeführte Aktion: Datei in Quarantäne verschieben
_________________________________________________________________
Die Datei 'C:\Users\Rene\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\3c1f4a06-1169edfe'
enthielt einen Virus oder unerwünschtes Programm 'JAVA/OpenConnect.CF' [virus].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4d5dfa0e.qua' verschoben!
_________________________________________________________________
Die Datei 'C:\Users\Rene\AppData\Local\Temp\0.14928199698286204.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Inject.ayzl' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4d5df9d9.qua' verschoben!
_________________________________________________________________
In der Datei 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVSCAN-20110112-015035-FD0B8690\AVSCAN-20110112-015440-CE076597'
wurde ein Virus oder unerwünschtes Programm 'TR/Inject.ayzl' [trojan] gefunden.
Ausgeführte Aktion: Datei in Quarantäne verschieben

cosinus 12.01.2011 12:27
Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind.


Zitat:
hat 2 trojaner gefunden. irgendenwas von java stand da.
Immer die genauen Schädlingsnamen und Pfadangaben notieren und posten!

Aus den Regeln:

5. Beschreibe Dein Problem in einigen Sätzen und arbeite diese Anleitung ab Punkt 2. durch
Auch Funde von deiner Sicherheitssoftware bitte im Thema nennen: (z.B. c:\windows\virus.exe)
Fehlen diese Angaben, kann und wird dir hier niemand helfen.

Aspire5738G 12.01.2011 12:45
das sind alle log´s:


Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5427

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

03.01.2011 15:15:34
mbam-log-2011-01-03 (15-15-34).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 272880
Laufzeit: 1 Stunde(n), 33 Minute(n), 58 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
_______________________________________________________________

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5427

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

03.01.2011 15:40:31
mbam-log-2011-01-03 (15-40-31).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 143842
Laufzeit: 8 Minute(n), 16 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
________________________________________________________________

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5505

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

12.01.2011 03:12:13
mbam-log-2011-01-12 (03-12-13).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 166173
Laufzeit: 3 Stunde(n), 46 Minute(n), 54 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
_________________________________________________________________

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5505

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

12.01.2011 11:35:06
mbam-log-2011-01-12 (11-35-06).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 275303
Laufzeit: 1 Stunde(n), 24 Minute(n), 20 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

cosinus 12.01.2011 19:54
Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!!

Code:
:OTL
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.08.11 10:53:20 | 000,371,864 | R--- | M] (bitComposer Games GmbH) - E:\Autostart.exe -- [ CDFS ]
O32 - AutoRun File - [2010.08.11 10:53:20 | 000,000,106 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{32384a5d-f0e9-11df-a285-0022faa3ce1a}\Shell - "" = AutoRun
O33 - MountPoints2\{32384a5d-f0e9-11df-a285-0022faa3ce1a}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{32384a6f-f0e9-11df-a285-001e101fb4df}\Shell - "" = AutoRun
O33 - MountPoints2\{32384a6f-f0e9-11df-a285-001e101fb4df}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{37f2adc0-f4a0-11df-967f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{37f2adc0-f4a0-11df-967f-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autostart.exe -- [2010.08.11 10:53:20 | 000,371,864 | R--- | M] (bitComposer Games GmbH)
O33 - MountPoints2\{474d49e0-017a-11e0-bb18-001e101faa49}\Shell - "" = AutoRun
O33 - MountPoints2\{474d49e0-017a-11e0-bb18-001e101faa49}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{e7fc84f7-fa69-11df-bb73-001f169743df}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
[2011.01.10 21:17:09 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Roaming\Advatl
[2010.09.13 01:40:16 | 000,000,000 | -HSD | M] -- C:\Users\Rene\AppData\Roaming\.#
:Commands
[purity]
[resethosts]
[emptytemp]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Aspire5738G 12.01.2011 20:25
hier is die gewünschte log.


All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
File move failed. E:\Autostart.exe scheduled to be moved on reboot.
File move failed. E:\autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32384a5d-f0e9-11df-a285-0022faa3ce1a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32384a5d-f0e9-11df-a285-0022faa3ce1a}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32384a5d-f0e9-11df-a285-0022faa3ce1a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32384a5d-f0e9-11df-a285-0022faa3ce1a}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32384a6f-f0e9-11df-a285-001e101fb4df}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32384a6f-f0e9-11df-a285-001e101fb4df}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32384a6f-f0e9-11df-a285-001e101fb4df}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32384a6f-f0e9-11df-a285-001e101fb4df}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{37f2adc0-f4a0-11df-967f-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37f2adc0-f4a0-11df-967f-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{37f2adc0-f4a0-11df-967f-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37f2adc0-f4a0-11df-967f-806e6f6e6963}\ not found.
File move failed. E:\Autostart.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{474d49e0-017a-11e0-bb18-001e101faa49}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{474d49e0-017a-11e0-bb18-001e101faa49}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{474d49e0-017a-11e0-bb18-001e101faa49}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{474d49e0-017a-11e0-bb18-001e101faa49}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e7fc84f7-fa69-11df-bb73-001f169743df}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e7fc84f7-fa69-11df-bb73-001f169743df}\ not found.
File F:\InstallTomTomHOME.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found.
File F:\AutoRun.exe not found.
C:\Users\Rene\AppData\Roaming\Advatl folder moved successfully.
C:\Users\Rene\AppData\Roaming\.# folder moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 75 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Rene
->Temp folder emptied: 910230658 bytes
->Temporary Internet Files folder emptied: 136381964 bytes
->Java cache emptied: 7695 bytes
->Flash cache emptied: 30250 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 47736209 bytes
RecycleBin emptied: 6745521551 bytes

Total Files Cleaned = 7.477,00 mb


OTL by OldTimer - Version 3.2.20.1 log created on 01122011_200349

Files\Folders moved on Reboot...
File\Folder E:\Autostart.exe not found!
File\Folder E:\autorun.inf not found!
C:\Windows\temp\sqlite_bl8PmsDeVxaNIGY moved successfully.
C:\Windows\temp\sqlite_N7gClny9Cvtr4yl moved successfully.
C:\Windows\temp\sqlite_yW6eycnjGbndhv6 moved successfully.

Registry entries deleted on Reboot...

cosinus 12.01.2011 20:49
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
http://saved.im/mtm0nzyzmzd5/cofi.jpg
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Aspire5738G 12.01.2011 22:07
hier denn mal das ergebnis von cobofix.
ist mein rechner denn jetzt sauber?

Combofix Logfile:
Code:
ComboFix 11-01-11.03 - Rene 12.01.2011  21:54:11.1.2 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.49.1031.18.3066.1814 [GMT 1:00]
ausgeführt von:: c:\users\Rene\Desktop\cofi.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\AutoRun.inf

.
(((((((((((((((((((((((  Dateien erstellt von 2010-12-12 bis 2011-01-12  ))))))))))))))))))))))))))))))
.

2011-01-12 21:00 . 2011-01-12 21:00        --------        d-----w-        c:\users\Default\AppData\Local\temp
2011-01-12 20:18 . 2011-01-12 20:18        --------        d-----w-        c:\program files\CCleaner
2011-01-12 19:03 . 2011-01-12 19:03        --------        d-----w-        C:\_OTL
2011-01-11 18:28 . 2010-12-28 15:55        413696        ----a-w-        c:\windows\system32\odbc32.dll
2011-01-11 18:28 . 2010-12-28 15:53        253952        ----a-w-        c:\program files\Common Files\System\ado\msadox.dll
2011-01-11 18:28 . 2010-12-28 15:53        241664        ----a-w-        c:\program files\Common Files\System\ado\msadomd.dll
2011-01-11 18:28 . 2010-12-28 15:53        708608        ----a-w-        c:\program files\Common Files\System\ado\msado15.dll
2011-01-11 18:28 . 2010-12-28 15:53        57344        ----a-w-        c:\program files\Common Files\System\msadc\msadcs.dll
2011-01-11 18:28 . 2010-12-28 15:53        180224        ----a-w-        c:\program files\Common Files\System\msadc\msadco.dll
2011-01-11 18:27 . 2010-12-14 14:49        1169408        ----a-w-        c:\windows\system32\sdclt.exe
2011-01-08 15:49 . 2011-01-12 20:48        --------        d-----w-        c:\users\Rene\Tracing
2010-12-31 12:50 . 2010-12-31 12:50        --------        d-----w-        c:\users\Rene\AppData\Roaming\Malwarebytes
2010-12-31 12:50 . 2010-12-20 17:09        38224        ----a-w-        c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-31 12:50 . 2010-12-31 12:50        --------        d-----w-        c:\programdata\Malwarebytes
2010-12-31 12:50 . 2010-12-31 14:35        --------        d-----w-        c:\program files\Malwarebytes' Anti-Malware
2010-12-31 12:50 . 2010-12-20 17:08        20952        ----a-w-        c:\windows\system32\drivers\mbam.sys
2010-12-19 17:37 . 2008-08-18 10:39        274944        ----a-w-        c:\windows\system32\Spool\prtprocs\w32x86\hpzpp64X.dll
2010-12-19 17:37 . 2008-08-18 10:39        117760        ----a-w-        c:\windows\system32\hpzll64X.dll
2010-12-19 17:18 . 2010-12-19 19:18        --------        d-----w-        c:\users\Rene\AppData\Roaming\HP
2010-12-19 17:15 . 2010-12-19 17:15        --------        d-----w-        c:\users\Rene\AppData\Local\HP
2010-12-19 00:00 . 2005-05-26 14:34        2297552        ----a-w-        c:\windows\system32\d3dx9_26.dll
2010-12-18 23:57 . 2010-12-18 23:57        --------        d-----w-        c:\programdata\bitComposer Games
2010-12-18 23:57 . 2010-12-18 23:57        --------        d-----w-        c:\program files\bitComposer Games
2010-12-15 18:09 . 2010-10-12 13:41        66048        ----a-w-        c:\program files\Windows Mail\wabmig.exe
2010-12-15 18:09 . 2010-10-12 13:41        515584        ----a-w-        c:\program files\Windows Mail\wab.exe
2010-12-15 18:09 . 2010-10-12 15:53        33280        ----a-w-        c:\program files\Windows Mail\wabfind.dll
2010-12-15 18:09 . 2010-10-18 13:31        2038272        ----a-w-        c:\windows\system32\win32k.sys
2010-12-15 18:05 . 2009-08-11 16:44        1401856        ----a-w-        c:\windows\system32\msxml6.dll

.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-31 14:24 . 2010-10-31 14:24        436792        ----a-w-        c:\windows\system32\drivers\sptd.sys
.

((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184]

[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2010-04-27 08:08        2393184        ----a-w-        c:\program files\DVDVideoSoftTB\tbDVDV.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184]

[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "c:\program files\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184]

[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-10-27 10:05        40496        ----a-w-        c:\program files\EgisTec\MyWinLocker 3\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-11-17 135168]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-09-03 68856]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2010-05-14 1479680]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2010-08-20 33120]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 153136]
"AnyDVD"="c:\program files\SlySoft\AnyDVD\AnyDVDtray.exe" [2010-10-29 4615104]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-12-02 3882312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-07-02 156968]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-16 13605408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-16 92704]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-09-04 30192]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-02-19 6793760]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-02-19 1833504]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-09-03 200704]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-02-24 204800]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2009-02-19 866824]
"BackupManagerTray"="c:\program files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-04-01 249600]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTray.exe" [2009-03-11 715296]
"EgisTecLiveUpdate"="c:\program files\EgisTec Egis Software Update\EgisUpdate.exe" [2008-10-27 199464]
"mwlDaemon"="c:\program files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2008-10-27 346672]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2009-06-16 173288]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2009-07-02 206120]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-09-04 135664]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2009-10-20 112640]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-09-04 30192]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 101120]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-09-23 50424]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-10-31 436792]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-09-05 108289]
S2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2009-05-20 75048]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2009-03-11 666144]
S2 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2008-10-09 19504]
S2 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2008-10-09 16432]
S2 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2008-10-09 59952]
S2 MWLService;MyWinLocker Service;c:\program files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2008-10-27 306736]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-04-01 54528]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-09-23 144632]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2008-09-04 223232]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-09-25 45600]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation        REG_MULTI_SZ          FontCache
HPZ12        REG_MULTI_SZ          Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt        REG_MULTI_SZ          hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners

2011-01-12 c:\windows\Tasks\Final Media Player Update Checker.job
- c:\program files\FinalMediaPlayer\FMPCheckForUpdates.exe [2010-10-29 09:25]

2011-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-04 10:20]

2011-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-04 10:20]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0910&m=aspire_5738
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0910&m=aspire_5738
IE: Free YouTube Download - c:\users\Rene\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\Rene\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-01-12 22:00
Windows 6.0.6002 Service Pack 2 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostarteinträge...

Scanne versteckte Dateien...

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2011-01-12  22:01:53
ComboFix-quarantined-files.txt  2011-01-12 21:01

Vor Suchlauf: 10 Verzeichnis(se), 122.742.915.072 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 121.629.761.536 Bytes frei

- - End Of File - - 89AAB36257131282EE395E002DF3EB62
--- --- ---

cosinus 12.01.2011 22:43
Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.


Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur einige Sekunden.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste mir bitte den Inhalt des .txt Dokumentes

Aspire5738G 12.01.2011 23:41
hallo
GMER konnte ich leider nicht machen, aber OSAM hat geklappt.
hier die log:

OSAM Logfile:
Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 23:36:40 on 12.01.2011

OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit
Default Browser: Microsoft Corporation Internet Explorer 8.00.6001.18702

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[AppInit DLLs]
-----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )-----
"AppInit_DLLs" - "Google" - C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

[Common]
-----( %SystemRoot%\Tasks )-----
"Final Media Player Update Checker.job" - "Bitberry Software" - C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"AxSWindC.cpl" - "Alcohol Soft Development Team" - C:\Windows\system32\AxSWindC.cpl
"iproset.cpl" - "Intel(R) Corporation" - C:\Windows\system32\iproset.cpl
"PhysX.cpl" - "NVIDIA Corporation" - C:\Windows\system32\PhysX.cpl
"vp6dec_settings.cpl" - ? - C:\Windows\system32\vp6dec_settings.cpl  (File found, but it contains no detailed information)
"vp7dec_settings.cpl" - ? - C:\Windows\system32\vp7dec_settings.cpl  (File found, but it contains no detailed information)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Nero BurnRights" - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl
"NokiaConnectionManager" - "Nokia" - C:\PROGRA~1\Nokia\NOKIAP~1\CONNEC~1.CPL
"PROSet Tools" - "Intel(R) Corporation" - C:\Windows\System32\iPROSet.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"aljrj5i8" (aljrj5i8) - "Microsoft Corporation" - C:\Windows\system32\drivers\aljrj5i8.sys  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"AnyDVD" (AnyDVD) - "SlySoft, Inc." - C:\Windows\System32\Drivers\AnyDVD.sys
"avgio" (avgio) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avgio.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"catchme" (catchme) - ? - C:\Users\Rene\AppData\Local\Temp\catchme.sys  (File not found)
"ElbyCDIO Driver" (ElbyCDIO) - "Elaborate Bytes AG" - C:\Windows\System32\Drivers\ElbyCDIO.sys
"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)
"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)
"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)
"mwlPSDFilter" (mwlPSDFilter) - "Egis Incorporated." - C:\Windows\System32\DRIVERS\mwlPSDFilter.sys
"mwlPSDNServ" (mwlPSDNServ) - "Egis Incorporated." - C:\Windows\System32\DRIVERS\mwlPSDNServ.sys
"mwlPSDVDisk" (mwlPSDVDisk) - "Egis Incorporated." - C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys
"sptd" (sptd) - "Duplex Secure Ltd." - C:\Windows\System32\Drivers\sptd.sys  (File is exclusively opened, access blocked)
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys
"UBHelper" (UBHelper) - "NewTech Infosystems Corporation" - C:\Windows\system32\drivers\UBHelper.sys
"Upper Class Filter Driver" (NTIDrvr) - "NewTech Infosystems, Inc." - C:\Windows\System32\Drivers\NTIDrvr.sys

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{0561EC90-CE54-4f0c-9C55-E226110A740C} "Haali Column Provider" - ? - C:\Windows\system32\mmfinfo.dll  (File found, but it contains no detailed information)
{7D4D6379-F301-4311-BEBA-E26EB0561882} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -  (File not found | COM-object registry key not found)
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -  (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -  (File not found | COM-object registry key not found)
{0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -  (File not found | COM-object registry key not found)
{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} "DragDropProtect Class" - "EgisTec Inc." - C:\Program Files\EgisTec\MyWinLocker 3\x86\psdprotect.dll
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -  (File not found | COM-object registry key not found)
{0561EC90-CE54-4f0c-9C55-E226110A740C} "Haali Column Provider" - ? - C:\Windows\system32\mmfinfo.dll  (File found, but it contains no detailed information)
{5574006C-28F5-4a65-A28C-74DE6BFBE0BB} "Haali Matroska Shell Property Page" - ? - C:\Windows\system32\mmfinfo.dll  (File found, but it contains no detailed information)
{327669A0-59A7-4be9-B99E-1C9F3A57611A} "Haali Matroska Thumbnail Extractor" - ? - C:\Windows\system32\mmfinfo.dll  (File found, but it contains no detailed information)
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -  (File not found | COM-object registry key not found)
{00020d75-0000-0000-c000-000000000046} "lnkfile" - ? -  (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll
{B327765E-D724-4347-8B16-78AE18552FC3} "NeroDigitalIconHandler Class" - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll
{7F1CF152-04F8-453A-B34C-E609530A9DC8} "NeroDigitalPropSheetHandler Class" - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll
{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} "Nokia Phone Browser" - "Nokia" - C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -  (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -  (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -  (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "DVDVideoSoftTB Toolbar" - "Conduit Ltd." - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
ITBar7Height "ITBar7Height" - ? -  (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -  (File not found | COM-object registry key not found)
-----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )-----
{872b5b88-9db5-4310-bdd0-ac189557e5f5} "DVDVideoSoftTB Toolbar" - "Conduit Ltd." - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_15" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} "Java Plug-in 1.6.0_15" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_15" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_15.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
{872b5b88-9db5-4310-bdd0-ac189557e5f5} "DVDVideoSoftTB Toolbar" - "Conduit Ltd." - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{872b5b88-9db5-4310-bdd0-ac189557e5f5} "DVDVideoSoftTB Toolbar" - "Conduit Ltd." - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" - ? -  (File not found | COM-object registry key not found)

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"HP Digital Imaging Monitor.lnk" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe  (Shortcut exists | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"AlcoholAutomount" - "Alcohol Soft Development Team" - "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
"AnyDVD" - "SlySoft, Inc." - C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" - "Nero AG" - "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"msnmsgr" - "Microsoft Corporation" - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
"PC Suite Tray" - "Nokia" - "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"ProductReg" - "Acer" - "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
"swg" - "Google Inc." - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Acer ePower Management" - "Acer Incorporated" - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"ArcadeDeluxeAgent" - "CyberLink Corp." - "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
"avgnt" - "Avira GmbH" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
"BackupManagerTray" - "NewTech Infosystems, Inc." - "C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -k
"CLMLServer" - "CyberLink" - "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
"EgisTecLiveUpdate" - "EgisTec Inc." - "C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe"
"Google Desktop Search" - "Google" - "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
"HP Software Update" - "Hewlett-Packard Co." - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
"LManager" - "Dritek System Inc." - C:\Program Files\Launch Manager\LManager.exe
"mwlDaemon" - "EgisTec Inc." - C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
"NeroFilterCheck" - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
"PlayMovie" - "Acer Corp." - "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
"PLFSetI" - ? - C:\Windows\PLFSetI.exe

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"LIDIL hpzll5ha" - "Hewlett-Packard Company" - C:\Windows\system32\hpzll5ha.dll
"LIDIL hpzll64X" - "Hewlett-Packard Company" - C:\Windows\system32\hpzll64X.dll
"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
"Acer ePower Service" (ePowerSvc) - "Acer Incorporated" - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\sched.exe
"CLHNService" (CLHNService) - ? - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
"Google Desktop Manager 5.9.1005.12335" (GoogleDesktopManager-051210-111108) - "Google" - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
"Google Software Updater" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"HP CUE DeviceDiscovery Service" (hpqddsvc) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
"hpqcxs08" (hpqcxs08) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
"Intel® PROSet/Wireless Event Log" (EvtEng) - "Intel(R) Corporation" - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
"Intel® PROSet/Wireless Registry Service" (RegSrvc) - "Intel(R) Corporation" - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
"MyWinLocker Service" (MWLService) - "EgisTec Inc." - C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
"NBService" (NBService) - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
"Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZinw12.dll
"NMIndexingService" (NMIndexingService) - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
"NTI Backup Now 5 Backup Service" (NTIBackupSvc) - "NewTech InfoSystems, Inc." - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
"NTI Backup Now 5 Scheduler Service" (NTISchedulerSvc) - "NewTech Infosystems, Inc." - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
"NTI IScheduleSvc" (NTI IScheduleSvc) - "NewTech Infosystems, Inc." - C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZipm12.dll
"ServiceLayer" (ServiceLayer) - "Nokia" - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
"StarWind AE Service" (StarWindServiceAE) - "StarWind Software" - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

[Winlogon]
-----( HKCU\Control Panel\Desktop )-----
"SCRNSAVE.EXE" - "Acer" - C:\Windows\System32\Acer.scr

===[ Logfile end ]=========================================[ Logfile end ]===
--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

Aspire5738G 12.01.2011 23:46
hier das ergebnis von MBRchek:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: Acer
BIOS Manufacturer: Phoenix Technologies LTD
System Manufacturer: Acer
System Product Name: Aspire 5738
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 156):
0x8263E000 \SystemRoot\system32\ntkrnlpa.exe
0x8260B000 \SystemRoot\system32\hal.dll
0x80406000 \SystemRoot\system32\kdcom.dll
0x8040D000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x8047D000 \SystemRoot\system32\PSHED.dll
0x8048E000 \SystemRoot\system32\BOOTVID.dll
0x80496000 \SystemRoot\system32\CLFS.SYS
0x804D7000 \SystemRoot\system32\CI.dll
0x8060C000 \SystemRoot\system32\drivers\Wdf01000.sys
0x8067D000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8068B000 \SystemRoot\System32\Drivers\sptd.sys
0x8079E000 \SystemRoot\System32\Drivers\WMILIB.SYS
0x807A7000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
0x805B7000 \SystemRoot\system32\drivers\acpi.sys
0x807CD000 \SystemRoot\system32\drivers\msisadrv.sys
0x807D5000 \SystemRoot\system32\drivers\pci.sys
0x8A603000 \SystemRoot\System32\drivers\partmgr.sys
0x8A612000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x8A615000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8A61F000 \SystemRoot\system32\drivers\volmgr.sys
0x8A62E000 \SystemRoot\System32\drivers\volmgrx.sys
0x8A678000 \SystemRoot\System32\drivers\mountmgr.sys
0x8A688000 \SystemRoot\System32\Drivers\UBHelper.sys
0x8A690000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x8A76A000 \SystemRoot\system32\drivers\atapi.sys
0x8A772000 \SystemRoot\system32\drivers\ataport.SYS
0x8A790000 \SystemRoot\system32\drivers\msahci.sys
0x8A79A000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x8A7A8000 \SystemRoot\system32\drivers\fltmgr.sys
0x8A7DA000 \SystemRoot\system32\drivers\fileinfo.sys
0x8A80C000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8A87D000 \SystemRoot\system32\drivers\ndis.sys
0x8A988000 \SystemRoot\system32\drivers\msrpc.sys
0x8A9B3000 \SystemRoot\system32\drivers\NETIO.SYS
0x8AA05000 \SystemRoot\System32\drivers\tcpip.sys
0x8AAEF000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8AC07000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8AD17000 \SystemRoot\system32\drivers\volsnap.sys
0x8AD50000 \SystemRoot\System32\Drivers\spldr.sys
0x8AD58000 \SystemRoot\System32\Drivers\mup.sys
0x8AD67000 \SystemRoot\System32\drivers\ecache.sys
0x8AD8E000 \SystemRoot\system32\drivers\disk.sys
0x8AD9F000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x8ADC0000 \SystemRoot\system32\drivers\crcdisk.sys
0x8ADD6000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8ADE1000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x8EC00000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x8F332000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8F3D3000 \SystemRoot\System32\drivers\watchdog.sys
0x8F3DF000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8F609000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8F647000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8F656000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8F6E3000 \SystemRoot\system32\DRIVERS\k57nd60x.sys
0x8F807000 \SystemRoot\system32\DRIVERS\NETw5v32.sys
0x8FB90000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8FB94000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8FBA7000 \SystemRoot\system32\DRIVERS\DKbFltr.sys
0x8FBB1000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8FBBC000 \SystemRoot\system32\DRIVERS\Apfiltr.sys
0x8FBF0000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8F71D000 \SystemRoot\System32\Drivers\AnyDVD.sys
0x8F736000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8F74E000 \SystemRoot\system32\Drivers\NTIDrvr.sys
0x8F756000 \SystemRoot\System32\Drivers\aljrj5i8.SYS
0x8F78F000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8F798000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8F7A7000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x8FE08000 \SystemRoot\system32\DRIVERS\storport.sys
0x8FE49000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8FE54000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8FE6B000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8FE76000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8FE99000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8FEA8000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8FEBC000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8FED1000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8FEE1000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8FEE3000 \SystemRoot\system32\DRIVERS\ks.sys
0x8FF0D000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8FF17000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8FF24000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8FF59000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x90A05000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x90C3B000 \SystemRoot\system32\drivers\portcls.sys
0x90C68000 \SystemRoot\system32\drivers\drmk.sys
0x90C8D000 \SystemRoot\system32\DRIVERS\AGRSM.sys
0x90DB3000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x90DB5000 \SystemRoot\system32\drivers\modem.sys
0x90DC2000 \SystemRoot\system32\drivers\nvhda32v.sys
0x90DD0000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x90DD9000 \SystemRoot\System32\Drivers\Null.SYS
0x90DE0000 \SystemRoot\System32\Drivers\Beep.SYS
0x90DE7000 \SystemRoot\System32\drivers\vga.sys
0x8FF6A000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x90DF3000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8FF8B000 \SystemRoot\system32\drivers\rdpencdd.sys
0x8FF93000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8FF9E000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8FFAC000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x8FFB5000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8FFCB000 \SystemRoot\system32\DRIVERS\smb.sys
0x90E03000 \SystemRoot\System32\DRIVERS\netbt.sys
0x90E35000 \SystemRoot\system32\drivers\afd.sys
0x90E7D000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x90E86000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x90E96000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x90E9D000 \SystemRoot\system32\DRIVERS\pacer.sys
0x90EB3000 \SystemRoot\system32\DRIVERS\netbios.sys
0x90EC1000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x90EC9000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x90EDC000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0x90EE2000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x90F1E000 \SystemRoot\system32\drivers\nsiproxy.sys
0x90F28000 \SystemRoot\System32\Drivers\ElbyCDIO.sys
0x90F32000 \SystemRoot\System32\Drivers\dfsc.sys
0x90F49000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x90F65000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x90F7C000 \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys
0x90F7E000 \SystemRoot\System32\Drivers\usbvideo.sys
0x90F9F000 \SystemRoot\System32\Drivers\fastfat.SYS
0x8AB0A000 \SystemRoot\system32\DRIVERS\udfs.sys
0x90FC7000 \SystemRoot\System32\Drivers\crashdmp.sys
0x91A07000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x99830000 \SystemRoot\System32\win32k.sys
0x91AE1000 \SystemRoot\System32\drivers\Dxapi.sys
0x91AEB000 \SystemRoot\system32\DRIVERS\monitor.sys
0x99A50000 \SystemRoot\System32\TSDDD.dll
0x99A70000 \SystemRoot\System32\cdd.dll
0x91AFA000 \SystemRoot\system32\drivers\luafv.sys
0x91B15000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x91B29000 \SystemRoot\system32\DRIVERS\mwlPSDFilter.sys
0x91B32000 \SystemRoot\system32\drivers\spsys.sys
0x91BE2000 \SystemRoot\system32\DRIVERS\irda.sys
0x90FD4000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x8F7D6000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x90FE4000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x8FFDF000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x8AB45000 \SystemRoot\system32\drivers\HTTP.sys
0x8ABB2000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x8ABCF000 \SystemRoot\system32\DRIVERS\bowser.sys
0x8F3EA000 \SystemRoot\System32\drivers\mpsdrv.sys
0xA0001000 \SystemRoot\system32\drivers\mrxdav.sys
0xA0022000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA0041000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xA007A000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xA0092000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA00BA000 \SystemRoot\System32\DRIVERS\srv.sys
0xA0120000 \SystemRoot\system32\DRIVERS\mwlPSDNServ.sys
0xA0129000 \SystemRoot\system32\DRIVERS\mwlPSDVDisk.sys
0xA1E08000 \SystemRoot\system32\drivers\peauth.sys
0xA1EE6000 \SystemRoot\System32\Drivers\secdrv.SYS
0xA1EF0000 \SystemRoot\System32\drivers\tcpipreg.sys
0xA1EFC000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x77680000 \Windows\System32\ntdll.dll
0x10000000 \Program Files\Alcohol Soft\Alcohol 120\Alcoholx.dll

Processes (total 90):
0 System Idle Process
4 System
528 C:\Windows\System32\smss.exe
628 csrss.exe
680 C:\Windows\System32\wininit.exe
692 csrss.exe
724 C:\Windows\System32\services.exe
752 C:\Windows\System32\lsass.exe
760 C:\Windows\System32\lsm.exe
916 C:\Windows\System32\svchost.exe
980 C:\Windows\System32\nvvsvc.exe
1008 C:\Windows\System32\svchost.exe
1052 C:\Windows\System32\svchost.exe
1096 C:\Windows\System32\svchost.exe
1120 C:\Windows\System32\svchost.exe
1132 C:\Windows\System32\svchost.exe
1196 C:\Windows\System32\winlogon.exe
1288 C:\Windows\System32\audiodg.exe
1344 C:\Windows\System32\svchost.exe
1360 C:\Windows\System32\SLsvc.exe
1424 C:\Windows\System32\svchost.exe
1464 C:\Windows\System32\rundll32.exe
1660 C:\Windows\System32\svchost.exe
1888 C:\Windows\System32\dwm.exe
1908 C:\Windows\System32\wlanext.exe
2020 C:\Windows\System32\spoolsv.exe
2044 C:\Program Files\Avira\AntiVir Desktop\sched.exe
236 C:\Windows\explorer.exe
324 C:\Windows\System32\svchost.exe
1696 C:\Windows\System32\agrsmsvc.exe
604 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
2080 C:\Windows\System32\taskeng.exe
2140 C:\Windows\System32\taskeng.exe
2236 C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
2272 C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
2372 C:\Program Files\Intel\WiFi\bin\EvtEng.exe
2524 C:\Windows\System32\svchost.exe
2552 C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
2588 C:\Windows\System32\svchost.exe
2724 C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
2784 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
2852 C:\Windows\System32\svchost.exe
2872 C:\Windows\System32\svchost.exe
2896 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
2964 C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
2984 C:\Windows\System32\svchost.exe
3028 C:\Windows\System32\svchost.exe
3060 C:\Windows\System32\SearchIndexer.exe
3464 WmiPrvSE.exe
3964 C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
3996 C:\Windows\System32\rundll32.exe
4028 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
2056 C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
2244 C:\Windows\PLFSetI.exe
1792 C:\Program Files\Apoint2K\Apoint.exe
3356 C:\Program Files\Launch Manager\LManager.exe
2392 C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
3492 C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
3844 C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
3824 C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
3856 C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
2252 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
3568 C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
4044 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
1316 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
1244 C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
3780 C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
800 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
2196 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
1400 C:\Users\Rene\AppData\Local\Temp\RtkBtMnt.exe
1680 C:\Windows\System32\wbem\unsecapp.exe
3404 C:\Program Files\Apoint2K\ApMsgFwd.exe
3400 C:\Program Files\Apoint2K\ApntEx.exe
3908 C:\Program Files\Apoint2K\Hidfind.exe
2760 C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
1956 C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
4232 C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
4664 C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
4756 C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
4788 C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
4984 C:\Users\Rene\Downloads\osam_autorun_manager_5_0_portable\osam.exe
3440 C:\Program Files\Internet Explorer\iexplore.exe
5972 C:\Program Files\Internet Explorer\iexplore.exe
4176 C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
5312 C:\Windows\System32\conime.exe
4344 C:\Windows\System32\SearchProtocolHost.exe
364 C:\Windows\System32\SearchFilterHost.exe
4328 dllhost.exe
5832 dllhost.exe
4960 C:\Users\Rene\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`71100000 (NTFS)

PhysicalDrive0 Model Number: WDCWD5000BEVT-22ZAT0, Rev: 01.01A01

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 00DA077E92625BC67BBA239DB4218A4A12648922


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

cosinus 13.01.2011 10:43
Zitat:
465 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 00DA077E92625BC67BBA239DB4218A4A12648922
Found non-standard or infected MBR.
Hast Du noch andere Betriebssysteme außer Vista installiert?

Wenn nicht: Schau mal hier => Vista Notfall/Recovery-CD 32-Bit - Dr. Windows

Lad das iso runter, brenn es zB mit ImgBurn per Imagebrennfunktion auf eine CD und starte damit den Rechner (von dieser CD booten).

Falls Du eine normale Vista-Installations-DVD hast, brauchst Du das o.g. Image nicht sondern kannst einfach von der Vista-DVD booten.

Klick auf Computerreparaturoptionen, weiter, Eingabeaufforderung - die Konsole öffnet sich. Da bitte bootrec.exe /fixboot eintippen (mit enter bestätigen), dann bootrec.exe /fixmbr eintippen (mit enter bestätigen) - Rechner neustarten, CD vorher rausnehmen.

Aspire5738G 13.01.2011 14:04
hallo cosinus.

nein, ich habe nur ein betriebssystem installiert.
als ich den laptop gekaufte habe, habe ich gleich ne recovery dvd erstellt.
habe aber 2dvd´s dvd1 und dvd2.
gehen dadurch daten verloren?

cosinus 13.01.2011 15:08
Nein Daten gehen dadurch nicht weg.

Aspire5738G 13.01.2011 16:42
so, hab jetzt den anweisungen folge geleistet.
was muss noch gemacht werden??
schon mal danke für deine hilfe.:daumenhoc


rene

cosinus 13.01.2011 19:28
Bitte ein neues Log mit mbrcheck machen.

Aspire5738G 13.01.2011 19:54
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: Acer
BIOS Manufacturer: Phoenix Technologies LTD
System Manufacturer: Acer
System Product Name: Aspire 5738
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 155):
0x82647000 \SystemRoot\system32\ntkrnlpa.exe
0x82614000 \SystemRoot\system32\hal.dll
0x80409000 \SystemRoot\system32\kdcom.dll
0x80410000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x80480000 \SystemRoot\system32\PSHED.dll
0x80491000 \SystemRoot\system32\BOOTVID.dll
0x80499000 \SystemRoot\system32\CLFS.SYS
0x804DA000 \SystemRoot\system32\CI.dll
0x80603000 \SystemRoot\system32\drivers\Wdf01000.sys
0x80674000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x80682000 \SystemRoot\System32\Drivers\sptd.sys
0x80795000 \SystemRoot\System32\Drivers\WMILIB.SYS
0x8079E000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
0x805BA000 \SystemRoot\system32\drivers\acpi.sys
0x807C4000 \SystemRoot\system32\drivers\msisadrv.sys
0x807CC000 \SystemRoot\system32\drivers\pci.sys
0x8A603000 \SystemRoot\System32\drivers\partmgr.sys
0x8A612000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x8A615000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8A61F000 \SystemRoot\system32\drivers\volmgr.sys
0x8A62E000 \SystemRoot\System32\drivers\volmgrx.sys
0x8A678000 \SystemRoot\System32\drivers\mountmgr.sys
0x8A688000 \SystemRoot\System32\Drivers\UBHelper.sys
0x8A690000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x8A76A000 \SystemRoot\system32\drivers\atapi.sys
0x8A772000 \SystemRoot\system32\drivers\ataport.SYS
0x8A790000 \SystemRoot\system32\drivers\msahci.sys
0x8A79A000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x8A7A8000 \SystemRoot\system32\drivers\fltmgr.sys
0x8A7DA000 \SystemRoot\system32\drivers\fileinfo.sys
0x8A80F000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8A880000 \SystemRoot\system32\drivers\ndis.sys
0x8A98B000 \SystemRoot\system32\drivers\msrpc.sys
0x8A9B6000 \SystemRoot\system32\drivers\NETIO.SYS
0x8AA04000 \SystemRoot\System32\drivers\tcpip.sys
0x8AAEE000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8AC08000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8AD18000 \SystemRoot\system32\drivers\volsnap.sys
0x8AD51000 \SystemRoot\System32\Drivers\spldr.sys
0x8AD59000 \SystemRoot\System32\Drivers\mup.sys
0x8AD68000 \SystemRoot\System32\drivers\ecache.sys
0x8AD8F000 \SystemRoot\system32\drivers\disk.sys
0x8ADA0000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x8ADC1000 \SystemRoot\system32\drivers\crcdisk.sys
0x8ADD7000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8ADE2000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x8E00F000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x8E741000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8E7E2000 \SystemRoot\System32\drivers\watchdog.sys
0x8E7EE000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8EA00000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8EA3E000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8EA4D000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8EADA000 \SystemRoot\system32\DRIVERS\k57nd60x.sys
0x8EC01000 \SystemRoot\system32\DRIVERS\NETw5v32.sys
0x8EF8A000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8EF8E000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8EFA1000 \SystemRoot\system32\DRIVERS\DKbFltr.sys
0x8EFAB000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8EFB6000 \SystemRoot\system32\DRIVERS\Apfiltr.sys
0x8EFEA000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8EB14000 \SystemRoot\System32\Drivers\AnyDVD.sys
0x8EB2D000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8EFF5000 \SystemRoot\system32\Drivers\NTIDrvr.sys
0x8EB45000 \SystemRoot\System32\Drivers\ayhb7bez.SYS
0x8EB7E000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8EB87000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8EB96000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x8F20E000 \SystemRoot\system32\DRIVERS\storport.sys
0x8F24F000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8F25A000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8F271000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8F27C000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8F29F000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8F2AE000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8F2C2000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8F2D7000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8F2E7000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8F2E9000 \SystemRoot\system32\DRIVERS\ks.sys
0x8F313000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8F31D000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8F32A000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8F35F000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x8F80F000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x8FA45000 \SystemRoot\system32\drivers\portcls.sys
0x8FA72000 \SystemRoot\system32\drivers\drmk.sys
0x8FA97000 \SystemRoot\system32\DRIVERS\AGRSM.sys
0x8FBBD000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x8FBBF000 \SystemRoot\system32\drivers\modem.sys
0x8FBCC000 \SystemRoot\system32\drivers\nvhda32v.sys
0x8FBDA000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x8FBE3000 \SystemRoot\System32\Drivers\Null.SYS
0x8FBEA000 \SystemRoot\System32\Drivers\Beep.SYS
0x8FBF1000 \SystemRoot\System32\drivers\vga.sys
0x8F370000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8F800000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8F391000 \SystemRoot\system32\drivers\rdpencdd.sys
0x8F399000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8F3A4000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8F3B2000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x8F3BB000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8F3D1000 \SystemRoot\system32\DRIVERS\smb.sys
0x8EBC5000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8FC05000 \SystemRoot\system32\drivers\afd.sys
0x8FC4D000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8FC63000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8FC71000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8FC84000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0x8FC8A000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8FCC6000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8FCD0000 \SystemRoot\System32\Drivers\ElbyCDIO.sys
0x8FCDA000 \SystemRoot\System32\Drivers\dfsc.sys
0x8FCF1000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x8FD0D000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x8FD24000 \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys
0x8FD26000 \SystemRoot\System32\Drivers\usbvideo.sys
0x8FD47000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x8FD50000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x8FD60000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x8FD67000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x8FD6F000 \SystemRoot\System32\Drivers\fastfat.SYS
0x8FD97000 \SystemRoot\System32\Drivers\crashdmp.sys
0x8AB09000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x98460000 \SystemRoot\System32\win32k.sys
0x8FDA4000 \SystemRoot\System32\drivers\Dxapi.sys
0x8FDAE000 \SystemRoot\system32\DRIVERS\monitor.sys
0x98680000 \SystemRoot\System32\TSDDD.dll
0x986A0000 \SystemRoot\System32\cdd.dll
0x8FDBD000 \SystemRoot\system32\drivers\luafv.sys
0x8FDD8000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x8FDEC000 \SystemRoot\system32\DRIVERS\mwlPSDFilter.sys
0x9CE07000 \SystemRoot\system32\drivers\spsys.sys
0x9CEB7000 \SystemRoot\system32\DRIVERS\irda.sys
0x9CED5000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x9CEE5000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x9CF0F000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x9CF19000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x9CF2C000 \SystemRoot\system32\drivers\HTTP.sys
0x9CF99000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x9CFB6000 \SystemRoot\system32\DRIVERS\bowser.sys
0x9CFCF000 \SystemRoot\System32\drivers\mpsdrv.sys
0x9F60B000 \SystemRoot\system32\drivers\mrxdav.sys
0x9F62C000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x9F64B000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x9F684000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x9F69C000 \SystemRoot\System32\DRIVERS\srv2.sys
0x9F6C4000 \SystemRoot\System32\DRIVERS\srv.sys
0x9F72A000 \SystemRoot\system32\DRIVERS\mwlPSDNServ.sys
0x9F733000 \SystemRoot\system32\DRIVERS\mwlPSDVDisk.sys
0xA4606000 \SystemRoot\system32\drivers\peauth.sys
0xA46E4000 \SystemRoot\System32\Drivers\secdrv.SYS
0xA46EE000 \SystemRoot\System32\drivers\tcpipreg.sys
0xA46FA000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x77B80000 \Windows\System32\ntdll.dll
0x10000000 \Program Files\Alcohol Soft\Alcohol 120\Alcoholx.dll

Processes (total 89):
0 System Idle Process
4 System
476 C:\Windows\System32\smss.exe
544 csrss.exe
596 C:\Windows\System32\wininit.exe
608 csrss.exe
640 C:\Windows\System32\services.exe
652 C:\Windows\System32\lsass.exe
660 C:\Windows\System32\lsm.exe
812 C:\Windows\System32\svchost.exe
876 C:\Windows\System32\nvvsvc.exe
904 C:\Windows\System32\svchost.exe
956 C:\Windows\System32\svchost.exe
988 C:\Windows\System32\svchost.exe
1020 C:\Windows\System32\svchost.exe
1036 C:\Windows\System32\svchost.exe
1124 C:\Windows\System32\winlogon.exe
1164 C:\Windows\System32\audiodg.exe
1224 C:\Windows\System32\svchost.exe
1240 C:\Windows\System32\SLsvc.exe
1276 C:\Windows\System32\svchost.exe
1440 C:\Windows\System32\rundll32.exe
1488 C:\Windows\System32\svchost.exe
1836 C:\Windows\System32\dwm.exe
1856 C:\Windows\System32\wlanext.exe
1876 C:\Windows\explorer.exe
1956 C:\Windows\System32\spoolsv.exe
2024 C:\Program Files\Avira\AntiVir Desktop\sched.exe
236 C:\Windows\System32\svchost.exe
1464 C:\Windows\System32\taskeng.exe
796 C:\Windows\System32\agrsmsvc.exe
520 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
1480 C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
2084 C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
2124 C:\Program Files\Intel\WiFi\bin\EvtEng.exe
2184 C:\Windows\System32\taskeng.exe
2216 C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
2296 C:\Windows\System32\svchost.exe
2308 C:\Windows\System32\rundll32.exe
2372 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
2464 C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
2580 C:\Windows\System32\svchost.exe
2608 C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
3036 C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
3056 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
3080 C:\Windows\System32\svchost.exe
3104 C:\Windows\System32\svchost.exe
3116 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
3140 C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
3184 C:\Windows\System32\svchost.exe
3260 C:\Windows\System32\svchost.exe
3328 C:\Windows\System32\SearchIndexer.exe
3512 C:\Windows\PLFSetI.exe
3520 C:\Program Files\Apoint2K\Apoint.exe
2600 WmiPrvSE.exe
1484 C:\Users\Rene\AppData\Local\Temp\RtkBtMnt.exe
2664 C:\Program Files\Launch Manager\LManager.exe
768 C:\Program Files\Apoint2K\ApMsgFwd.exe
3044 C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
3072 C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
3168 C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
3284 C:\Program Files\Apoint2K\Hidfind.exe
2388 C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
2384 C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
1516 C:\Program Files\Apoint2K\ApntEx.exe
3432 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
3320 C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
3528 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
3680 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
3708 C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
3392 C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
2156 C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
3696 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
1628 C:\Windows\System32\wbem\unsecapp.exe
1388 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
2476 C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
2540 C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
4052 C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
4168 C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
4252 C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
4296 C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
4320 C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
5264 C:\Windows\System32\conime.exe
4704 taskeng.exe
2852 C:\Windows\System32\SearchProtocolHost.exe
5000 dllhost.exe
5152 C:\Windows\System32\SearchFilterHost.exe
3440 dllhost.exe
3712 C:\Users\Rene\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`71100000 (NTFS)

PhysicalDrive0 Model Number: WDCWD5000BEVT-22ZAT0, Rev: 01.01A01

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979


Done!

cosinus 13.01.2011 20:19
Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

Aspire5738G 13.01.2011 20:45
hier die log von malware:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5512

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

13.01.2011 19:40:41
mbam-log-2011-01-13 (19-40-41).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 259937
Laufzeit: 52 Minute(n), 32 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Aspire5738G 13.01.2011 22:21
und hier is die log von superantispayware:


SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 01/13/2011 at 10:15 PM

Application Version : 4.47.1000

Core Rules Database Version : 6193
Trace Rules Database Version: 4005

Scan type : Complete Scan
Total Scan Time : 01:33:23

Memory items scanned : 799
Memory threats detected : 0
Registry items scanned : 10315
Registry threats detected : 0
File items scanned : 120019
File threats detected : 1

Adware.Tracking Cookie
C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Cookies\rene@statse.webtrendslive[2].txt


das was er gefunden hat wurde in quarantäne verschoben und entfernt.

cosinus 14.01.2011 09:06
Sieht ok aus, da wurden nur Cookies gefunden.
Noch Probleme oder weitere Funde in der Zwischenzeit?

Aspire5738G 14.01.2011 15:17
das einzigste was noch öfter vorkommt ist
wenn ich den internet explorer öffne kommt ab und zu"die website kann nicht angezeigt werden" obwohl ich ins internet gehn kann.
kann das mit nen virus zusammen hängen??

cosinus 14.01.2011 15:22
Nur beim IE oder auch andere Browser?
Den IE solltest du IMHO nicht verwenden, nimm lieber sowas wie Opera, Firefox oder Chrome - mein Favorit ist und bleibt der Firefox (dank der Erweiterungen)

Aspire5738G 14.01.2011 19:36
is mir jetzt nur beim internet explorer aufgefallen weil ich nur übern ie ins netz
gehe. kenne mich mit firefox nicht aus. gibt es denn verschiedene anbieter
vom firefox? kenne nur mozilla.

cosinus 14.01.2011 19:46
Zitat:
gibt es denn verschiedene anbieter
vom firefox? kenne nur mozilla.
Auweia... :wtf:
Gibt es verschiedene Anbieter von Windows oder vom IE? :pfeiff:
Natürlich gibt es den "original" Firefox nur von Mozilla. Es gibt noch speziell angepasste Versionen, aber das Thema ist ein anderes.

Hier Firefox laden und installieren => Webbrowser Firefox auf Deutsch | Schneller, sicherer und anpassbar

Aspire5738G 14.01.2011 20:22
firefox ist installiert und da habe ich nicht sone probleme wie beim IE.
vielen dank für deine hilfe.:daumenhoc
werde euch auf jedenfall weiter empfehlen.
noch mal danke für deine mühe.:party:

cosinus 14.01.2011 20:30
Dennoch ist das Verhalten vom IE nicht normal. Mach mal Updates siehe unten:

Wir sind ansonsten auch durch! :abklatsch:

Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.


Microsoftupdate

Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.

Windows Vista/7: Anleitung Windows-Update



PDF-Reader aktualisieren
Dein Adobe Reader ist nicht aktuell, was ein großes Sicherheitsrisiko darstellt. Du solltest daher besser die alte Version über Systemsteuerung => Software deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst.

Ich empfehle einen alternativen PDF-Reader wie SumatraPDF oder Foxit PDF Reader, beide sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers, hier der direkte Downloadlink => http://filepony.de/?q=Flash+Player


Java-Update
Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.

Aspire5738G 14.01.2011 21:40
so cosinus, alles erledigt.:dankeschoen:
eine frage habe ich noch:
kann ich jetzt wieder mit mein laptop
onlinebanking machen oder soll ich das lieber lassen?:confused:

cosinus 14.01.2011 23:23
Online-banking ist immer ein heißes Eisen.
Das System ist lt. Logs wieder ok, aber garantieren kann man für nichts.
Als Alternative kannst du dir mal die Linux-Distro Bankix anschauen

Aspire5738G 15.01.2011 00:13
ich werd das dann wohl lieber lassen.
vielen dank für deine hilfe.

mfg rene


Alle Zeitangaben in WEZ +1. Es ist jetzt 13:34 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131