| |
| |||||||
Log-Analyse und Auswertung: Desktop schwarz und Festplatte angeblich kaputt, die X-teWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
21.06.2011, 21:53
| #1 |
| |  Desktop schwarz und Festplatte angeblich kaputt, die X-te Guten Tag, habe seid heute Probleme mit meinem Laptop. Habe mir die anderen ähnlichen Beiträge schonmal angeschaut. Bei mir sagt er auch,dass meine Festplatte hinüber ist, aber bei Antivir, Anti-Malware und SUPERAntiSpyware zeigen die trotzdem die Daten an. Kann auf den Explorer und das Internet zugreifen, aber nicht mehr auf die Datein von 2 Laufwerken. Habe schonmal den OTL-log machen lassen. Hoffe ihr könnt einem armen Studenten helfen. Lg WolleCW OTL-Log:OTL Logfile: Code:
ATTFilter OTL logfile created on: 21.06.2011 21:18:15 - Run 1 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\mm\Music\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 46,05% Memory free 6,19 Gb Paging File | 4,61 Gb Available in Paging File | 74,47% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 120,92 Gb Total Space | 31,11 Gb Free Space | 25,73% Space Free | Partition Type: NTFS Drive D: | 164,18 Gb Total Space | 20,67 Gb Free Space | 12,59% Space Free | Partition Type: NTFS Drive E: | 164,18 Gb Total Space | 42,45 Gb Free Space | 25,86% Space Free | Partition Type: NTFS Computer Name: CHRISINFERNO | User Name: mm | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\mm\Music\Downloads\OTL.exe (OldTimer Tools) PRC - C:\ProgramData\34660088.exe (AnkhSVN) PRC - C:\ProgramData\SuHEcubHqhenx.exe (AnkhSVN) PRC - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Programme\Application Updater\ApplicationUpdater.exe (Spigot, Inc.) PRC - E:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) PRC - e:\Program Files\Virtual CD v10\System\VC10SecS.exe (H+H Software GmbH) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) PRC - C:\Programme\Acer\Acer Bio Protection\CompPtcVUI.exe (Arachnoid Biometrics Identification Group Corp.) PRC - C:\Programme\Acer\Acer Bio Protection\BASVC.exe () PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\conime.exe (Microsoft Corporation) PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) PRC - C:\Programme\Acer\Empowering Technology\Service\ETService.exe () PRC - C:\Windows\System32\vfsFPService.exe (Validity Sensors, Inc.) PRC - C:\Programme\EDIMAX\Common\RalinkRegistryWriter.exe (Ralink Technology, Corp.) PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe () PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems) PRC - C:\ACER\Mobility Center\MobilityService.exe () PRC - C:\Programme\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (Rocket Division Software) ========== Modules (SafeList) ========== MOD - C:\Users\mm\Music\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe () SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.) SRV - (CVPND) -- E:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) SRV - (VC10SecS) -- e:\Program Files\Virtual CD v10\System\VC10SecS.exe (H+H Software GmbH) SRV - (IGBASVC) -- C:\Programme\Acer\Acer Bio Protection\BASVC.exe () SRV - (Adobe Version Cue CS4) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated) SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated) SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (RS_Service) -- C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) SRV - (ETService) -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe () SRV - (vfsFPService) -- C:\Windows\System32\vfsFPService.exe (Validity Sensors, Inc.) SRV - (RalinkRegistryWriter) -- C:\Programme\EDIMAX\Common\RalinkRegistryWriter.exe (Ralink Technology, Corp.) SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (CLHNService) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe () SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems) SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe () SRV - (StarWindServiceAE) -- C:\Programme\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (Rocket Division Software) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia) DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia) DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia) DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia) DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia) DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia) DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys () DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (CVPNDRVA) -- C:\Windows\System32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.) DRV - (vdrv1000) -- C:\Windows\System32\drivers\vdrv1000.sys (H+H Software GmbH) DRV - (AlfaFF) -- C:\Windows\system32\Drivers\AlfaFF.sys (Alfa Corporation) DRV - (L1E) -- C:\Windows\System32\drivers\L1E60x86.sys (Atheros Communications, Inc.) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (USBCCID) -- C:\Windows\System32\drivers\usbccid.sys (Microsoft Corporation) DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.) DRV - (HH10Help.sys) -- C:\Windows\System32\drivers\HH10Help.sys (H+H Software GmbH) DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation) DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia) DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.) DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Programme\Acer Arcade Deluxe\PlayMovie\000.fcl (Cyberlink Corp.) DRV - (vfs101x) -- C:\Windows\System32\drivers\vfs101x.sys (Validity Sensors, Inc.) DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corp.) DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems) DRV - (NTIPPKernel) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys (Cyberlink Corp.) DRV - (itecir) -- C:\Windows\System32\drivers\itecir.sys (ITE Tech. Inc. ) DRV - (int15) -- C:\Windows\System32\drivers\int15.sys () DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.) DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.) DRV - (DritekPortIO) -- C:\Programme\Launch Manager\DPortIO.sys (Dritek System Inc.) DRV - (AF15BDA) -- C:\Windows\System32\drivers\AF15BDA.sys (AfaTech ) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0809&m=aspire_6935 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0809&m=aspire_6935 IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0809&m=aspire_6935 IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data] IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\Search Settings\SearchSettings.dll (Spigot, Inc.) IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig?hl=#t_0" FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.3.7 FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.8 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009.08.10 21:19:16 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.01.05 02:56:02 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.06.15 15:50:26 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.15 15:50:22 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.04.29 20:39:29 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.01.05 02:56:04 | 000,000,000 | ---D | M] [2011.04.29 20:39:35 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\mm\AppData\Roaming\mozilla\Extensions [2011.04.29 20:39:35 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\mm\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2009.10.28 21:39:45 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\mm\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org [2011.06.17 10:11:49 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\mm\AppData\Roaming\mozilla\Firefox\Profiles\k63joh69.default\extensions [2010.09.09 22:34:18 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\mm\AppData\Roaming\mozilla\Firefox\Profiles\k63joh69.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.06.05 19:04:12 | 000,000,000 | -H-D | M] (iMacros for Firefox) -- C:\Users\mm\AppData\Roaming\mozilla\Firefox\Profiles\k63joh69.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2011.06.17 10:11:49 | 000,000,000 | -H-D | M] (DownloadHelper) -- C:\Users\mm\AppData\Roaming\mozilla\Firefox\Profiles\k63joh69.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011.06.05 19:04:09 | 000,000,000 | -H-D | M] (Adblock Plus) -- C:\Users\mm\AppData\Roaming\mozilla\Firefox\Profiles\k63joh69.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011.06.05 19:04:16 | 000,000,000 | -H-D | M] (FastestFox) -- C:\Users\mm\AppData\Roaming\mozilla\Firefox\Profiles\k63joh69.default\extensions\smarterwiki@wikiatic.com [2011.06.21 17:38:47 | 000,001,056 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\Mozilla\Firefox\Profiles\k63joh69.default\searchplugins\icqplugin.xml [2010.02.28 21:29:23 | 000,002,064 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\Mozilla\Firefox\Profiles\k63joh69.default\searchplugins\youtube-videosuche.xml [2011.06.15 15:50:25 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2009.08.31 13:45:20 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.04.20 07:56:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.08.14 00:02:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.10.25 09:53:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} File not found (No name found) -- [2010.04.11 11:19:58 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} [2010.04.20 07:56:48 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.08.14 00:02:42 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.10.25 09:53:16 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.04.14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll [2010.09.15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.10.12 16:26:38 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Programme\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.03.03 01:26:17 | 000,001,315 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 71i.de O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: O1 - Hosts: 9 more lines... O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - E:\Program Files\CS4\/Adobe Contribute CS4/contributeieplugin.dll () O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\Search Settings\SearchSettings.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - E:\Program Files\CS4\/Adobe Contribute CS4/contributeieplugin.dll () O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKU\S-1-5-21-302941472-1964095108-563845418-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Programme\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [eRecoveryService] File not found O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-302941472-1964095108-563845418-1000..\Run: [] File not found O4 - HKU\S-1-5-21-302941472-1964095108-563845418-1000..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-21-302941472-1964095108-563845418-1000..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.) O4 - HKU\S-1-5-21-302941472-1964095108-563845418-1000..\Run: [SuHEcubHqhenx] C:\ProgramData\SuHEcubHqhenx.exe (AnkhSVN) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe () O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe () O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll - C:\Programme\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.) O24 - Desktop WallPaper: C:\Users\mm\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\mm\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{a59387c4-e072-11de-b713-00a0d1ae1104}\Shell - "" = AutoRun O33 - MountPoints2\{a59387c4-e072-11de-b713-00a0d1ae1104}\Shell\AutoRun\command - "" = J:\OblivionLauncher.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk - C:\Programme\Acer\Acer VCM\AcerVCM.exe - (Acer Incorporated) MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk - C:\Programme\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe - (Adobe Systems, Inc.) MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk - C:\Programme\ArcSoft\TotalMedia 3\TMMonitor.exe - (ArcSoft, Inc.) MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk - C:\Windows\Installer\{21E247D4-5E27-4BEA-AA4D-19A81203FE2A}\Icon3E5562ED7.ico - () MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Wireless Utility.lnk - C:\Programme\EDIMAX\Common\RaUI.exe - (Edimax Technology Co.) MsConfig - StartUpFolder: C:^Users^mm^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk - C:\Users\mm\AppData\Roaming\Dropbox\bin\Dropbox.exe - () MsConfig - StartUpFolder: C:^Users^mm^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Trillian.lnk - C:\Programme\Trillian\trillian.exe - (Cerulean Studios) MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: AlcoholAutomount - hkey= - key= - C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe (Alcohol Soft Development Team) MsConfig - StartUpReg: ArcadeDeluxeAgent - hkey= - key= - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) MsConfig - StartUpReg: avgnt - hkey= - key= - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) MsConfig - StartUpReg: BkupTray - hkey= - key= - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe () MsConfig - StartUpReg: CLMLServer - hkey= - key= - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink) MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) MsConfig - StartUpReg: eAudio - hkey= - key= - C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated) MsConfig - StartUpReg: eDataSecurity Loader - hkey= - key= - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated) MsConfig - StartUpReg: ehTray.exe - hkey= - key= - C:\Windows\ehome\ehtray.exe (Microsoft Corporation) MsConfig - StartUpReg: ePower_DMC - hkey= - key= - C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.) MsConfig - StartUpReg: EPSON SX100 Series - hkey= - key= - File not found MsConfig - StartUpReg: IAAnotif - hkey= - key= - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) MsConfig - StartUpReg: LManager - hkey= - key= - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.) MsConfig - StartUpReg: NokiaMServer - hkey= - key= - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) MsConfig - StartUpReg: NokiaMusic FastStart - hkey= - key= - C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia) MsConfig - StartUpReg: NokiaOviSuite2 - hkey= - key= - C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia) MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found MsConfig - StartUpReg: NvMediaCenter - hkey= - key= - File not found MsConfig - StartUpReg: PlayMovie - hkey= - key= - C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) MsConfig - StartUpReg: PLFSetI - hkey= - key= - C:\Windows\PLFSetI.exe () MsConfig - StartUpReg: ProductReg - hkey= - key= - C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer) MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) MsConfig - StartUpReg: RGSC - hkey= - key= - File not found MsConfig - StartUpReg: RtHDVCpl - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) MsConfig - StartUpReg: SearchSettings - hkey= - key= - C:\Programme\Search Settings\SearchSettings.exe (Spigot, Inc.) MsConfig - StartUpReg: Sidebar - hkey= - key= - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig - StartUpReg: Skytel - hkey= - key= - C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.) MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig - StartUpReg: SUPERAntiSpyware - hkey= - key= - C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) MsConfig - StartUpReg: SynTPEnh - hkey= - key= - C:\Programme\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) MsConfig - StartUpReg: VC10Player - hkey= - key= - e:\Program Files\Virtual CD v10\System\VC10Play.exe (H+H Software GmbH) MsConfig - StartUpReg: WinampAgent - hkey= - key= - E:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.) MsConfig - StartUpReg: Windows Defender - hkey= - key= - File not found MsConfig - StartUpReg: WMPNSCFG - hkey= - key= - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) MsConfig - StartUpReg: ZPdtWzdVitaKey MC3000 - hkey= - key= - C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.) MsConfig - State: "startup" - 1 MsConfig - State: "services" - 0 SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: mcmscsvc - Service SafeBootMin: MCODS - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: mcmscsvc - Service SafeBootNet: MCODS - Service SafeBootNet: Messenger - Service SafeBootNet: MpfService - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {64470216-5EDF-4035-2C49-819AC9C5947E} - ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker 2.6 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {FB2EF7B1-3857-45AB-94DB-FE63E1CB8074} - ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.divxa32 - C:\Windows\System32\msaud32_divx.acm (Microsoft Corporation) Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.iv50 - C:\Windows\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com) Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com) Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.06.21 19:33:42 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Repair [2011.06.21 19:33:21 | 000,372,736 | -H-- | C] (AnkhSVN) -- C:\ProgramData\34660088.exe [2011.06.21 19:24:15 | 000,462,848 | -H-- | C] (AnkhSVN) -- C:\ProgramData\SuHEcubHqhenx.exe [2011.06.16 11:35:58 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.06.16 11:35:56 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011.06.16 11:35:56 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011.06.16 11:35:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.06.15 11:00:06 | 000,000,000 | -H-D | C] -- C:\Users\mm\Desktop\Oblivion [2011.06.15 10:25:52 | 000,000,000 | -H-D | C] -- C:\Users\mm\Desktop\RegSeeker [2011.06.13 16:57:45 | 000,000,000 | -H-D | C] -- C:\Users\mm\Documents\MeinSpore-Kreationen [2011.06.13 16:51:44 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Roaming\Spore [2011.06.13 16:48:07 | 000,000,000 | -H-D | C] -- C:\Users\mm\Desktop\Spore [2011.06.13 14:02:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\Skype Extras [2011.06.13 14:02:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2011.06.13 14:02:11 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Skype [2011.06.12 23:38:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS [2011.06.12 23:37:07 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Roaming\Lionhead Studios [2011.06.12 17:29:47 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Local\Ubisoft Game Launcher [2011.06.12 17:29:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\Ubisoft [2011.06.12 17:25:57 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Roaming\PunkBuster [2011.06.12 17:25:22 | 000,000,000 | ---D | C] -- C:\Programme\Ubisoft [2011.06.12 14:07:29 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Local\by_dekart811 [2011.06.12 13:19:43 | 002,106,216 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll [2011.06.12 13:19:43 | 001,998,168 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll [2011.06.12 13:19:43 | 001,868,128 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll [2011.06.12 13:19:43 | 000,527,192 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll [2011.06.12 13:19:43 | 000,470,880 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll [2011.06.12 13:19:43 | 000,248,672 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll [2011.06.12 13:19:43 | 000,239,960 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll [2011.06.12 13:19:43 | 000,074,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll [2011.06.12 13:19:42 | 000,528,216 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll [2011.06.12 13:19:42 | 000,238,936 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll [2011.06.12 13:19:42 | 000,074,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll [2011.06.12 13:19:42 | 000,022,360 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll [2011.06.12 12:43:46 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Local\FalloutNV [2011.06.08 23:41:19 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Local\SKIDROW [2011.06.08 23:31:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve [2011.06.07 22:08:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5 [2011.06.07 17:17:26 | 000,000,000 | -H-D | C] -- C:\Programme\ICQ7.5 [2011.05.30 11:11:40 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Roaming\.minecraft [2011.05.28 13:39:20 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Roaming\go [2011.05.28 13:39:18 | 000,000,000 | -H-D | C] -- C:\ProgramData\Easybits GO [2009.01.11 01:36:50 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.06.21 21:10:03 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.06.21 21:06:24 | 000,637,068 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.06.21 21:06:24 | 000,604,322 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.06.21 21:06:24 | 000,129,844 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.06.21 21:06:24 | 000,107,460 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.06.21 21:02:58 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2011.06.21 21:00:46 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.06.21 21:00:32 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.06.21 21:00:32 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.06.21 21:00:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.06.21 21:00:16 | 3218,042,880 | -HS- | M] () -- C:\hiberfil.sys [2011.06.21 20:59:27 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011.06.21 20:39:10 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\LogConfigTemp.xml [2011.06.21 20:36:22 | 000,404,640 | -H-- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011.06.21 20:20:20 | 000,000,240 | -H-- | M] () -- C:\ProgramData\~34660088 [2011.06.21 20:20:12 | 000,000,168 | -H-- | M] () -- C:\ProgramData\~34660088r [2011.06.21 19:33:43 | 000,000,595 | -H-- | M] () -- C:\Users\mm\Desktop\Windows Vista Repair.lnk [2011.06.21 19:33:27 | 000,000,344 | -H-- | M] () -- C:\ProgramData\34660088 [2011.06.21 19:33:22 | 000,372,736 | -H-- | M] (AnkhSVN) -- C:\ProgramData\34660088.exe [2011.06.21 19:24:14 | 000,462,848 | -H-- | M] (AnkhSVN) -- C:\ProgramData\SuHEcubHqhenx.exe [2011.06.21 18:14:32 | 000,088,602 | -H-- | M] () -- C:\ProgramData\nvModes.dat [2011.06.21 18:14:32 | 000,088,602 | -H-- | M] () -- C:\ProgramData\nvModes.001 [2011.06.20 21:16:06 | 036,964,286 | -H-- | M] () -- C:\Users\mm\Desktop\sd.flv [2011.06.17 17:46:07 | 000,078,336 | -H-- | M] () -- C:\Users\mm\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.06.17 01:22:26 | 000,426,787 | -H-- | M] () -- C:\Users\mm\Desktop\spacecore1.jpg [2011.06.17 01:01:29 | 000,269,122 | -H-- | M] () -- C:\Users\mm\Desktop\space_core_wallpaper_2_by_deathonabun-d3eta23.jpg [2011.06.16 00:50:47 | 000,040,209 | -H-- | M] () -- C:\Users\mm\Desktop\Turret Opera (Cara Mia) - SATB.pdf [2011.06.15 17:27:43 | 000,000,023 | -H-- | M] () -- C:\Windows\BlendSettings.ini [2011.06.14 13:20:21 | 000,000,900 | -H-- | M] () -- C:\Users\mm\Desktop\SporeApp.exe - Verknüpfung.lnk [2011.06.07 22:35:47 | 009,181,434 | -H-- | M] () -- C:\Users\mm\Desktop\andreas_bourani_-_nur_in_meinem_kopf_radio_edit.mp3 [2011.06.07 22:33:46 | 005,660,546 | -H-- | M] () -- C:\Users\mm\Desktop\bruno_mars_-_the_lazy_song.mp3 [2011.05.24 19:14:10 | 000,222,080 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2011.05.23 22:47:31 | 000,007,592 | -H-- | M] () -- C:\Users\mm\AppData\Local\d3d9caps.dat [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.06.21 20:20:12 | 000,000,240 | -H-- | C] () -- C:\ProgramData\~34660088 [2011.06.21 20:20:12 | 000,000,168 | -H-- | C] () -- C:\ProgramData\~34660088r [2011.06.21 19:33:43 | 000,000,595 | -H-- | C] () -- C:\Users\mm\Desktop\Windows Vista Repair.lnk [2011.06.21 19:33:27 | 000,000,344 | -H-- | C] () -- C:\ProgramData\34660088 [2011.06.20 21:05:38 | 036,964,286 | -H-- | C] () -- C:\Users\mm\Desktop\sd.flv [2011.06.17 01:16:14 | 000,426,787 | -H-- | C] () -- C:\Users\mm\Desktop\spacecore1.jpg [2011.06.17 01:01:29 | 000,269,122 | -H-- | C] () -- C:\Users\mm\Desktop\space_core_wallpaper_2_by_deathonabun-d3eta23.jpg [2011.06.16 00:50:42 | 000,040,209 | -H-- | C] () -- C:\Users\mm\Desktop\Turret Opera (Cara Mia) - SATB.pdf [2011.06.15 15:50:28 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011.06.14 13:20:23 | 000,000,900 | -H-- | C] () -- C:\Users\mm\Desktop\SporeApp.exe - Verknüpfung.lnk [2011.06.12 17:26:00 | 000,189,248 | -H-- | C] () -- C:\Windows\System32\PnkBstrB.exe [2011.06.12 17:25:58 | 000,075,136 | -H-- | C] () -- C:\Windows\System32\PnkBstrA.exe [2011.06.07 22:32:56 | 009,181,434 | -H-- | C] () -- C:\Users\mm\Desktop\andreas_bourani_-_nur_in_meinem_kopf_radio_edit.mp3 [2011.06.07 22:32:20 | 005,660,546 | -H-- | C] () -- C:\Users\mm\Desktop\bruno_mars_-_the_lazy_song.mp3 [2011.05.28 13:39:20 | 000,001,589 | -H-- | C] () -- C:\Users\mm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spielen (EasyBits GO).lnk [2011.04.09 18:55:28 | 000,179,261 | -H-- | C] () -- C:\Windows\System32\xlive.dll.cat [2010.12.03 17:05:10 | 000,000,634 | -H-- | C] () -- C:\Windows\WinInit.Ini [2010.10.29 11:31:20 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2010.04.13 13:16:46 | 000,000,796 | -H-- | C] () -- C:\Users\mm\AppData\Local\RT3070_{92BF1D77-2785-4757-B074-3F456D960FD4}_sta [2010.04.13 13:16:45 | 000,000,807 | -H-- | C] () -- C:\Users\mm\AppData\Local\RT3070_{92BF1D77-2785-4757-B074-3F456D960FD4}_prof [2010.04.13 13:13:32 | 000,014,640 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat [2010.04.13 13:13:32 | 000,004,096 | ---- | C] () -- C:\Windows\System32\drivers\rt2870.bin [2010.04.13 13:12:50 | 000,020,480 | -H-- | C] () -- C:\Windows\System32\RAEXTUI.dll [2010.03.05 14:35:39 | 000,000,113 | -H-- | C] () -- C:\Windows\(null)toolkit.ini [2010.02.20 20:49:40 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2010.02.20 20:49:40 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2010.01.29 18:51:53 | 000,000,023 | -H-- | C] () -- C:\Windows\BlendSettings.ini [2010.01.22 01:16:24 | 000,004,896 | -H-- | C] () -- C:\ProgramData\kbkwknay.ayh [2009.12.03 18:05:38 | 000,000,245 | -H-- | C] () -- C:\Windows\System32\AF15IRTBL.bin [2009.11.25 01:23:55 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009.11.17 13:08:34 | 000,197,424 | -H-- | C] () -- C:\Windows\System32\vpnapi.dll [2009.10.19 18:17:00 | 000,043,520 | -H-- | C] () -- C:\Windows\System32\CmdLineExt03.dll [2009.09.29 21:05:35 | 000,111,932 | -H-- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat [2009.09.29 21:05:35 | 000,024,903 | -H-- | C] () -- C:\Windows\System32\EPPICPattern3.dat [2009.09.29 21:05:35 | 000,021,390 | -H-- | C] () -- C:\Windows\System32\EPPICPattern5.dat [2009.09.29 21:05:35 | 000,020,148 | -H-- | C] () -- C:\Windows\System32\EPPICPattern2.dat [2009.09.29 21:05:35 | 000,011,811 | -H-- | C] () -- C:\Windows\System32\EPPICPattern4.dat [2009.09.29 21:05:35 | 000,004,943 | -H-- | C] () -- C:\Windows\System32\EPPICPattern6.dat [2009.09.29 21:05:35 | 000,001,146 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat [2009.09.29 21:05:35 | 000,001,139 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat [2009.09.29 21:05:35 | 000,001,139 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat [2009.09.29 21:05:35 | 000,001,136 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat [2009.09.29 21:05:35 | 000,001,129 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat [2009.09.29 21:05:35 | 000,001,129 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat [2009.09.29 21:05:35 | 000,001,120 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat [2009.09.29 21:05:35 | 000,001,107 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat [2009.09.29 21:05:35 | 000,001,104 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat [2009.09.29 21:05:35 | 000,000,097 | -H-- | C] () -- C:\Windows\System32\PICSDK.ini [2009.09.29 21:05:34 | 000,031,053 | -H-- | C] () -- C:\Windows\System32\EPPICPattern131.dat [2009.09.29 21:05:34 | 000,027,417 | -H-- | C] () -- C:\Windows\System32\EPPICPattern121.dat [2009.09.29 21:05:34 | 000,026,154 | -H-- | C] () -- C:\Windows\System32\EPPICPattern1.dat [2009.09.29 21:02:20 | 000,000,025 | -H-- | C] () -- C:\Windows\CDESX100DEFGIPS.ini [2009.09.26 01:55:39 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2009.09.18 17:22:43 | 000,004,096 | -H-- | C] () -- C:\Windows\d3dx.dat [2009.09.13 21:37:57 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.09.13 21:37:57 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009.09.09 20:14:50 | 000,007,592 | -H-- | C] () -- C:\Users\mm\AppData\Local\d3d9caps.dat [2009.08.11 15:26:32 | 000,078,336 | -H-- | C] () -- C:\Users\mm\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.08.10 13:00:25 | 000,000,000 | -H-- | C] () -- C:\Windows\nsreg.dat [2009.08.10 11:24:13 | 000,088,602 | -H-- | C] () -- C:\ProgramData\nvModes.dat [2009.08.10 11:24:13 | 000,088,602 | -H-- | C] () -- C:\ProgramData\nvModes.001 [2009.08.10 10:53:33 | 000,626,688 | -H-- | C] () -- C:\Windows\Image.dll [2009.08.10 10:53:33 | 000,200,704 | -H-- | C] () -- C:\Windows\PLFSetI.exe [2009.08.10 10:53:33 | 000,009,216 | -H-- | C] () -- C:\Windows\usbvideo_reg.exe [2009.08.10 10:53:33 | 000,000,036 | -H-- | C] () -- C:\Windows\PidList.ini [2009.08.10 10:52:16 | 000,118,784 | -H-- | C] () -- C:\Windows\System32\VMC3KAPI.dll [2009.01.11 01:34:58 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2009.01.10 19:13:08 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll [2009.01.10 19:13:08 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll [2009.01.10 18:43:02 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll [2009.01.10 18:22:30 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini [2009.01.10 18:22:30 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat [2009.01.10 18:22:30 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat [2009.01.10 18:20:35 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat [2009.01.10 17:17:40 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008.10.07 10:13:30 | 000,197,912 | -H-- | C] () -- C:\Windows\System32\physxcudart_20.dll [2008.10.07 10:13:22 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2008.10.07 10:13:20 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2008.10.07 10:13:20 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2008.10.07 10:13:20 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008.10.07 10:13:20 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2008.10.07 10:13:20 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2008.10.07 10:13:20 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2008.10.07 10:13:20 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2008.10.07 10:13:20 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2008.01.21 09:15:58 | 000,637,068 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2008.01.21 09:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2008.01.21 09:15:58 | 000,129,844 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2008.01.21 09:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2007.11.14 16:17:34 | 000,204,800 | -H-- | C] () -- C:\Windows\System32\CogentBioSDK.dll [2007.01.26 08:32:18 | 000,069,632 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 002,227,760 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,604,322 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,107,460 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2001.12.26 17:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001.09.04 00:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001.07.30 17:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001.07.23 23:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll ========== LOP Check ========== [2009.01.10 18:58:59 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console [2009.01.10 18:58:59 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console [2009.08.10 16:18:42 | 000,000,000 | -HSD | M] -- C:\Users\mm\AppData\Roaming\.# [2011.05.30 11:11:46 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\.minecraft [2009.08.10 11:11:07 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Acer [2009.01.10 18:58:59 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Acer GameZone Console [2011.03.20 18:04:01 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Bioshock [2011.03.28 19:42:25 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Bioshock2 [2009.10.16 22:15:06 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\DAEMON Tools [2009.12.04 03:22:38 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\DAEMON Tools Lite [2010.05.06 03:31:22 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\DC++ [2010.12.12 15:32:03 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Dropbox [2010.02.23 17:01:46 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\EPSON [2009.08.10 16:20:30 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\eSobi [2009.08.11 18:01:37 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Flood Light Games [2010.01.22 03:12:08 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\FreeFLVConverter [2011.06.21 17:33:47 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\go [2009.09.20 16:59:20 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Go Go Gourmet [2011.06.21 21:07:39 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\ICQ [2009.11.04 23:43:29 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\LimeWire [2011.06.12 23:37:07 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Lionhead Studios [2011.03.08 00:46:32 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\ManyCam [2009.09.16 00:46:46 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Meridian93 [2011.05.18 23:42:20 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Miranda [2011.01.05 03:48:01 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Nokia [2011.01.05 03:48:05 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Nokia Ovi Suite [2009.08.10 20:56:50 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Opera [2011.01.05 03:06:44 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\PC Suite [2009.12.30 00:12:27 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\ProtectDisc [2011.06.12 17:25:57 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\PunkBuster [2011.06.13 16:58:07 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Spore [2011.04.29 20:39:33 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Thunderbird [2010.01.27 02:44:38 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Trillian [2009.08.10 10:51:44 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Validity [2010.03.12 15:02:51 | 000,000,000 | --SD | M] -- C:\Users\mm\AppData\Roaming\Virtual CD v10 [2011.06.21 20:59:27 | 000,032,554 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2009.08.10 16:18:42 | 000,000,000 | -HSD | M] -- C:\Users\mm\AppData\Roaming\.# [2011.05.30 11:11:46 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\.minecraft [2009.08.10 11:11:07 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Acer [2009.01.10 18:58:59 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Acer GameZone Console [2011.06.03 00:50:27 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Adobe [2009.12.06 17:51:03 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\ArcSoft [2010.11.26 12:14:43 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Avira [2011.03.20 18:04:01 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Bioshock [2011.03.28 19:42:25 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Bioshock2 [2009.09.03 03:12:23 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\CyberLink [2009.10.16 22:15:06 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\DAEMON Tools [2009.12.04 03:22:38 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\DAEMON Tools Lite [2010.05.06 03:31:22 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\DC++ [2009.12.13 00:22:20 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\DivX [2010.12.12 15:32:03 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Dropbox [2011.06.13 14:15:30 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\dvdcss [2010.02.23 17:01:46 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\EPSON [2009.08.10 16:20:30 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\eSobi [2009.08.11 18:01:37 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Flood Light Games [2010.01.22 03:12:08 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\FreeFLVConverter [2011.06.21 17:33:47 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\go [2009.09.20 16:59:20 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Go Go Gourmet [2009.08.10 12:58:52 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Google [2009.08.10 20:40:53 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\GRETECH [2011.06.21 21:07:39 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\ICQ [2009.08.10 10:50:46 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Identities [2009.08.10 10:53:22 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\InstallShield [2009.08.11 22:42:04 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Intel [2009.11.04 23:43:29 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\LimeWire [2011.06.12 23:37:07 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Lionhead Studios [2009.08.10 11:12:27 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Macromedia [2010.09.16 17:08:13 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Malwarebytes [2011.03.08 00:46:32 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\ManyCam [2006.11.02 14:37:34 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Media Center Programs [2009.09.16 00:46:46 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Meridian93 [2011.03.19 18:54:44 | 000,000,000 | --SD | M] -- C:\Users\mm\AppData\Roaming\Microsoft [2011.05.18 23:42:20 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Miranda [2009.08.10 13:00:31 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Mozilla [2011.04.11 00:29:17 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\NCH Software [2011.01.05 03:48:01 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Nokia [2011.01.05 03:48:05 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Nokia Ovi Suite [2009.08.10 20:56:50 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Opera [2011.01.05 03:06:44 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\PC Suite [2009.12.30 00:12:27 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\ProtectDisc [2011.06.12 17:25:57 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\PunkBuster [2009.12.13 19:54:57 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Real [2009.11.08 01:42:16 | 000,000,000 | RH-D | M] -- C:\Users\mm\AppData\Roaming\SecuROM [2011.06.21 21:12:07 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Skype [2011.05.28 12:13:55 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\skypePM [2011.06.13 16:58:07 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Spore [2010.09.16 17:00:16 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\SUPERAntiSpyware.com [2011.04.29 20:39:33 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Thunderbird [2010.01.27 02:44:38 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Trillian [2011.05.17 19:25:59 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\U3 [2009.08.10 10:51:44 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Validity [2010.03.12 15:02:51 | 000,000,000 | --SD | M] -- C:\Users\mm\AppData\Roaming\Virtual CD v10 [2011.06.21 18:21:56 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\vlc [2011.05.23 23:15:44 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Winamp [2009.09.13 23:19:35 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\WinRAR < %APPDATA%\*.exe /s > [2010.02.26 07:10:20 | 021,979,992 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\Dropbox\bin\Dropbox.exe [2010.04.30 17:57:39 | 000,089,831 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\Dropbox\bin\Uninstall.exe [2009.10.28 21:39:40 | 000,163,840 | -H-- | M] (Mozilla Foundation) -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\crashreporter.exe [2009.10.28 21:39:41 | 000,196,608 | -H-- | M] (Mozilla Foundation) -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\updater.exe [2009.10.28 21:39:41 | 000,014,848 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\xpcshell.exe [2009.10.28 21:39:41 | 000,077,824 | -H-- | M] (Mozilla Foundation) -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\xpicleanup.exe [2009.10.28 21:39:41 | 000,266,240 | -H-- | M] (Mozilla Foundation) -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\xpidl.exe [2009.10.28 21:39:41 | 000,018,432 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\xpt_dump.exe [2009.10.28 21:39:41 | 000,014,336 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\xpt_link.exe [2009.10.28 21:39:41 | 000,073,728 | -H-- | M] (Mozilla Foundation) -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner-stub.exe [2009.10.28 21:39:41 | 000,102,400 | -H-- | M] (Mozilla Foundation) -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner.exe [2009.09.14 20:27:58 | 000,010,134 | RH-- | M] () -- C:\Users\mm\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe [2008.02.13 09:07:36 | 000,393,216 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\NCH Software\Components\aacenc3\aacenc3.exe [2007.11.27 09:41:32 | 000,405,504 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\NCH Software\Components\mp3el2\lame.exe [2011.02.24 17:07:45 | 000,835,440 | RH-- | M] () -- C:\Users\mm\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe [2010.01.15 02:43:03 | 000,439,816 | -H-- | M] (RealNetworks, Inc.) -- C:\Users\mm\AppData\Roaming\Real\Update\setup3.09\setup.exe [2009.12.14 03:55:08 | 000,079,368 | -H-- | M] (RealNetworks, Inc.) -- C:\Users\mm\AppData\Roaming\Real\Update\setup3.09\RUP\vista.exe [2007.10.23 09:27:20 | 000,110,592 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\U3\temp\cleanup.exe [2008.05.02 10:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Users\mm\AppData\Roaming\U3\temp\Launchpad Removal.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys [2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: EVENTLOG.DLL > [2007.01.12 23:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Programme\Cyberlink\PowerDirector\EventLog.dll < MD5 for: EXPLORER.EXE > [2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe [2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe [2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe [2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe < MD5 for: IASTOR.SYS > [2008.07.20 18:44:44 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\Programme\Intel\Intel Matrix Storage Manager\driver\IaStor.sys [2008.07.20 18:44:44 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\Windows\System32\drivers\iaStor.sys [2008.07.20 18:44:44 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7b6e77f6\iaStor.sys [2008.07.20 18:44:54 | 000,402,456 | ---- | M] (Intel Corporation) MD5=FC28E90F2204D8FD147FA9BFA8A51C01 -- C:\Programme\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys < MD5 for: IASTORV.SYS > [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: SCECLI.DLL > [2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll < MD5 for: USER32.DLL > [2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll [2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll [2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll < MD5 for: USERINIT.EXE > [2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe < MD5 for: WINLOGON.EXE > [2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < MD5 for: WS2IFSL.SYS > [2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys [2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > [2009.12.04 03:13:39 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys < %systemroot%\System32\config\*.sav > [2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2011.05.18 22:09:14 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll [2011.05.18 22:09:14 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll [2011.05.18 22:09:12 | 000,118,784 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\iepeers.dll [1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ] ========== Alternate Data Streams ========== @Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:DAFD38AE @Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:7CACEF61 @Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:4220A65C @Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:798A3728 @Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:2634FC95 @Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:4CF61E54 @Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:A42A9F39 @Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:793F316E @Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:AB689DEA @Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:05113FB9 @Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:4D066AD2 @Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:73933431 @Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:5D7E5A8F @Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:F65733F1 < End of report > |
|
26.06.2011, 13:12
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Desktop schwarz und Festplatte angeblich kaputt, die X-teZitat:
__________________ |
|
27.06.2011, 10:20
| #3 |
| | Desktop schwarz und Festplatte angeblich kaputt, die X-te Avira AntiVir Personal
__________________Erstellungsdatum der Reportdatei: Dienstag, 21. Juni 2011 20:21 Es wird nach 2790993 Virenstämmen gesucht. Das Programm läuft als uneingeschränkte Vollversion. Online-Dienste stehen zur Verfügung. Lizenznehmer : Avira AntiVir Personal - FREE Antivirus Seriennummer : 0000149996-ADJIE-0000001 Plattform : Windows Vista Windowsversion : (Service Pack 2) [6.0.6002] Boot Modus : Normal gebootet Benutzername : SYSTEM Computername : CHRISINFERNO Versionsinformationen: BUILD.DAT : 10.0.0.648 31823 Bytes 01.04.2011 18:23:00 AVSCAN.EXE : 10.0.4.2 442024 Bytes 22.05.2011 09:34:15 AVSCAN.DLL : 10.0.3.0 56168 Bytes 30.03.2010 11:42:16 LUKE.DLL : 10.0.3.2 104296 Bytes 11.12.2010 10:32:14 LUKERES.DLL : 10.0.0.0 13672 Bytes 14.01.2010 11:59:47 VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 10:24:04 VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 16:23:57 VBASE002.VDF : 7.11.3.0 1950720 Bytes 09.02.2011 17:10:07 VBASE003.VDF : 7.11.5.225 1980416 Bytes 07.04.2011 10:11:15 VBASE004.VDF : 7.11.8.178 2354176 Bytes 31.05.2011 08:38:22 VBASE005.VDF : 7.11.8.179 2048 Bytes 31.05.2011 08:38:22 VBASE006.VDF : 7.11.8.180 2048 Bytes 31.05.2011 08:38:23 VBASE007.VDF : 7.11.8.181 2048 Bytes 31.05.2011 08:38:23 VBASE008.VDF : 7.11.8.182 2048 Bytes 31.05.2011 08:38:23 VBASE009.VDF : 7.11.8.183 2048 Bytes 31.05.2011 08:38:23 VBASE010.VDF : 7.11.8.184 2048 Bytes 31.05.2011 08:38:23 VBASE011.VDF : 7.11.8.185 2048 Bytes 31.05.2011 08:38:23 VBASE012.VDF : 7.11.8.186 2048 Bytes 31.05.2011 08:38:23 VBASE013.VDF : 7.11.8.222 121856 Bytes 02.06.2011 08:38:25 VBASE014.VDF : 7.11.9.7 134656 Bytes 04.06.2011 09:39:46 VBASE015.VDF : 7.11.9.42 136192 Bytes 06.06.2011 09:39:46 VBASE016.VDF : 7.11.9.72 117248 Bytes 07.06.2011 09:39:46 VBASE017.VDF : 7.11.9.107 130560 Bytes 09.06.2011 09:39:47 VBASE018.VDF : 7.11.9.143 132096 Bytes 10.06.2011 09:39:47 VBASE019.VDF : 7.11.9.172 141824 Bytes 14.06.2011 08:43:09 VBASE020.VDF : 7.11.9.214 144896 Bytes 15.06.2011 08:43:10 VBASE021.VDF : 7.11.9.244 196608 Bytes 16.06.2011 08:43:11 VBASE022.VDF : 7.11.9.245 2048 Bytes 16.06.2011 08:43:11 VBASE023.VDF : 7.11.9.246 2048 Bytes 16.06.2011 08:43:11 VBASE024.VDF : 7.11.9.247 2048 Bytes 16.06.2011 08:43:11 VBASE025.VDF : 7.11.9.248 2048 Bytes 16.06.2011 08:43:11 VBASE026.VDF : 7.11.9.249 2048 Bytes 16.06.2011 08:43:11 VBASE027.VDF : 7.11.9.250 2048 Bytes 16.06.2011 08:43:11 VBASE028.VDF : 7.11.9.251 2048 Bytes 16.06.2011 08:43:12 VBASE029.VDF : 7.11.9.252 2048 Bytes 16.06.2011 08:43:12 VBASE030.VDF : 7.11.9.253 2048 Bytes 16.06.2011 08:43:12 VBASE031.VDF : 7.11.10.12 60416 Bytes 17.06.2011 08:43:12 Engineversion : 8.2.5.20 AEVDF.DLL : 8.1.2.1 106868 Bytes 14.11.2010 19:04:30 AESCRIPT.DLL : 8.1.3.65 1606010 Bytes 28.05.2011 10:15:26 AESCN.DLL : 8.1.7.2 127349 Bytes 11.12.2010 10:32:13 AESBX.DLL : 8.2.1.34 323957 Bytes 03.06.2011 08:38:40 AERDL.DLL : 8.1.9.9 639347 Bytes 26.03.2011 10:09:24 AEPACK.DLL : 8.2.6.9 557429 Bytes 18.06.2011 08:43:25 AEOFFICE.DLL : 8.1.1.25 205178 Bytes 03.06.2011 08:38:39 AEHEUR.DLL : 8.1.2.128 3547512 Bytes 18.06.2011 08:43:22 AEHELP.DLL : 8.1.17.2 246135 Bytes 22.05.2011 09:34:15 AEGEN.DLL : 8.1.5.6 401780 Bytes 22.05.2011 09:34:15 AEEMU.DLL : 8.1.3.0 393589 Bytes 11.12.2010 10:32:11 AECORE.DLL : 8.1.21.1 196983 Bytes 28.05.2011 10:15:22 AEBB.DLL : 8.1.1.0 53618 Bytes 14.11.2010 19:04:30 AVWINLL.DLL : 10.0.0.0 19304 Bytes 14.01.2010 11:59:10 AVPREF.DLL : 10.0.0.0 44904 Bytes 14.01.2010 11:59:07 AVREP.DLL : 10.0.0.10 174120 Bytes 22.05.2011 09:34:15 AVREG.DLL : 10.0.3.2 53096 Bytes 14.11.2010 19:04:30 AVSCPLR.DLL : 10.0.4.2 84840 Bytes 22.05.2011 09:34:15 AVARKT.DLL : 10.0.22.6 231784 Bytes 11.12.2010 10:32:14 AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26.01.2010 09:53:25 SQLITE3.DLL : 3.6.19.0 355688 Bytes 28.01.2010 12:57:53 AVSMTP.DLL : 10.0.0.17 63848 Bytes 16.03.2010 15:38:54 NETNT.DLL : 10.0.0.0 11624 Bytes 19.02.2010 14:40:55 RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28.01.2010 13:10:08 RCTEXT.DLL : 10.0.58.0 98152 Bytes 14.11.2010 19:04:30 Konfiguration für den aktuellen Suchlauf: Job Name..............................: Vollständige Systemprüfung Konfigurationsdatei...................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp Protokollierung.......................: niedrig Primäre Aktion........................: interaktiv Sekundäre Aktion......................: ignorieren Durchsuche Masterbootsektoren.........: ein Durchsuche Bootsektoren...............: ein Bootsektoren..........................: C:, D:, E:, Durchsuche aktive Programme...........: ein Laufende Programme erweitert..........: ein Durchsuche Registrierung..............: ein Suche nach Rootkits...................: ein Integritätsprüfung von Systemdateien..: aus Datei Suchmodus.......................: Alle Dateien Durchsuche Archive....................: ein Rekursionstiefe einschränken..........: 20 Archiv Smart Extensions...............: ein Makrovirenheuristik...................: ein Dateiheuristik........................: mittel Beginn des Suchlaufs: Dienstag, 21. Juni 2011 20:21 Der Suchlauf nach versteckten Objekten wird begonnen. Der Suchlauf wurde abgebrochen! Ende des Suchlaufs: Dienstag, 21. Juni 2011 20:36 Benötigte Zeit: 15:34 Minute(n) Der Suchlauf wurde abgebrochen! 0 Verzeichnisse wurden überprüft 0 Dateien wurden geprüft 0 Viren bzw. unerwünschte Programme wurden gefunden 0 Dateien wurden als verdächtig eingestuft 0 Dateien wurden gelöscht 0 Viren bzw. unerwünschte Programme wurden repariert 0 Dateien wurden in die Quarantäne verschoben 0 Dateien wurden umbenannt 0 Dateien konnten nicht durchsucht werden 0 Dateien ohne Befall 0 Archive wurden durchsucht 0 Warnungen 0 Hinweise 64273 Objekte wurden beim Rootkitscan durchsucht 0 Versteckte Objekte wurden gefunden Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4629 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8112.16421 22.06.2011 00:09:47 mbam-log-2011-06-22 (00-09-47).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Durchsuchte Objekte: 335739 Laufzeit: 1 Stunde(n), 37 Minute(n), 6 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) SUPERAntiSpyware Scan Log hxxp://www.superantispyware.com Generated 06/21/2011 at 10:31 PM Application Version : 4.54.1000 Core Rules Database Version : 5517 Trace Rules Database Version: 3329 Scan type : Complete Scan Total Scan Time : 00:53:41 Memory items scanned : 774 Memory threats detected : 0 Registry items scanned : 10137 Registry threats detected : 0 File items scanned : 38484 File threats detected : 4 Adware.Tracking Cookie C:\Users\mm\AppData\Roaming\Microsoft\Windows\Cookies\mm@ad2.adfarm1.adition[1].txt C:\Users\mm\AppData\Roaming\Microsoft\Windows\Cookies\mm@doubleclick[1].txt C:\Users\mm\AppData\Roaming\Microsoft\Windows\Cookies\mm@ad4.adfarm1.adition[1].txt C:\Users\mm\AppData\Roaming\Microsoft\Windows\Cookies\mm@adfarm1.adition[1].txt |
|
27.06.2011, 11:07
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Desktop schwarz und Festplatte angeblich kaputt, die X-teZitat:
Aktualisiere auf das neuste Malwarebytes. Lad das Setup neu runter, installier es und lass die Signaturen aktualisieren. Danach einen neuen Vollscan machen.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
27.06.2011, 21:15
| #5 |
| | Desktop schwarz und Festplatte angeblich kaputt, die X-te Hat sich alles erledigt. Neueste version des Malware-programm + unhide.exe hat meine ganzen Datein wiedergebracht. Danke für den Tipp. |
|
28.06.2011, 11:53
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Desktop schwarz und Festplatte angeblich kaputt, die X-te Ja ich will das Log aber sehen, fertig sind wir hier noch nicht.
__________________ --> Desktop schwarz und Festplatte angeblich kaputt, die X-te |
|
28.06.2011, 16:19
| #7 |
| | Desktop schwarz und Festplatte angeblich kaputt, die X-te Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Datenbank Version: 6961 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8112.16421 27.06.2011 21:36:44 mbam-log-2011-06-27 (21-36-44).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|) Durchsuchte Objekte: 462450 Laufzeit: 1 Stunde(n), 47 Minute(n), 46 Sekunde(n) Infizierte Speicherprozesse: 2 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 1 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 5 Infizierte Speicherprozesse: c:\programdata\suhecubhqhenx.exe (Trojan.FakeHDD) -> 3192 -> Unloaded process successfully. c:\programdata\34660088.exe (Trojan.FraudPack.PF) -> 3604 -> Unloaded process successfully. Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SuHEcubHqhenx (Trojan.FakeHDD) -> Value: SuHEcubHqhenx -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: c:\programdata\suhecubhqhenx.exe (Trojan.FakeHDD) -> Quarantined and deleted successfully. c:\programdata\34660088.exe (Trojan.FraudPack.PF) -> Quarantined and deleted successfully. c:\program files\alcohol soft\alcohol 52\Langs\AX_RU.dll (Malware.Packer.GenX) -> Quarantined and deleted successfully. c:\Users\mm\AppData\Local\Temp\2FD.tmp (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully. c:\Users\mm\AppData\Local\Temp\tmp6FA4.tmp (Trojan.FakeHDD) -> Quarantined and deleted successfully. |
|
28.06.2011, 20:01
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Desktop schwarz und Festplatte angeblich kaputt, die X-te Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
PRC - C:\ProgramData\34660088.exe (AnkhSVN)
PRC - C:\ProgramData\SuHEcubHqhenx.exe (AnkhSVN)
O4 - HKU\S-1-5-21-302941472-1964095108-563845418-1000..\Run: [SuHEcubHqhenx] C:\ProgramData\SuHEcubHqhenx.exe (AnkhSVN)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a59387c4-e072-11de-b713-00a0d1ae1104}\Shell - "" = AutoRun
O33 - MountPoints2\{a59387c4-e072-11de-b713-00a0d1ae1104}\Shell\AutoRun\command - "" = J:\OblivionLauncher.exe
[2011.06.21 19:33:42 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Repair
[2011.06.21 19:33:21 | 000,372,736 | -H-- | C] (AnkhSVN) -- C:\ProgramData\34660088.exe
[2011.06.21 19:24:15 | 000,462,848 | -H-- | C] (AnkhSVN) -- C:\ProgramData\SuHEcubHqhenx.exe
[2011.06.15 11:00:06 | 000,000,000 | -H-D | C] -- C:\Users\mm\Desktop\Oblivion
[2011.06.15 10:25:52 | 000,000,000 | -H-D | C] -- C:\Users\mm\Desktop\RegSeeker
[2011.06.21 20:20:20 | 000,000,240 | -H-- | M] () -- C:\ProgramData\~34660088
[2011.06.21 20:20:12 | 000,000,168 | -H-- | M] () -- C:\ProgramData\~34660088r
[2011.06.21 19:33:43 | 000,000,595 | -H-- | M] () -- C:\Users\mm\Desktop\Windows Vista Repair.lnk
[2011.06.21 19:33:27 | 000,000,344 | -H-- | M] () -- C:\ProgramData\34660088
[2011.06.21 19:33:22 | 000,372,736 | -H-- | M] (AnkhSVN) -- C:\ProgramData\34660088.exe
[2011.06.21 19:24:14 | 000,462,848 | -H-- | M] (AnkhSVN) -- C:\ProgramData\SuHEcubHqhenx.exe
[2009.08.10 16:18:42 | 000,000,000 | -HSD | M] -- C:\Users\mm\AppData\Roaming\.#
@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:DAFD38AE
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:7CACEF61
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:4220A65C
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:798A3728
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:2634FC95
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:A42A9F39
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:793F316E
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:05113FB9
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:73933431
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:F65733F1
:Commands
[purity]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.06.2011, 23:30
| #9 |
| | Desktop schwarz und Festplatte angeblich kaputt, die X-te ========== OTL ========== No active process named 34660088.exe was found! No active process named SuHEcubHqhenx.exe was found! Registry value HKEY_USERS\S-1-5-21-302941472-1964095108-563845418-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SuHEcubHqhenx not found. File C:\ProgramData\SuHEcubHqhenx.exe not found. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! C:\autoexec.bat moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a59387c4-e072-11de-b713-00a0d1ae1104}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a59387c4-e072-11de-b713-00a0d1ae1104}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a59387c4-e072-11de-b713-00a0d1ae1104}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a59387c4-e072-11de-b713-00a0d1ae1104}\ not found. File J:\OblivionLauncher.exe not found. C:\Users\mm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Repair folder moved successfully. File C:\ProgramData\34660088.exe not found. File C:\ProgramData\SuHEcubHqhenx.exe not found. C:\Users\mm\Desktop\Oblivion\Mods folder moved successfully. C:\Users\mm\Desktop\Oblivion folder moved successfully. C:\Users\mm\Desktop\RegSeeker\Languages folder moved successfully. C:\Users\mm\Desktop\RegSeeker\Backup folder moved successfully. C:\Users\mm\Desktop\RegSeeker folder moved successfully. C:\ProgramData\~34660088 moved successfully. C:\ProgramData\~34660088r moved successfully. File C:\Users\mm\Desktop\Windows Vista Repair.lnk not found. C:\ProgramData\34660088 moved successfully. File C:\ProgramData\34660088.exe not found. File C:\ProgramData\SuHEcubHqhenx.exe not found. C:\Users\mm\AppData\Roaming\.# folder moved successfully. ADS C:\ProgramData\Temp  AFD38AE deleted successfully.ADS C:\ProgramData\Temp:7CACEF61 deleted successfully. ADS C:\ProgramData\Temp:4220A65C deleted successfully. ADS C:\ProgramData\Temp:798A3728 deleted successfully. ADS C:\ProgramData\Temp:2634FC95 deleted successfully. ADS C:\ProgramData\Temp:4CF61E54 deleted successfully. ADS C:\ProgramData\Temp:A42A9F39 deleted successfully. ADS C:\ProgramData\Temp:793F316E deleted successfully. ADS C:\ProgramData\Temp:AB689DEA deleted successfully. ADS C:\ProgramData\Temp:05113FB9 deleted successfully. ADS C:\ProgramData\Temp:4D066AD2 deleted successfully. ADS C:\ProgramData\Temp:73933431 deleted successfully. ADS C:\ProgramData\Temp:5D7E5A8F deleted successfully. ADS C:\ProgramData\Temp:F65733F1 deleted successfully. ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.24.1 log created on 06292011_002941 |
|
29.06.2011, 09:14
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Desktop schwarz und Festplatte angeblich kaputt, die X-te Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - also beide Haken setzen, auf Start scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.06.2011, 14:52
| #11 |
| | Desktop schwarz und Festplatte angeblich kaputt, die X-te 2011/06/29 15:49:12.0719 4780 TDSS rootkit removing tool 2.5.8.0 Jun 28 2011 19:12:16 2011/06/29 15:49:13.0002 4780 ================================================================================ 2011/06/29 15:49:13.0002 4780 SystemInfo: 2011/06/29 15:49:13.0002 4780 2011/06/29 15:49:13.0002 4780 OS Version: 6.0.6002 ServicePack: 2.0 2011/06/29 15:49:13.0002 4780 Product type: Workstation 2011/06/29 15:49:13.0002 4780 ComputerName: CHRISINFERNO 2011/06/29 15:49:13.0002 4780 UserName: mm 2011/06/29 15:49:13.0003 4780 Windows directory: C:\Windows 2011/06/29 15:49:13.0003 4780 System windows directory: C:\Windows 2011/06/29 15:49:13.0003 4780 Processor architecture: Intel x86 2011/06/29 15:49:13.0003 4780 Number of processors: 2 2011/06/29 15:49:13.0003 4780 Page size: 0x1000 2011/06/29 15:49:13.0003 4780 Boot type: Normal boot 2011/06/29 15:49:13.0003 4780 ================================================================================ 2011/06/29 15:49:13.0809 4780 Initialize success 2011/06/29 15:49:52.0307 6120 ================================================================================ 2011/06/29 15:49:52.0307 6120 Scan started 2011/06/29 15:49:52.0307 6120 Mode: Manual; 2011/06/29 15:49:52.0307 6120 ================================================================================ 2011/06/29 15:49:52.0745 6120 acedrv11 (a6fe70357a68ad1e279cd1012419cce6) C:\Windows\system32\drivers\acedrv11.sys 2011/06/29 15:49:52.0861 6120 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 2011/06/29 15:49:53.0237 6120 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\Windows\system32\drivers\adfs.sys 2011/06/29 15:49:53.0390 6120 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 2011/06/29 15:49:53.0502 6120 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 2011/06/29 15:49:53.0707 6120 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 2011/06/29 15:49:53.0786 6120 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 2011/06/29 15:49:53.0862 6120 AF15BDA (639a9c2dab390769be8fa23854435876) C:\Windows\system32\Drivers\AF15BDA.sys 2011/06/29 15:49:54.0142 6120 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\Windows\system32\drivers\Afc.sys 2011/06/29 15:49:54.0288 6120 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys 2011/06/29 15:49:54.0506 6120 AgereSoftModem (38325c6aa8eae011897d61ce48ec6435) C:\Windows\system32\DRIVERS\AGRSM.sys 2011/06/29 15:49:54.0695 6120 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 2011/06/29 15:49:54.0756 6120 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2011/06/29 15:49:54.0839 6120 AlfaFF (8d59617a9c3dbf4650aa44f4e9215744) C:\Windows\system32\Drivers\AlfaFF.sys 2011/06/29 15:49:54.0876 6120 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 2011/06/29 15:49:54.0899 6120 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 2011/06/29 15:49:54.0935 6120 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 2011/06/29 15:49:54.0972 6120 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 2011/06/29 15:49:55.0019 6120 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 2011/06/29 15:49:55.0232 6120 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 2011/06/29 15:49:55.0332 6120 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 2011/06/29 15:49:55.0439 6120 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/06/29 15:49:55.0479 6120 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys 2011/06/29 15:49:55.0612 6120 atksgt (3c4b9850a2631c2263507400d029057b) C:\Windows\system32\DRIVERS\atksgt.sys 2011/06/29 15:49:55.0721 6120 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys 2011/06/29 15:49:55.0836 6120 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys 2011/06/29 15:49:55.0911 6120 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys 2011/06/29 15:49:56.0014 6120 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 2011/06/29 15:49:56.0084 6120 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 2011/06/29 15:49:56.0147 6120 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 2011/06/29 15:49:56.0251 6120 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2011/06/29 15:49:56.0281 6120 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2011/06/29 15:49:56.0341 6120 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2011/06/29 15:49:56.0368 6120 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2011/06/29 15:49:56.0402 6120 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2011/06/29 15:49:56.0449 6120 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2011/06/29 15:49:56.0618 6120 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys 2011/06/29 15:49:56.0688 6120 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 2011/06/29 15:49:56.0739 6120 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys 2011/06/29 15:49:56.0818 6120 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys 2011/06/29 15:49:56.0945 6120 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys 2011/06/29 15:49:57.0062 6120 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/06/29 15:49:57.0155 6120 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 2011/06/29 15:49:57.0241 6120 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys 2011/06/29 15:49:57.0310 6120 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 2011/06/29 15:49:57.0546 6120 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/06/29 15:49:57.0583 6120 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 2011/06/29 15:49:57.0624 6120 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 2011/06/29 15:49:57.0649 6120 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 2011/06/29 15:49:57.0692 6120 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 2011/06/29 15:49:57.0771 6120 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\Windows\system32\DRIVERS\CVirtA.sys 2011/06/29 15:49:57.0944 6120 CVPNDRVA (c23025ac5ae45a105d63bd6e2408edd4) C:\Windows\system32\Drivers\CVPNDRVA.sys 2011/06/29 15:49:58.0235 6120 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys 2011/06/29 15:49:58.0376 6120 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 2011/06/29 15:49:58.0831 6120 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys 2011/06/29 15:49:58.0919 6120 DNE (b5aa5aa5ac327bd7c1aec0c58f0c1144) C:\Windows\system32\DRIVERS\dne2000.sys 2011/06/29 15:49:59.0000 6120 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys 2011/06/29 15:49:59.0104 6120 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 2011/06/29 15:49:59.0178 6120 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 2011/06/29 15:49:59.0230 6120 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 2011/06/29 15:49:59.0302 6120 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 2011/06/29 15:49:59.0427 6120 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 2011/06/29 15:49:59.0522 6120 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 2011/06/29 15:49:59.0636 6120 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 2011/06/29 15:49:59.0790 6120 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 2011/06/29 15:49:59.0834 6120 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 2011/06/29 15:49:59.0903 6120 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 2011/06/29 15:49:59.0927 6120 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 2011/06/29 15:49:59.0986 6120 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/06/29 15:50:00.0052 6120 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 2011/06/29 15:50:00.0121 6120 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 2011/06/29 15:50:00.0151 6120 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 2011/06/29 15:50:00.0301 6120 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys 2011/06/29 15:50:00.0356 6120 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 2011/06/29 15:50:00.0413 6120 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/06/29 15:50:00.0498 6120 HH10Help.sys (d1c92d1e1620da2e22e3f483a73729d7) C:\Windows\system32\drivers\HH10Help.sys 2011/06/29 15:50:00.0542 6120 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2011/06/29 15:50:00.0579 6120 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys 2011/06/29 15:50:00.0626 6120 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 2011/06/29 15:50:00.0667 6120 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 2011/06/29 15:50:00.0715 6120 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 2011/06/29 15:50:00.0743 6120 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 2011/06/29 15:50:00.0787 6120 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/06/29 15:50:00.0868 6120 iaStor (707c1692214b1c290271067197f075f6) C:\Windows\system32\DRIVERS\iaStor.sys 2011/06/29 15:50:00.0906 6120 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 2011/06/29 15:50:01.0009 6120 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2011/06/29 15:50:01.0046 6120 int15 (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\Windows\system32\drivers\int15.sys 2011/06/29 15:50:01.0113 6120 IntcAzAudAddService (219ca9a36d6de2ec04f958c907673436) C:\Windows\system32\drivers\RTKVHDA.sys 2011/06/29 15:50:01.0163 6120 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 2011/06/29 15:50:01.0239 6120 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 2011/06/29 15:50:01.0273 6120 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/06/29 15:50:01.0333 6120 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 2011/06/29 15:50:01.0367 6120 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 2011/06/29 15:50:01.0393 6120 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 2011/06/29 15:50:01.0425 6120 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 2011/06/29 15:50:01.0463 6120 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/06/29 15:50:01.0488 6120 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2011/06/29 15:50:01.0531 6120 itecir (8bcd857c7932ad005d5f9c89329da2e1) C:\Windows\system32\DRIVERS\itecir.sys 2011/06/29 15:50:01.0559 6120 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2011/06/29 15:50:01.0610 6120 JMCR (7e6a3e1cd74e8c97eed06670d2a691da) C:\Windows\system32\DRIVERS\jmcr.sys 2011/06/29 15:50:01.0646 6120 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/06/29 15:50:01.0690 6120 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/06/29 15:50:01.0757 6120 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 2011/06/29 15:50:01.0823 6120 L1E (24abddeb766c8459f9d562eb083b6cb8) C:\Windows\system32\DRIVERS\L1E60x86.sys 2011/06/29 15:50:01.0897 6120 lirsgt (4127e8b6ddb4090e815c1f8852c277d3) C:\Windows\system32\DRIVERS\lirsgt.sys 2011/06/29 15:50:01.0944 6120 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/06/29 15:50:02.0226 6120 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 2011/06/29 15:50:02.0260 6120 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 2011/06/29 15:50:02.0298 6120 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 2011/06/29 15:50:02.0327 6120 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 2011/06/29 15:50:02.0421 6120 MBAMProtector (3d2c13377763eeac0ca6fb46f57217ed) C:\Windows\system32\drivers\mbam.sys 2011/06/29 15:50:02.0470 6120 MBAMSwissArmy (b309912717c29fc67e1ba4730a82b6dd) C:\Windows\system32\drivers\mbamswissarmy.sys 2011/06/29 15:50:02.0530 6120 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 2011/06/29 15:50:02.0576 6120 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 2011/06/29 15:50:02.0641 6120 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 2011/06/29 15:50:02.0666 6120 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 2011/06/29 15:50:02.0695 6120 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 2011/06/29 15:50:02.0798 6120 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 2011/06/29 15:50:02.0834 6120 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 2011/06/29 15:50:02.0875 6120 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 2011/06/29 15:50:02.0906 6120 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 2011/06/29 15:50:02.0954 6120 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2011/06/29 15:50:03.0010 6120 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 2011/06/29 15:50:03.0227 6120 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/06/29 15:50:03.0273 6120 mrxsmb10 (d4a3c7c580c4ccb5c06f2ada933ad507) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/06/29 15:50:03.0326 6120 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/06/29 15:50:03.0431 6120 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys 2011/06/29 15:50:03.0462 6120 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 2011/06/29 15:50:03.0506 6120 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 2011/06/29 15:50:03.0548 6120 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 2011/06/29 15:50:03.0592 6120 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 2011/06/29 15:50:03.0618 6120 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/06/29 15:50:03.0637 6120 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 2011/06/29 15:50:03.0687 6120 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 2011/06/29 15:50:03.0764 6120 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/06/29 15:50:03.0828 6120 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 2011/06/29 15:50:03.0896 6120 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 2011/06/29 15:50:04.0058 6120 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 2011/06/29 15:50:04.0309 6120 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 2011/06/29 15:50:04.0363 6120 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/06/29 15:50:04.0393 6120 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/06/29 15:50:04.0459 6120 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/06/29 15:50:04.0501 6120 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 2011/06/29 15:50:04.0525 6120 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 2011/06/29 15:50:04.0595 6120 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 2011/06/29 15:50:04.0691 6120 netr28u (b13cd27ca82d94e8e7f5e75022569e8d) C:\Windows\system32\DRIVERS\netr28u.sys 2011/06/29 15:50:04.0815 6120 NETw5v32 (e559ea9138c77b5d1fda8c558764a25f) C:\Windows\system32\DRIVERS\NETw5v32.sys 2011/06/29 15:50:05.0026 6120 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2011/06/29 15:50:05.0308 6120 nmwcd (c3963d85b721a7f80d8a55f4e2867a3a) C:\Windows\system32\drivers\ccdcmb.sys 2011/06/29 15:50:05.0355 6120 nmwcdc (3859c69a77793180548802dac9f34a38) C:\Windows\system32\drivers\ccdcmbo.sys 2011/06/29 15:50:05.0405 6120 nmwcdnsu (338f83ee9cb9e15eeacf0cbb90218cbf) C:\Windows\system32\drivers\nmwcdnsu.sys 2011/06/29 15:50:05.0440 6120 nmwcdnsuc (d15bac979144fb69ed28f97b2dd84d48) C:\Windows\system32\drivers\nmwcdnsuc.sys 2011/06/29 15:50:05.0485 6120 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 2011/06/29 15:50:05.0536 6120 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 2011/06/29 15:50:05.0602 6120 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 2011/06/29 15:50:05.0759 6120 NTIDrvr (2757d2ba59aee155209e24942ab127c9) C:\Windows\system32\DRIVERS\NTIDrvr.sys 2011/06/29 15:50:06.0062 6120 NTIPPKernel (547bfa3591c70674b0bfc99354ab78b3) C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys 2011/06/29 15:50:06.0191 6120 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2011/06/29 15:50:06.0270 6120 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 2011/06/29 15:50:06.0312 6120 NVHDA (723931a765e8cddf7ffcb42f5a72ce79) C:\Windows\system32\drivers\nvhda32v.sys 2011/06/29 15:50:06.0538 6120 nvlddmkm (8c5e88d74712dc6b6208e627f80bad1b) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2011/06/29 15:50:06.0734 6120 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 2011/06/29 15:50:06.0897 6120 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 2011/06/29 15:50:07.0019 6120 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 2011/06/29 15:50:07.0130 6120 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys 2011/06/29 15:50:07.0189 6120 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 2011/06/29 15:50:07.0246 6120 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 2011/06/29 15:50:07.0275 6120 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 2011/06/29 15:50:07.0423 6120 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys 2011/06/29 15:50:07.0478 6120 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 2011/06/29 15:50:07.0529 6120 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys 2011/06/29 15:50:07.0585 6120 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2011/06/29 15:50:07.0652 6120 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2011/06/29 15:50:08.0050 6120 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 2011/06/29 15:50:08.0369 6120 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys 2011/06/29 15:50:08.0493 6120 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 2011/06/29 15:50:08.0681 6120 PSDFilter (628321c8dd76ad369b362b202e655a68) C:\Windows\system32\DRIVERS\psdfilter.sys 2011/06/29 15:50:08.0810 6120 PSDNServ (79d7117e62709c7690cf3dd55acead37) C:\Windows\system32\DRIVERS\PSDNServ.sys 2011/06/29 15:50:09.0468 6120 psdvdisk (cae5e82827990cf4bd4a49576bde3a43) C:\Windows\system32\DRIVERS\PSDVdisk.sys 2011/06/29 15:50:09.0933 6120 PxHelp20 (d970470f8f39470bdae94d313a1ccdce) C:\Windows\system32\Drivers\PxHelp20.sys 2011/06/29 15:50:10.0531 6120 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 2011/06/29 15:50:10.0678 6120 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2011/06/29 15:50:11.0168 6120 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 2011/06/29 15:50:11.0494 6120 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 2011/06/29 15:50:11.0594 6120 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/06/29 15:50:11.0801 6120 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/06/29 15:50:12.0230 6120 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 2011/06/29 15:50:12.0380 6120 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 2011/06/29 15:50:12.0446 6120 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/06/29 15:50:12.0484 6120 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 2011/06/29 15:50:12.0516 6120 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 2011/06/29 15:50:12.0581 6120 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 2011/06/29 15:50:12.0707 6120 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys 2011/06/29 15:50:12.0823 6120 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 2011/06/29 15:50:12.0987 6120 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 2011/06/29 15:50:13.0002 6120 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 2011/06/29 15:50:13.0190 6120 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2011/06/29 15:50:13.0312 6120 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/06/29 15:50:13.0376 6120 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 2011/06/29 15:50:13.0405 6120 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 2011/06/29 15:50:13.0436 6120 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 2011/06/29 15:50:13.0506 6120 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys 2011/06/29 15:50:13.0529 6120 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 2011/06/29 15:50:13.0562 6120 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys 2011/06/29 15:50:13.0592 6120 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 2011/06/29 15:50:13.0640 6120 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 2011/06/29 15:50:13.0693 6120 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 2011/06/29 15:50:13.0745 6120 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 2011/06/29 15:50:13.0820 6120 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 2011/06/29 15:50:13.0872 6120 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 2011/06/29 15:50:13.0931 6120 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 2011/06/29 15:50:14.0237 6120 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys 2011/06/29 15:50:14.0611 6120 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys 2011/06/29 15:50:14.0771 6120 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys 2011/06/29 15:50:15.0249 6120 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 2011/06/29 15:50:15.0358 6120 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2011/06/29 15:50:15.0630 6120 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2011/06/29 15:50:15.0813 6120 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2011/06/29 15:50:15.0913 6120 SynTP (93d33a3a0a4516584a1394c7821bae2e) C:\Windows\system32\DRIVERS\SynTP.sys 2011/06/29 15:50:16.0348 6120 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys 2011/06/29 15:50:16.0637 6120 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys 2011/06/29 15:50:17.0057 6120 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 2011/06/29 15:50:17.0384 6120 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 2011/06/29 15:50:17.0470 6120 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 2011/06/29 15:50:17.0686 6120 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 2011/06/29 15:50:17.0790 6120 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 2011/06/29 15:50:18.0010 6120 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/06/29 15:50:18.0141 6120 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 2011/06/29 15:50:18.0339 6120 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 2011/06/29 15:50:18.0506 6120 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 2011/06/29 15:50:18.0557 6120 UBHelper (f763e070843ee2803de1395002b42938) C:\Windows\system32\drivers\UBHelper.sys 2011/06/29 15:50:18.0644 6120 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 2011/06/29 15:50:18.0934 6120 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 2011/06/29 15:50:19.0037 6120 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 2011/06/29 15:50:19.0226 6120 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2011/06/29 15:50:19.0591 6120 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2011/06/29 15:50:19.0862 6120 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 2011/06/29 15:50:20.0226 6120 upperdev (0ccadc7391021376edbb8aa649d04e68) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys 2011/06/29 15:50:20.0498 6120 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/06/29 15:50:20.0760 6120 USBCCID (32c068eaf37c92d7194eee1faa1e7853) C:\Windows\system32\DRIVERS\usbccid.sys 2011/06/29 15:50:20.0882 6120 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2011/06/29 15:50:21.0101 6120 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 2011/06/29 15:50:21.0347 6120 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 2011/06/29 15:50:21.0479 6120 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 2011/06/29 15:50:21.0601 6120 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 2011/06/29 15:50:21.0794 6120 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 2011/06/29 15:50:22.0106 6120 usbser (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\drivers\usbser.sys 2011/06/29 15:50:22.0817 6120 UsbserFilt (68b4f83cccf70a2ff32ee142c234332a) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys 2011/06/29 15:50:23.0262 6120 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/06/29 15:50:23.0660 6120 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/06/29 15:50:24.0225 6120 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 2011/06/29 15:50:24.0581 6120 vfs101x (4d45a93a7dd638ca2db0a86fbfbf42d1) C:\Windows\system32\drivers\vfs101x.sys 2011/06/29 15:50:24.0782 6120 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/06/29 15:50:25.0199 6120 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 2011/06/29 15:50:25.0526 6120 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 2011/06/29 15:50:25.0614 6120 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 2011/06/29 15:50:25.0929 6120 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 2011/06/29 15:50:26.0118 6120 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 2011/06/29 15:50:26.0473 6120 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 2011/06/29 15:50:27.0081 6120 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 2011/06/29 15:50:27.0502 6120 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 2011/06/29 15:50:27.0665 6120 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2011/06/29 15:50:28.0031 6120 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/06/29 15:50:28.0118 6120 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/06/29 15:50:28.0509 6120 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 2011/06/29 15:50:29.0026 6120 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 2011/06/29 15:50:29.0218 6120 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys 2011/06/29 15:50:29.0573 6120 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 2011/06/29 15:50:29.0784 6120 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/06/29 15:50:30.0112 6120 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/06/29 15:50:30.0284 6120 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (4d840c6af3c020ed3a35efba9025cf4a) C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl 2011/06/29 15:50:30.0519 6120 MBR (0x1B8) (bb9d3a6a13c5010348da7c900bb6af50) \Device\Harddisk0\DR0 2011/06/29 15:50:30.0552 6120 MBR (0x1B8) (05d66244d0cd617610b5b8f6bd2baf5d) \Device\Harddisk1\DR1 2011/06/29 15:50:32.0297 6120 Boot (0x1200) (e745aaddfd1fd4b4ec2a45de3ac39af4) \Device\Harddisk0\DR0\Partition0 2011/06/29 15:50:32.0374 6120 Boot (0x1200) (322da769c141b85215d4dad0693910c7) \Device\Harddisk0\DR0\Partition1 2011/06/29 15:50:32.0737 6120 Boot (0x1200) (51f3f0649e42961cce87488de05e4ee5) \Device\Harddisk0\DR0\Partition2 2011/06/29 15:50:32.0742 6120 ================================================================================ 2011/06/29 15:50:32.0743 6120 Scan finished 2011/06/29 15:50:32.0743 6120 ================================================================================ 2011/06/29 15:50:32.0756 5892 Detected object count: 0 2011/06/29 15:50:32.0756 5892 Actual detected object count: 0 |
|
29.06.2011, 15:05
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Desktop schwarz und Festplatte angeblich kaputt, die X-te Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Desktop schwarz und Festplatte angeblich kaputt, die X-te |
| 4d36e972-e325-11ce-bfc1-08002be10318, alternate, andere, anti-malware, beiträge, c:\windows\system32\rundll32.exe, cs4/contributeieplugin.dll, desktop, excel.exe, festplatte, interne, laufwerke, launch, malware.packer.genx, mozilla thunderbird, nicht mehr, nvlddmkm.sys, nvstor.sys, plug-in, probleme, sched.exe, schonmal, schwarz, searchplugins, spielen, spigot, sptd.sys, start menu, superantispyware, trojan.fakealert.gen, trojan.fakehdd, trojan.fraudpack.pf, wrapper, zugreifen |
Linear-Darstellung
