Trojanisches Pferd TR/Crypt.zpack.gen2 gefunden. Kein Internet!

Psychotic · 09.03.2012, 08:35

OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die Textbox.

Code:

ATTFilter

/md5start
d1.tmp.dll
aptw2s8pj.*
/md5stop

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

snowly1 · 09.03.2012, 14:19

Hier ist OTL:

Code:

ATTFilter

OTL logfile created on: 3/9/2012 2:04:21 PM - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Acer\Desktop
 Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
1013.95 Mb Total Physical Memory | 513.23 Mb Available Physical Memory | 50.62% Memory free
2.07 Gb Paging File | 1.17 Gb Available in Paging File | 56.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 135.05 Gb Total Space | 63.76 Gb Free Space | 47.21% Space Free | Partition Type: NTFS
 
Computer Name: ACER-PC | User Name: Acer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/05 23:00:03 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Acer\Desktop\OTL.exe
PRC - [2011/07/24 15:41:42 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/06/24 05:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/05/01 07:07:35 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011/03/29 17:45:31 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/03/28 19:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2011/03/28 19:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 13:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/01/15 06:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/08/06 18:18:54 | 000,311,592 | ---- | M] (Egis Technology Inc.) -- C:\Programme\EgisTec\MyWinLocker 3\x86\MWLService.exe
PRC - [2009/08/06 18:18:42 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
PRC - [2009/08/06 05:31:06 | 000,727,584 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe
PRC - [2009/08/06 05:31:06 | 000,707,104 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer ePower Management\ePowerTray.exe
PRC - [2009/08/06 05:31:02 | 000,440,864 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer ePower Management\ePowerEvent.exe
PRC - [2009/08/04 06:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Programme\EgisTec Egis Software Update\EgisUpdate.exe
PRC - [2009/07/10 10:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer VCM\RS_Service.exe
PRC - [2009/07/04 02:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2009/06/05 03:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/05 03:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/06/04 14:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Registration\GregHSRW.exe
PRC - [2009/06/02 08:58:02 | 001,130,504 | ---- | M] (Dritek System Inc.) -- C:\Programme\Launch Manager\LManager.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2003/06/07 06:30:08 | 000,057,344 | ---- | M] () -- C:\Programme\Launch Manager\PowerUtl.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/11/11 18:59:11 | 000,114,000 | ---- | M] (Joosoft.com GmbH) [Auto | Running] -- C:\Windows\System32\UpdSvc.dll -- (Update-Service)
SRV - [2011/07/24 15:41:42 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/05/01 07:07:35 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/08/06 18:18:54 | 000,311,592 | ---- | M] () [Auto | Running] -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009/08/06 05:31:06 | 000,727,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/10 10:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2009/07/04 02:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2009/06/05 03:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2009/06/04 14:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Registration\GregHSRW.exe -- (Greg_Service)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/07/24 15:41:45 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/07/24 15:41:45 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/27 08:06:44 | 000,051,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV - [2009/07/16 12:31:38 | 001,176,064 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/07/14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\serial.sys -- (Serial)
DRV - [2009/06/24 03:59:10 | 000,167,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/06/02 12:15:40 | 000,060,976 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV - [2009/06/02 12:15:38 | 000,016,432 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV - [2009/06/02 12:15:34 | 000,018,992 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV - [2009/05/11 18:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_one&r=07b511093115l03e4ww85w47323005
IE - HKLM\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\prxtbFree.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2736476
IE - HKCU\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\prxtbFree.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
 
 
 
O1 HOSTS File: ([2012/03/08 14:15:39 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2 - BHO: (Freeware.de Toolbar) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\prxtbFree.dll (Conduit Ltd.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Freeware.de Toolbar) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\prxtbFree.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Freeware.de Toolbar) - {7E111A5C-3D11-4F56-9463-5310C3C69025} - C:\Programme\Freeware.de\prxtbFree.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mwlDaemon] C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKCU..\Run: [FreeCT] C:\Program Files\FreeCountdownTimer\FreeCountdownTimer.exe (Comfort Software Group)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil11e_Plugin.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Windows\System32\d3dy2i0ki.dll ()
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.2.17.61 62.2.24.158 62.2.17.60 62.2.24.162
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{19C2AB69-811A-4D9F-9E47-0C2D40CD0D5F}: DhcpNameServer = 62.2.17.61 62.2.24.158 62.2.17.60 62.2.24.162
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E1D1366E-035D-4E53-81A1-B77285C9AC87}: DhcpNameServer = 10.60.100.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/03/08 14:24:31 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/03/08 14:15:46 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/03/08 13:49:39 | 004,431,034 | R--- | C] (Swearware) -- C:\Users\Acer\Desktop\ComboFix.exe
[2012/03/07 16:48:17 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Acer\Desktop\esetsmartinstaller_enu.exe
[2012/03/07 15:25:24 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Local\temp
[2012/03/04 15:07:43 | 002,062,896 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Acer\Desktop\tdsskiller.exe
[2012/03/04 15:05:27 | 004,730,880 | ---- | C] (AVAST Software) -- C:\Users\Acer\Desktop\aswMBR.exe
[2012/03/04 08:33:18 | 000,000,000 | ---D | C] -- C:\FRST
[2012/03/02 21:42:10 | 000,000,000 | ---D | C] -- C:\Avenger
[2012/02/28 00:59:13 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/02/28 00:59:13 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/02/28 00:59:13 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/02/27 18:06:03 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/02/18 13:38:43 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012/02/11 17:58:20 | 000,000,000 | R--D | C] -- C:\Users\Acer\Desktop\let's play's svenweisven
[2012/02/11 16:10:45 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Local\{E09BE6F8-59E7-489F-B41E-CCB4F4175006}
[2012/02/11 16:10:28 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Local\{11BC444D-7AF9-43B6-B0AF-BF4BC8FF9787}
[2009/08/14 09:46:50 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
 
========== Files - Modified Within 30 Days ==========
 
[2012/03/09 13:55:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/08 15:17:45 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/08 15:17:45 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/08 15:09:57 | 797,396,992 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/08 14:15:39 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/03/08 13:58:41 | 000,212,992 | ---- | M] () -- C:\Windows\System32\aptw2s8pj.dll
[2012/03/08 13:49:45 | 004,431,034 | R--- | M] (Swearware) -- C:\Users\Acer\Desktop\ComboFix.exe
[2012/03/07 16:48:32 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Acer\Desktop\esetsmartinstaller_enu.exe
[2012/03/07 15:31:58 | 000,451,963 | ---- | M] () -- C:\Users\Acer\Desktop\Trojanisches Pferd TR-Crypt.zpack.gen2 gefunden. Kein Internet! - Seite 4 - Trojaner-Board.webarchive
[2012/03/06 13:59:54 | 000,139,264 | ---- | M] () -- C:\Users\Acer\Desktop\RKUnhookerLE.EXE
[2012/03/05 18:30:52 | 000,302,592 | ---- | M] () -- C:\Users\Acer\Desktop\8kn8rjxd.exe
[2012/03/04 15:40:49 | 000,000,512 | ---- | M] () -- C:\Users\Acer\Desktop\MBR.dat
[2012/03/04 15:07:56 | 002,062,896 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Acer\Desktop\tdsskiller.exe
[2012/03/04 15:05:59 | 004,730,880 | ---- | M] (AVAST Software) -- C:\Users\Acer\Desktop\aswMBR.exe
[2012/03/03 23:41:52 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/03/03 23:41:52 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/03/03 23:41:52 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/03/03 23:41:52 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/03/02 21:37:12 | 000,731,136 | ---- | M] () -- C:\Users\Acer\Desktop\avenger.exe
[2012/02/29 00:07:33 | 000,302,592 | ---- | M] () -- C:\Users\Acer\Desktop\r8z3xleh.exe
[2012/02/28 01:57:50 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012/02/27 18:05:59 | 326,712,483 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/02/27 00:50:54 | 000,000,000 | ---- | M] () -- C:\Users\Acer\defogger_reenable
[2012/02/21 20:08:42 | 000,000,426 | ---- | M] () -- C:\Users\Acer\Desktop\settings.xml
[2012/02/19 03:37:27 | 000,302,320 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/02/18 23:19:44 | 000,155,762 | ---- | M] () -- C:\Users\Acer\Desktop\MCSkinEdit.jar
[2012/02/18 20:17:22 | 000,000,417 | ---- | M] () -- C:\Windows\System32\settings.xml
[2012/02/18 13:01:46 | 000,000,681 | ---- | M] () -- C:\Users\Acer\Desktop\Minecraft.exe - Verknüpfung.lnk
 
========== Files Created - No Company Name ==========
 
[2012/03/07 15:31:58 | 000,451,963 | ---- | C] () -- C:\Users\Acer\Desktop\Trojanisches Pferd TR-Crypt.zpack.gen2 gefunden. Kein Internet! - Seite 4 - Trojaner-Board.webarchive
[2012/03/06 13:59:50 | 000,139,264 | ---- | C] () -- C:\Users\Acer\Desktop\RKUnhookerLE.EXE
[2012/03/05 18:30:50 | 000,302,592 | ---- | C] () -- C:\Users\Acer\Desktop\8kn8rjxd.exe
[2012/03/04 15:40:49 | 000,000,512 | ---- | C] () -- C:\Users\Acer\Desktop\MBR.dat
[2012/03/02 21:36:59 | 000,731,136 | ---- | C] () -- C:\Users\Acer\Desktop\avenger.exe
[2012/02/29 00:07:31 | 000,302,592 | ---- | C] () -- C:\Users\Acer\Desktop\r8z3xleh.exe
[2012/02/28 01:57:50 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012/02/28 00:59:13 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/02/28 00:59:13 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/02/28 00:59:13 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/02/28 00:59:13 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/02/28 00:59:13 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/02/27 18:05:59 | 326,712,483 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/02/27 00:50:54 | 000,000,000 | ---- | C] () -- C:\Users\Acer\defogger_reenable
[2012/02/18 23:20:31 | 000,000,426 | ---- | C] () -- C:\Users\Acer\Desktop\settings.xml
[2012/02/18 19:53:17 | 000,000,417 | ---- | C] () -- C:\Windows\System32\settings.xml
[2012/02/18 13:01:46 | 000,000,681 | ---- | C] () -- C:\Users\Acer\Desktop\Minecraft.exe - Verknüpfung.lnk
[2012/01/24 17:35:34 | 000,212,992 | ---- | C] () -- C:\Windows\System32\aptw2s8pj.dll
[2011/10/05 12:11:55 | 000,000,000 | ---- | C] () -- C:\Users\Acer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/24 13:28:45 | 000,405,504 | ---- | C] () -- C:\Windows\System32\d3dy2i0ki.dll
[2011/03/30 01:40:23 | 000,000,037 | ---- | C] () -- C:\Windows\Viewer.ini
[2011/03/30 00:20:08 | 000,000,447 | ---- | C] () -- C:\Windows\SIERRA.INI
[2011/02/27 06:19:40 | 000,100,216 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2009/09/16 20:13:36 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009/09/16 20:13:35 | 000,654,166 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009/09/16 20:13:35 | 000,130,006 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009/09/16 20:13:35 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009/08/14 09:44:02 | 000,123,780 | ---- | C] () -- C:\Windows\System32\drivers\RtConvEQ.DAT
[2009/08/14 09:44:02 | 000,001,496 | ---- | C] () -- C:\Windows\System32\drivers\RtkAcerM.dat
[2009/08/14 09:44:02 | 000,000,728 | ---- | C] () -- C:\Windows\System32\drivers\RtHdatEx.dat
[2009/08/14 09:44:02 | 000,000,712 | ---- | C] () -- C:\Windows\System32\drivers\SamSfPa.dat
[2009/08/14 09:44:02 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat
[2009/08/14 09:44:02 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2009/08/14 09:44:02 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2009/08/14 09:44:02 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 05:33:53 | 000,302,320 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 03:05:48 | 000,616,008 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 03:05:48 | 000,106,388 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
 
========== LOP Check ==========
 
[2012/03/04 13:46:48 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\.minecraft
[2011/12/21 17:05:48 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Sony
[2011/11/11 18:57:30 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
 
< MD5 for: APTW2S8PJ.DLL  >
[2012/03/08 13:58:41 | 000,212,992 | ---- | M] () MD5=4DD85E80FEF52E06BB1FF950FF9CA99E -- C:\Windows\System32\aptw2s8pj.dll

< End of report >

snowly1 · 09.03.2012, 14:21

Fast vergessen: Extra.txt [CODE][/OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 3/9/2012 2:04:21 PM - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Acer\Desktop
 Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
1013.95 Mb Total Physical Memory | 513.23 Mb Available Physical Memory | 50.62% Memory free
2.07 Gb Paging File | 1.17 Gb Available in Paging File | 56.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 135.05 Gb Total Space | 63.76 Gb Free Space | 47.21% Space Free | Partition Type: NTFS
 
Computer Name: ACER-PC | User Name: Acer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{0483BE07-260D-4E4D-815E-F737C0A72E40}" = Adobe Flash Player 10 ActiveX
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{167A1F6A-9BF2-4B24-83DB-C6D659F680EA}" = Media Go
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34EF7358-ABC7-8469-5FB6-C5C0146F099E}" = Media Go Video Playback Engine 1.84.112.07020
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{404245D0-E836-4737-9C12-D4D0034540F5}_is1" = Free Countdown Timer 2.3.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51F026FA-5146-4232-A8BA-1364740BD053}" = Acer Crystal Eye webcam
"{5928359F-BF46-4646-BF19-B64E55171EB5}_is1" = FILSHtray Version 0.7
"{5A2F371F-8B5D-46B4-833C-0612B065BEC7}" = GameShadow
"{66A405D2-BA14-4594-BF36-B3B544F0754E}" = Stronghold Legends
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{69995C7A-062A-4A90-A4DF-8C22895DF522}" = iTunes
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{735619D4-B42A-437A-958C-199BFCAEDB38}" = Safari
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}" = Star Defender 4
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAF89271-2594-468D-B578-96B2E30C41C4}" = eBay Worldwide
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"AC3Filter_is1" = AC3Filter 1.63b
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"dlanconf" = devolo dLAN-Konfigurationsassistent
"dslmon" = devolo Informer
"easyclean" = devolo EasyClean
"easyshare" = devolo EasyShare
"ESET Online Scanner" = ESET Online Scanner v3
"Freeware.de Toolbar" = Freeware.de Toolbar
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinLiveSuite" = Windows Live Essentials
"Zulu" = Zulu DJ Software
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Wizard101(DE)_is1" = Wizard101(DE)
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >

--- --- ---
CODE]

Psychotic · 10.03.2012, 12:11

FRST

Downloade dir bitte Farbar's Recovery Scan Tool und speichere diese auf einen USB Stick. Schließe den USB Stick an das infizierte System an Du musst das System nun in die System Reparatur Option booten. Über den Boot Manager

Starte den Rechner neu auf.
Während dem Hochfahren drücke mehrmals die F8 Taste
Wähle nun Computer reparieren.
Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".

Mit Windows CD/DVD

Lege die Windows CD in dein Laufwerk.
Starte den Rechner neu auf und starte von der CD
Wähle die Spracheinstellungen und klicke "Weiter".
Klicke auf Computerreparaturoptionen !!
Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".

Wähle in den Reparaturoptionen Eingabeaufforderung

Gib nun bitte notepad ein und drücke Enter.
Im öffnenden Textdokument --> Datei --> Speichern unter und wähle Computer Hier wird dir der Laufwerksbuchstabe deines USB Sticks angezeigt.
Schließe Notepad wieder
Gib nun bitte folgenden Befehl ein. e:\frst.exe Hinweis: e steht für den Laufwerksbuchstaben deines USB Sticks. Gegebenfalls anpassen.
Akzeptiere den Disclaimer mit Yes.
Entferne die Haken bei "whitelist" von Registry, Services, Drivers, und known DLL's
Hake an: List Drivers MD5
klicke Scan

Das Tool erstellt eine FRST.txt auf deinem USB Stick. Poste den Inhalt bitte hier.

snowly1 · 10.03.2012, 14:46

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST written by farbar) Version: 07-03-2012 01
Ran by SYSTEM at 10-03-2012 14:35:25
Running from F:\
Windows 7 Starter   (X86) OS Language: English(US) 
The current controlset is ControlSet001

========================== Registry ==========================

HKLM\...\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe [1130504 2009-06-01] (Dritek System Inc.)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7600672 2009-07-06] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [707104 2009-08-05] (Acer Incorporated)
HKLM\...\Run: [EgisTecLiveUpdate] "C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe" [199464 2009-08-03] (Egis Technology Inc.)
HKLM\...\Run: [mwlDaemon] C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-06] (Egis Technology Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [NortonOnlineBackupReminder] "C:\Program Files\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED [588648 2009-07-24] (Symantec Corporation)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1537320 2009-06-18] (Synaptics Incorporated)
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [141848 2009-09-23] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [173592 2009-09-23] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [150552 2009-09-23] (Intel Corporation)
HKLM\...\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min [281768 2011-03-29] (Avira GmbH)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2011-07-05] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [460872 2012-01-13] (Malwarebytes Corporation)
HKU\Acer\...\Run: [FreeCT] C:\Program Files\FreeCountdownTimer\FreeCountdownTimer.exe -autorun [2033488 2011-05-24] (Comfort Software Group)
HKU\Acer\...\Policies\system: [LogonHoursAction] 2
HKU\Acer\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Default\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [1174016 2010-11-20] (Microsoft Corporation)
HKU\Default User\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [1174016 2010-11-20] (Microsoft Corporation)
HKU\Gast\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [26624 2010-11-20] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] Explorer.exe [2616320 2011-02-24] (Microsoft Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 62.2.17.61 62.2.24.158 62.2.17.60 62.2.24.162
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli

========================== Services ==========================

3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [62464 2009-07-13] (Microsoft Corporation)
3 ALG; C:\Windows\System32\alg.exe [59392 2009-07-13] (Microsoft Corporation)
2 AntiVirSchedulerService; "C:\Program Files\Avira\AntiVir Desktop\sched.exe" [136360 2011-04-30] (Avira GmbH)
2 AntiVirService; "C:\Program Files\Avira\AntiVir Desktop\avguard.exe" [269480 2011-07-24] (Avira GmbH)
3 AppIDSvc; C:\Windows\System32\appidsvc.dll [27648 2009-07-13] (Microsoft Corporation)
3 Appinfo; C:\Windows\System32\appinfo.dll [47104 2010-11-20] (Microsoft Corporation)
2 Apple Mobile Device; "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [37664 2011-02-18] (Apple Inc.)
2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [473600 2010-11-20] (Microsoft Corporation)
2 Audiosrv; C:\Windows\System32\Audiosrv.dll [473600 2010-11-20] (Microsoft Corporation)
3 AxInstSV; C:\Windows\System32\AxInstSV.dll [88064 2010-11-20] (Microsoft Corporation)
3 BDESVC; C:\Windows\System32\bdesvc.dll [76800 2009-07-13] (Microsoft Corporation)
2 BFE; C:\Windows\System32\bfe.dll [494592 2010-11-20] (Microsoft Corporation)
2 BITS; C:\Windows\System32\qmgr.dll [585728 2010-11-20] (Microsoft Corporation)
2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [387944 2011-07-12] (Apple Inc.)
3 Browser; C:\Windows\System32\browser.dll [102400 2010-11-20] (Microsoft Corporation)
3 bthserv; C:\Windows\System32\bthserv.dll [64512 2009-07-13] (Microsoft Corporation)
3 CertPropSvc; C:\Windows\System32\certprop.dll [67584 2010-11-20] (Microsoft Corporation)
4 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [66384 2009-06-10] (Microsoft Corporation)
2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation)
3 COMSysApp; C:\Windows\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [7168 2009-07-13] (Microsoft Corporation)
2 CryptSvc; C:\Windows\System32\cryptsvc.dll [136192 2010-11-20] (Microsoft Corporation)
2 DcomLaunch; C:\Windows\System32\rpcss.dll [376832 2010-11-20] (Microsoft Corporation)
3 defragsvc; C:\Windows\System32\defragsvc.dll [218624 2009-07-13] (Microsoft Corporation)
2 Dhcp; C:\Windows\System32\dhcpcore.dll [254464 2010-11-20] (Microsoft Corporation)
2 Dnscache; C:\Windows\System32\dnsrslvr.dll [132608 2011-03-02] (Microsoft Corporation)
3 dot3svc; C:\Windows\System32\dot3svc.dll [214016 2010-11-20] (Microsoft Corporation)
2 DPS; C:\Windows\System32\dps.dll [144384 2010-11-20] (Microsoft Corporation)
3 EapHost; C:\Windows\System32\eapsvc.dll [98304 2009-07-13] (Microsoft Corporation)
3 EFS; C:\Windows\System32\lsass.exe [22528 2011-11-16] (Microsoft Corporation)
2 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [727584 2009-08-05] (Acer Incorporated)
2 eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
2 EventSystem; C:\Windows\System32\es.dll [271360 2009-07-13] (Microsoft Corporation)
3 Fax; C:\Windows\System32\fxssvc.exe [523264 2010-11-20] (Microsoft Corporation)
3 fdPHost; C:\Windows\System32\fdPHost.dll [12800 2009-07-13] (Microsoft Corporation)
3 FDResPub; C:\Windows\System32\fdrespub.dll [28160 2009-07-13] (Microsoft Corporation)
2 FontCache; C:\Windows\System32\FntCache.dll [805376 2011-02-18] (Microsoft Corporation)
3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [42856 2009-06-10] (Microsoft Corporation)
2 gpsvc; C:\Windows\System32\gpsvc.dll [593408 2010-11-20] (Microsoft Corporation)
2 Greg_Service; C:\Program Files\Acer\Registration\GregHSRW.exe [1150496 2009-06-04] (Acer Incorporated)
3 hidserv; C:\Windows\System32\hidserv.dll [49152 2009-07-13] (Microsoft Corporation)
3 hkmsvc; C:\Windows\System32\kmsvc.dll [71168 2010-11-20] (Microsoft Corporation)
3 HomeGroupListener; C:\Windows\System32\ListSvc.dll [194560 2010-11-20] (Microsoft Corporation)
3 HomeGroupProvider; C:\Windows\System32\provsvc.dll [165376 2010-11-20] (Microsoft Corporation)
2 IAANTMON; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840 2009-06-04] (Intel Corporation)
3 idsvc; "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe" [878416 2010-11-04] (Microsoft Corporation)
2 IKEEXT; C:\Windows\System32\ikeext.dll [674304 2010-11-20] (Microsoft Corporation)
3 IPBusEnum; C:\Windows\System32\ipbusenum.dll [78848 2009-07-13] (Microsoft Corporation)
2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [499712 2010-11-20] (Microsoft Corporation)
3 iPod Service; "C:\Program Files\iPod\bin\iPodService.exe" [821096 2011-08-18] (Apple Inc.)
3 KeyIso; C:\Windows\System32\lsass.exe [22528 2011-11-16] (Microsoft Corporation)
3 KtmRm; C:\Windows\System32\msdtckrm.dll [308736 2009-07-13] (Microsoft Corporation)
2 LanmanServer; C:\Windows\System32\srvsvc.dll [168960 2010-11-20] (Microsoft Corporation)
3 lltdsvc; C:\Windows\System32\lltdsvc.dll [189952 2009-07-13] (Microsoft Corporation)
2 lmhosts; C:\Windows\System32\lmhsvc.dll [18432 2009-07-13] (Microsoft Corporation)
2 MBAMService; "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe" [652360 2012-01-13] (Malwarebytes Corporation)
2 MMCSS; C:\Windows\System32\mmcss.dll [49664 2009-07-13] (Microsoft Corporation)
2 MpsSvc; C:\Windows\System32\mpssvc.dll [566272 2010-11-20] (Microsoft Corporation)
3 MSDTC; C:\Windows\System32\msdtc.exe [134144 2009-07-13] (Microsoft Corporation)
3 MSiSCSI; C:\Windows\System32\iscsiexe.dll [114688 2009-07-13] (Microsoft Corporation)
3 msiserver; C:\Windows\System32\msiexec.exe /V [73216 2010-11-20] (Microsoft Corporation)
2 MWLService; C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
3 napagent; C:\Windows\System32\qagentRT.dll [330240 2010-11-20] (Microsoft Corporation)
3 Netlogon; C:\Windows\System32\lsass.exe [22528 2011-11-16] (Microsoft Corporation)
3 Netman; C:\Windows\System32\netman.dll [280576 2009-07-13] (Microsoft Corporation)
3 netprofm; C:\Windows\System32\netprofm.dll [360448 2009-07-13] (Microsoft Corporation)
4 NetTcpPortSharing; "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" [128848 2010-11-04] (Microsoft Corporation)
2 NlaSvc; C:\Windows\System32\nlasvc.dll [242688 2010-11-20] (Microsoft Corporation)
2 nsi; C:\Windows\System32\nsisvc.dll [19456 2009-07-13] (Microsoft Corporation)
3 odserv; "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE" [440696 2011-07-19] (Microsoft Corporation)
3 ose; "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [145184 2006-10-26] (Microsoft Corporation)
3 p2pimsvc; C:\Windows\System32\pnrpsvc.dll [269824 2009-07-13] (Microsoft Corporation)
3 p2psvc; C:\Windows\System32\p2psvc.dll [327680 2009-07-13] (Microsoft Corporation)
3 PcaSvc; C:\Windows\System32\pcasvc.dll [154624 2009-07-13] (Microsoft Corporation)
3 pla; C:\Windows\System32\pla.dll [1508864 2010-11-20] (Microsoft Corporation)
2 PlugPlay; C:\Windows\System32\umpnpmgr.dll [293376 2011-05-24] (Microsoft Corporation)
3 PNRPAutoReg; C:\Windows\System32\pnrpauto.dll [20480 2009-07-13] (Microsoft Corporation)
3 PNRPsvc; C:\Windows\System32\pnrpsvc.dll [269824 2009-07-13] (Microsoft Corporation)
3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [350208 2010-11-20] (Microsoft Corporation)
2 Power; C:\Windows\System32\umpo.dll [119808 2010-11-20] (Microsoft Corporation)
2 ProfSvc; C:\Windows\System32\profsvc.dll [164352 2010-11-20] (Microsoft Corporation)
3 ProtectedStorage; C:\Windows\System32\lsass.exe [22528 2011-11-16] (Microsoft Corporation)
3 QWAVE; C:\Windows\system32\qwave.dll [210944 2009-07-13] (Microsoft Corporation)
3 RasAuto; C:\Windows\System32\rasauto.dll [90624 2009-07-13] (Microsoft Corporation)
2 RasMan; C:\Windows\System32\rasmans.dll [286208 2010-11-20] (Microsoft Corporation)
4 RemoteAccess; C:\Windows\System32\mprdim.dll [75264 2009-07-13] (Microsoft Corporation)
3 RemoteRegistry; C:\Windows\System32\regsvc.dll [112640 2009-07-13] (Microsoft Corporation)
2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [43520 2009-07-13] (Microsoft Corporation)
3 RpcLocator; C:\Windows\System32\locator.exe [9216 2009-07-13] (Microsoft Corporation)
2 RpcSs; C:\Windows\System32\rpcss.dll [376832 2010-11-20] (Microsoft Corporation)
2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated)
2 SamSs; C:\Windows\System32\lsass.exe [22528 2011-11-16] (Microsoft Corporation)
3 SCardSvr; C:\Windows\System32\SCardSvr.dll [132608 2009-07-13] (Microsoft Corporation)
2 Schedule; C:\Windows\System32\schedsvc.dll [750592 2010-11-20] (Microsoft Corporation)
3 SCPolicySvc; C:\Windows\System32\certprop.dll [67584 2010-11-20] (Microsoft Corporation)
3 SDRSVC; C:\Windows\System32\SDRSVC.dll [125952 2010-11-20] (Microsoft Corporation)
2 seclogon; C:\Windows\system32\seclogon.dll [21504 2009-07-13] (Microsoft Corporation)
2 SENS; C:\Windows\System32\sens.dll [49664 2009-07-13] (Microsoft Corporation)
3 SessionEnv; C:\Windows\System32\sessenv.dll [113664 2010-11-20] (Microsoft Corporation)
2 SharedAccess; C:\Windows\System32\ipnathlp.dll [300544 2009-07-13] (Microsoft Corporation)
2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [328192 2010-11-20] (Microsoft Corporation)
3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [12800 2009-07-13] (Microsoft Corporation)
2 Spooler; C:\Windows\System32\spoolsv.exe [317440 2010-11-20] (Microsoft Corporation)
2 sppsvc; C:\Windows\System32\sppsvc.exe [3179520 2010-11-20] (Microsoft Corporation)
3 sppuinotify; C:\Windows\System32\sppuinotify.dll [53760 2010-11-20] (Microsoft Corporation)
3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [162816 2009-07-13] (Microsoft Corporation)
3 SstpSvc; C:\Windows\System32\sstpsvc.dll [90112 2009-07-13] (Microsoft Corporation)
2 StiSvc; C:\Windows\System32\wiaservc.dll [463360 2010-11-20] (Microsoft Corporation)
3 swprv; C:\Windows\System32\swprv.dll [313856 2009-07-13] (Microsoft Corporation)
2 SysMain; C:\Windows\System32\sysmain.dll [1159168 2010-11-20] (Microsoft Corporation)
3 TabletInputService; C:\Windows\System32\TabSvc.dll [73216 2010-11-20] (Microsoft Corporation)
3 TapiSrv; C:\Windows\System32\tapisrv.dll [242176 2010-11-20] (Microsoft Corporation)
3 TBS; C:\Windows\System32\tbssvc.dll [55808 2009-07-13] (Microsoft Corporation)
3 TermService; C:\Windows\System32\termsrv.dll [521216 2010-11-20] (Microsoft Corporation)
2 Themes; C:\Windows\System32\themeservice.dll [37376 2009-07-13] (Microsoft Corporation)
3 THREADORDER; C:\Windows\System32\mmcss.dll [49664 2009-07-13] (Microsoft Corporation)
2 TrkWks; C:\Windows\System32\trkwks.dll [77312 2009-07-13] (Microsoft Corporation)
3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [204800 2010-11-20] (Microsoft Corporation)
3 UI0Detect; C:\Windows\System32\UI0Detect.exe [35840 2009-07-13] (Microsoft Corporation)
2 Update-Service; C:\Windows\System32\UpdSvc.dll [114000 2011-11-11] (Joosoft.com GmbH)
2 Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [240160 2009-07-03] (Acer)
3 upnphost; C:\Windows\System32\upnphost.dll [266752 2009-07-13] (Microsoft Corporation)
2 UxSms; C:\Windows\System32\uxsms.dll [29696 2009-07-13] (Microsoft Corporation)
3 VaultSvc; C:\Windows\System32\lsass.exe [22528 2011-11-16] (Microsoft Corporation)
3 vds; C:\Windows\System32\vds.exe [453632 2010-11-20] (Microsoft Corporation)
3 VSS; C:\Windows\System32\vssvc.exe [1025536 2010-11-20] (Microsoft Corporation)
3 W32Time; C:\Windows\System32\w32time.dll [288768 2009-07-13] (Microsoft Corporation)
3 wbengine; "C:\Windows\system32\wbengine.exe" [1203200 2010-11-20] (Microsoft Corporation)
3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [151552 2009-07-13] (Microsoft Corporation)
3 wcncsvc; C:\Windows\System32\wcncsvc.dll [276992 2010-11-20] (Microsoft Corporation)
3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [32768 2009-07-13] (Microsoft Corporation)
3 WdiServiceHost; C:\Windows\System32\wdi.dll [76288 2009-07-13] (Microsoft Corporation)
3 WdiSystemHost; C:\Windows\System32\wdi.dll [76288 2009-07-13] (Microsoft Corporation)
3 WebClient; C:\Windows\System32\webclnt.dll [204800 2010-11-20] (Microsoft Corporation)
3 Wecsvc; C:\Windows\System32\wecsvc.dll [147968 2009-07-13] (Microsoft Corporation)
3 wercplsupport; C:\Windows\System32\wercplsupport.dll [61440 2009-07-13] (Microsoft Corporation)
3 WerSvc; C:\Windows\System32\WerSvc.dll [65024 2009-07-13] (Microsoft Corporation)
3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
3 WinHttpAutoProxySvc; winhttp.dll [351232 2010-11-20] (Microsoft Corporation)
2 Winmgmt; C:\Windows\System32\wbem\WMIsvc.dll [168960 2009-07-13] (Microsoft Corporation)
3 WinRM; C:\Windows\System32\WsmSvc.dll [1175040 2010-11-20] (Microsoft Corporation)
2 Wlansvc; C:\Windows\System32\wlansvc.dll [829440 2009-07-13] (Microsoft Corporation)
2 wlidsvc; "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [1713536 2011-03-28] (Microsoft Corp.)
3 wmiApSrv; C:\Windows\System32\wbem\WmiApSrv.exe [136192 2009-07-13] (Microsoft Corporation)
3 WMPNetworkSvc; "C:\Program Files\Windows Media Player\wmpnetwk.exe" [1121792 2010-11-20] (Microsoft Corporation)
3 WPCSvc; C:\Windows\System32\wpcsvc.dll [10752 2009-07-13] (Microsoft Corporation)
3 WPDBusEnum; C:\Windows\System32\wpdbusenum.dll [85504 2010-11-20] (Microsoft Corporation)
2 wscsvc; C:\Windows\System32\wscsvc.dll [73728 2009-07-13] (Microsoft Corporation)
2 WSearch; C:\Windows\System32\SearchIndexer.exe /Embedding [427520 2011-05-03] (Microsoft Corporation)
2 wuauserv; C:\Windows\System32\wuaueng.dll [1914368 2010-11-20] (Microsoft Corporation)
2 wudfsvc; C:\Windows\System32\WUDFSvc.dll [67584 2010-11-20] (Microsoft Corporation)
3 WwanSvc; C:\Windows\System32\wwansvc.dll [185856 2009-07-13] (Microsoft Corporation)

========================== Drivers ===========================

3 1394ohci; C:\Windows\System32\drivers\1394ohci.sys [164864 2010-11-20] (Microsoft Corporation)
0 ACPI; C:\Windows\System32\drivers\ACPI.sys [274304 2010-11-20] (Microsoft Corporation)
3 AcpiPmi; C:\Windows\System32\drivers\acpipmi.sys [10240 2010-11-20] (Microsoft Corporation)
3 adp94xx; C:\Windows\System32\DRIVERS\adp94xx.sys [422976 2009-07-13] (Adaptec, Inc.)
3 adpahci; C:\Windows\System32\DRIVERS\adpahci.sys [297552 2009-07-13] (Adaptec, Inc.)
3 adpu320; C:\Windows\System32\DRIVERS\adpu320.sys [146512 2009-07-13] (Adaptec, Inc.)
1 AFD; C:\Windows\System32\drivers\afd.sys [338944 2011-04-24] (Microsoft Corporation)
3 agp440; C:\Windows\System32\drivers\agp440.sys [53312 2009-07-13] (Microsoft Corporation)
3 aic78xx; C:\Windows\System32\DRIVERS\djsvs.sys [70720 2009-07-13] (Adaptec, Inc.)
3 aliide; C:\Windows\System32\drivers\aliide.sys [14400 2009-07-13] (Acer Laboratories Inc.)
3 amdagp; C:\Windows\System32\drivers\amdagp.sys [53312 2009-07-13] (Microsoft Corporation)
3 amdide; C:\Windows\System32\drivers\amdide.sys [14912 2009-07-13] (Microsoft Corporation)
3 AmdK8; C:\Windows\System32\DRIVERS\amdk8.sys [55296 2009-07-13] (Microsoft Corporation)
3 AmdPPM; C:\Windows\System32\DRIVERS\amdppm.sys [52736 2009-07-13] (Microsoft Corporation)
3 amdsata; C:\Windows\System32\drivers\amdsata.sys [80256 2011-03-10] (Advanced Micro Devices)
3 amdsbs; C:\Windows\System32\DRIVERS\amdsbs.sys [159312 2009-07-13] (AMD Technologies Inc.)
0 amdxata; C:\Windows\System32\drivers\amdxata.sys [22400 2011-03-10] (Advanced Micro Devices)
3 AppID; C:\Windows\System32\drivers\appid.sys [50176 2010-11-20] (Microsoft Corporation)
3 arc; C:\Windows\System32\DRIVERS\arc.sys [76368 2009-07-13] (Adaptec, Inc.)
3 arcsas; C:\Windows\System32\DRIVERS\arcsas.sys [86608 2009-07-13] (Adaptec, Inc.)
3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [17920 2009-07-13] (Microsoft Corporation)
0 atapi; C:\Windows\System32\drivers\atapi.sys [21584 2009-07-13] (Microsoft Corporation)
3 athr; C:\Windows\System32\DRIVERS\athr.sys [1176064 2009-07-16] (Atheros Communications, Inc.)
2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [66616 2011-07-24] (Avira GmbH)
1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [138192 2011-07-24] (Avira GmbH)
3 b06bdrv; C:\Windows\System32\DRIVERS\bxvbdx.sys [430080 2009-07-13] (Broadcom Corporation)
3 b57nd60x; C:\Windows\System32\DRIVERS\b57nd60x.sys [229888 2009-07-13] (Broadcom Corporation)
3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl6.sys [2506232 2009-07-07] (Broadcom Corporation)
1 Beep; C:\Windows\System32\Drivers\Beep.sys [6144 2009-07-13] (Microsoft Corporation)
1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [35328 2009-07-13] (Microsoft Corporation)
3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [69632 2011-02-22] (Microsoft Corporation)
3 BrFiltLo; C:\Windows\System32\DRIVERS\BrFiltLo.sys [13568 2009-07-13] (Brother Industries, Ltd.)
3 BrFiltUp; C:\Windows\System32\DRIVERS\BrFiltUp.sys [5248 2009-07-13] (Brother Industries, Ltd.)
3 BridgeMP; C:\Windows\System32\DRIVERS\bridge.sys [78336 2009-07-13] (Microsoft Corporation)
3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [272128 2009-07-13] (Brother Industries Ltd.)
3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [62336 2009-07-13] (Brother Industries Ltd.)
3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [12160 2009-07-13] (Brother Industries Ltd.)
3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [11904 2009-07-13] (Brother Industries Ltd.)
3 BTHMODEM; C:\Windows\System32\DRIVERS\bthmodem.sys [56320 2009-07-13] (Microsoft Corporation)
4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [70656 2009-07-13] (Microsoft Corporation)
1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [108544 2010-11-20] (Microsoft Corporation)
3 circlass; C:\Windows\System32\DRIVERS\circlass.sys [37888 2009-07-13] (Microsoft Corporation)
0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-13] (Microsoft Corporation)
3 CmBatt; C:\Windows\System32\DRIVERS\CmBatt.sys [14080 2009-07-13] (Microsoft Corporation)
3 cmdide; C:\Windows\System32\drivers\cmdide.sys [15952 2009-07-13] (CMD Technology, Inc.)
0 CNG; C:\Windows\System32\Drivers\cng.sys [369352 2011-11-16] (Microsoft Corporation)
0 Compbatt; C:\Windows\System32\DRIVERS\compbatt.sys [19024 2009-07-13] (Microsoft Corporation)
3 CompositeBus; C:\Windows\System32\drivers\CompositeBus.sys [31232 2010-11-20] (Microsoft Corporation)
4 crcdisk; C:\Windows\System32\DRIVERS\crcdisk.sys [22096 2009-07-13] (Microsoft Corporation)
1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [78336 2010-11-20] (Microsoft Corporation)
1 discache; C:\Windows\System32\drivers\discache.sys [32256 2009-07-13] (Microsoft Corporation)
0 Disk; C:\Windows\System32\DRIVERS\disk.sys [57424 2009-07-13] (Microsoft Corporation)
3 DKbFltr; C:\Windows\System32\DRIVERS\DKbFltr.sys [21000 2009-03-25] (Dritek System Inc.)
3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5120 2009-07-13] (Microsoft Corporation)
3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [728448 2010-11-20] (Microsoft Corporation)
3 ebdrv; C:\Windows\System32\DRIVERS\evbdx.sys [3100160 2009-07-13] (Broadcom Corporation)
3 elxstor; C:\Windows\System32\DRIVERS\elxstor.sys [453712 2009-07-13] (Emulex)
3 ErrDev; C:\Windows\System32\drivers\errdev.sys [7168 2009-07-13] (Microsoft Corporation)
3 exfat; C:\Windows\System32\Drivers\exfat.sys [142336 2009-07-13] (Microsoft Corporation)
3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [148480 2009-07-13] (Microsoft Corporation)
3 fdc; C:\Windows\System32\DRIVERS\fdc.sys [25088 2009-07-13] (Microsoft Corporation)
0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [58448 2009-07-13] (Microsoft Corporation)
3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [28160 2009-07-13] (Microsoft Corporation)
3 flpydisk; C:\Windows\System32\DRIVERS\flpydisk.sys [19968 2009-07-13] (Microsoft Corporation)
0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [198208 2009-07-13] (Microsoft Corporation)
3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [46160 2009-07-13] (Microsoft Corporation)
0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [19536 2009-07-13] (Microsoft Corporation)
0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [194800 2010-11-20] (Microsoft Corporation)
3 gagp30kx; C:\Windows\System32\DRIVERS\gagp30kx.sys [57936 2009-07-13] (Microsoft Corporation)
3 GEARAspiWDM; C:\Windows\System32\DRIVERS\GEARAspiWDM.sys [26600 2009-05-18] (GEAR Software Inc.)
3 hcw85cir; C:\Windows\System32\drivers\hcw85cir.sys [26624 2009-07-13] (Hauppauge Computer Works, Inc.)
3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [304128 2010-11-20] (Microsoft Corporation)
3 HDAudBus; C:\Windows\System32\drivers\HDAudBus.sys [108544 2010-11-20] (Microsoft Corporation)
3 HidBatt; C:\Windows\System32\DRIVERS\HidBatt.sys [21504 2009-07-13] (Microsoft Corporation)
3 HidBth; C:\Windows\System32\DRIVERS\hidbth.sys [91136 2009-07-13] (Microsoft Corporation)
3 HidIr; C:\Windows\System32\DRIVERS\hidir.sys [37888 2009-07-13] (Microsoft Corporation)
3 HidUsb; C:\Windows\System32\drivers\hidusb.sys [24064 2010-11-20] (Microsoft Corporation)
3 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [67152 2009-07-13] (Hewlett-Packard Company)
3 HTTP; C:\Windows\System32\drivers\HTTP.sys [513536 2010-11-20] (Microsoft Corporation)
0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14208 2010-11-20] (Microsoft Corporation)
3 i8042prt; C:\Windows\System32\drivers\i8042prt.sys [80896 2009-07-13] (Microsoft Corporation)
0 iaStor; C:\Windows\System32\DRIVERS\iaStor.sys [330264 2009-06-04] (Intel Corporation)
3 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [332160 2011-03-10] (Intel Corporation)
3 igfx; C:\Windows\System32\DRIVERS\igdkmd32.sys [4808192 2009-09-23] (Intel Corporation)
3 iirsp; C:\Windows\System32\DRIVERS\iirsp.sys [41040 2009-07-13] (Intel Corp./ICP vortex GmbH)
3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHDA.sys [2657120 2009-07-06] (Realtek Semiconductor Corp.)
0 intelide; C:\Windows\System32\drivers\intelide.sys [15424 2009-07-13] (Microsoft Corporation)
3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [53760 2009-07-13] (Microsoft Corporation)
3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [58880 2009-07-13] (Microsoft Corporation)
3 IPMIDRV; C:\Windows\System32\drivers\IPMIDrv.sys [65536 2010-11-20] (Microsoft Corporation)
3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [101888 2009-07-13] (Microsoft Corporation)
3 IRENUM; C:\Windows\System32\drivers\irenum.sys [13824 2009-07-13] (Microsoft Corporation)
3 isapnp; C:\Windows\System32\drivers\isapnp.sys [46656 2009-07-13] (Microsoft Corporation)
3 iScsiPrt; C:\Windows\System32\drivers\msiscsi.sys [233344 2010-11-20] (Microsoft Corporation)
3 kbdclass; C:\Windows\System32\drivers\kbdclass.sys [42576 2009-07-13] (Microsoft Corporation)
3 kbdhid; C:\Windows\System32\drivers\kbdhid.sys [28160 2010-11-20] (Microsoft Corporation)
0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [67440 2011-11-16] (Microsoft Corporation)
0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [134000 2011-11-16] (Microsoft Corporation)
3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [51712 2009-07-26] (Atheros Communications, Inc.)
2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [48128 2009-07-13] (Microsoft Corporation)
3 LSI_FC; C:\Windows\System32\DRIVERS\lsi_fc.sys [95824 2009-07-13] (LSI Corporation)
3 LSI_SAS; C:\Windows\System32\DRIVERS\lsi_sas.sys [89168 2009-07-13] (LSI Corporation)
3 LSI_SAS2; C:\Windows\System32\DRIVERS\lsi_sas2.sys [54864 2009-07-13] (LSI Corporation)
3 LSI_SCSI; C:\Windows\System32\DRIVERS\lsi_scsi.sys [96848 2009-07-13] (LSI Corporation)
2 luafv; C:\Windows\System32\drivers\luafv.sys [86528 2009-07-13] (Microsoft Corporation)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [20464 2011-12-10] (Malwarebytes Corporation)
3 megasas; C:\Windows\System32\DRIVERS\megasas.sys [30800 2009-07-13] (LSI Corporation)
3 MegaSR; C:\Windows\System32\DRIVERS\MegaSR.sys [235584 2009-07-13] (LSI Corporation, Inc.)
3 Modem; C:\Windows\System32\drivers\modem.sys [31744 2009-07-13] (Microsoft Corporation)
3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [23552 2009-07-13] (Microsoft Corporation)
3 mouclass; C:\Windows\System32\drivers\mouclass.sys [41552 2009-07-13] (Microsoft Corporation)
3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [26112 2009-07-13] (Microsoft Corporation)
0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [78208 2010-11-20] (Microsoft Corporation)
3 mpio; C:\Windows\System32\drivers\mpio.sys [130432 2010-11-20] (Microsoft Corporation)
3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [60416 2009-07-13] (Microsoft Corporation)
3 MRxDAV; C:\Windows\System32\drivers\mrxdav.sys [115712 2010-11-20] (Microsoft Corporation)
3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [123904 2011-04-26] (Microsoft Corporation)
3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [223744 2011-07-08] (Microsoft Corporation)
3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [96768 2011-04-26] (Microsoft Corporation)
3 msahci; C:\Windows\System32\drivers\msahci.sys [28032 2010-11-20] (Microsoft Corporation)
3 msdsm; C:\Windows\System32\drivers\msdsm.sys [116096 2010-11-20] (Microsoft Corporation)
1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [22528 2009-07-13] (Microsoft Corporation)
3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [4096 2009-07-13] (Microsoft Corporation)
0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [13888 2009-07-13] (Microsoft Corporation)
3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [8320 2009-07-13] (Microsoft Corporation)
3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [5888 2009-07-13] (Microsoft Corporation)
3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [5504 2009-07-13] (Microsoft Corporation)
3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [162896 2009-07-13] (Microsoft Corporation)
1 mssmbios; C:\Windows\System32\drivers\mssmbios.sys [28240 2009-07-13] (Microsoft Corporation)
3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [6144 2009-07-13] (Microsoft Corporation)
3 MTConfig; C:\Windows\System32\DRIVERS\MTConfig.sys [12288 2009-07-13] (Microsoft Corporation)
0 Mup; C:\Windows\System32\Drivers\mup.sys [49728 2009-07-13] (Microsoft Corporation)
1 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [18992 2009-06-02] (Egis Technology Inc.)
1 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16432 2009-06-02] (Egis Technology Inc.)
1 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [60976 2009-06-02] (Egis Technology Inc.)
3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [267264 2009-07-13] (Microsoft Corporation)
0 NDIS; C:\Windows\System32\drivers\ndis.sys [712576 2010-11-20] (Microsoft Corporation)
3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [27136 2009-07-13] (Microsoft Corporation)
3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [20992 2009-07-13] (Microsoft Corporation)
3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [46080 2010-11-20] (Microsoft Corporation)
3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [118784 2010-11-20] (Microsoft Corporation)
3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [48640 2010-11-20] (Microsoft Corporation)
1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [36352 2009-07-13] (Microsoft Corporation)
1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [187904 2010-11-20] (Microsoft Corporation)
3 nfrd960; C:\Windows\System32\DRIVERS\nfrd960.sys [44624 2009-07-13] (IBM Corporation)
1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [35328 2009-07-13] (Microsoft Corporation)
1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [16896 2009-07-13] (Microsoft Corporation)
3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1211264 2011-03-10] (Microsoft Corporation)
1 Null; C:\Windows\System32\Drivers\Null.sys [4608 2009-07-13] (Microsoft Corporation)
3 nvraid; C:\Windows\System32\drivers\nvraid.sys [117120 2011-03-10] (NVIDIA Corporation)
3 nvstor; C:\Windows\System32\drivers\nvstor.sys [143744 2011-03-10] (NVIDIA Corporation)
3 nv_agp; C:\Windows\System32\drivers\nv_agp.sys [105024 2009-07-13] (Microsoft Corporation)
3 ohci1394; C:\Windows\System32\drivers\ohci1394.sys [62464 2009-07-13] (Microsoft Corporation)
3 Parport; C:\Windows\System32\DRIVERS\parport.sys [79360 2009-07-13] (Microsoft Corporation)
0 partmgr; C:\Windows\System32\drivers\partmgr.sys [56192 2010-11-20] (Microsoft Corporation)
2 Parvdm; C:\Windows\System32\DRIVERS\parvdm.sys [8704 2009-07-13] (Microsoft Corporation)
0 pci; C:\Windows\System32\drivers\pci.sys [153984 2010-11-20] (Microsoft Corporation)
3 pciide; C:\Windows\System32\drivers\pciide.sys [12368 2009-07-13] (Microsoft Corporation)
3 pcmcia; C:\Windows\System32\DRIVERS\pcmcia.sys [180288 2009-07-13] (Microsoft Corporation)
0 pcw; C:\Windows\System32\drivers\pcw.sys [43088 2009-07-13] (Microsoft Corporation)
2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [586752 2009-07-13] (Microsoft Corporation)
3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [73728 2009-07-13] (Microsoft Corporation)
3 Processor; C:\Windows\System32\DRIVERS\processr.sys [52224 2009-07-13] (Microsoft Corporation)
1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [104448 2009-07-13] (Microsoft Corporation)
3 ql2300; C:\Windows\System32\DRIVERS\ql2300.sys [1383488 2009-07-13] (QLogic Corporation)
3 ql40xx; C:\Windows\System32\DRIVERS\ql40xx.sys [106064 2009-07-13] (QLogic Corporation)
3 QWAVEdrv; C:\Windows\System32\drivers\qwavedrv.sys [31744 2009-07-13] (Microsoft Corporation)
3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [11776 2009-07-13] (Microsoft Corporation)
3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [49152 2009-07-13] (Microsoft Corporation)
3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [78848 2009-07-13] (Microsoft Corporation)
3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [77824 2009-07-13] (Microsoft Corporation)
3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [75264 2009-07-13] (Microsoft Corporation)
1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [242688 2010-11-20] (Microsoft Corporation)
3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [18944 2009-07-13] (Microsoft Corporation)
1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [6656 2010-11-20] (Microsoft Corporation)
1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [6656 2009-07-13] (Microsoft Corporation)
1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [7168 2009-07-13] (Microsoft Corporation)
3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [183808 2010-11-20] (Microsoft Corporation)
0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [173440 2010-11-20] (Microsoft Corporation)
2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [60928 2009-07-13] (Microsoft Corporation)
3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [167424 2009-06-23] (Realtek Semiconductor Corp.)
3 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [85376 2010-11-20] (Microsoft Corporation)
3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [26624 2010-11-20] (Microsoft Corporation)
2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [20480 2009-07-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [17920 2009-07-13] (Microsoft Corporation)
3 Serial; C:\Windows\System32\DRIVERS\serial.sys [83456 2009-07-13] (Microsoft Corporation)
3 sermouse; C:\Windows\System32\DRIVERS\sermouse.sys [19968 2009-07-13] (Microsoft Corporation)
3 sffdisk; C:\Windows\System32\drivers\sffdisk.sys [11264 2009-07-13] (Microsoft Corporation)
3 sffp_mmc; C:\Windows\System32\drivers\sffp_mmc.sys [12288 2009-07-13] (Microsoft Corporation)
3 sffp_sd; C:\Windows\System32\drivers\sffp_sd.sys [12800 2010-11-20] (Microsoft Corporation)
3 sfloppy; C:\Windows\System32\DRIVERS\sfloppy.sys [13824 2009-07-13] (Microsoft Corporation)
3 sisagp; C:\Windows\System32\drivers\sisagp.sys [52304 2009-07-13] (Microsoft Corporation)
3 SiSRaid2; C:\Windows\System32\DRIVERS\SiSRaid2.sys [40016 2009-07-13] (Silicon Integrated Systems Corp.)
3 SiSRaid4; C:\Windows\System32\DRIVERS\sisraid4.sys [77888 2009-07-13] (Silicon Integrated Systems)
3 Smb; C:\Windows\System32\DRIVERS\smb.sys [71168 2009-07-13] (Microsoft Corporation)
0 spldr; C:\Windows\System32\Drivers\spldr.sys [17472 2009-07-13] (Microsoft Corporation)
3 srv; C:\Windows\System32\DRIVERS\srv.sys [311808 2011-04-28] (Microsoft Corporation)
3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [310272 2011-04-28] (Microsoft Corporation)
3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [114688 2011-04-28] (Microsoft Corporation)
1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2009-05-11] (Avira GmbH)
3 stexstor; C:\Windows\System32\DRIVERS\stexstor.sys [21072 2009-07-13] (Promise Technology)
3 swenum; C:\Windows\System32\drivers\swenum.sys [12240 2009-07-13] (Microsoft Corporation)
3 SynTP; C:\Windows\System32\DRIVERS\SynTP.sys [212400 2009-06-18] (Synaptics Incorporated)
0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1290608 2011-09-29] (Microsoft Corporation)
3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1290608 2011-09-29] (Microsoft Corporation)
2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [35328 2010-11-20] (Microsoft Corporation)
3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [18432 2010-11-20] (Microsoft Corporation)
3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [24576 2010-11-20] (Microsoft Corporation)
1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [74752 2010-11-20] (Microsoft Corporation)
1 TermDD; C:\Windows\System32\drivers\termdd.sys [53120 2010-11-20] (Microsoft Corporation)
3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [31232 2010-11-20] (Microsoft Corporation)
3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [52224 2010-11-20] (Microsoft Corporation)
3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [108544 2010-11-20] (Microsoft Corporation)
3 uagp35; C:\Windows\System32\DRIVERS\uagp35.sys [55888 2009-07-13] (Microsoft Corporation)
4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [246784 2010-11-20] (Microsoft Corporation)
3 uliagpkx; C:\Windows\System32\drivers\uliagpkx.sys [57424 2009-07-13] (Microsoft Corporation)
3 umbus; C:\Windows\System32\drivers\umbus.sys [39936 2010-11-20] (Microsoft Corporation)
3 UmPass; C:\Windows\System32\DRIVERS\umpass.sys [8192 2009-07-13] (Microsoft Corporation)
3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [42496 2011-05-09] (Apple, Inc.)
3 usbaudio; C:\Windows\System32\drivers\usbaudio.sys [80768 2010-11-20] (Microsoft Corporation)
3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [75776 2011-03-24] (Microsoft Corporation)
3 usbcir; C:\Windows\System32\drivers\usbcir.sys [86016 2009-07-13] (Microsoft Corporation)
3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [43008 2011-03-24] (Microsoft Corporation)
3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [258560 2011-03-24] (Microsoft Corporation)
3 usbohci; C:\Windows\System32\drivers\usbohci.sys [20480 2011-03-24] (Microsoft Corporation)
3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [19968 2009-07-13] (Microsoft Corporation)
3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [76288 2011-03-10] (Microsoft Corporation)
3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [24064 2011-03-24] (Microsoft Corporation)
3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [146432 2010-11-20] (Microsoft Corporation)
0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [32832 2009-07-13] (Microsoft Corporation)
3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [26112 2009-07-13] (Microsoft Corporation)
1 VgaSave; C:\Windows\System32\drivers\vga.sys [25088 2009-07-13] (Microsoft Corporation)
3 vhdmp; C:\Windows\System32\drivers\vhdmp.sys [160128 2010-11-20] (Microsoft Corporation)
3 viaagp; C:\Windows\System32\drivers\viaagp.sys [53328 2009-07-13] (Microsoft Corporation)
3 ViaC7; C:\Windows\System32\DRIVERS\viac7.sys [52736 2009-07-13] (Microsoft Corporation)
3 viaide; C:\Windows\System32\drivers\viaide.sys [16976 2009-07-13] (VIA Technologies, Inc.)
0 volmgr; C:\Windows\System32\drivers\volmgr.sys [53120 2010-11-20] (Microsoft Corporation)
0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [297040 2009-07-13] (Microsoft Corporation)
0 volsnap; C:\Windows\System32\drivers\volsnap.sys [245632 2010-11-20] (Microsoft Corporation)
3 vsmraid; C:\Windows\System32\DRIVERS\vsmraid.sys [141904 2009-07-13] (VIA Technologies Inc.,Ltd)
3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [19968 2009-07-13] (Microsoft Corporation)
1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [48128 2009-07-13] (Microsoft Corporation)
3 WacomPen; C:\Windows\System32\DRIVERS\wacompen.sys [21632 2009-07-13] (Microsoft Corporation)
3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] (Microsoft Corporation)
1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] (Microsoft Corporation)
3 Wd; C:\Windows\System32\DRIVERS\wd.sys [19024 2009-07-13] (Microsoft Corporation)
0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [445008 2009-07-13] (Microsoft Corporation)
1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [9728 2009-07-13] (Microsoft Corporation)
3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [19008 2009-07-13] (Microsoft Corporation)
3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [35968 2010-11-20] (Microsoft Corporation)
3 WmiAcpi; C:\Windows\System32\drivers\wmiacpi.sys [11264 2009-07-13] (Microsoft Corporation)
1 ws2ifsl; C:\Windows\System32\drivers\ws2ifsl.sys [16384 2009-07-13] (Microsoft Corporation)
3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [92672 2010-11-20] (Microsoft Corporation)
3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [132224 2010-11-20] (Microsoft Corporation)
3 catchme; \??\C:\Users\Acer\AppData\Local\Temp\catchme.sys [x]
3 CFcatchme; \??\C:\Users\Acer\AppData\Local\Temp\CFcatchme.sys [x]
3 RtsUIR; C:\Windows\System32\DRIVERS\Rts516xIR.sys [x]
3 USBCCID; C:\Windows\System32\DRIVERS\RtsUCcid.sys [x]

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2012-03-09 05:16 - 2012-03-09 05:16 - 0027936 ____A C:\Users\Acer\Desktop\Extras.Txt
2012-03-08 05:22 - 2012-03-08 05:24 - 0010692 ____A C:\ComboFix.txt
2012-03-08 05:15 - 2012-03-08 05:15 - 0000000 __SHD C:\$RECYCLE.BIN
2012-03-08 04:49 - 2012-03-08 04:49 - 4431034 ____R (Swearware) C:\Users\Acer\Desktop\ComboFix.exe
2012-03-07 10:13 - 2012-03-08 06:22 - 0000167 ____A C:\Users\Acer\Desktop\08.03.14.17 Uhr.txt
2012-03-07 07:48 - 2012-03-07 07:48 - 2322184 ____A (ESET) C:\Users\Acer\Desktop\esetsmartinstaller_enu.exe
2012-03-07 06:31 - 2012-03-07 06:31 - 0451963 ____A C:\Users\Acer\Desktop\Trojanisches Pferd TR-Crypt.zpack.gen2 gefunden. Kein Internet! - Seite 4 - Trojaner-Board.webarchive
2012-03-06 04:59 - 2012-03-06 04:59 - 0139264 ____A () C:\Users\Acer\Desktop\RKUnhookerLE.EXE
2012-03-05 10:15 - 2012-03-06 07:35 - 0094663 ____A C:\Users\Acer\Desktop\RKU1.txt
2012-03-05 09:30 - 2012-03-05 09:30 - 0302592 ____A C:\Users\Acer\Desktop\8kn8rjxd.exe
2012-03-04 06:42 - 2012-03-04 06:43 - 0077840 ____A C:\TDSSKiller.2.7.18.0_04.03.2012_15.42.06_log.txt
2012-03-04 06:40 - 2012-03-04 06:40 - 0000512 ____A C:\Users\Acer\Desktop\MBR.dat
2012-03-04 06:07 - 2012-03-04 06:07 - 2062896 ____A (Kaspersky Lab ZAO) C:\Users\Acer\Desktop\tdsskiller.exe
2012-03-04 06:05 - 2012-03-04 06:05 - 4730880 ____A (AVAST Software) C:\Users\Acer\Desktop\aswMBR.exe
2012-03-03 23:33 - 2012-03-10 14:35 - 0000000 ____D C:\FRST
2012-03-02 12:42 - 2012-03-02 12:43 - 0000000 ____D C:\Avenger
2012-03-02 12:42 - 2012-03-02 12:42 - 0001298 ____A C:\avenger.txt
2012-03-02 12:36 - 2012-03-02 12:37 - 0731136 ____A C:\Users\Acer\Desktop\avenger.exe
2012-02-28 15:07 - 2012-02-28 15:07 - 0302592 ____A C:\Users\Acer\Desktop\r8z3xleh.exe
2012-02-27 16:57 - 2012-02-27 16:57 - 9705472 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-02-27 16:57 - 2012-02-27 16:57 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-02-27 16:57 - 2012-02-27 16:57 - 1798656 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 1792000 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 1427456 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-02-27 16:57 - 2012-02-27 16:57 - 12282368 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 1127424 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 1103360 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0580608 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0434176 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0367104 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-02-27 16:57 - 2012-02-27 16:57 - 0353792 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0353584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0227840 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0223232 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0203776 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0162304 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0152064 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-02-27 16:57 - 2012-02-27 16:57 - 0150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-02-27 16:57 - 2012-02-27 16:57 - 0142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-02-27 16:57 - 2012-02-27 16:57 - 0130560 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0123392 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0118784 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0101888 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0086528 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0078848 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-02-27 16:57 - 2012-02-27 16:57 - 0074752 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-02-27 16:57 - 2012-02-27 16:57 - 0074752 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0074240 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-02-27 16:57 - 2012-02-27 16:57 - 0072822 ____A C:\Windows\System32\ieuinit.inf
2012-02-27 16:57 - 2012-02-27 16:57 - 0072704 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0066048 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0063488 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-02-27 16:57 - 2012-02-27 16:57 - 0054272 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0041472 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0035840 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0031744 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0023552 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0011776 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-02-27 16:57 - 2012-02-27 16:57 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-02-27 16:30 - 2012-02-27 16:30 - 0001629 ____A C:\Windows\System32\FSS.txt
2012-02-27 15:59 - 2011-06-25 22:45 - 0256000 ____A C:\Windows\PEV.exe
2012-02-27 15:59 - 2010-11-07 09:20 - 0208896 ____A C:\Windows\MBR.exe
2012-02-27 15:59 - 2009-04-19 20:56 - 0060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2012-02-27 15:59 - 2000-08-30 16:00 - 0518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2012-02-27 15:59 - 2000-08-30 16:00 - 0406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2012-02-27 15:59 - 2000-08-30 16:00 - 0098816 ____A C:\Windows\sed.exe
2012-02-27 15:59 - 2000-08-30 16:00 - 0080412 ____A C:\Windows\grep.exe
2012-02-27 15:59 - 2000-08-30 16:00 - 0068096 ____A C:\Windows\zip.exe
2012-02-27 15:55 - 2012-02-27 15:55 - 0337133 ____A C:\Users\Acer\Downloads\FSS.exe
2012-02-27 15:49 - 2012-02-27 15:50 - 4420957 ____A (Swearware) C:\Users\Acer\Downloads\ComboFix.exe
2012-02-27 09:06 - 2012-02-27 09:06 - 0144960 ____A C:\Windows\Minidump\022712-17643-01.dmp
2012-02-27 09:06 - 2012-02-27 09:06 - 0000000 ____D C:\Windows\Minidump
2012-02-27 09:05 - 2012-02-27 09:05 - 326712483 ____A C:\Windows\MEMORY.DMP
2012-02-27 08:29 - 2012-02-27 08:29 - 0302592 ____A C:\Users\Acer\Downloads\g20q7onb.exe
2012-02-26 15:50 - 2012-02-26 15:50 - 0000000 ____A C:\Users\Acer\defogger_reenable
2012-02-26 15:47 - 2012-02-26 15:47 - 0302592 ____A C:\Users\Acer\Downloads\hk4txtc9.exe
2012-02-26 15:43 - 2012-02-26 15:43 - 0607260 ____R (Swearware) C:\Users\Acer\Downloads\dds.com
2012-02-26 15:41 - 2012-02-26 15:41 - 0050477 ____A C:\Users\Acer\Downloads\Defogger.exe
2012-02-19 09:26 - 2012-02-19 09:26 - 0553863 ____A C:\Users\Acer\Downloads\2011_06_29_SkinEdit_alpha3_pre7_fix.zip
2012-02-19 06:39 - 2012-02-19 06:42 - 24554628 ____A C:\Users\Acer\Downloads\GammlerPlay.zip
2012-02-18 16:03 - 2012-02-18 16:05 - 0000022 ____A C:\Users\Acer\Downloads\Star Wars Skin Pack V4.zip
2012-02-18 15:26 - 2012-02-18 15:41 - 14513553 ____A C:\Users\Acer\Downloads\DokuCraft - The Saga Continues 1.2.zip
2012-02-18 15:18 - 2012-02-18 15:18 - 4389435 ____A C:\Users\Acer\Downloads\DokuCraft_218326.zip
2012-02-18 14:20 - 2012-02-21 11:08 - 0000426 ____A C:\Users\Acer\Desktop\settings.xml
2012-02-18 10:53 - 2012-02-18 11:17 - 0000417 ____A C:\Windows\System32\settings.xml
2012-02-18 04:38 - 2012-02-18 04:38 - 0000000 ____D C:\Windows\Sun
2012-02-18 04:02 - 2011-12-29 21:27 - 0478720 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl
2012-02-18 04:01 - 2012-02-18 04:01 - 0000681 ____A C:\Users\Acer\Desktop\Minecraft.exe - Verknüpfung.lnk
2012-02-18 04:01 - 2012-01-04 00:59 - 12872704 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-02-18 04:01 - 2012-01-04 00:58 - 0442880 ____A (Microsoft Corporation) C:\Windows\System32\ntshrui.dll
2012-02-18 04:01 - 2011-12-15 23:52 - 0690688 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2012-02-18 04:00 - 2012-01-13 19:35 - 2343424 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-02-18 03:39 - 2012-02-18 03:39 - 0510657 ____A C:\Users\Acer\Downloads\MCSkinEdit_a3_pre5.zip
2012-02-11 08:58 - 2012-02-26 12:49 - 0000000 ___RD C:\Users\Acer\Desktop\let's play's svenweisven
2012-02-11 07:10 - 2012-02-11 07:10 - 0000000 ____D C:\Users\Acer\AppData\Local\{E09BE6F8-59E7-489F-B41E-CCB4F4175006}
2012-02-11 07:10 - 2012-02-11 07:10 - 0000000 ____D C:\Users\Acer\AppData\Local\{11BC444D-7AF9-43B6-B0AF-BF4BC8FF9787}
2012-02-11 03:09 - 2012-02-11 03:10 - 0270142 ____A C:\Users\Acer\Downloads\Minecraft.exe


============ 3 Months Modified Files and Folders ===============

2012-03-10 14:35 - 2012-03-03 23:33 - 0000000 ____D C:\FRST
2012-03-10 05:29 - 2009-09-16 10:36 - 797396992 __ASH C:\hiberfil.sys
2012-03-10 05:29 - 2009-08-14 01:26 - 0852842 ____A C:\Windows\PFRO.log
2012-03-10 05:29 - 2009-07-13 20:53 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-03-10 05:29 - 2009-07-13 20:39 - 0058322 ____A C:\Windows\setupact.log
2012-03-10 05:28 - 2009-09-16 10:39 - 1918483 ____A C:\Windows\WindowsUpdate.log
2012-03-09 05:16 - 2012-03-09 05:16 - 0054154 ____A C:\Users\Acer\Desktop\OTL.Txt
2012-03-09 05:16 - 2012-03-09 05:16 - 0027936 ____A C:\Users\Acer\Desktop\Extras.Txt
2012-03-08 06:22 - 2012-03-07 10:13 - 0000167 ____A C:\Users\Acer\Desktop\08.03.14.17 Uhr.txt
2012-03-08 06:17 - 2009-07-13 20:34 - 0009696 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-03-08 06:17 - 2009-07-13 20:34 - 0009696 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-03-08 05:24 - 2012-03-08 05:22 - 0010692 ____A C:\ComboFix.txt
2012-03-08 05:24 - 2012-01-06 11:00 - 0000000 ____D C:\Qoobox
2012-03-08 05:15 - 2012-03-08 05:15 - 0000000 __SHD C:\$RECYCLE.BIN
2012-03-08 05:15 - 2009-07-13 18:04 - 0000215 ____A C:\Windows\system.ini
2012-03-08 05:15 - 2009-07-13 18:04 - 0000027 ____A C:\Windows\System32\Drivers\etc\hosts
2012-03-08 04:58 - 2012-01-24 08:35 - 0212992 ____A C:\Windows\System32\aptw2s8pj.dll
2012-03-08 04:49 - 2012-03-08 04:49 - 4431034 ____R (Swearware) C:\Users\Acer\Desktop\ComboFix.exe
2012-03-07 07:48 - 2012-03-07 07:48 - 2322184 ____A (ESET) C:\Users\Acer\Desktop\esetsmartinstaller_enu.exe
2012-03-07 06:31 - 2012-03-07 06:31 - 0451963 ____A C:\Users\Acer\Desktop\Trojanisches Pferd TR-Crypt.zpack.gen2 gefunden. Kein Internet! - Seite 4 - Trojaner-Board.webarchive
2012-03-06 07:35 - 2012-03-05 10:15 - 0094663 ____A C:\Users\Acer\Desktop\RKU1.txt
2012-03-06 04:59 - 2012-03-06 04:59 - 0139264 ____A () C:\Users\Acer\Desktop\RKUnhookerLE.EXE
2012-03-05 09:30 - 2012-03-05 09:30 - 0302592 ____A C:\Users\Acer\Desktop\8kn8rjxd.exe
2012-03-04 06:43 - 2012-03-04 06:42 - 0077840 ____A C:\TDSSKiller.2.7.18.0_04.03.2012_15.42.06_log.txt
2012-03-04 06:40 - 2012-03-04 06:40 - 0000512 ____A C:\Users\Acer\Desktop\MBR.dat
2012-03-04 06:07 - 2012-03-04 06:07 - 2062896 ____A (Kaspersky Lab ZAO) C:\Users\Acer\Desktop\tdsskiller.exe
2012-03-04 06:05 - 2012-03-04 06:05 - 4730880 ____A (AVAST Software) C:\Users\Acer\Desktop\aswMBR.exe
2012-03-04 04:46 - 2011-12-07 07:40 - 0000000 ____D C:\Users\Acer\AppData\Roaming\.minecraft
2012-03-04 03:33 - 2011-09-23 12:39 - 0000000 ____D C:\Users\Acer\AppData\Roaming\Skype
2012-03-03 14:41 - 2009-08-14 00:37 - 1498506 ____A C:\Windows\System32\PerfStringBackup.INI
2012-03-02 12:43 - 2012-03-02 12:42 - 0000000 ____D C:\Avenger
2012-03-02 12:42 - 2012-03-02 12:42 - 0001298 ____A C:\avenger.txt
2012-03-02 12:37 - 2012-03-02 12:36 - 0731136 ____A C:\Users\Acer\Desktop\avenger.exe
2012-03-01 07:23 - 2012-01-06 11:00 - 0000000 ____D C:\Windows\ERDNT
2012-02-28 15:07 - 2012-02-28 15:07 - 0302592 ____A C:\Users\Acer\Desktop\r8z3xleh.exe
2012-02-28 04:32 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\rescache
2012-02-28 02:18 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\Microsoft.NET
2012-02-28 01:32 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\de-DE
2012-02-27 16:59 - 2011-10-11 06:42 - 0021282 ____A C:\Windows\IE9_main.log
2012-02-27 16:57 - 2012-02-27 16:57 - 9705472 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-02-27 16:57 - 2012-02-27 16:57 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-02-27 16:57 - 2012-02-27 16:57 - 1798656 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 1792000 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 1427456 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-02-27 16:57 - 2012-02-27 16:57 - 12282368 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 1127424 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 1103360 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0580608 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0434176 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0367104 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-02-27 16:57 - 2012-02-27 16:57 - 0353792 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0353584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0227840 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0223232 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0203776 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0162304 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0152064 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-02-27 16:57 - 2012-02-27 16:57 - 0150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-02-27 16:57 - 2012-02-27 16:57 - 0142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-02-27 16:57 - 2012-02-27 16:57 - 0130560 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0123392 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0118784 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0101888 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0086528 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0078848 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-02-27 16:57 - 2012-02-27 16:57 - 0074752 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-02-27 16:57 - 2012-02-27 16:57 - 0074752 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0074240 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-02-27 16:57 - 2012-02-27 16:57 - 0072822 ____A C:\Windows\System32\ieuinit.inf
2012-02-27 16:57 - 2012-02-27 16:57 - 0072704 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0066048 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0063488 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-02-27 16:57 - 2012-02-27 16:57 - 0054272 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0041472 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0035840 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0031744 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0023552 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-02-27 16:57 - 2012-02-27 16:57 - 0011776 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-02-27 16:57 - 2012-02-27 16:57 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-02-27 16:30 - 2012-02-27 16:30 - 0001629 ____A C:\Windows\System32\FSS.txt
2012-02-27 15:55 - 2012-02-27 15:55 - 0337133 ____A C:\Users\Acer\Downloads\FSS.exe
2012-02-27 15:50 - 2012-02-27 15:49 - 4420957 ____A (Swearware) C:\Users\Acer\Downloads\ComboFix.exe
2012-02-27 14:13 - 2012-01-07 02:19 - 0000000 ____D C:\Users\Acer\AppData\Local\ElevatedDiagnostics
2012-02-27 09:06 - 2012-02-27 09:06 - 0144960 ____A C:\Windows\Minidump\022712-17643-01.dmp
2012-02-27 09:06 - 2012-02-27 09:06 - 0000000 ____D C:\Windows\Minidump
2012-02-27 09:05 - 2012-02-27 09:05 - 326712483 ____A C:\Windows\MEMORY.DMP
2012-02-27 08:29 - 2012-02-27 08:29 - 0302592 ____A C:\Users\Acer\Downloads\g20q7onb.exe
2012-02-26 15:50 - 2012-02-26 15:50 - 0000000 ____A C:\Users\Acer\defogger_reenable
2012-02-26 15:50 - 2011-02-26 21:18 - 0000000 ____D C:\Program Files\Safari
2012-02-26 15:50 - 2011-02-22 14:44 - 0000000 ____D C:\users\Acer
2012-02-26 15:47 - 2012-02-26 15:47 - 0302592 ____A C:\Users\Acer\Downloads\hk4txtc9.exe
2012-02-26 15:43 - 2012-02-26 15:43 - 0607260 ____R (Swearware) C:\Users\Acer\Downloads\dds.com
2012-02-26 15:41 - 2012-02-26 15:41 - 0050477 ____A C:\Users\Acer\Downloads\Defogger.exe
2012-02-26 15:16 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\config\TxR
2012-02-26 15:14 - 2012-01-21 05:38 - 0000000 ____D C:\Program Files\Freeware.de
2012-02-26 15:14 - 2012-01-10 15:17 - 0000000 ___RD C:\Users\Acer\Desktop\SHL
2012-02-26 15:14 - 2011-09-25 07:17 - 0000000 ____D C:\Users\Acer\AppData\Local\Conduit
2012-02-26 15:14 - 2011-09-25 07:17 - 0000000 ____D C:\Program Files\Yontoo Layers Runtime
2012-02-26 15:14 - 2011-08-16 01:57 - 0000000 ____D C:\users\Gast
2012-02-26 15:14 - 2011-02-22 14:44 - 0000000 ____D C:\Users\Acer\AppData\LocalLow
2012-02-26 15:14 - 2009-08-14 01:28 - 0000000 ____D C:\Users\All Users\Symantec
2012-02-26 15:14 - 2009-08-14 01:28 - 0000000 ____D C:\ProgramData\Symantec
2012-02-26 15:14 - 2009-08-14 01:04 - 0000000 ____D C:\Program Files\Microsoft Silverlight
2012-02-26 15:14 - 2009-07-13 18:37 - 0000000 __RSD C:\Windows\Media
2012-02-26 15:14 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\wfp
2012-02-26 15:14 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\NDF
2012-02-26 15:14 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\DriverStore
2012-02-26 15:14 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\AppCompat
2012-02-26 15:14 - 2009-07-13 18:37 - 0000000 ____D C:\Program Files\Common Files\microsoft shared
2012-02-26 15:13 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\registration
2012-02-26 15:11 - 2011-12-30 02:46 - 0000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2012-02-26 15:11 - 2009-08-14 00:56 - 0000000 ____D C:\Program Files\Microsoft Works
2012-02-26 12:49 - 2012-02-11 08:58 - 0000000 ___RD C:\Users\Acer\Desktop\let's play's svenweisven
2012-02-26 12:49 - 2011-12-08 11:56 - 0000000 ___RD C:\Users\Acer\Desktop\Sender
2012-02-26 12:49 - 2011-04-11 21:49 - 0000000 ___RD C:\Users\Acer\Desktop\star wars the clone wars
2012-02-21 11:08 - 2012-02-18 14:20 - 0000426 ____A C:\Users\Acer\Desktop\settings.xml
2012-02-19 09:26 - 2012-02-19 09:26 - 0553863 ____A C:\Users\Acer\Downloads\2011_06_29_SkinEdit_alpha3_pre7_fix.zip
2012-02-19 06:42 - 2012-02-19 06:39 - 24554628 ____A C:\Users\Acer\Downloads\GammlerPlay.zip
2012-02-19 00:05 - 2011-12-14 10:21 - 0000000 ____D C:\Users\Acer\Documents\FILSHtray
2012-02-19 00:03 - 2011-02-22 14:45 - 0000174 ___SH C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2012-02-18 18:37 - 2009-07-13 20:33 - 0302320 ____A C:\Windows\System32\FNTCACHE.DAT
2012-02-18 18:15 - 2011-02-22 15:33 - 52550552 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-02-18 16:05 - 2012-02-18 16:03 - 0000022 ____A C:\Users\Acer\Downloads\Star Wars Skin Pack V4.zip
2012-02-18 15:41 - 2012-02-18 15:26 - 14513553 ____A C:\Users\Acer\Downloads\DokuCraft - The Saga Continues 1.2.zip
2012-02-18 15:18 - 2012-02-18 15:18 - 4389435 ____A C:\Users\Acer\Downloads\DokuCraft_218326.zip
2012-02-18 14:19 - 2010-06-03 12:19 - 0155762 ____A C:\Users\Acer\Desktop\MCSkinEdit.jar
2012-02-18 11:17 - 2012-02-18 10:53 - 0000417 ____A C:\Windows\System32\settings.xml
2012-02-18 04:38 - 2012-02-18 04:38 - 0000000 ____D C:\Windows\Sun
2012-02-18 04:01 - 2012-02-18 04:01 - 0000681 ____A C:\Users\Acer\Desktop\Minecraft.exe - Verknüpfung.lnk
2012-02-18 03:39 - 2012-02-18 03:39 - 0510657 ____A C:\Users\Acer\Downloads\MCSkinEdit_a3_pre5.zip
2012-02-11 07:11 - 2011-10-15 01:54 - 0000000 ____D C:\Users\Acer\AppData\Local\Windows Live
2012-02-11 07:10 - 2012-02-11 07:10 - 0000000 ____D C:\Users\Acer\AppData\Local\{E09BE6F8-59E7-489F-B41E-CCB4F4175006}
2012-02-11 07:10 - 2012-02-11 07:10 - 0000000 ____D C:\Users\Acer\AppData\Local\{11BC444D-7AF9-43B6-B0AF-BF4BC8FF9787}
2012-02-11 03:10 - 2012-02-11 03:09 - 0270142 ____A C:\Users\Acer\Downloads\Minecraft.exe
2012-02-07 14:36 - 2009-08-14 00:54 - 0000000 ____D C:\Users\All Users\Microsoft Help
2012-02-07 14:36 - 2009-08-14 00:54 - 0000000 ____D C:\ProgramData\Microsoft Help
2012-02-07 13:38 - 2011-12-30 02:46 - 0001075 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2012-02-07 11:30 - 2012-02-07 11:30 - 0000000 ____D C:\Program Files\AC3Filter
2012-02-06 11:12 - 2011-09-08 10:45 - 0414368 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2012-02-05 05:46 - 2009-07-13 18:37 - 0000000 ___HD C:\Windows\System32\GroupPolicyUsers
2012-02-04 00:30 - 2012-01-30 05:57 - 0000000 ____D C:\Users\Acer\Documents\Stronghold Legends
2012-01-30 05:57 - 2012-01-30 05:57 - 0000000 ____D C:\Users\All Users\Firefly Studios
2012-01-30 05:57 - 2012-01-30 05:57 - 0000000 ____D C:\ProgramData\Firefly Studios
2012-01-30 05:53 - 2011-08-27 06:10 - 0233989 ____A C:\Windows\DirectX.log
2012-01-30 05:51 - 2012-01-30 05:51 - 0001972 ____A C:\Users\Public\Desktop\Stronghold Legends.lnk
2012-01-30 05:44 - 2012-01-30 05:44 - 0000000 ____D C:\Program Files\Firefly Studios
2012-01-30 05:44 - 2009-08-14 00:34 - 0000000 ___HD C:\Program Files\InstallShield Installation Information
2012-01-21 05:39 - 2012-01-21 05:39 - 0000941 ____A C:\Users\Public\Desktop\vipstegano.lnk
2012-01-21 05:39 - 2012-01-21 05:39 - 0000000 ____D C:\Program Files\vipstegano
2012-01-21 05:38 - 2012-01-21 05:38 - 0560470 ____A C:\Users\Acer\Documents\vipstegano.zip
2012-01-21 05:38 - 2012-01-21 05:38 - 0000000 ____D C:\Program Files\Conduit
2012-01-21 05:36 - 2012-01-21 05:36 - 0512000 ____A (www.download-sponsor.de) C:\Users\Acer\Downloads\Downloader-fuer-vipstegano.exe
2012-01-21 04:36 - 2011-12-14 10:21 - 0000000 ____D C:\Program Files\FILSHtray
2012-01-13 19:35 - 2012-02-18 04:00 - 2343424 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-01-12 10:25 - 2012-01-12 10:19 - 0001278 ____A C:\Users\Acer\Desktop\easyshare.exe - Verknüpfung.lnk
2012-01-11 05:25 - 2012-01-11 05:25 - 0000000 ____D C:\Users\Acer\Downloads\hosts
2012-01-11 05:25 - 2012-01-11 05:24 - 0149201 ____A C:\Users\Acer\Downloads\hosts.zip
2012-01-10 14:42 - 2012-01-10 14:42 - 0264192 ____A C:\Users\Acer\Documents\Direkte Rede.doc
2012-01-10 14:35 - 2012-01-10 14:35 - 0000000 ____D C:\Program Files\devolo
2012-01-10 12:28 - 2011-02-22 14:45 - 0067856 ____A C:\Users\Acer\AppData\Local\GDIPFONTCACHEV1.DAT
2012-01-10 06:57 - 2011-02-26 21:19 - 0100216 ___AH C:\Windows\System32\mlfcache.dat
2012-01-10 06:51 - 2011-09-23 12:39 - 0000000 ___RD C:\Program Files\Skype
2012-01-10 06:39 - 2011-08-27 06:12 - 0098304 ____A (Sony DADC Austria AG.) C:\Windows\System32\CmdLineExt.dll
2012-01-10 05:35 - 2011-02-22 14:45 - 0000000 ____D C:\Users\Acer\AppData\Roaming\Macromedia
2012-01-09 15:05 - 2012-01-05 14:55 - 0026286 ____A C:\Users\Acer\Downloads\Extras.Txt
2012-01-09 15:04 - 2012-01-05 14:54 - 0104106 ____A C:\Users\Acer\Downloads\OTL.Txt
2012-01-09 14:03 - 2012-01-09 14:03 - 0584192 ____A (OldTimer Tools) C:\Users\Acer\Downloads\OTL-1.exe
2012-01-09 08:52 - 2012-01-09 08:52 - 2322184 ____A (ESET) C:\Users\Acer\Downloads\esetsmartinstaller_deu.exe
2012-01-09 07:41 - 2009-08-14 01:14 - 0000000 ____D C:\Program Files\Google
2012-01-09 07:07 - 2009-08-14 00:54 - 0000000 ____D C:\Program Files\Microsoft Office
2012-01-09 06:58 - 2012-01-09 06:58 - 18690352 ____A (Microsoft Corporation) C:\Users\Acer\Downloads\IE9-Windows7-x86-deu.exe
2012-01-09 06:46 - 2011-02-22 16:43 - 0000000 ____D C:\Users\Acer\AppData\Local\Google
2012-01-09 06:46 - 2009-08-14 01:14 - 0000000 ____D C:\Users\All Users\Google
2012-01-09 06:46 - 2009-08-14 01:14 - 0000000 ____D C:\ProgramData\Google
2012-01-09 06:08 - 2012-01-06 15:03 - 0000000 ____D C:\Program Files\SUPERAntiSpyware
2012-01-09 06:04 - 2009-07-13 18:37 - 0000000 ___RD C:\users\Public
2012-01-08 07:13 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\LogFiles
2012-01-07 13:38 - 2012-01-07 12:26 - 0003917 ____A C:\ipconfig.txt
2012-01-07 01:50 - 2012-01-07 01:49 - 0000000 ____D C:\Users\All Users\SUPERSetup
2012-01-07 01:50 - 2012-01-07 01:49 - 0000000 ____D C:\ProgramData\SUPERSetup
2012-01-06 15:05 - 2012-01-06 15:05 - 0000000 ____D C:\Users\Acer\AppData\Roaming\SUPERAntiSpyware.com
2012-01-06 15:03 - 2012-01-06 15:03 - 0000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
2012-01-06 15:03 - 2012-01-06 15:03 - 0000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2012-01-06 10:50 - 2012-01-06 10:37 - 0064960 ____A C:\TDSSKiller.2.5.5.0_06.01.2012_19.37.46_log.txt
2012-01-06 10:37 - 2012-01-06 10:29 - 0064960 ____A C:\TDSSKiller.2.5.5.0_06.01.2012_19.29.26_log.txt
2012-01-06 05:39 - 2012-01-06 05:39 - 0000000 ____D C:\_OTL
2012-01-05 14:56 - 2012-01-05 14:56 - 0103440 ____A C:\Users\Acer\Downloads\OTL2012-01-05.Txt
2012-01-05 14:00 - 2012-01-05 14:00 - 0584192 ____A (OldTimer Tools) C:\Users\Acer\Desktop\OTL.exe
2012-01-05 05:21 - 2012-01-05 05:21 - 0000000 ____D C:\Program Files\ESET
2012-01-05 05:21 - 2009-07-13 20:52 - 0000000 ____D C:\Windows\Downloaded Program Files
2012-01-04 00:59 - 2012-02-18 04:01 - 12872704 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-01-04 00:58 - 2012-02-18 04:01 - 0442880 ____A (Microsoft Corporation) C:\Windows\System32\ntshrui.dll
2011-12-30 04:19 - 2011-12-30 04:19 - 0000000 ____D C:\Users\Acer\AppData\Roaming\Avira
2011-12-30 02:47 - 2011-12-30 02:47 - 0000000 ____D C:\Users\Acer\AppData\Roaming\Malwarebytes
2011-12-30 02:46 - 2011-12-30 02:46 - 0000000 ____D C:\Users\All Users\Malwarebytes
2011-12-30 02:46 - 2011-12-30 02:46 - 0000000 ____D C:\ProgramData\Malwarebytes
2011-12-29 21:27 - 2012-02-18 04:02 - 0478720 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl
2011-12-27 09:14 - 2011-12-27 09:14 - 0000000 ____D C:\Users\Acer\AppData\Local\{115E1736-518B-4589-B5B5-F709AA32BC06}
2011-12-27 09:14 - 2011-12-27 09:14 - 0000000 ____D C:\Users\Acer\AppData\Local\{0F565D71-DE68-4225-83FB-B4D36303A680}
2011-12-24 05:02 - 2011-12-24 05:02 - 0000000 ____D C:\Users\Acer\AppData\Local\{FAA63628-9185-4ACE-A674-E50A3E857458}
2011-12-24 05:02 - 2011-12-24 05:01 - 0000000 ____D C:\Users\Acer\AppData\Local\{72DE4261-EA77-42B3-87C2-8DF7F7D32AD8}
2011-12-24 05:00 - 2011-12-24 05:00 - 0001045 ____A C:\Users\Acer\Desktop\Bilder.lnk
2011-12-21 08:31 - 2011-12-21 08:31 - 0000680 _RASH C:\Users\Acer\ntuser.pol
2011-12-21 08:31 - 2009-07-13 18:37 - 0000000 ___HD C:\Windows\System32\GroupPolicy
2011-12-21 08:15 - 2011-12-21 08:15 - 0000000 ____D C:\Users\Gast\Documents\FILSHtray
2011-12-21 08:15 - 2011-12-21 08:15 - 0000000 ____D C:\Users\Gast\AppData\Local\FILSH_Media_GmbH
2011-12-21 08:15 - 2011-08-16 01:57 - 0000000 ____D C:\Users\Gast\AppData\Local\VirtualStore
2011-12-21 08:14 - 2011-08-16 01:58 - 0068352 ____A C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2011-12-21 08:05 - 2011-09-08 10:43 - 0000000 ____D C:\Users\Acer\AppData\Roaming\Sony
2011-12-21 08:04 - 2011-09-08 10:46 - 0001859 ____A C:\Users\Public\Desktop\Media Go.lnk
2011-12-21 08:03 - 2011-09-08 10:46 - 0000000 ____D C:\Program Files\Common Files\Sony Shared
2011-12-21 08:01 - 2011-09-08 10:46 - 0000000 ____D C:\Users\Acer\AppData\Local\Downloaded Installations
2011-12-21 08:00 - 2011-12-21 07:52 - 0000000 ____D C:\Program Files\Sony Media Go Install
2011-12-21 08:00 - 2011-09-08 10:45 - 0000000 ____D C:\Program Files\Sony
2011-12-21 07:50 - 2011-12-21 07:44 - 94445720 ____A (Sony Creative Software Inc.) C:\Users\Acer\Downloads\mediago_setup.exe
2011-12-21 07:41 - 2011-09-08 10:50 - 0000000 ____D C:\Users\Acer\AppData\Local\Sony
2011-12-21 07:41 - 2011-09-08 10:45 - 0000000 ____D C:\Users\All Users\Sony Corporation
2011-12-21 07:41 - 2011-09-08 10:45 - 0000000 ____D C:\ProgramData\Sony Corporation
2011-12-18 10:40 - 2011-12-18 10:30 - 0000000 ____D C:\Users\Acer\Documents\Invizimals startvideo
2011-12-18 10:32 - 2011-12-18 10:32 - 0000000 ____D C:\Users\Acer\AppData\Local\{09BDA3BB-AABA-4CBB-9FBE-DC3733D68621}
2011-12-18 10:32 - 2011-12-18 10:31 - 0000000 ____D C:\Users\Acer\AppData\Local\{5CF51BF5-D3A5-42EA-B2AE-B664282FE9F6}
2011-12-15 23:52 - 2012-02-18 04:01 - 0690688 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2011-12-14 12:45 - 2011-12-14 12:45 - 0000000 ____D C:\Users\Acer\AppData\Local\{38E3FD9E-18AC-4BD7-AD71-F06A21880B91}
2011-12-14 12:45 - 2011-12-14 12:44 - 0000000 ____D C:\Users\Acer\AppData\Local\{602FBEA2-3F58-4E66-9A09-EFBA9F9B7134}
2011-12-14 10:21 - 2011-12-14 10:21 - 0000000 ____D C:\Users\Acer\AppData\Local\FILSH_Media_GmbH
2011-12-14 10:19 - 2011-12-14 10:19 - 5135327 ____A (FILSH Media GmbH                                            ) C:\Users\Acer\Documents\filsh-setup-0.7.exe
2011-12-14 04:41 - 2011-12-14 04:41 - 0000000 ____D C:\Users\Acer\AppData\Local\{EDFEB785-2DCC-4FA7-A040-80E1145A37B1}

========================= Known DLLs =========================

[2009-07-13 15:44] - [2009-07-13 17:15] - 0522240 ____A (Microsoft Corporation) C:\Windows\System32\clbcatq.dll
[2011-07-24 04:28] - [2010-11-20 04:20] - 1414144 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
[2011-07-24 03:52] - [2010-11-20 04:18] - 0640512 ____A (Microsoft Corporation) C:\Windows\System32\advapi32.dll
[2011-07-24 03:52] - [2010-11-20 04:18] - 0485888 ____A (Microsoft Corporation) C:\Windows\System32\COMDLG32.dll
[2011-07-24 03:51] - [2010-11-20 04:19] - 0304640 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
[2012-02-27 16:57] - [2012-02-27 16:57] - 1792000 ____A (Microsoft Corporation) C:\Windows\System32\IERTUTIL.dll
[2011-07-24 03:48] - [2010-11-20 04:19] - 0155136 ____A (Microsoft Corporation) C:\Windows\System32\IMAGEHLP.dll
[2011-07-24 03:49] - [2010-11-20 04:19] - 0118272 ____A (Microsoft Corporation) C:\Windows\System32\IMM32.dll
[2011-08-14 00:26] - [2011-07-15 20:27] - 0868352 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) C:\Windows\System32\LPK.dll
[2009-07-13 15:28] - [2009-07-13 17:15] - 0828928 ____A (Microsoft Corporation) C:\Windows\System32\MSCTF.dll
[2012-02-18 04:01] - [2011-12-15 23:52] - 0690688 ____A (Microsoft Corporation) C:\Windows\System32\MSVCRT.dll
[2009-07-13 15:15] - [2009-07-13 17:09] - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\NORMALIZ.dll
[2009-07-13 15:12] - [2009-07-13 17:16] - 0008704 ____A (Microsoft Corporation) C:\Windows\System32\NSI.dll
[2011-10-13 11:46] - [2011-08-26 20:26] - 0571904 ____A (Microsoft Corporation) C:\Windows\System32\OLEAUT32.dll
[2009-07-13 15:15] - [2009-07-13 17:16] - 0006144 ____A (Microsoft Corporation) C:\Windows\System32\PSAPI.dll
[2011-07-24 03:52] - [2010-11-20 04:21] - 0653312 ____A (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
[2009-07-13 15:11] - [2009-07-13 17:16] - 0092160 ____A (Microsoft Corporation) C:\Windows\System32\sechost.dll
[2011-07-24 03:52] - [2010-11-20 04:21] - 1667584 ____A (Microsoft Corporation) C:\Windows\System32\Setupapi.dll
[2012-02-18 04:01] - [2012-01-04 00:59] - 12872704 ____A (Microsoft Corporation) C:\Windows\System32\SHELL32.dll
[2011-07-24 03:52] - [2010-11-20 04:21] - 0350208 ____A (Microsoft Corporation) C:\Windows\System32\SHLWAPI.dll
[2012-02-27 16:57] - [2012-02-27 16:57] - 1103360 ____A (Microsoft Corporation) C:\Windows\System32\URLMON.dll
[2011-07-24 03:52] - [2010-11-20 04:21] - 0811520 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
[2011-07-24 03:52] - [2010-11-20 04:21] - 0626176 ____A (Microsoft Corporation) C:\Windows\System32\USP10.dll
[2012-02-27 16:57] - [2012-02-27 16:57] - 1127424 ____A (Microsoft Corporation) C:\Windows\System32\WININET.dll
[2011-07-24 03:52] - [2010-11-20 04:21] - 0269824 ____A (Microsoft Corporation) C:\Windows\System32\WLDAP32.dll
[2011-07-24 03:51] - [2010-11-20 04:21] - 0206848 ____A (Microsoft Corporation) C:\Windows\System32\WS2_32.dll
[2009-07-13 15:16] - [2009-07-13 17:15] - 0315904 ____N (Microsoft Corporation) C:\Windows\System32\DifxApi.dll

========================= Bamital & volsnap Check ============

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ====================== 

Percentage of memory in use: 37%
Total physical RAM: 1013.95 MB
Available physical RAM: 632.31 MB
Total Pagefile: 1013.95 MB
Available Pagefile: 630.11 MB
Total Virtual: 2047.88 MB
Available Virtual: 1979.23 MB

======================= Partitions =========================

1 Drive c: (Acer) (Fixed) (Total:135.05 GB) (Free:63.97 GB) NTFS
2 Drive e: (PQSERVICE) (Fixed) (Total:12 GB) (Free:6.01 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive f: (USB FILME) (Removable) (Total:14.91 GB) (Free:4.34 GB) NTFS
4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
5 Drive y: (SYSTEM RESERVED) (Fixed) (Total:1.99 GB) (Free:1.96 GB) NTFS ==>[System with boot components (obtained from reading drive)]

  Disk ###  Status         Size     Free     Dyn  Gpt
  --------  -------------  -------  -------  ---  ---
  Disk 0    Online          149 GB      0 B         
  Disk 1    Online           14 GB      0 B         

Partitions of Disk 0:
===============

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Recovery            12 GB    31 KB
  Partition 2    Primary           2039 MB    12 GB
  Partition 3    Primary            135 GB    13 GB

======================================================================================================

Disk: 0
Partition 1
Type  : 27
Hidden: Yes
Active: No

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 2     E   PQSERVICE    NTFS   Partition     12 GB  Healthy    Hidden  

======================================================================================================

Disk: 0
Partition 2
Type  : 07
Hidden: No
Active: Yes

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 0     Y   SYSTEM RESE  NTFS   Partition   2039 MB  Healthy            

======================================================================================================

Disk: 0
Partition 3
Type  : 07
Hidden: No
Active: No

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 1     C   Acer         NTFS   Partition    135 GB  Healthy            

======================================================================================================

Partitions of Disk 1:
===============

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Primary             14 GB  4032 KB

======================================================================================================

Disk: 1
Partition 1
Type  : 07
Hidden: No
Active: No

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 3     F   USB FILME    NTFS   Removable     14 GB  Healthy            

======================================================================================================

==========================================================

Last Boot: 2012-03-03 15:17

======================= End Of Log ==========================

Psychotic · 11.03.2012, 17:54

Hallo,

die FRST-Logdatei ist ok, allerdings fehlen uns die md5-Werte!

Zitat:

Hake an: List Drivers MD5

Das darfst du nicht vergessen!

Bitte erstelle ein neues Log nach den Vorgaben.

snowly1 · 11.03.2012, 22:40

Hallo. Ich mache frst nun noch einmal. Allerdings gibt es nur ein "Drivers MD5" und nicht "List Drivers MD5". Das hatte ich aber letztes Mal auch angekreuzt. Ich habe diesmal das Kreuz noch zusätzlich bei "List Files and Folders" rausgenommen. Hoffe diesmal hats geklappt!

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST written by farbar) Version: 07-03-2012 01
Ran by SYSTEM at 11-03-2012 22:35:28
Running from F:\
Windows 7 Starter   (X86) OS Language: English(US) 
The current controlset is ControlSet001

========================== Registry ==========================

HKLM\...\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe [1130504 2009-06-01] (Dritek System Inc.)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7600672 2009-07-06] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [707104 2009-08-05] (Acer Incorporated)
HKLM\...\Run: [EgisTecLiveUpdate] "C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe" [199464 2009-08-03] (Egis Technology Inc.)
HKLM\...\Run: [mwlDaemon] C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-06] (Egis Technology Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [NortonOnlineBackupReminder] "C:\Program Files\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED [588648 2009-07-24] (Symantec Corporation)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1537320 2009-06-18] (Synaptics Incorporated)
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [141848 2009-09-23] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [173592 2009-09-23] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [150552 2009-09-23] (Intel Corporation)
HKLM\...\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min [281768 2011-03-29] (Avira GmbH)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2011-07-05] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [460872 2012-01-13] (Malwarebytes Corporation)
HKU\Acer\...\Run: [FreeCT] C:\Program Files\FreeCountdownTimer\FreeCountdownTimer.exe -autorun [2033488 2011-05-24] (Comfort Software Group)
HKU\Acer\...\Policies\system: [LogonHoursAction] 2
HKU\Acer\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Default\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [1174016 2010-11-20] (Microsoft Corporation)
HKU\Default User\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [1174016 2010-11-20] (Microsoft Corporation)
HKU\Gast\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [26624 2010-11-20] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] Explorer.exe [2616320 2011-02-24] (Microsoft Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 62.2.17.61 62.2.24.158 62.2.17.60 62.2.24.162
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli

========================== Services ==========================

3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [62464 2009-07-13] (Microsoft Corporation)
3 ALG; C:\Windows\System32\alg.exe [59392 2009-07-13] (Microsoft Corporation)
2 AntiVirSchedulerService; "C:\Program Files\Avira\AntiVir Desktop\sched.exe" [136360 2011-04-30] (Avira GmbH)
2 AntiVirService; "C:\Program Files\Avira\AntiVir Desktop\avguard.exe" [269480 2011-07-24] (Avira GmbH)
3 AppIDSvc; C:\Windows\System32\appidsvc.dll [27648 2009-07-13] (Microsoft Corporation)
3 Appinfo; C:\Windows\System32\appinfo.dll [47104 2010-11-20] (Microsoft Corporation)
2 Apple Mobile Device; "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [37664 2011-02-18] (Apple Inc.)
2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [473600 2010-11-20] (Microsoft Corporation)
2 Audiosrv; C:\Windows\System32\Audiosrv.dll [473600 2010-11-20] (Microsoft Corporation)
3 AxInstSV; C:\Windows\System32\AxInstSV.dll [88064 2010-11-20] (Microsoft Corporation)
3 BDESVC; C:\Windows\System32\bdesvc.dll [76800 2009-07-13] (Microsoft Corporation)
2 BFE; C:\Windows\System32\bfe.dll [494592 2010-11-20] (Microsoft Corporation)
2 BITS; C:\Windows\System32\qmgr.dll [585728 2010-11-20] (Microsoft Corporation)
2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [387944 2011-07-12] (Apple Inc.)
3 Browser; C:\Windows\System32\browser.dll [102400 2010-11-20] (Microsoft Corporation)
3 bthserv; C:\Windows\System32\bthserv.dll [64512 2009-07-13] (Microsoft Corporation)
3 CertPropSvc; C:\Windows\System32\certprop.dll [67584 2010-11-20] (Microsoft Corporation)
4 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [66384 2009-06-10] (Microsoft Corporation)
2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation)
3 COMSysApp; C:\Windows\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [7168 2009-07-13] (Microsoft Corporation)
2 CryptSvc; C:\Windows\System32\cryptsvc.dll [136192 2010-11-20] (Microsoft Corporation)
2 DcomLaunch; C:\Windows\System32\rpcss.dll [376832 2010-11-20] (Microsoft Corporation)
3 defragsvc; C:\Windows\System32\defragsvc.dll [218624 2009-07-13] (Microsoft Corporation)
2 Dhcp; C:\Windows\System32\dhcpcore.dll [254464 2010-11-20] (Microsoft Corporation)
2 Dnscache; C:\Windows\System32\dnsrslvr.dll [132608 2011-03-02] (Microsoft Corporation)
3 dot3svc; C:\Windows\System32\dot3svc.dll [214016 2010-11-20] (Microsoft Corporation)
2 DPS; C:\Windows\System32\dps.dll [144384 2010-11-20] (Microsoft Corporation)
3 EapHost; C:\Windows\System32\eapsvc.dll [98304 2009-07-13] (Microsoft Corporation)
3 EFS; C:\Windows\System32\lsass.exe [22528 2011-11-16] (Microsoft Corporation)
2 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [727584 2009-08-05] (Acer Incorporated)
2 eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
2 EventSystem; C:\Windows\System32\es.dll [271360 2009-07-13] (Microsoft Corporation)
3 Fax; C:\Windows\System32\fxssvc.exe [523264 2010-11-20] (Microsoft Corporation)
3 fdPHost; C:\Windows\System32\fdPHost.dll [12800 2009-07-13] (Microsoft Corporation)
3 FDResPub; C:\Windows\System32\fdrespub.dll [28160 2009-07-13] (Microsoft Corporation)
2 FontCache; C:\Windows\System32\FntCache.dll [805376 2011-02-18] (Microsoft Corporation)
3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [42856 2009-06-10] (Microsoft Corporation)
2 gpsvc; C:\Windows\System32\gpsvc.dll [593408 2010-11-20] (Microsoft Corporation)
2 Greg_Service; C:\Program Files\Acer\Registration\GregHSRW.exe [1150496 2009-06-04] (Acer Incorporated)
3 hidserv; C:\Windows\System32\hidserv.dll [49152 2009-07-13] (Microsoft Corporation)
3 hkmsvc; C:\Windows\System32\kmsvc.dll [71168 2010-11-20] (Microsoft Corporation)
3 HomeGroupListener; C:\Windows\System32\ListSvc.dll [194560 2010-11-20] (Microsoft Corporation)
3 HomeGroupProvider; C:\Windows\System32\provsvc.dll [165376 2010-11-20] (Microsoft Corporation)
2 IAANTMON; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840 2009-06-04] (Intel Corporation)
3 idsvc; "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe" [878416 2010-11-04] (Microsoft Corporation)
2 IKEEXT; C:\Windows\System32\ikeext.dll [674304 2010-11-20] (Microsoft Corporation)
3 IPBusEnum; C:\Windows\System32\ipbusenum.dll [78848 2009-07-13] (Microsoft Corporation)
2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [499712 2010-11-20] (Microsoft Corporation)
3 iPod Service; "C:\Program Files\iPod\bin\iPodService.exe" [821096 2011-08-18] (Apple Inc.)
3 KeyIso; C:\Windows\System32\lsass.exe [22528 2011-11-16] (Microsoft Corporation)
3 KtmRm; C:\Windows\System32\msdtckrm.dll [308736 2009-07-13] (Microsoft Corporation)
2 LanmanServer; C:\Windows\System32\srvsvc.dll [168960 2010-11-20] (Microsoft Corporation)
3 lltdsvc; C:\Windows\System32\lltdsvc.dll [189952 2009-07-13] (Microsoft Corporation)
2 lmhosts; C:\Windows\System32\lmhsvc.dll [18432 2009-07-13] (Microsoft Corporation)
2 MBAMService; "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe" [652360 2012-01-13] (Malwarebytes Corporation)
2 MMCSS; C:\Windows\System32\mmcss.dll [49664 2009-07-13] (Microsoft Corporation)
2 MpsSvc; C:\Windows\System32\mpssvc.dll [566272 2010-11-20] (Microsoft Corporation)
3 MSDTC; C:\Windows\System32\msdtc.exe [134144 2009-07-13] (Microsoft Corporation)
3 MSiSCSI; C:\Windows\System32\iscsiexe.dll [114688 2009-07-13] (Microsoft Corporation)
3 msiserver; C:\Windows\System32\msiexec.exe /V [73216 2010-11-20] (Microsoft Corporation)
2 MWLService; C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
3 napagent; C:\Windows\System32\qagentRT.dll [330240 2010-11-20] (Microsoft Corporation)
3 Netlogon; C:\Windows\System32\lsass.exe [22528 2011-11-16] (Microsoft Corporation)
3 Netman; C:\Windows\System32\netman.dll [280576 2009-07-13] (Microsoft Corporation)
3 netprofm; C:\Windows\System32\netprofm.dll [360448 2009-07-13] (Microsoft Corporation)
4 NetTcpPortSharing; "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" [128848 2010-11-04] (Microsoft Corporation)
2 NlaSvc; C:\Windows\System32\nlasvc.dll [242688 2010-11-20] (Microsoft Corporation)
2 nsi; C:\Windows\System32\nsisvc.dll [19456 2009-07-13] (Microsoft Corporation)
3 odserv; "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE" [440696 2011-07-19] (Microsoft Corporation)
3 ose; "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [145184 2006-10-26] (Microsoft Corporation)
3 p2pimsvc; C:\Windows\System32\pnrpsvc.dll [269824 2009-07-13] (Microsoft Corporation)
3 p2psvc; C:\Windows\System32\p2psvc.dll [327680 2009-07-13] (Microsoft Corporation)
3 PcaSvc; C:\Windows\System32\pcasvc.dll [154624 2009-07-13] (Microsoft Corporation)
3 pla; C:\Windows\System32\pla.dll [1508864 2010-11-20] (Microsoft Corporation)
2 PlugPlay; C:\Windows\System32\umpnpmgr.dll [293376 2011-05-24] (Microsoft Corporation)
3 PNRPAutoReg; C:\Windows\System32\pnrpauto.dll [20480 2009-07-13] (Microsoft Corporation)
3 PNRPsvc; C:\Windows\System32\pnrpsvc.dll [269824 2009-07-13] (Microsoft Corporation)
3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [350208 2010-11-20] (Microsoft Corporation)
2 Power; C:\Windows\System32\umpo.dll [119808 2010-11-20] (Microsoft Corporation)
2 ProfSvc; C:\Windows\System32\profsvc.dll [164352 2010-11-20] (Microsoft Corporation)
3 ProtectedStorage; C:\Windows\System32\lsass.exe [22528 2011-11-16] (Microsoft Corporation)
3 QWAVE; C:\Windows\system32\qwave.dll [210944 2009-07-13] (Microsoft Corporation)
3 RasAuto; C:\Windows\System32\rasauto.dll [90624 2009-07-13] (Microsoft Corporation)
2 RasMan; C:\Windows\System32\rasmans.dll [286208 2010-11-20] (Microsoft Corporation)
4 RemoteAccess; C:\Windows\System32\mprdim.dll [75264 2009-07-13] (Microsoft Corporation)
3 RemoteRegistry; C:\Windows\System32\regsvc.dll [112640 2009-07-13] (Microsoft Corporation)
2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [43520 2009-07-13] (Microsoft Corporation)
3 RpcLocator; C:\Windows\System32\locator.exe [9216 2009-07-13] (Microsoft Corporation)
2 RpcSs; C:\Windows\System32\rpcss.dll [376832 2010-11-20] (Microsoft Corporation)
2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated)
2 SamSs; C:\Windows\System32\lsass.exe [22528 2011-11-16] (Microsoft Corporation)
3 SCardSvr; C:\Windows\System32\SCardSvr.dll [132608 2009-07-13] (Microsoft Corporation)
2 Schedule; C:\Windows\System32\schedsvc.dll [750592 2010-11-20] (Microsoft Corporation)
3 SCPolicySvc; C:\Windows\System32\certprop.dll [67584 2010-11-20] (Microsoft Corporation)
3 SDRSVC; C:\Windows\System32\SDRSVC.dll [125952 2010-11-20] (Microsoft Corporation)
2 seclogon; C:\Windows\system32\seclogon.dll [21504 2009-07-13] (Microsoft Corporation)
2 SENS; C:\Windows\System32\sens.dll [49664 2009-07-13] (Microsoft Corporation)
3 SessionEnv; C:\Windows\System32\sessenv.dll [113664 2010-11-20] (Microsoft Corporation)
2 SharedAccess; C:\Windows\System32\ipnathlp.dll [300544 2009-07-13] (Microsoft Corporation)
2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [328192 2010-11-20] (Microsoft Corporation)
3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [12800 2009-07-13] (Microsoft Corporation)
2 Spooler; C:\Windows\System32\spoolsv.exe [317440 2010-11-20] (Microsoft Corporation)
2 sppsvc; C:\Windows\System32\sppsvc.exe [3179520 2010-11-20] (Microsoft Corporation)
3 sppuinotify; C:\Windows\System32\sppuinotify.dll [53760 2010-11-20] (Microsoft Corporation)
3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [162816 2009-07-13] (Microsoft Corporation)
3 SstpSvc; C:\Windows\System32\sstpsvc.dll [90112 2009-07-13] (Microsoft Corporation)
2 StiSvc; C:\Windows\System32\wiaservc.dll [463360 2010-11-20] (Microsoft Corporation)
3 swprv; C:\Windows\System32\swprv.dll [313856 2009-07-13] (Microsoft Corporation)
2 SysMain; C:\Windows\System32\sysmain.dll [1159168 2010-11-20] (Microsoft Corporation)
3 TabletInputService; C:\Windows\System32\TabSvc.dll [73216 2010-11-20] (Microsoft Corporation)
3 TapiSrv; C:\Windows\System32\tapisrv.dll [242176 2010-11-20] (Microsoft Corporation)
3 TBS; C:\Windows\System32\tbssvc.dll [55808 2009-07-13] (Microsoft Corporation)
3 TermService; C:\Windows\System32\termsrv.dll [521216 2010-11-20] (Microsoft Corporation)
2 Themes; C:\Windows\System32\themeservice.dll [37376 2009-07-13] (Microsoft Corporation)
3 THREADORDER; C:\Windows\System32\mmcss.dll [49664 2009-07-13] (Microsoft Corporation)
2 TrkWks; C:\Windows\System32\trkwks.dll [77312 2009-07-13] (Microsoft Corporation)
3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [204800 2010-11-20] (Microsoft Corporation)
3 UI0Detect; C:\Windows\System32\UI0Detect.exe [35840 2009-07-13] (Microsoft Corporation)
2 Update-Service; C:\Windows\System32\UpdSvc.dll [114000 2011-11-11] (Joosoft.com GmbH)
2 Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [240160 2009-07-03] (Acer)
3 upnphost; C:\Windows\System32\upnphost.dll [266752 2009-07-13] (Microsoft Corporation)
2 UxSms; C:\Windows\System32\uxsms.dll [29696 2009-07-13] (Microsoft Corporation)
3 VaultSvc; C:\Windows\System32\lsass.exe [22528 2011-11-16] (Microsoft Corporation)
3 vds; C:\Windows\System32\vds.exe [453632 2010-11-20] (Microsoft Corporation)
3 VSS; C:\Windows\System32\vssvc.exe [1025536 2010-11-20] (Microsoft Corporation)
3 W32Time; C:\Windows\System32\w32time.dll [288768 2009-07-13] (Microsoft Corporation)
3 wbengine; "C:\Windows\system32\wbengine.exe" [1203200 2010-11-20] (Microsoft Corporation)
3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [151552 2009-07-13] (Microsoft Corporation)
3 wcncsvc; C:\Windows\System32\wcncsvc.dll [276992 2010-11-20] (Microsoft Corporation)
3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [32768 2009-07-13] (Microsoft Corporation)
3 WdiServiceHost; C:\Windows\System32\wdi.dll [76288 2009-07-13] (Microsoft Corporation)
3 WdiSystemHost; C:\Windows\System32\wdi.dll [76288 2009-07-13] (Microsoft Corporation)
3 WebClient; C:\Windows\System32\webclnt.dll [204800 2010-11-20] (Microsoft Corporation)
3 Wecsvc; C:\Windows\System32\wecsvc.dll [147968 2009-07-13] (Microsoft Corporation)
3 wercplsupport; C:\Windows\System32\wercplsupport.dll [61440 2009-07-13] (Microsoft Corporation)
3 WerSvc; C:\Windows\System32\WerSvc.dll [65024 2009-07-13] (Microsoft Corporation)
3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
3 WinHttpAutoProxySvc; winhttp.dll [351232 2010-11-20] (Microsoft Corporation)
2 Winmgmt; C:\Windows\System32\wbem\WMIsvc.dll [168960 2009-07-13] (Microsoft Corporation)
3 WinRM; C:\Windows\System32\WsmSvc.dll [1175040 2010-11-20] (Microsoft Corporation)
2 Wlansvc; C:\Windows\System32\wlansvc.dll [829440 2009-07-13] (Microsoft Corporation)
2 wlidsvc; "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [1713536 2011-03-28] (Microsoft Corp.)
3 wmiApSrv; C:\Windows\System32\wbem\WmiApSrv.exe [136192 2009-07-13] (Microsoft Corporation)
3 WMPNetworkSvc; "C:\Program Files\Windows Media Player\wmpnetwk.exe" [1121792 2010-11-20] (Microsoft Corporation)
3 WPCSvc; C:\Windows\System32\wpcsvc.dll [10752 2009-07-13] (Microsoft Corporation)
3 WPDBusEnum; C:\Windows\System32\wpdbusenum.dll [85504 2010-11-20] (Microsoft Corporation)
2 wscsvc; C:\Windows\System32\wscsvc.dll [73728 2009-07-13] (Microsoft Corporation)
2 WSearch; C:\Windows\System32\SearchIndexer.exe /Embedding [427520 2011-05-03] (Microsoft Corporation)
2 wuauserv; C:\Windows\System32\wuaueng.dll [1914368 2010-11-20] (Microsoft Corporation)
2 wudfsvc; C:\Windows\System32\WUDFSvc.dll [67584 2010-11-20] (Microsoft Corporation)
3 WwanSvc; C:\Windows\System32\wwansvc.dll [185856 2009-07-13] (Microsoft Corporation)

========================== Drivers ===========================

3 1394ohci; C:\Windows\System32\drivers\1394ohci.sys [164864 2010-11-20] (Microsoft Corporation)
0 ACPI; C:\Windows\System32\drivers\ACPI.sys [274304 2010-11-20] (Microsoft Corporation)
3 AcpiPmi; C:\Windows\System32\drivers\acpipmi.sys [10240 2010-11-20] (Microsoft Corporation)
3 adp94xx; C:\Windows\System32\DRIVERS\adp94xx.sys [422976 2009-07-13] (Adaptec, Inc.)
3 adpahci; C:\Windows\System32\DRIVERS\adpahci.sys [297552 2009-07-13] (Adaptec, Inc.)
3 adpu320; C:\Windows\System32\DRIVERS\adpu320.sys [146512 2009-07-13] (Adaptec, Inc.)
1 AFD; C:\Windows\System32\drivers\afd.sys [338944 2011-04-24] (Microsoft Corporation)
3 agp440; C:\Windows\System32\drivers\agp440.sys [53312 2009-07-13] (Microsoft Corporation)
3 aic78xx; C:\Windows\System32\DRIVERS\djsvs.sys [70720 2009-07-13] (Adaptec, Inc.)
3 aliide; C:\Windows\System32\drivers\aliide.sys [14400 2009-07-13] (Acer Laboratories Inc.)
3 amdagp; C:\Windows\System32\drivers\amdagp.sys [53312 2009-07-13] (Microsoft Corporation)
3 amdide; C:\Windows\System32\drivers\amdide.sys [14912 2009-07-13] (Microsoft Corporation)
3 AmdK8; C:\Windows\System32\DRIVERS\amdk8.sys [55296 2009-07-13] (Microsoft Corporation)
3 AmdPPM; C:\Windows\System32\DRIVERS\amdppm.sys [52736 2009-07-13] (Microsoft Corporation)
3 amdsata; C:\Windows\System32\drivers\amdsata.sys [80256 2011-03-10] (Advanced Micro Devices)
3 amdsbs; C:\Windows\System32\DRIVERS\amdsbs.sys [159312 2009-07-13] (AMD Technologies Inc.)
0 amdxata; C:\Windows\System32\drivers\amdxata.sys [22400 2011-03-10] (Advanced Micro Devices)
3 AppID; C:\Windows\System32\drivers\appid.sys [50176 2010-11-20] (Microsoft Corporation)
3 arc; C:\Windows\System32\DRIVERS\arc.sys [76368 2009-07-13] (Adaptec, Inc.)
3 arcsas; C:\Windows\System32\DRIVERS\arcsas.sys [86608 2009-07-13] (Adaptec, Inc.)
3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [17920 2009-07-13] (Microsoft Corporation)
0 atapi; C:\Windows\System32\drivers\atapi.sys [21584 2009-07-13] (Microsoft Corporation)
3 athr; C:\Windows\System32\DRIVERS\athr.sys [1176064 2009-07-16] (Atheros Communications, Inc.)
2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [66616 2011-07-24] (Avira GmbH)
1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [138192 2011-07-24] (Avira GmbH)
3 b06bdrv; C:\Windows\System32\DRIVERS\bxvbdx.sys [430080 2009-07-13] (Broadcom Corporation)
3 b57nd60x; C:\Windows\System32\DRIVERS\b57nd60x.sys [229888 2009-07-13] (Broadcom Corporation)
3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl6.sys [2506232 2009-07-07] (Broadcom Corporation)
1 Beep; C:\Windows\System32\Drivers\Beep.sys [6144 2009-07-13] (Microsoft Corporation)
1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [35328 2009-07-13] (Microsoft Corporation)
3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [69632 2011-02-22] (Microsoft Corporation)
3 BrFiltLo; C:\Windows\System32\DRIVERS\BrFiltLo.sys [13568 2009-07-13] (Brother Industries, Ltd.)
3 BrFiltUp; C:\Windows\System32\DRIVERS\BrFiltUp.sys [5248 2009-07-13] (Brother Industries, Ltd.)
3 BridgeMP; C:\Windows\System32\DRIVERS\bridge.sys [78336 2009-07-13] (Microsoft Corporation)
3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [272128 2009-07-13] (Brother Industries Ltd.)
3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [62336 2009-07-13] (Brother Industries Ltd.)
3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [12160 2009-07-13] (Brother Industries Ltd.)
3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [11904 2009-07-13] (Brother Industries Ltd.)
3 BTHMODEM; C:\Windows\System32\DRIVERS\bthmodem.sys [56320 2009-07-13] (Microsoft Corporation)
4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [70656 2009-07-13] (Microsoft Corporation)
1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [108544 2010-11-20] (Microsoft Corporation)
3 circlass; C:\Windows\System32\DRIVERS\circlass.sys [37888 2009-07-13] (Microsoft Corporation)
0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-13] (Microsoft Corporation)
3 CmBatt; C:\Windows\System32\DRIVERS\CmBatt.sys [14080 2009-07-13] (Microsoft Corporation)
3 cmdide; C:\Windows\System32\drivers\cmdide.sys [15952 2009-07-13] (CMD Technology, Inc.)
0 CNG; C:\Windows\System32\Drivers\cng.sys [369352 2011-11-16] (Microsoft Corporation)
0 Compbatt; C:\Windows\System32\DRIVERS\compbatt.sys [19024 2009-07-13] (Microsoft Corporation)
3 CompositeBus; C:\Windows\System32\drivers\CompositeBus.sys [31232 2010-11-20] (Microsoft Corporation)
4 crcdisk; C:\Windows\System32\DRIVERS\crcdisk.sys [22096 2009-07-13] (Microsoft Corporation)
1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [78336 2010-11-20] (Microsoft Corporation)
1 discache; C:\Windows\System32\drivers\discache.sys [32256 2009-07-13] (Microsoft Corporation)
0 Disk; C:\Windows\System32\DRIVERS\disk.sys [57424 2009-07-13] (Microsoft Corporation)
3 DKbFltr; C:\Windows\System32\DRIVERS\DKbFltr.sys [21000 2009-03-25] (Dritek System Inc.)
3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5120 2009-07-13] (Microsoft Corporation)
3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [728448 2010-11-20] (Microsoft Corporation)
3 ebdrv; C:\Windows\System32\DRIVERS\evbdx.sys [3100160 2009-07-13] (Broadcom Corporation)
3 elxstor; C:\Windows\System32\DRIVERS\elxstor.sys [453712 2009-07-13] (Emulex)
3 ErrDev; C:\Windows\System32\drivers\errdev.sys [7168 2009-07-13] (Microsoft Corporation)
3 exfat; C:\Windows\System32\Drivers\exfat.sys [142336 2009-07-13] (Microsoft Corporation)
3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [148480 2009-07-13] (Microsoft Corporation)
3 fdc; C:\Windows\System32\DRIVERS\fdc.sys [25088 2009-07-13] (Microsoft Corporation)
0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [58448 2009-07-13] (Microsoft Corporation)
3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [28160 2009-07-13] (Microsoft Corporation)
3 flpydisk; C:\Windows\System32\DRIVERS\flpydisk.sys [19968 2009-07-13] (Microsoft Corporation)
0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [198208 2009-07-13] (Microsoft Corporation)
3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [46160 2009-07-13] (Microsoft Corporation)
0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [19536 2009-07-13] (Microsoft Corporation)
0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [194800 2010-11-20] (Microsoft Corporation)
3 gagp30kx; C:\Windows\System32\DRIVERS\gagp30kx.sys [57936 2009-07-13] (Microsoft Corporation)
3 GEARAspiWDM; C:\Windows\System32\DRIVERS\GEARAspiWDM.sys [26600 2009-05-18] (GEAR Software Inc.)
3 hcw85cir; C:\Windows\System32\drivers\hcw85cir.sys [26624 2009-07-13] (Hauppauge Computer Works, Inc.)
3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [304128 2010-11-20] (Microsoft Corporation)
3 HDAudBus; C:\Windows\System32\drivers\HDAudBus.sys [108544 2010-11-20] (Microsoft Corporation)
3 HidBatt; C:\Windows\System32\DRIVERS\HidBatt.sys [21504 2009-07-13] (Microsoft Corporation)
3 HidBth; C:\Windows\System32\DRIVERS\hidbth.sys [91136 2009-07-13] (Microsoft Corporation)
3 HidIr; C:\Windows\System32\DRIVERS\hidir.sys [37888 2009-07-13] (Microsoft Corporation)
3 HidUsb; C:\Windows\System32\drivers\hidusb.sys [24064 2010-11-20] (Microsoft Corporation)
3 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [67152 2009-07-13] (Hewlett-Packard Company)
3 HTTP; C:\Windows\System32\drivers\HTTP.sys [513536 2010-11-20] (Microsoft Corporation)
0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14208 2010-11-20] (Microsoft Corporation)
3 i8042prt; C:\Windows\System32\drivers\i8042prt.sys [80896 2009-07-13] (Microsoft Corporation)
0 iaStor; C:\Windows\System32\DRIVERS\iaStor.sys [330264 2009-06-04] (Intel Corporation)
3 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [332160 2011-03-10] (Intel Corporation)
3 igfx; C:\Windows\System32\DRIVERS\igdkmd32.sys [4808192 2009-09-23] (Intel Corporation)
3 iirsp; C:\Windows\System32\DRIVERS\iirsp.sys [41040 2009-07-13] (Intel Corp./ICP vortex GmbH)
3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHDA.sys [2657120 2009-07-06] (Realtek Semiconductor Corp.)
0 intelide; C:\Windows\System32\drivers\intelide.sys [15424 2009-07-13] (Microsoft Corporation)
3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [53760 2009-07-13] (Microsoft Corporation)
3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [58880 2009-07-13] (Microsoft Corporation)
3 IPMIDRV; C:\Windows\System32\drivers\IPMIDrv.sys [65536 2010-11-20] (Microsoft Corporation)
3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [101888 2009-07-13] (Microsoft Corporation)
3 IRENUM; C:\Windows\System32\drivers\irenum.sys [13824 2009-07-13] (Microsoft Corporation)
3 isapnp; C:\Windows\System32\drivers\isapnp.sys [46656 2009-07-13] (Microsoft Corporation)
3 iScsiPrt; C:\Windows\System32\drivers\msiscsi.sys [233344 2010-11-20] (Microsoft Corporation)
3 kbdclass; C:\Windows\System32\drivers\kbdclass.sys [42576 2009-07-13] (Microsoft Corporation)
3 kbdhid; C:\Windows\System32\drivers\kbdhid.sys [28160 2010-11-20] (Microsoft Corporation)
0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [67440 2011-11-16] (Microsoft Corporation)
0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [134000 2011-11-16] (Microsoft Corporation)
3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [51712 2009-07-26] (Atheros Communications, Inc.)
2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [48128 2009-07-13] (Microsoft Corporation)
3 LSI_FC; C:\Windows\System32\DRIVERS\lsi_fc.sys [95824 2009-07-13] (LSI Corporation)
3 LSI_SAS; C:\Windows\System32\DRIVERS\lsi_sas.sys [89168 2009-07-13] (LSI Corporation)
3 LSI_SAS2; C:\Windows\System32\DRIVERS\lsi_sas2.sys [54864 2009-07-13] (LSI Corporation)
3 LSI_SCSI; C:\Windows\System32\DRIVERS\lsi_scsi.sys [96848 2009-07-13] (LSI Corporation)
2 luafv; C:\Windows\System32\drivers\luafv.sys [86528 2009-07-13] (Microsoft Corporation)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [20464 2011-12-10] (Malwarebytes Corporation)
3 megasas; C:\Windows\System32\DRIVERS\megasas.sys [30800 2009-07-13] (LSI Corporation)
3 MegaSR; C:\Windows\System32\DRIVERS\MegaSR.sys [235584 2009-07-13] (LSI Corporation, Inc.)
3 Modem; C:\Windows\System32\drivers\modem.sys [31744 2009-07-13] (Microsoft Corporation)
3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [23552 2009-07-13] (Microsoft Corporation)
3 mouclass; C:\Windows\System32\drivers\mouclass.sys [41552 2009-07-13] (Microsoft Corporation)
3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [26112 2009-07-13] (Microsoft Corporation)
0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [78208 2010-11-20] (Microsoft Corporation)
3 mpio; C:\Windows\System32\drivers\mpio.sys [130432 2010-11-20] (Microsoft Corporation)
3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [60416 2009-07-13] (Microsoft Corporation)
3 MRxDAV; C:\Windows\System32\drivers\mrxdav.sys [115712 2010-11-20] (Microsoft Corporation)
3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [123904 2011-04-26] (Microsoft Corporation)
3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [223744 2011-07-08] (Microsoft Corporation)
3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [96768 2011-04-26] (Microsoft Corporation)
3 msahci; C:\Windows\System32\drivers\msahci.sys [28032 2010-11-20] (Microsoft Corporation)
3 msdsm; C:\Windows\System32\drivers\msdsm.sys [116096 2010-11-20] (Microsoft Corporation)
1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [22528 2009-07-13] (Microsoft Corporation)
3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [4096 2009-07-13] (Microsoft Corporation)
0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [13888 2009-07-13] (Microsoft Corporation)
3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [8320 2009-07-13] (Microsoft Corporation)
3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [5888 2009-07-13] (Microsoft Corporation)
3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [5504 2009-07-13] (Microsoft Corporation)
3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [162896 2009-07-13] (Microsoft Corporation)
1 mssmbios; C:\Windows\System32\drivers\mssmbios.sys [28240 2009-07-13] (Microsoft Corporation)
3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [6144 2009-07-13] (Microsoft Corporation)
3 MTConfig; C:\Windows\System32\DRIVERS\MTConfig.sys [12288 2009-07-13] (Microsoft Corporation)
0 Mup; C:\Windows\System32\Drivers\mup.sys [49728 2009-07-13] (Microsoft Corporation)
1 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [18992 2009-06-02] (Egis Technology Inc.)
1 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16432 2009-06-02] (Egis Technology Inc.)
1 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [60976 2009-06-02] (Egis Technology Inc.)
3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [267264 2009-07-13] (Microsoft Corporation)
0 NDIS; C:\Windows\System32\drivers\ndis.sys [712576 2010-11-20] (Microsoft Corporation)
3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [27136 2009-07-13] (Microsoft Corporation)
3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [20992 2009-07-13] (Microsoft Corporation)
3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [46080 2010-11-20] (Microsoft Corporation)
3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [118784 2010-11-20] (Microsoft Corporation)
3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [48640 2010-11-20] (Microsoft Corporation)
1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [36352 2009-07-13] (Microsoft Corporation)
1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [187904 2010-11-20] (Microsoft Corporation)
3 nfrd960; C:\Windows\System32\DRIVERS\nfrd960.sys [44624 2009-07-13] (IBM Corporation)
1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [35328 2009-07-13] (Microsoft Corporation)
1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [16896 2009-07-13] (Microsoft Corporation)
3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1211264 2011-03-10] (Microsoft Corporation)
1 Null; C:\Windows\System32\Drivers\Null.sys [4608 2009-07-13] (Microsoft Corporation)
3 nvraid; C:\Windows\System32\drivers\nvraid.sys [117120 2011-03-10] (NVIDIA Corporation)
3 nvstor; C:\Windows\System32\drivers\nvstor.sys [143744 2011-03-10] (NVIDIA Corporation)
3 nv_agp; C:\Windows\System32\drivers\nv_agp.sys [105024 2009-07-13] (Microsoft Corporation)
3 ohci1394; C:\Windows\System32\drivers\ohci1394.sys [62464 2009-07-13] (Microsoft Corporation)
3 Parport; C:\Windows\System32\DRIVERS\parport.sys [79360 2009-07-13] (Microsoft Corporation)
0 partmgr; C:\Windows\System32\drivers\partmgr.sys [56192 2010-11-20] (Microsoft Corporation)
2 Parvdm; C:\Windows\System32\DRIVERS\parvdm.sys [8704 2009-07-13] (Microsoft Corporation)
0 pci; C:\Windows\System32\drivers\pci.sys [153984 2010-11-20] (Microsoft Corporation)
3 pciide; C:\Windows\System32\drivers\pciide.sys [12368 2009-07-13] (Microsoft Corporation)
3 pcmcia; C:\Windows\System32\DRIVERS\pcmcia.sys [180288 2009-07-13] (Microsoft Corporation)
0 pcw; C:\Windows\System32\drivers\pcw.sys [43088 2009-07-13] (Microsoft Corporation)
2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [586752 2009-07-13] (Microsoft Corporation)
3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [73728 2009-07-13] (Microsoft Corporation)
3 Processor; C:\Windows\System32\DRIVERS\processr.sys [52224 2009-07-13] (Microsoft Corporation)
1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [104448 2009-07-13] (Microsoft Corporation)
3 ql2300; C:\Windows\System32\DRIVERS\ql2300.sys [1383488 2009-07-13] (QLogic Corporation)
3 ql40xx; C:\Windows\System32\DRIVERS\ql40xx.sys [106064 2009-07-13] (QLogic Corporation)
3 QWAVEdrv; C:\Windows\System32\drivers\qwavedrv.sys [31744 2009-07-13] (Microsoft Corporation)
3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [11776 2009-07-13] (Microsoft Corporation)
3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [49152 2009-07-13] (Microsoft Corporation)
3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [78848 2009-07-13] (Microsoft Corporation)
3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [77824 2009-07-13] (Microsoft Corporation)
3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [75264 2009-07-13] (Microsoft Corporation)
1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [242688 2010-11-20] (Microsoft Corporation)
3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [18944 2009-07-13] (Microsoft Corporation)
1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [6656 2010-11-20] (Microsoft Corporation)
1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [6656 2009-07-13] (Microsoft Corporation)
1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [7168 2009-07-13] (Microsoft Corporation)
3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [183808 2010-11-20] (Microsoft Corporation)
0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [173440 2010-11-20] (Microsoft Corporation)
2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [60928 2009-07-13] (Microsoft Corporation)
3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [167424 2009-06-23] (Realtek Semiconductor Corp.)
3 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [85376 2010-11-20] (Microsoft Corporation)
3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [26624 2010-11-20] (Microsoft Corporation)
2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [20480 2009-07-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [17920 2009-07-13] (Microsoft Corporation)
3 Serial; C:\Windows\System32\DRIVERS\serial.sys [83456 2009-07-13] (Microsoft Corporation)
3 sermouse; C:\Windows\System32\DRIVERS\sermouse.sys [19968 2009-07-13] (Microsoft Corporation)
3 sffdisk; C:\Windows\System32\drivers\sffdisk.sys [11264 2009-07-13] (Microsoft Corporation)
3 sffp_mmc; C:\Windows\System32\drivers\sffp_mmc.sys [12288 2009-07-13] (Microsoft Corporation)
3 sffp_sd; C:\Windows\System32\drivers\sffp_sd.sys [12800 2010-11-20] (Microsoft Corporation)
3 sfloppy; C:\Windows\System32\DRIVERS\sfloppy.sys [13824 2009-07-13] (Microsoft Corporation)
3 sisagp; C:\Windows\System32\drivers\sisagp.sys [52304 2009-07-13] (Microsoft Corporation)
3 SiSRaid2; C:\Windows\System32\DRIVERS\SiSRaid2.sys [40016 2009-07-13] (Silicon Integrated Systems Corp.)
3 SiSRaid4; C:\Windows\System32\DRIVERS\sisraid4.sys [77888 2009-07-13] (Silicon Integrated Systems)
3 Smb; C:\Windows\System32\DRIVERS\smb.sys [71168 2009-07-13] (Microsoft Corporation)
0 spldr; C:\Windows\System32\Drivers\spldr.sys [17472 2009-07-13] (Microsoft Corporation)
3 srv; C:\Windows\System32\DRIVERS\srv.sys [311808 2011-04-28] (Microsoft Corporation)
3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [310272 2011-04-28] (Microsoft Corporation)
3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [114688 2011-04-28] (Microsoft Corporation)
1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2009-05-11] (Avira GmbH)
3 stexstor; C:\Windows\System32\DRIVERS\stexstor.sys [21072 2009-07-13] (Promise Technology)
3 swenum; C:\Windows\System32\drivers\swenum.sys [12240 2009-07-13] (Microsoft Corporation)
3 SynTP; C:\Windows\System32\DRIVERS\SynTP.sys [212400 2009-06-18] (Synaptics Incorporated)
0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1290608 2011-09-29] (Microsoft Corporation)
3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1290608 2011-09-29] (Microsoft Corporation)
2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [35328 2010-11-20] (Microsoft Corporation)
3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [18432 2010-11-20] (Microsoft Corporation)
3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [24576 2010-11-20] (Microsoft Corporation)
1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [74752 2010-11-20] (Microsoft Corporation)
1 TermDD; C:\Windows\System32\drivers\termdd.sys [53120 2010-11-20] (Microsoft Corporation)
3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [31232 2010-11-20] (Microsoft Corporation)
3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [52224 2010-11-20] (Microsoft Corporation)
3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [108544 2010-11-20] (Microsoft Corporation)
3 uagp35; C:\Windows\System32\DRIVERS\uagp35.sys [55888 2009-07-13] (Microsoft Corporation)
4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [246784 2010-11-20] (Microsoft Corporation)
3 uliagpkx; C:\Windows\System32\drivers\uliagpkx.sys [57424 2009-07-13] (Microsoft Corporation)
3 umbus; C:\Windows\System32\drivers\umbus.sys [39936 2010-11-20] (Microsoft Corporation)
3 UmPass; C:\Windows\System32\DRIVERS\umpass.sys [8192 2009-07-13] (Microsoft Corporation)
3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [42496 2011-05-09] (Apple, Inc.)
3 usbaudio; C:\Windows\System32\drivers\usbaudio.sys [80768 2010-11-20] (Microsoft Corporation)
3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [75776 2011-03-24] (Microsoft Corporation)
3 usbcir; C:\Windows\System32\drivers\usbcir.sys [86016 2009-07-13] (Microsoft Corporation)
3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [43008 2011-03-24] (Microsoft Corporation)
3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [258560 2011-03-24] (Microsoft Corporation)
3 usbohci; C:\Windows\System32\drivers\usbohci.sys [20480 2011-03-24] (Microsoft Corporation)
3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [19968 2009-07-13] (Microsoft Corporation)
3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [76288 2011-03-10] (Microsoft Corporation)
3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [24064 2011-03-24] (Microsoft Corporation)
3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [146432 2010-11-20] (Microsoft Corporation)
0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [32832 2009-07-13] (Microsoft Corporation)
3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [26112 2009-07-13] (Microsoft Corporation)
1 VgaSave; C:\Windows\System32\drivers\vga.sys [25088 2009-07-13] (Microsoft Corporation)
3 vhdmp; C:\Windows\System32\drivers\vhdmp.sys [160128 2010-11-20] (Microsoft Corporation)
3 viaagp; C:\Windows\System32\drivers\viaagp.sys [53328 2009-07-13] (Microsoft Corporation)
3 ViaC7; C:\Windows\System32\DRIVERS\viac7.sys [52736 2009-07-13] (Microsoft Corporation)
3 viaide; C:\Windows\System32\drivers\viaide.sys [16976 2009-07-13] (VIA Technologies, Inc.)
0 volmgr; C:\Windows\System32\drivers\volmgr.sys [53120 2010-11-20] (Microsoft Corporation)
0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [297040 2009-07-13] (Microsoft Corporation)
0 volsnap; C:\Windows\System32\drivers\volsnap.sys [245632 2010-11-20] (Microsoft Corporation)
3 vsmraid; C:\Windows\System32\DRIVERS\vsmraid.sys [141904 2009-07-13] (VIA Technologies Inc.,Ltd)
3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [19968 2009-07-13] (Microsoft Corporation)
1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [48128 2009-07-13] (Microsoft Corporation)
3 WacomPen; C:\Windows\System32\DRIVERS\wacompen.sys [21632 2009-07-13] (Microsoft Corporation)
3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] (Microsoft Corporation)
1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] (Microsoft Corporation)
3 Wd; C:\Windows\System32\DRIVERS\wd.sys [19024 2009-07-13] (Microsoft Corporation)
0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [445008 2009-07-13] (Microsoft Corporation)
1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [9728 2009-07-13] (Microsoft Corporation)
3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [19008 2009-07-13] (Microsoft Corporation)
3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [35968 2010-11-20] (Microsoft Corporation)
3 WmiAcpi; C:\Windows\System32\drivers\wmiacpi.sys [11264 2009-07-13] (Microsoft Corporation)
1 ws2ifsl; C:\Windows\System32\drivers\ws2ifsl.sys [16384 2009-07-13] (Microsoft Corporation)
3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [92672 2010-11-20] (Microsoft Corporation)
3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [132224 2010-11-20] (Microsoft Corporation)
3 catchme; \??\C:\Users\Acer\AppData\Local\Temp\catchme.sys [x]
3 CFcatchme; \??\C:\Users\Acer\AppData\Local\Temp\CFcatchme.sys [x]
3 RtsUIR; C:\Windows\System32\DRIVERS\Rts516xIR.sys [x]
3 USBCCID; C:\Windows\System32\DRIVERS\RtsUCcid.sys [x]

========================== NetSvcs (Whitelisted) ===========

========================= Known DLLs =========================

[2009-07-13 15:44] - [2009-07-13 17:15] - 0522240 ____A (Microsoft Corporation) C:\Windows\System32\clbcatq.dll
[2011-07-24 04:28] - [2010-11-20 04:20] - 1414144 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
[2011-07-24 03:52] - [2010-11-20 04:18] - 0640512 ____A (Microsoft Corporation) C:\Windows\System32\advapi32.dll
[2011-07-24 03:52] - [2010-11-20 04:18] - 0485888 ____A (Microsoft Corporation) C:\Windows\System32\COMDLG32.dll
[2011-07-24 03:51] - [2010-11-20 04:19] - 0304640 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
[2012-02-27 16:57] - [2012-02-27 16:57] - 1792000 ____A (Microsoft Corporation) C:\Windows\System32\IERTUTIL.dll
[2011-07-24 03:48] - [2010-11-20 04:19] - 0155136 ____A (Microsoft Corporation) C:\Windows\System32\IMAGEHLP.dll
[2011-07-24 03:49] - [2010-11-20 04:19] - 0118272 ____A (Microsoft Corporation) C:\Windows\System32\IMM32.dll
[2011-08-14 00:26] - [2011-07-15 20:27] - 0868352 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) C:\Windows\System32\LPK.dll
[2009-07-13 15:28] - [2009-07-13 17:15] - 0828928 ____A (Microsoft Corporation) C:\Windows\System32\MSCTF.dll
[2012-02-18 04:01] - [2011-12-15 23:52] - 0690688 ____A (Microsoft Corporation) C:\Windows\System32\MSVCRT.dll
[2009-07-13 15:15] - [2009-07-13 17:09] - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\NORMALIZ.dll
[2009-07-13 15:12] - [2009-07-13 17:16] - 0008704 ____A (Microsoft Corporation) C:\Windows\System32\NSI.dll
[2011-10-13 11:46] - [2011-08-26 20:26] - 0571904 ____A (Microsoft Corporation) C:\Windows\System32\OLEAUT32.dll
[2009-07-13 15:15] - [2009-07-13 17:16] - 0006144 ____A (Microsoft Corporation) C:\Windows\System32\PSAPI.dll
[2011-07-24 03:52] - [2010-11-20 04:21] - 0653312 ____A (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
[2009-07-13 15:11] - [2009-07-13 17:16] - 0092160 ____A (Microsoft Corporation) C:\Windows\System32\sechost.dll
[2011-07-24 03:52] - [2010-11-20 04:21] - 1667584 ____A (Microsoft Corporation) C:\Windows\System32\Setupapi.dll
[2012-02-18 04:01] - [2012-01-04 00:59] - 12872704 ____A (Microsoft Corporation) C:\Windows\System32\SHELL32.dll
[2011-07-24 03:52] - [2010-11-20 04:21] - 0350208 ____A (Microsoft Corporation) C:\Windows\System32\SHLWAPI.dll
[2012-02-27 16:57] - [2012-02-27 16:57] - 1103360 ____A (Microsoft Corporation) C:\Windows\System32\URLMON.dll
[2011-07-24 03:52] - [2010-11-20 04:21] - 0811520 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
[2011-07-24 03:52] - [2010-11-20 04:21] - 0626176 ____A (Microsoft Corporation) C:\Windows\System32\USP10.dll
[2012-02-27 16:57] - [2012-02-27 16:57] - 1127424 ____A (Microsoft Corporation) C:\Windows\System32\WININET.dll
[2011-07-24 03:52] - [2010-11-20 04:21] - 0269824 ____A (Microsoft Corporation) C:\Windows\System32\WLDAP32.dll
[2011-07-24 03:51] - [2010-11-20 04:21] - 0206848 ____A (Microsoft Corporation) C:\Windows\System32\WS2_32.dll
[2009-07-13 15:16] - [2009-07-13 17:15] - 0315904 ____N (Microsoft Corporation) C:\Windows\System32\DifxApi.dll

========================= Bamital & volsnap Check ============

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ====================== 

Percentage of memory in use: 37%
Total physical RAM: 1013.95 MB
Available physical RAM: 638.6 MB
Total Pagefile: 1013.95 MB
Available Pagefile: 633.75 MB
Total Virtual: 2047.88 MB
Available Virtual: 1979.23 MB

======================= Partitions =========================

1 Drive c: (Acer) (Fixed) (Total:135.05 GB) (Free:63.72 GB) NTFS
2 Drive e: (PQSERVICE) (Fixed) (Total:12 GB) (Free:6.01 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive f: (USB FILME) (Removable) (Total:14.91 GB) (Free:4.34 GB) NTFS
4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
5 Drive y: (SYSTEM RESERVED) (Fixed) (Total:1.99 GB) (Free:1.96 GB) NTFS ==>[System with boot components (obtained from reading drive)]

  Disk ###  Status         Size     Free     Dyn  Gpt
  --------  -------------  -------  -------  ---  ---
  Disk 0    Online          149 GB      0 B         
  Disk 1    Online           14 GB      0 B         

Partitions of Disk 0:
===============

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Recovery            12 GB    31 KB
  Partition 2    Primary           2039 MB    12 GB
  Partition 3    Primary            135 GB    13 GB

======================================================================================================

Disk: 0
Partition 1
Type  : 27
Hidden: Yes
Active: No

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 2     E   PQSERVICE    NTFS   Partition     12 GB  Healthy    Hidden  

======================================================================================================

Disk: 0
Partition 2
Type  : 07
Hidden: No
Active: Yes

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 0     Y   SYSTEM RESE  NTFS   Partition   2039 MB  Healthy            

======================================================================================================

Disk: 0
Partition 3
Type  : 07
Hidden: No
Active: No

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 1     C   Acer         NTFS   Partition    135 GB  Healthy            

======================================================================================================

Partitions of Disk 1:
===============

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Primary             14 GB  4032 KB

======================================================================================================

Disk: 1
Partition 1
Type  : 07
Hidden: No
Active: No

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 3     F   USB FILME    NTFS   Removable     14 GB  Healthy            

======================================================================================================

==========================================================

Last Boot: 2012-03-10 06:15

======================= End Of Log ==========================

Psychotic · 11.03.2012, 23:20

Wann wurde diese Software installiert?

Zitat:

EgisTec\MyWinLocker 3

snowly1 · 11.03.2012, 23:37

Unter Programme steht: Installiert am 14.08.2009. Was ist das genau? Hat das damit zu tun, dass einige Ordner mit einem Schloss gekennzeichnet sind und nicht mehr geöffnet werden können? Kann man dieses Programm löschen?

Psychotic · 12.03.2012, 10:26

Genau dafür ist der Winlocker da, ja!

Der ist auf manchen Notebooks von vorneherein drauf...

Manche Ordner auf deiner Festplatte sind für den Zugriff des normalen Users gesperrt (und tragen deshalb das Schloß). Meist beinhalten sie wichtige Systemdateien.

Die Experten arbeiten grade an einer Lösung - auf deinem System ist nämlich noch nicht alles so, wie es sein sollte!

snowly1 · 13.03.2012, 13:34

Hallo. Ich hatte gestern direkt auf dem Outlook Deine E-Mail beantwortet. Das hat wohl nicht geklappt. Ich wollte nur fragen, ob ich dieses Programm aus dem Startmenu entfernen kann? (Winlocker 3?) Danke für Eure Hilfe.

Psychotic · 13.03.2012, 13:37

Warte erst einmal ab, bevor du etwas am System änderst.

Die Mails sind im übrigen ausschließlich Benachrichtigungen - darauf zu antworten macht keinen Sinn, da die Antworten ins Leere laufen. Steht aber so auch in jeder Email!

Psychotic · 13.03.2012, 22:51

Schritt 1: CF-Script

Hinweis für Mitleser:
Folgendes ComboFix Skript ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

Lösche die vorhandene Combofix.exe von deinem Desktop und lade das Programm von einem der folgenden Download-Spiegel neu herunter:

BleepingComputer.com - ForoSpyware.com

und speichere es erneut auf dem Desktop (nicht woanders hin, das ist wichtig)!

Drücke die Windows + R Taste --> Notepad (hinein schreiben) --> OK

Kopiere nun den Text aus der folgenden Codebox komplett in das leere Textdokument.

Code:

ATTFilter

DRIVER::
Update-Service 

ROOTKIT::
C:\Windows\System32\UpdSvc.dll
C:\Windows\System32\aptw2s8pj.dll

Speichere dies als CFScript.txt auf Deinem Desktop.

Wichtig:

Stelle deine Anti Viren Software temprär ab. Dies kann ComboFix nämlich bei der Arbeit behindern.
Danach wieder anstellen nicht vergessen!
Bewege nicht die Maus über das ComboFix-Fenster oder klicke in dieses hinein.
Dies kann dazu führen, dass ComboFix sich aufhängt.
Schließe alle laufenden Programme. Gehe sicher das ComboFix ungehindert arbeiten kann.
Mache nichts am PC solange ComboFix läuft.

In Bezug auf obiges Bild, ziehe CFScript.txt in die ComboFix.exe
Wenn ComboFix fertig ist, wird es ein Log erstellen, C:\ComboFix.txt. Bitte füge es hier als Antwort ein.

Falls im Skript die Anweisung Suspect:: oder Collect:: enthalten ist, wird eine Message-Box erscheinen, nachdem Combofix fertig ist. Klicke OK und folge den Aufforderungen/Anweisungen, um die Dateien hochzuladen.

Schritt 2: GMER

Bitte

alle anderen Scanner gegen Viren, Spyware, usw. deaktivieren,
keine bestehende Verbindung zu einem Netzwerk/Internet (WLAN nicht vergessen),
nichts am Rechner arbeiten,
nach jedem Scan der Rechner neu gestarten.

Gmer scannen lassen

Lade Dir Gmer von dieser Seite herunter (auf den Button Download EXE drücken) und das Programm auf dem Desktop speichern.
Alle anderen Programme sollen geschlossen sein.
Starte gmer.exe (Programm hat einen willkürlichen Programm-Namen). Vista und Win7 User mit Rechtsklick und als Administrator starten.
Sollte sich ein Fenster mit folgender Warnung öffnen:
WARNING !!! GMER has found system modification, which might have been caused by ROOTKIT activity. Do you want to fully scan your system ?
Unbedingt auf "No" klicken.
Entferne rechts den Haken bei:
- IAT/EAT
- Alle Festplatten ausser die Systemplatte (normalerweise ist nur C:\ angehackt)
- Show all (sollte abgehackt sein)
Starte den Scan mit "Scan". Mache nichts am Computer während der Scan läuft.
Wenn der Scan fertig ist klicke auf Save und speichere die Logfile unter Gmer.txt auf deinem Desktop. Mit "Ok" wird GMER beendet.

Antiviren-Programm und sonstige Scanner wieder einschalten, bevor Du ins Netz gehst!

snowly1 · 14.03.2012, 19:51

Hallo Marius. Als wir heute das Netbook aufgestartet haben, konnten wir kein Programm starten, der PC hängte sich auf. Neu gestartet, da kam Virusmeldung von Avira, wieder genau in der gleichen Datei wie in meinem Eröffnungsbeitrag! Derselbe Virus Zpack.gen2 Wieder keine Windows Dienste und kein Internet. Konnte im abgesicherten Modus die Systemwiederherstellung auf den 07.03. zurücksetzen. Nun wird der Virus wieder angezeigt, habe ihn aber nicht mehr entfernt. Was muss ich nun tun? Da scheint wirklich irgend etwas gar nicht zu stimmen...

Psychotic · 14.03.2012, 19:59

Ja, da ist irgendwas ganz und gar faul!

Bereinigung würde hier zu keinem vertrauenswürdigen Ergebnis führen.
Du solltest den Rechner formatieren, neu aufsetzen und absichern.

Hier können wir dir leider nicht anders helfen!

Trojanisches Pferd TR/Crypt.zpack.gen2 gefunden. Kein Internet!

Plagegeister aller Art und deren Bekämpfung: Trojanisches Pferd TR/Crypt.zpack.gen2 gefunden. Kein Internet!