| |
| |||||||
Log-Analyse und Auswertung: Desktop schwarz und Festplatte angeblich kaputt, die X-teWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
21.06.2011, 21:53
| #1 |
| |  Desktop schwarz und Festplatte angeblich kaputt, die X-te Guten Tag, habe seid heute Probleme mit meinem Laptop. Habe mir die anderen ähnlichen Beiträge schonmal angeschaut. Bei mir sagt er auch,dass meine Festplatte hinüber ist, aber bei Antivir, Anti-Malware und SUPERAntiSpyware zeigen die trotzdem die Daten an. Kann auf den Explorer und das Internet zugreifen, aber nicht mehr auf die Datein von 2 Laufwerken. Habe schonmal den OTL-log machen lassen. Hoffe ihr könnt einem armen Studenten helfen. Lg WolleCW OTL-Log:OTL Logfile: Code:
ATTFilter OTL logfile created on: 21.06.2011 21:18:15 - Run 1 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\mm\Music\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 46,05% Memory free 6,19 Gb Paging File | 4,61 Gb Available in Paging File | 74,47% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 120,92 Gb Total Space | 31,11 Gb Free Space | 25,73% Space Free | Partition Type: NTFS Drive D: | 164,18 Gb Total Space | 20,67 Gb Free Space | 12,59% Space Free | Partition Type: NTFS Drive E: | 164,18 Gb Total Space | 42,45 Gb Free Space | 25,86% Space Free | Partition Type: NTFS Computer Name: CHRISINFERNO | User Name: mm | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\mm\Music\Downloads\OTL.exe (OldTimer Tools) PRC - C:\ProgramData\34660088.exe (AnkhSVN) PRC - C:\ProgramData\SuHEcubHqhenx.exe (AnkhSVN) PRC - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Programme\Application Updater\ApplicationUpdater.exe (Spigot, Inc.) PRC - E:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) PRC - e:\Program Files\Virtual CD v10\System\VC10SecS.exe (H+H Software GmbH) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) PRC - C:\Programme\Acer\Acer Bio Protection\CompPtcVUI.exe (Arachnoid Biometrics Identification Group Corp.) PRC - C:\Programme\Acer\Acer Bio Protection\BASVC.exe () PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\conime.exe (Microsoft Corporation) PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) PRC - C:\Programme\Acer\Empowering Technology\Service\ETService.exe () PRC - C:\Windows\System32\vfsFPService.exe (Validity Sensors, Inc.) PRC - C:\Programme\EDIMAX\Common\RalinkRegistryWriter.exe (Ralink Technology, Corp.) PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe () PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems) PRC - C:\ACER\Mobility Center\MobilityService.exe () PRC - C:\Programme\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (Rocket Division Software) ========== Modules (SafeList) ========== MOD - C:\Users\mm\Music\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe () SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.) SRV - (CVPND) -- E:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) SRV - (VC10SecS) -- e:\Program Files\Virtual CD v10\System\VC10SecS.exe (H+H Software GmbH) SRV - (IGBASVC) -- C:\Programme\Acer\Acer Bio Protection\BASVC.exe () SRV - (Adobe Version Cue CS4) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated) SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated) SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (RS_Service) -- C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) SRV - (ETService) -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe () SRV - (vfsFPService) -- C:\Windows\System32\vfsFPService.exe (Validity Sensors, Inc.) SRV - (RalinkRegistryWriter) -- C:\Programme\EDIMAX\Common\RalinkRegistryWriter.exe (Ralink Technology, Corp.) SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (CLHNService) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe () SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems) SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe () SRV - (StarWindServiceAE) -- C:\Programme\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (Rocket Division Software) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia) DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia) DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia) DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia) DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia) DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia) DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys () DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (CVPNDRVA) -- C:\Windows\System32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.) DRV - (vdrv1000) -- C:\Windows\System32\drivers\vdrv1000.sys (H+H Software GmbH) DRV - (AlfaFF) -- C:\Windows\system32\Drivers\AlfaFF.sys (Alfa Corporation) DRV - (L1E) -- C:\Windows\System32\drivers\L1E60x86.sys (Atheros Communications, Inc.) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (USBCCID) -- C:\Windows\System32\drivers\usbccid.sys (Microsoft Corporation) DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.) DRV - (HH10Help.sys) -- C:\Windows\System32\drivers\HH10Help.sys (H+H Software GmbH) DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation) DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia) DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.) DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Programme\Acer Arcade Deluxe\PlayMovie\000.fcl (Cyberlink Corp.) DRV - (vfs101x) -- C:\Windows\System32\drivers\vfs101x.sys (Validity Sensors, Inc.) DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corp.) DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems) DRV - (NTIPPKernel) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys (Cyberlink Corp.) DRV - (itecir) -- C:\Windows\System32\drivers\itecir.sys (ITE Tech. Inc. ) DRV - (int15) -- C:\Windows\System32\drivers\int15.sys () DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.) DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.) DRV - (DritekPortIO) -- C:\Programme\Launch Manager\DPortIO.sys (Dritek System Inc.) DRV - (AF15BDA) -- C:\Windows\System32\drivers\AF15BDA.sys (AfaTech ) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0809&m=aspire_6935 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0809&m=aspire_6935 IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0809&m=aspire_6935 IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data] IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\Search Settings\SearchSettings.dll (Spigot, Inc.) IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig?hl=#t_0" FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.3.7 FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.8 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009.08.10 21:19:16 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.01.05 02:56:02 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.06.15 15:50:26 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.15 15:50:22 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.04.29 20:39:29 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.01.05 02:56:04 | 000,000,000 | ---D | M] [2011.04.29 20:39:35 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\mm\AppData\Roaming\mozilla\Extensions [2011.04.29 20:39:35 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\mm\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2009.10.28 21:39:45 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\mm\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org [2011.06.17 10:11:49 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\mm\AppData\Roaming\mozilla\Firefox\Profiles\k63joh69.default\extensions [2010.09.09 22:34:18 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\mm\AppData\Roaming\mozilla\Firefox\Profiles\k63joh69.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.06.05 19:04:12 | 000,000,000 | -H-D | M] (iMacros for Firefox) -- C:\Users\mm\AppData\Roaming\mozilla\Firefox\Profiles\k63joh69.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2011.06.17 10:11:49 | 000,000,000 | -H-D | M] (DownloadHelper) -- C:\Users\mm\AppData\Roaming\mozilla\Firefox\Profiles\k63joh69.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011.06.05 19:04:09 | 000,000,000 | -H-D | M] (Adblock Plus) -- C:\Users\mm\AppData\Roaming\mozilla\Firefox\Profiles\k63joh69.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011.06.05 19:04:16 | 000,000,000 | -H-D | M] (FastestFox) -- C:\Users\mm\AppData\Roaming\mozilla\Firefox\Profiles\k63joh69.default\extensions\smarterwiki@wikiatic.com [2011.06.21 17:38:47 | 000,001,056 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\Mozilla\Firefox\Profiles\k63joh69.default\searchplugins\icqplugin.xml [2010.02.28 21:29:23 | 000,002,064 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\Mozilla\Firefox\Profiles\k63joh69.default\searchplugins\youtube-videosuche.xml [2011.06.15 15:50:25 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2009.08.31 13:45:20 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.04.20 07:56:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.08.14 00:02:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.10.25 09:53:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} File not found (No name found) -- [2010.04.11 11:19:58 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} [2010.04.20 07:56:48 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.08.14 00:02:42 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.10.25 09:53:16 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.04.14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll [2010.09.15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.10.12 16:26:38 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Programme\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.03.03 01:26:17 | 000,001,315 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 71i.de O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: O1 - Hosts: 9 more lines... O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - E:\Program Files\CS4\/Adobe Contribute CS4/contributeieplugin.dll () O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\Search Settings\SearchSettings.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - E:\Program Files\CS4\/Adobe Contribute CS4/contributeieplugin.dll () O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKU\S-1-5-21-302941472-1964095108-563845418-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Programme\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [eRecoveryService] File not found O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-302941472-1964095108-563845418-1000..\Run: [] File not found O4 - HKU\S-1-5-21-302941472-1964095108-563845418-1000..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-21-302941472-1964095108-563845418-1000..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.) O4 - HKU\S-1-5-21-302941472-1964095108-563845418-1000..\Run: [SuHEcubHqhenx] C:\ProgramData\SuHEcubHqhenx.exe (AnkhSVN) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe () O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe () O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll - C:\Programme\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.) O24 - Desktop WallPaper: C:\Users\mm\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\mm\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{a59387c4-e072-11de-b713-00a0d1ae1104}\Shell - "" = AutoRun O33 - MountPoints2\{a59387c4-e072-11de-b713-00a0d1ae1104}\Shell\AutoRun\command - "" = J:\OblivionLauncher.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk - C:\Programme\Acer\Acer VCM\AcerVCM.exe - (Acer Incorporated) MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk - C:\Programme\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe - (Adobe Systems, Inc.) MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk - C:\Programme\ArcSoft\TotalMedia 3\TMMonitor.exe - (ArcSoft, Inc.) MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk - C:\Windows\Installer\{21E247D4-5E27-4BEA-AA4D-19A81203FE2A}\Icon3E5562ED7.ico - () MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Wireless Utility.lnk - C:\Programme\EDIMAX\Common\RaUI.exe - (Edimax Technology Co.) MsConfig - StartUpFolder: C:^Users^mm^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk - C:\Users\mm\AppData\Roaming\Dropbox\bin\Dropbox.exe - () MsConfig - StartUpFolder: C:^Users^mm^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Trillian.lnk - C:\Programme\Trillian\trillian.exe - (Cerulean Studios) MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: AlcoholAutomount - hkey= - key= - C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe (Alcohol Soft Development Team) MsConfig - StartUpReg: ArcadeDeluxeAgent - hkey= - key= - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) MsConfig - StartUpReg: avgnt - hkey= - key= - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) MsConfig - StartUpReg: BkupTray - hkey= - key= - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe () MsConfig - StartUpReg: CLMLServer - hkey= - key= - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink) MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) MsConfig - StartUpReg: eAudio - hkey= - key= - C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated) MsConfig - StartUpReg: eDataSecurity Loader - hkey= - key= - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated) MsConfig - StartUpReg: ehTray.exe - hkey= - key= - C:\Windows\ehome\ehtray.exe (Microsoft Corporation) MsConfig - StartUpReg: ePower_DMC - hkey= - key= - C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.) MsConfig - StartUpReg: EPSON SX100 Series - hkey= - key= - File not found MsConfig - StartUpReg: IAAnotif - hkey= - key= - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) MsConfig - StartUpReg: LManager - hkey= - key= - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.) MsConfig - StartUpReg: NokiaMServer - hkey= - key= - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) MsConfig - StartUpReg: NokiaMusic FastStart - hkey= - key= - C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia) MsConfig - StartUpReg: NokiaOviSuite2 - hkey= - key= - C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia) MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found MsConfig - StartUpReg: NvMediaCenter - hkey= - key= - File not found MsConfig - StartUpReg: PlayMovie - hkey= - key= - C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) MsConfig - StartUpReg: PLFSetI - hkey= - key= - C:\Windows\PLFSetI.exe () MsConfig - StartUpReg: ProductReg - hkey= - key= - C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer) MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) MsConfig - StartUpReg: RGSC - hkey= - key= - File not found MsConfig - StartUpReg: RtHDVCpl - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) MsConfig - StartUpReg: SearchSettings - hkey= - key= - C:\Programme\Search Settings\SearchSettings.exe (Spigot, Inc.) MsConfig - StartUpReg: Sidebar - hkey= - key= - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig - StartUpReg: Skytel - hkey= - key= - C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.) MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig - StartUpReg: SUPERAntiSpyware - hkey= - key= - C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) MsConfig - StartUpReg: SynTPEnh - hkey= - key= - C:\Programme\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) MsConfig - StartUpReg: VC10Player - hkey= - key= - e:\Program Files\Virtual CD v10\System\VC10Play.exe (H+H Software GmbH) MsConfig - StartUpReg: WinampAgent - hkey= - key= - E:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.) MsConfig - StartUpReg: Windows Defender - hkey= - key= - File not found MsConfig - StartUpReg: WMPNSCFG - hkey= - key= - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) MsConfig - StartUpReg: ZPdtWzdVitaKey MC3000 - hkey= - key= - C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.) MsConfig - State: "startup" - 1 MsConfig - State: "services" - 0 SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: mcmscsvc - Service SafeBootMin: MCODS - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: mcmscsvc - Service SafeBootNet: MCODS - Service SafeBootNet: Messenger - Service SafeBootNet: MpfService - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {64470216-5EDF-4035-2C49-819AC9C5947E} - ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker 2.6 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {FB2EF7B1-3857-45AB-94DB-FE63E1CB8074} - ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.divxa32 - C:\Windows\System32\msaud32_divx.acm (Microsoft Corporation) Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.iv50 - C:\Windows\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com) Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com) Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.06.21 19:33:42 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Repair [2011.06.21 19:33:21 | 000,372,736 | -H-- | C] (AnkhSVN) -- C:\ProgramData\34660088.exe [2011.06.21 19:24:15 | 000,462,848 | -H-- | C] (AnkhSVN) -- C:\ProgramData\SuHEcubHqhenx.exe [2011.06.16 11:35:58 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.06.16 11:35:56 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011.06.16 11:35:56 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011.06.16 11:35:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.06.15 11:00:06 | 000,000,000 | -H-D | C] -- C:\Users\mm\Desktop\Oblivion [2011.06.15 10:25:52 | 000,000,000 | -H-D | C] -- C:\Users\mm\Desktop\RegSeeker [2011.06.13 16:57:45 | 000,000,000 | -H-D | C] -- C:\Users\mm\Documents\MeinSpore-Kreationen [2011.06.13 16:51:44 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Roaming\Spore [2011.06.13 16:48:07 | 000,000,000 | -H-D | C] -- C:\Users\mm\Desktop\Spore [2011.06.13 14:02:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\Skype Extras [2011.06.13 14:02:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2011.06.13 14:02:11 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Skype [2011.06.12 23:38:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS [2011.06.12 23:37:07 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Roaming\Lionhead Studios [2011.06.12 17:29:47 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Local\Ubisoft Game Launcher [2011.06.12 17:29:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\Ubisoft [2011.06.12 17:25:57 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Roaming\PunkBuster [2011.06.12 17:25:22 | 000,000,000 | ---D | C] -- C:\Programme\Ubisoft [2011.06.12 14:07:29 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Local\by_dekart811 [2011.06.12 13:19:43 | 002,106,216 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll [2011.06.12 13:19:43 | 001,998,168 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll [2011.06.12 13:19:43 | 001,868,128 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll [2011.06.12 13:19:43 | 000,527,192 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll [2011.06.12 13:19:43 | 000,470,880 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll [2011.06.12 13:19:43 | 000,248,672 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll [2011.06.12 13:19:43 | 000,239,960 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll [2011.06.12 13:19:43 | 000,074,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll [2011.06.12 13:19:42 | 000,528,216 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll [2011.06.12 13:19:42 | 000,238,936 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll [2011.06.12 13:19:42 | 000,074,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll [2011.06.12 13:19:42 | 000,022,360 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll [2011.06.12 12:43:46 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Local\FalloutNV [2011.06.08 23:41:19 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Local\SKIDROW [2011.06.08 23:31:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve [2011.06.07 22:08:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5 [2011.06.07 17:17:26 | 000,000,000 | -H-D | C] -- C:\Programme\ICQ7.5 [2011.05.30 11:11:40 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Roaming\.minecraft [2011.05.28 13:39:20 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Roaming\go [2011.05.28 13:39:18 | 000,000,000 | -H-D | C] -- C:\ProgramData\Easybits GO [2009.01.11 01:36:50 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.06.21 21:10:03 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.06.21 21:06:24 | 000,637,068 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.06.21 21:06:24 | 000,604,322 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.06.21 21:06:24 | 000,129,844 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.06.21 21:06:24 | 000,107,460 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.06.21 21:02:58 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2011.06.21 21:00:46 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.06.21 21:00:32 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.06.21 21:00:32 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.06.21 21:00:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.06.21 21:00:16 | 3218,042,880 | -HS- | M] () -- C:\hiberfil.sys [2011.06.21 20:59:27 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011.06.21 20:39:10 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\LogConfigTemp.xml [2011.06.21 20:36:22 | 000,404,640 | -H-- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011.06.21 20:20:20 | 000,000,240 | -H-- | M] () -- C:\ProgramData\~34660088 [2011.06.21 20:20:12 | 000,000,168 | -H-- | M] () -- C:\ProgramData\~34660088r [2011.06.21 19:33:43 | 000,000,595 | -H-- | M] () -- C:\Users\mm\Desktop\Windows Vista Repair.lnk [2011.06.21 19:33:27 | 000,000,344 | -H-- | M] () -- C:\ProgramData\34660088 [2011.06.21 19:33:22 | 000,372,736 | -H-- | M] (AnkhSVN) -- C:\ProgramData\34660088.exe [2011.06.21 19:24:14 | 000,462,848 | -H-- | M] (AnkhSVN) -- C:\ProgramData\SuHEcubHqhenx.exe [2011.06.21 18:14:32 | 000,088,602 | -H-- | M] () -- C:\ProgramData\nvModes.dat [2011.06.21 18:14:32 | 000,088,602 | -H-- | M] () -- C:\ProgramData\nvModes.001 [2011.06.20 21:16:06 | 036,964,286 | -H-- | M] () -- C:\Users\mm\Desktop\sd.flv [2011.06.17 17:46:07 | 000,078,336 | -H-- | M] () -- C:\Users\mm\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.06.17 01:22:26 | 000,426,787 | -H-- | M] () -- C:\Users\mm\Desktop\spacecore1.jpg [2011.06.17 01:01:29 | 000,269,122 | -H-- | M] () -- C:\Users\mm\Desktop\space_core_wallpaper_2_by_deathonabun-d3eta23.jpg [2011.06.16 00:50:47 | 000,040,209 | -H-- | M] () -- C:\Users\mm\Desktop\Turret Opera (Cara Mia) - SATB.pdf [2011.06.15 17:27:43 | 000,000,023 | -H-- | M] () -- C:\Windows\BlendSettings.ini [2011.06.14 13:20:21 | 000,000,900 | -H-- | M] () -- C:\Users\mm\Desktop\SporeApp.exe - Verknüpfung.lnk [2011.06.07 22:35:47 | 009,181,434 | -H-- | M] () -- C:\Users\mm\Desktop\andreas_bourani_-_nur_in_meinem_kopf_radio_edit.mp3 [2011.06.07 22:33:46 | 005,660,546 | -H-- | M] () -- C:\Users\mm\Desktop\bruno_mars_-_the_lazy_song.mp3 [2011.05.24 19:14:10 | 000,222,080 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2011.05.23 22:47:31 | 000,007,592 | -H-- | M] () -- C:\Users\mm\AppData\Local\d3d9caps.dat [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.06.21 20:20:12 | 000,000,240 | -H-- | C] () -- C:\ProgramData\~34660088 [2011.06.21 20:20:12 | 000,000,168 | -H-- | C] () -- C:\ProgramData\~34660088r [2011.06.21 19:33:43 | 000,000,595 | -H-- | C] () -- C:\Users\mm\Desktop\Windows Vista Repair.lnk [2011.06.21 19:33:27 | 000,000,344 | -H-- | C] () -- C:\ProgramData\34660088 [2011.06.20 21:05:38 | 036,964,286 | -H-- | C] () -- C:\Users\mm\Desktop\sd.flv [2011.06.17 01:16:14 | 000,426,787 | -H-- | C] () -- C:\Users\mm\Desktop\spacecore1.jpg [2011.06.17 01:01:29 | 000,269,122 | -H-- | C] () -- C:\Users\mm\Desktop\space_core_wallpaper_2_by_deathonabun-d3eta23.jpg [2011.06.16 00:50:42 | 000,040,209 | -H-- | C] () -- C:\Users\mm\Desktop\Turret Opera (Cara Mia) - SATB.pdf [2011.06.15 15:50:28 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011.06.14 13:20:23 | 000,000,900 | -H-- | C] () -- C:\Users\mm\Desktop\SporeApp.exe - Verknüpfung.lnk [2011.06.12 17:26:00 | 000,189,248 | -H-- | C] () -- C:\Windows\System32\PnkBstrB.exe [2011.06.12 17:25:58 | 000,075,136 | -H-- | C] () -- C:\Windows\System32\PnkBstrA.exe [2011.06.07 22:32:56 | 009,181,434 | -H-- | C] () -- C:\Users\mm\Desktop\andreas_bourani_-_nur_in_meinem_kopf_radio_edit.mp3 [2011.06.07 22:32:20 | 005,660,546 | -H-- | C] () -- C:\Users\mm\Desktop\bruno_mars_-_the_lazy_song.mp3 [2011.05.28 13:39:20 | 000,001,589 | -H-- | C] () -- C:\Users\mm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spielen (EasyBits GO).lnk [2011.04.09 18:55:28 | 000,179,261 | -H-- | C] () -- C:\Windows\System32\xlive.dll.cat [2010.12.03 17:05:10 | 000,000,634 | -H-- | C] () -- C:\Windows\WinInit.Ini [2010.10.29 11:31:20 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2010.04.13 13:16:46 | 000,000,796 | -H-- | C] () -- C:\Users\mm\AppData\Local\RT3070_{92BF1D77-2785-4757-B074-3F456D960FD4}_sta [2010.04.13 13:16:45 | 000,000,807 | -H-- | C] () -- C:\Users\mm\AppData\Local\RT3070_{92BF1D77-2785-4757-B074-3F456D960FD4}_prof [2010.04.13 13:13:32 | 000,014,640 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat [2010.04.13 13:13:32 | 000,004,096 | ---- | C] () -- C:\Windows\System32\drivers\rt2870.bin [2010.04.13 13:12:50 | 000,020,480 | -H-- | C] () -- C:\Windows\System32\RAEXTUI.dll [2010.03.05 14:35:39 | 000,000,113 | -H-- | C] () -- C:\Windows\(null)toolkit.ini [2010.02.20 20:49:40 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2010.02.20 20:49:40 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2010.01.29 18:51:53 | 000,000,023 | -H-- | C] () -- C:\Windows\BlendSettings.ini [2010.01.22 01:16:24 | 000,004,896 | -H-- | C] () -- C:\ProgramData\kbkwknay.ayh [2009.12.03 18:05:38 | 000,000,245 | -H-- | C] () -- C:\Windows\System32\AF15IRTBL.bin [2009.11.25 01:23:55 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009.11.17 13:08:34 | 000,197,424 | -H-- | C] () -- C:\Windows\System32\vpnapi.dll [2009.10.19 18:17:00 | 000,043,520 | -H-- | C] () -- C:\Windows\System32\CmdLineExt03.dll [2009.09.29 21:05:35 | 000,111,932 | -H-- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat [2009.09.29 21:05:35 | 000,024,903 | -H-- | C] () -- C:\Windows\System32\EPPICPattern3.dat [2009.09.29 21:05:35 | 000,021,390 | -H-- | C] () -- C:\Windows\System32\EPPICPattern5.dat [2009.09.29 21:05:35 | 000,020,148 | -H-- | C] () -- C:\Windows\System32\EPPICPattern2.dat [2009.09.29 21:05:35 | 000,011,811 | -H-- | C] () -- C:\Windows\System32\EPPICPattern4.dat [2009.09.29 21:05:35 | 000,004,943 | -H-- | C] () -- C:\Windows\System32\EPPICPattern6.dat [2009.09.29 21:05:35 | 000,001,146 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat [2009.09.29 21:05:35 | 000,001,139 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat [2009.09.29 21:05:35 | 000,001,139 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat [2009.09.29 21:05:35 | 000,001,136 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat [2009.09.29 21:05:35 | 000,001,129 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat [2009.09.29 21:05:35 | 000,001,129 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat [2009.09.29 21:05:35 | 000,001,120 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat [2009.09.29 21:05:35 | 000,001,107 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat [2009.09.29 21:05:35 | 000,001,104 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat [2009.09.29 21:05:35 | 000,000,097 | -H-- | C] () -- C:\Windows\System32\PICSDK.ini [2009.09.29 21:05:34 | 000,031,053 | -H-- | C] () -- C:\Windows\System32\EPPICPattern131.dat [2009.09.29 21:05:34 | 000,027,417 | -H-- | C] () -- C:\Windows\System32\EPPICPattern121.dat [2009.09.29 21:05:34 | 000,026,154 | -H-- | C] () -- C:\Windows\System32\EPPICPattern1.dat [2009.09.29 21:02:20 | 000,000,025 | -H-- | C] () -- C:\Windows\CDESX100DEFGIPS.ini [2009.09.26 01:55:39 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2009.09.18 17:22:43 | 000,004,096 | -H-- | C] () -- C:\Windows\d3dx.dat [2009.09.13 21:37:57 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.09.13 21:37:57 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009.09.09 20:14:50 | 000,007,592 | -H-- | C] () -- C:\Users\mm\AppData\Local\d3d9caps.dat [2009.08.11 15:26:32 | 000,078,336 | -H-- | C] () -- C:\Users\mm\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.08.10 13:00:25 | 000,000,000 | -H-- | C] () -- C:\Windows\nsreg.dat [2009.08.10 11:24:13 | 000,088,602 | -H-- | C] () -- C:\ProgramData\nvModes.dat [2009.08.10 11:24:13 | 000,088,602 | -H-- | C] () -- C:\ProgramData\nvModes.001 [2009.08.10 10:53:33 | 000,626,688 | -H-- | C] () -- C:\Windows\Image.dll [2009.08.10 10:53:33 | 000,200,704 | -H-- | C] () -- C:\Windows\PLFSetI.exe [2009.08.10 10:53:33 | 000,009,216 | -H-- | C] () -- C:\Windows\usbvideo_reg.exe [2009.08.10 10:53:33 | 000,000,036 | -H-- | C] () -- C:\Windows\PidList.ini [2009.08.10 10:52:16 | 000,118,784 | -H-- | C] () -- C:\Windows\System32\VMC3KAPI.dll [2009.01.11 01:34:58 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2009.01.10 19:13:08 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll [2009.01.10 19:13:08 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll [2009.01.10 18:43:02 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll [2009.01.10 18:22:30 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini [2009.01.10 18:22:30 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat [2009.01.10 18:22:30 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat [2009.01.10 18:20:35 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat [2009.01.10 17:17:40 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008.10.07 10:13:30 | 000,197,912 | -H-- | C] () -- C:\Windows\System32\physxcudart_20.dll [2008.10.07 10:13:22 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2008.10.07 10:13:20 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2008.10.07 10:13:20 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2008.10.07 10:13:20 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008.10.07 10:13:20 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2008.10.07 10:13:20 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2008.10.07 10:13:20 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2008.10.07 10:13:20 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2008.10.07 10:13:20 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2008.01.21 09:15:58 | 000,637,068 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2008.01.21 09:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2008.01.21 09:15:58 | 000,129,844 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2008.01.21 09:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2007.11.14 16:17:34 | 000,204,800 | -H-- | C] () -- C:\Windows\System32\CogentBioSDK.dll [2007.01.26 08:32:18 | 000,069,632 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 002,227,760 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,604,322 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,107,460 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2001.12.26 17:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001.09.04 00:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001.07.30 17:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001.07.23 23:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll ========== LOP Check ========== [2009.01.10 18:58:59 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console [2009.01.10 18:58:59 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console [2009.08.10 16:18:42 | 000,000,000 | -HSD | M] -- C:\Users\mm\AppData\Roaming\.# [2011.05.30 11:11:46 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\.minecraft [2009.08.10 11:11:07 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Acer [2009.01.10 18:58:59 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Acer GameZone Console [2011.03.20 18:04:01 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Bioshock [2011.03.28 19:42:25 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Bioshock2 [2009.10.16 22:15:06 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\DAEMON Tools [2009.12.04 03:22:38 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\DAEMON Tools Lite [2010.05.06 03:31:22 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\DC++ [2010.12.12 15:32:03 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Dropbox [2010.02.23 17:01:46 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\EPSON [2009.08.10 16:20:30 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\eSobi [2009.08.11 18:01:37 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Flood Light Games [2010.01.22 03:12:08 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\FreeFLVConverter [2011.06.21 17:33:47 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\go [2009.09.20 16:59:20 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Go Go Gourmet [2011.06.21 21:07:39 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\ICQ [2009.11.04 23:43:29 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\LimeWire [2011.06.12 23:37:07 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Lionhead Studios [2011.03.08 00:46:32 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\ManyCam [2009.09.16 00:46:46 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Meridian93 [2011.05.18 23:42:20 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Miranda [2011.01.05 03:48:01 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Nokia [2011.01.05 03:48:05 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Nokia Ovi Suite [2009.08.10 20:56:50 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Opera [2011.01.05 03:06:44 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\PC Suite [2009.12.30 00:12:27 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\ProtectDisc [2011.06.12 17:25:57 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\PunkBuster [2011.06.13 16:58:07 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Spore [2011.04.29 20:39:33 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Thunderbird [2010.01.27 02:44:38 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Trillian [2009.08.10 10:51:44 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Validity [2010.03.12 15:02:51 | 000,000,000 | --SD | M] -- C:\Users\mm\AppData\Roaming\Virtual CD v10 [2011.06.21 20:59:27 | 000,032,554 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2009.08.10 16:18:42 | 000,000,000 | -HSD | M] -- C:\Users\mm\AppData\Roaming\.# [2011.05.30 11:11:46 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\.minecraft [2009.08.10 11:11:07 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Acer [2009.01.10 18:58:59 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Acer GameZone Console [2011.06.03 00:50:27 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Adobe [2009.12.06 17:51:03 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\ArcSoft [2010.11.26 12:14:43 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Avira [2011.03.20 18:04:01 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Bioshock [2011.03.28 19:42:25 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Bioshock2 [2009.09.03 03:12:23 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\CyberLink [2009.10.16 22:15:06 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\DAEMON Tools [2009.12.04 03:22:38 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\DAEMON Tools Lite [2010.05.06 03:31:22 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\DC++ [2009.12.13 00:22:20 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\DivX [2010.12.12 15:32:03 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Dropbox [2011.06.13 14:15:30 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\dvdcss [2010.02.23 17:01:46 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\EPSON [2009.08.10 16:20:30 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\eSobi [2009.08.11 18:01:37 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Flood Light Games [2010.01.22 03:12:08 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\FreeFLVConverter [2011.06.21 17:33:47 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\go [2009.09.20 16:59:20 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Go Go Gourmet [2009.08.10 12:58:52 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Google [2009.08.10 20:40:53 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\GRETECH [2011.06.21 21:07:39 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\ICQ [2009.08.10 10:50:46 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Identities [2009.08.10 10:53:22 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\InstallShield [2009.08.11 22:42:04 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Intel [2009.11.04 23:43:29 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\LimeWire [2011.06.12 23:37:07 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Lionhead Studios [2009.08.10 11:12:27 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Macromedia [2010.09.16 17:08:13 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Malwarebytes [2011.03.08 00:46:32 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\ManyCam [2006.11.02 14:37:34 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Media Center Programs [2009.09.16 00:46:46 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Meridian93 [2011.03.19 18:54:44 | 000,000,000 | --SD | M] -- C:\Users\mm\AppData\Roaming\Microsoft [2011.05.18 23:42:20 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Miranda [2009.08.10 13:00:31 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Mozilla [2011.04.11 00:29:17 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\NCH Software [2011.01.05 03:48:01 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Nokia [2011.01.05 03:48:05 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Nokia Ovi Suite [2009.08.10 20:56:50 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Opera [2011.01.05 03:06:44 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\PC Suite [2009.12.30 00:12:27 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\ProtectDisc [2011.06.12 17:25:57 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\PunkBuster [2009.12.13 19:54:57 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Real [2009.11.08 01:42:16 | 000,000,000 | RH-D | M] -- C:\Users\mm\AppData\Roaming\SecuROM [2011.06.21 21:12:07 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Skype [2011.05.28 12:13:55 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\skypePM [2011.06.13 16:58:07 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Spore [2010.09.16 17:00:16 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\SUPERAntiSpyware.com [2011.04.29 20:39:33 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Thunderbird [2010.01.27 02:44:38 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Trillian [2011.05.17 19:25:59 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\U3 [2009.08.10 10:51:44 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Validity [2010.03.12 15:02:51 | 000,000,000 | --SD | M] -- C:\Users\mm\AppData\Roaming\Virtual CD v10 [2011.06.21 18:21:56 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\vlc [2011.05.23 23:15:44 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Winamp [2009.09.13 23:19:35 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\WinRAR < %APPDATA%\*.exe /s > [2010.02.26 07:10:20 | 021,979,992 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\Dropbox\bin\Dropbox.exe [2010.04.30 17:57:39 | 000,089,831 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\Dropbox\bin\Uninstall.exe [2009.10.28 21:39:40 | 000,163,840 | -H-- | M] (Mozilla Foundation) -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\crashreporter.exe [2009.10.28 21:39:41 | 000,196,608 | -H-- | M] (Mozilla Foundation) -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\updater.exe [2009.10.28 21:39:41 | 000,014,848 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\xpcshell.exe [2009.10.28 21:39:41 | 000,077,824 | -H-- | M] (Mozilla Foundation) -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\xpicleanup.exe [2009.10.28 21:39:41 | 000,266,240 | -H-- | M] (Mozilla Foundation) -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\xpidl.exe [2009.10.28 21:39:41 | 000,018,432 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\xpt_dump.exe [2009.10.28 21:39:41 | 000,014,336 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\xpt_link.exe [2009.10.28 21:39:41 | 000,073,728 | -H-- | M] (Mozilla Foundation) -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner-stub.exe [2009.10.28 21:39:41 | 000,102,400 | -H-- | M] (Mozilla Foundation) -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner.exe [2009.09.14 20:27:58 | 000,010,134 | RH-- | M] () -- C:\Users\mm\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe [2008.02.13 09:07:36 | 000,393,216 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\NCH Software\Components\aacenc3\aacenc3.exe [2007.11.27 09:41:32 | 000,405,504 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\NCH Software\Components\mp3el2\lame.exe [2011.02.24 17:07:45 | 000,835,440 | RH-- | M] () -- C:\Users\mm\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe [2010.01.15 02:43:03 | 000,439,816 | -H-- | M] (RealNetworks, Inc.) -- C:\Users\mm\AppData\Roaming\Real\Update\setup3.09\setup.exe [2009.12.14 03:55:08 | 000,079,368 | -H-- | M] (RealNetworks, Inc.) -- C:\Users\mm\AppData\Roaming\Real\Update\setup3.09\RUP\vista.exe [2007.10.23 09:27:20 | 000,110,592 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\U3\temp\cleanup.exe [2008.05.02 10:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Users\mm\AppData\Roaming\U3\temp\Launchpad Removal.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys [2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: EVENTLOG.DLL > [2007.01.12 23:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Programme\Cyberlink\PowerDirector\EventLog.dll < MD5 for: EXPLORER.EXE > [2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe [2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe [2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe [2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe < MD5 for: IASTOR.SYS > [2008.07.20 18:44:44 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\Programme\Intel\Intel Matrix Storage Manager\driver\IaStor.sys [2008.07.20 18:44:44 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\Windows\System32\drivers\iaStor.sys [2008.07.20 18:44:44 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7b6e77f6\iaStor.sys [2008.07.20 18:44:54 | 000,402,456 | ---- | M] (Intel Corporation) MD5=FC28E90F2204D8FD147FA9BFA8A51C01 -- C:\Programme\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys < MD5 for: IASTORV.SYS > [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: SCECLI.DLL > [2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll < MD5 for: USER32.DLL > [2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll [2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll [2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll < MD5 for: USERINIT.EXE > [2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe < MD5 for: WINLOGON.EXE > [2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < MD5 for: WS2IFSL.SYS > [2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys [2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > [2009.12.04 03:13:39 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys < %systemroot%\System32\config\*.sav > [2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2011.05.18 22:09:14 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll [2011.05.18 22:09:14 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll [2011.05.18 22:09:12 | 000,118,784 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\iepeers.dll [1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ] ========== Alternate Data Streams ========== @Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:DAFD38AE @Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:7CACEF61 @Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:4220A65C @Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:798A3728 @Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:2634FC95 @Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:4CF61E54 @Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:A42A9F39 @Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:793F316E @Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:AB689DEA @Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:05113FB9 @Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:4D066AD2 @Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:73933431 @Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:5D7E5A8F @Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:F65733F1 < End of report > |
| Themen zu Desktop schwarz und Festplatte angeblich kaputt, die X-te |
| 4d36e972-e325-11ce-bfc1-08002be10318, alternate, andere, anti-malware, beiträge, c:\windows\system32\rundll32.exe, cs4/contributeieplugin.dll, desktop, excel.exe, festplatte, interne, laufwerke, launch, malware.packer.genx, mozilla thunderbird, nicht mehr, nvlddmkm.sys, nvstor.sys, plug-in, probleme, sched.exe, schonmal, schwarz, searchplugins, spielen, spigot, sptd.sys, start menu, superantispyware, trojan.fakealert.gen, trojan.fakehdd, trojan.fraudpack.pf, wrapper, zugreifen |
Baum-Darstellung