|
Log-Analyse und Auswertung: Das system hat ein problem mit einem oder mehreren installierten IDE/SATA Festplatten erkannt.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
22.04.2011, 00:04 | #1 |
| Das system hat ein problem mit einem oder mehreren installierten IDE/SATA Festplatten erkannt. Auch ich habe das folgende Problem: Das System hat ein Problem mit einem oder mehreren installierten IDE/SATA-Festplatten erkannt. Es wird empfohlen, das System neu zu starten. Ich habe mich im Vorfeld hier schlau gemacht und mir OTL.exe runtergeladen und auch den scan durchgeführt. Jetzt weiss ich nicht weiter. Kann mir bitte jemand helfen? Vielen Dank im Voraus hier die beiden reporte von meinem scan :OTL Logfile: OTL EXTRAS Logfile: Code:
ATTFilter OTL logfile created on: 22.04.2011 00:56:15 - Run 1 OTL by OldTimer - Version 3.1.27.0 Folder = C:\Users\Ich\Downloads Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 52,00% Memory free 6,00 Gb Paging File | 4,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232,88 Gb Total Space | 176,63 Gb Free Space | 75,85% Space Free | Partition Type: NTFS Drive D: | 221,16 Gb Total Space | 221,09 Gb Free Space | 99,97% Space Free | Partition Type: NTFS E: Drive not present or media not loaded Drive F: | 7,47 Gb Total Space | 6,35 Gb Free Space | 84,95% Space Free | Partition Type: FAT32 G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ICH-PC Current User Name: Ich Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\Ich\Downloads\OTL.exe (OldTimer Tools) PRC - C:\ProgramData\uvEWQXCeAJwf.exe (WinTrust) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) PRC - C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software) PRC - C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software) PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software) PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.) PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten) PRC - C:\Windows\System32\igfxtray.exe (Intel Corporation) PRC - C:\Windows\System32\igfxpers.exe (Intel Corporation) PRC - C:\Windows\System32\hkcmd.exe (Intel Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\AsScrPro.exe (ASUS) PRC - C:\Programme\ASUS\ATK Hotkey\HControl.exe (ASUS) PRC - C:\Windows\System32\WUDFHost.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Programme\P4G\BatteryLife.exe (ATK) PRC - C:\Programme\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe (SRS Labs, Inc.) PRC - C:\Programme\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) PRC - C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Programme\ASUS\ATK Hotkey\HControlUser.exe (ASUS) PRC - C:\Programme\ASUS\ATK Hotkey\ATKOSD.exe (ASUS) PRC - C:\Programme\ASUS\Splendid\ACMON.exe (ATK) PRC - C:\Programme\ASUS\ATK Hotkey\AsLdrSrv.exe (ASUS) PRC - C:\Programme\ASUS\Wireless Console 3\wcourier.exe () PRC - C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) PRC - C:\Programme\ASUS\SmartLogon\sensorsrv.exe (ASUS) PRC - C:\Programme\ASUS\ATK Media\DMedia.exe (ASUS) PRC - C:\Programme\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.) PRC - C:\Programme\ASUS\ATK Hotkey\WDC.exe (ASUS) PRC - C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) PRC - C:\Programme\ASUS\ATK Hotkey\KBFiltr.exe (ASUS) PRC - C:\Programme\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) PRC - C:\Programme\ASUS\ASUS Live Update\ALU.exe () PRC - C:\Programme\ATKGFNEX\GFNEXSrv.exe () PRC - C:\Windows\System32\lxddcoms.exe ( ) PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK) ========== Modules (SafeList) ========== MOD - C:\Users\Ich\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation) MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation) MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation) MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation) MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation) MOD - C:\Windows\System32\fms.dll (Windows (R) Codename Longhorn DDK provider) MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation) MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation) MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll (Microsoft Corporation) MOD - C:\Programme\Elantech\ETDApix.dll (ELAN Microelectronic Corp.) ========== Win32 Services (SafeList) ========== SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (TuneUp.Defrag) -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software) SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation) SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google) SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation) SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation) SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation) SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation) SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation) SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation) SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation) SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation) SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation) SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation) SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation) SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation) SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation) SRV - (ASLDRService) -- C:\Programme\ASUS\ATK Hotkey\AsLdrSrv.exe (ASUS) SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) SRV - (ATKGFNEXSrv) -- C:\Programme\ATKGFNEX\GFNEXSrv.exe () SRV - (lxddCATSCustConnectService) -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxddserv.exe () SRV - (lxdd_device) -- C:\Windows\System32\lxddcoms.exe ( ) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications) DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications) DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications) DRV - (ssadmdm) -- C:\Windows\System32\drivers\ssadmdm.sys (MCCI Corporation) DRV - (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\ssadbus.sys (MCCI Corporation) DRV - (ssadmdfl) SAMSUNG Android USB Modem (Filter) -- C:\Windows\System32\drivers\ssadmdfl.sys (MCCI Corporation) DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI Corporation) DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI Corporation) DRV - (androidusb) -- C:\Windows\System32\drivers\ssadadb.sys (Google Inc) DRV - (FlashUSB) -- C:\Windows\System32\drivers\FlashUSB.sys (Danish Wireless Design A/S) DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI Corporation) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation) DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys () DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation) DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.) DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.) DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.) DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.) DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices) DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.) DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices) DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation) DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation) DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation) DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation) DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation) DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation) DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation) DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation) DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation) DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex) DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.) DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company) DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation) DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation) DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation) DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation) DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.) DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation) DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation) DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation) DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems) DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation) DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.) DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology) DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.) DRV - (rdpbus) -- C:\Windows\system32\DRIVERS\rdpbus.sys (Microsoft Corporation) DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation) DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation) DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation) DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation) DRV - (vwififlt) -- C:\Windows\System32\drivers\vwififlt.sys (Microsoft Corporation) DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation) DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation) DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation) DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation) DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation) DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation) DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation) DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation) DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation) DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation) DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation) DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.) DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.) DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation) DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation) DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation) DRV - (secdrv) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (L1C) -- C:\Windows\System32\drivers\L1C60x86.sys (Atheros Communications, Inc.) DRV - (ETD) -- C:\Windows\System32\drivers\ETD.sys (ELAN Microelectronic Corp.) DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys () DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation) DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100) DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.) DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.) DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.) DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( ) DRV - (IntcHdmiAddService) Intel(R) -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel(R) Corporation) DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation) DRV - (ASMMAP) -- C:\Programme\ATKGFNEX\ASMMAP.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! Deutschland IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Deutschland IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3109488581-3307307930-3629044015-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Asus | MSN IE - HKU\S-1-5-21-3109488581-3307307930-3629044015-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Deutschland IE - HKU\S-1-5-21-3109488581-3307307930-3629044015-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-3109488581-3307307930-3629044015-1000\S-1-5-21-3109488581-3307307930-3629044015-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "foxsearch" FF - prefs.js..browser.search.defaulturl: "hxxp://de.search.yahoo.com/search?fr=ffsp1&p=" FF - prefs.js..browser.search.order.1: "foxsearch" FF - prefs.js..browser.search.selectedEngine: "foxsearch" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" FF - user.js..browser.search.selectedEngine: "foxsearch" FF - user.js..browser.search.order.1: "foxsearch" FF - user.js..browser.search.defaultenginename: "foxsearch" FF - user.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.02.13 20:30:19 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.02.13 20:30:19 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.20 16:45:01 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.20 16:45:01 | 00,000,000 | ---D | M] [2010.12.27 19:37:06 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\mozilla\Extensions [2011.04.15 22:50:41 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\mozilla\Firefox\Profiles\2gaws0nu.default\extensions [2011.04.08 15:12:58 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\mozilla\Firefox\Profiles\2gaws0nu.default\extensions\de-DE@dictionaries.addons.mozilla.org [2011.04.08 15:22:05 | 00,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2010.12.28 01:02:56 | 00,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2011.03.18 19:56:37 | 00,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll [2010.12.28 01:02:41 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.03.19 10:23:30 | 00,686,592 | ---- | M] (Synatix GmbH) -- C:\Programme\Mozilla Firefox\plugins\npmieze.dll [2010.01.01 10:00:00 | 00,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 00,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 00,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2011.01.24 15:11:55 | 00,000,143 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\foxsearch.src [2010.01.01 10:00:00 | 00,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 00,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 00,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 00,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found. O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKU\S-1-5-21-3109488581-3307307930-3629044015-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKU\S-1-5-21-3109488581-3307307930-3629044015-1000\..\Toolbar\WebBrowser: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found. O4 - HKLM..\Run: [AmIcoSinglun] C:\Programme\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.) O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS) O4 - HKLM..\Run: [ATKMEDIA] C:\Programme\ASUS\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Programme\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [ETDWare] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) O4 - HKLM..\Run: [HControlUser] C:\Programme\ASUS\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation) O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation) O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKU\S-1-5-21-3109488581-3307307930-3629044015-1000..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung) O4 - HKU\S-1-5-21-3109488581-3307307930-3629044015-1000..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKU\S-1-5-21-3109488581-3307307930-3629044015-1000..\Run: [uvEWQXCeAJwf] C:\ProgramData\uvEWQXCeAJwf.exe (WinTrust) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O24 - Desktop WallPaper: C:\Windows\web\Wallpaper\img24.jpg O24 - Desktop BackupWallPaper: C:\Windows\web\Wallpaper\img24.jpg O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{34fbf6f2-1591-11e0-812c-90e6ba0dd508}\Shell - "" = AutoRun O33 - MountPoints2\{34fbf6f2-1591-11e0-812c-90e6ba0dd508}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O33 - MountPoints2\{34fbf719-1591-11e0-812c-90e6ba0dd508}\Shell - "" = AutoRun O33 - MountPoints2\{34fbf719-1591-11e0-812c-90e6ba0dd508}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O33 - MountPoints2\{8e0e3edd-6902-11e0-8eeb-90e6ba0dd508}\Shell - "" = AutoRun O33 - MountPoints2\{8e0e3edd-6902-11e0-8eeb-90e6ba0dd508}\Shell\AutoRun\command - "" = F:\start.exe -- File not found O33 - MountPoints2\{9c2245a8-50c2-11e0-812a-90e6ba0dd508}\Shell - "" = AutoRun O33 - MountPoints2\{9c2245a8-50c2-11e0-812a-90e6ba0dd508}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O33 - MountPoints2\{9c2245ab-50c2-11e0-812a-90e6ba0dd508}\Shell - "" = AutoRun O33 - MountPoints2\{9c2245ab-50c2-11e0-812a-90e6ba0dd508}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.04.21 23:01:12 | 00,569,344 | -H-- | C] (WinTrust) -- C:\ProgramData\uvEWQXCeAJwf.exe [2011.04.21 15:30:15 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{1532549C-7874-442B-A60E-6B7538708D87} [2011.04.21 07:54:03 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Roaming\vlc [2011.04.21 07:53:38 | 00,000,000 | ---D | C] -- C:\Programme\VideoLAN [2011.04.20 23:52:29 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{1F9BD7A4-206F-4380-A8BA-6028F78300C2} [2011.04.20 16:44:37 | 00,000,000 | -H-D | C] -- C:\ProgramData\Apple Computer [2011.04.20 16:44:37 | 00,000,000 | ---D | C] -- C:\Programme\QuickTime [2011.04.20 16:44:06 | 00,000,000 | ---D | C] -- C:\Programme\Common Files\Apple [2011.04.20 16:43:58 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\Apple [2011.04.20 16:43:56 | 00,000,000 | -H-D | C] -- C:\ProgramData\Apple [2011.04.20 16:43:56 | 00,000,000 | ---D | C] -- C:\Programme\Apple Software Update [2011.04.20 16:03:19 | 00,000,000 | ---D | C] -- C:\Programme\PC Inspector File Recovery [2011.04.20 11:52:04 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{14178952-CBDE-46C9-80A4-CE0B7BB7C028} [2011.04.19 22:24:12 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{39BD36FB-8E6F-41A4-98E4-BBAAC44F9BB7} [2011.04.19 09:14:27 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{179D1F4C-868F-458E-984E-AAFF8D876144} [2011.04.18 21:14:02 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{68A12111-8EA9-4196-AD75-AB16126C27D1} [2011.04.18 08:14:19 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{7A1A5339-4AC7-4B1E-AD30-C1C824B6FB26} [2011.04.17 20:10:46 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{256AD04D-0539-4673-B476-F01E9BD6DA5F} [2011.04.16 20:10:08 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{CD93DBEE-CE33-4847-BC85-15E7D6934578} [2011.04.15 22:36:32 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{8C9534B6-C22D-4C3E-ABF3-95634E06E251} [2011.04.15 07:16:32 | 00,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2011.04.15 07:16:32 | 00,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011.04.15 07:16:32 | 00,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011.04.15 07:16:32 | 00,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011.04.15 07:16:32 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.04.15 07:16:32 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011.04.15 07:16:32 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011.04.15 07:16:31 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.04.15 07:16:31 | 00,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011.04.15 07:16:31 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.04.15 07:16:31 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011.04.15 07:16:06 | 00,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2011.04.15 07:16:03 | 00,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011.04.15 07:16:03 | 00,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011.04.15 07:16:00 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe [2011.04.15 07:15:59 | 00,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2011.04.15 07:15:59 | 00,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2011.04.15 07:15:19 | 02,331,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011.04.15 07:15:18 | 00,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe [2011.04.15 07:15:16 | 01,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2011.04.15 07:15:16 | 01,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2011.04.15 01:46:17 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{0ECAE083-1EEC-43C1-B488-1F48852B4730} [2011.04.14 13:45:53 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{7D710748-EED2-49DB-A202-7B95AE0F7029} [2011.04.13 21:58:34 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{819A91EF-9811-4979-BD8A-93162008D5CC} [2011.04.13 09:58:09 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{D3854BC8-9C42-45B6-85E3-E7A49EC498E8} [2011.04.12 21:51:44 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{1EA891A0-FD81-4CE7-8F14-78DD468E7BE5} [2011.04.12 08:33:35 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{C9D6EC4D-DD4F-4C8B-87BE-15450D52216E} [2011.04.11 12:46:15 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{22B31FDA-707E-4611-99B4-93206CA385B6} [2011.04.10 23:14:11 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{F38C481F-02CD-4FE8-A403-534782B41349} [2011.04.09 23:13:33 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{00AAF041-D999-4C53-B987-BA5FB92464E6} [2011.04.09 11:13:08 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{334D9B53-71B1-4AA7-9A94-D1A41F2F8E08} [2011.04.08 23:12:54 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{40BA6A98-E074-4ECF-9B7E-37CAD3EFE6AF} [2011.04.08 11:12:29 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{5F11A079-3EE8-46F1-B7F9-1C69D35DB588} [2011.04.07 21:23:34 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{A2E8B146-0469-410C-A184-37D578CF37C1} [2011.04.07 05:03:11 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{6DADEC8F-476F-4968-96B0-BBB138E4E779} [2011.04.06 17:02:46 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{E3161A79-289D-4BD9-BFBC-D42D1C6BB6E5} [2011.04.06 05:02:20 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{6A79396F-0CEB-4305-A6D9-F96D64092D42} [2011.04.05 17:01:55 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{9EA35416-B3F8-4926-81DC-4A0D9A9A78CE} [2011.04.04 20:48:28 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{BC3E41E9-52FB-48A2-8B93-344C40AA8F02} [2011.04.04 08:48:03 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{9BE0FB51-6CF3-48B0-8023-3553EDB0E425} [2011.04.03 20:47:51 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{6A69D466-917F-44F1-95E8-D1BAE646D7F9} [2011.04.03 08:47:25 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{301A82F3-C9D2-433E-98E7-7D57359F03A3} [2011.04.02 13:10:30 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{8EF1A5CC-E7AB-495A-A772-5B26CEA7166A} [2011.04.01 23:46:08 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{D0D04C9C-4626-4DDE-AA1D-BBB453D3C250} [2011.04.01 10:11:26 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{B50F5B64-9505-49D2-BB5E-DE4362F0B3C6} [2011.03.31 22:11:01 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{F8258970-84E1-4399-B118-25CB031DEC12} [2011.03.31 10:10:36 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{C7D83D73-6E65-4206-85BC-3AF8DA8A611B} [2011.03.30 22:10:11 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{01ADD2D2-AB92-432F-A592-DB6DE994034B} [2011.03.30 08:13:07 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{F056DC80-DFB8-4233-94CA-2B98DAC419A7} [2011.03.29 15:37:31 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{E39808DA-A40A-42F9-834A-BA93E8E3B8B3} [2011.03.29 02:38:29 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{91A68989-34FA-44D6-A003-D0628DAFBDC8} [2011.03.28 14:38:04 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{40BD027A-29BA-4CB4-B164-ED09510B236D} [2011.03.27 20:06:11 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{2AD8E5CC-4E36-42B5-881C-5D9E9A925B3E} [2011.03.27 07:56:45 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{4CC0A3E2-24D2-41FC-B0C5-9118A42F3C62} [2011.03.26 14:47:58 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{150316D9-E437-4EDA-BF34-A7DEB6CB3C95} [2011.03.26 01:09:25 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{E140F946-AB34-4968-90CB-B58A816C69C5} [2011.03.25 13:09:00 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{5C8AB4FF-12F5-4D5F-AF06-DBF90C9F12FB} [2011.03.24 22:59:26 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{FADAFBA4-7578-4FEF-A08F-7A9C1C399DB0} [2011.03.24 10:59:01 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{09855BCF-D7A2-467F-BDF9-585FD13C39CD} [2011.03.23 22:58:36 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{9373FF6B-4172-4300-A7C2-1E1D59565CB1} [2011.03.23 10:58:11 | 00,000,000 | -H-D | C] -- C:\Users\Ich\AppData\Local\{9E0071CC-5068-4824-86F2-579DE66F591E} [2011.02.24 12:49:18 | 01,232,896 | ---- | C] ( ) -- C:\Windows\System32\lxddserv.dll [2011.02.24 12:49:18 | 00,999,424 | ---- | C] ( ) -- C:\Windows\System32\lxddusb1.dll [2011.02.24 12:49:18 | 00,700,416 | ---- | C] ( ) -- C:\Windows\System32\lxddhbn3.dll [2011.02.24 12:49:18 | 00,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxddcomc.dll [2011.02.24 12:49:18 | 00,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxddpmui.dll [2011.02.24 12:49:18 | 00,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxddlmpm.dll [2011.02.24 12:49:18 | 00,425,984 | ---- | C] ( ) -- C:\Windows\System32\lxddcomm.dll [2011.02.24 12:49:18 | 00,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxddinpa.dll [2011.02.24 12:49:18 | 00,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxddiesc.dll [2011.02.24 12:49:18 | 00,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXDDhcp.dll [2011.02.24 12:49:18 | 00,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxddprox.dll [2011.02.24 12:49:18 | 00,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxddpplc.dll [2010.08.25 19:59:08 | 00,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll [2008.11.03 09:03:27 | 00,013,880 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys ========== Files - Modified Within 30 Days ========== [2011.04.22 00:57:43 | 02,883,584 | -HS- | M] () -- C:\Users\Ich\NTUSER.DAT [2011.04.22 00:21:51 | 04,303,392 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.04.22 00:21:51 | 01,713,724 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.04.22 00:21:51 | 01,156,680 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.04.22 00:21:50 | 01,295,400 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.04.22 00:21:50 | 00,005,202 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2011.04.22 00:02:22 | 00,009,504 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.22 00:02:22 | 00,009,504 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.21 23:54:36 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2011.04.21 23:54:33 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.04.21 23:54:25 | 23,884,30848 | -HS- | M] () -- C:\hiberfil.sys [2011.04.21 23:53:56 | 03,389,511 | -H-- | M] () -- C:\Users\Ich\AppData\Local\IconCache.db [2011.04.21 23:01:12 | 00,569,344 | -H-- | M] (WinTrust) -- C:\ProgramData\uvEWQXCeAJwf.exe [2011.04.21 21:43:18 | 00,030,481 | -H-- | M] () -- C:\Users\Ich\Desktop\sprüche.odt [2011.04.21 07:53:53 | 00,001,035 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011.04.20 16:44:51 | 00,001,822 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011.04.20 16:34:20 | 23,134,208 | -H-- | M] () -- C:\Users\Ich\Desktop\test.mp4 [2011.04.20 16:03:19 | 00,001,808 | ---- | M] () -- C:\Users\Public\Desktop\PC Inspector File Recovery.lnk [2011.04.19 02:10:55 | 00,000,000 | -H-- | M] () -- C:\Users\Ich\Documents\MAGIK [2011.04.16 20:05:00 | 00,428,856 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.04.11 14:46:36 | 00,000,471 | -H-- | M] () -- C:\ProgramData\lxdd [2011.04.08 15:22:07 | 00,001,103 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.04.02 13:56:46 | 00,014,171 | -H-- | M] () -- C:\Users\Ich\Desktop\blood-kiss.jpg ========== Files Created - No Company Name ========== [2011.04.21 07:53:53 | 00,001,035 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011.04.20 16:44:51 | 00,001,822 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011.04.20 16:33:52 | 23,134,208 | -H-- | C] () -- C:\Users\Ich\Desktop\test.mp4 [2011.04.20 16:03:20 | 00,006,200 | ---- | C] () -- C:\Windows\System32\INT13EXT.VXD [2011.04.20 16:03:19 | 00,001,808 | ---- | C] () -- C:\Users\Public\Desktop\PC Inspector File Recovery.lnk [2011.04.02 13:56:46 | 00,014,171 | -H-- | C] () -- C:\Users\Ich\Desktop\blood-kiss.jpg [2011.03.11 00:02:57 | 00,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2011.03.11 00:02:57 | 00,036,640 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2011.03.01 07:56:32 | 00,000,471 | -H-- | C] () -- C:\ProgramData\lxdd [2011.02.24 12:49:18 | 00,286,720 | ---- | C] () -- C:\Windows\System32\LXDDinst.dll [2011.02.24 12:49:18 | 00,208,896 | ---- | C] () -- C:\Windows\System32\lxddgrd.dll [2011.01.29 18:00:22 | 00,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2011.01.29 18:00:22 | 00,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2011.01.29 18:00:22 | 00,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2011.01.29 18:00:22 | 00,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2011.01.22 14:06:39 | 00,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll [2011.01.07 17:08:12 | 00,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2010.12.27 19:38:45 | 00,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini [2010.08.25 19:52:00 | 00,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll [2010.08.25 19:52:00 | 00,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll [2009.09.07 23:40:41 | 00,053,248 | ---- | C] () -- C:\Windows\System32\LogonStart.dll [2009.07.14 01:51:43 | 00,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 01:42:10 | 00,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009.06.05 12:14:39 | 01,766,592 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys [2009.06.05 12:14:39 | 00,035,264 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys [2008.12.02 03:32:32 | 00,362,029 | ---- | C] () -- C:\Windows\System32\sqlite3.dll [2008.09.21 23:49:23 | 00,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll [2008.04.16 12:43:39 | 00,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini [2007.03.28 15:16:44 | 00,344,064 | ---- | C] () -- C:\Windows\System32\lxddcoin.dll [2007.01.23 20:40:04 | 00,065,536 | ---- | C] () -- C:\Windows\System32\lxddcaps.dll [2007.01.09 18:13:08 | 00,692,224 | ---- | C] () -- C:\Windows\System32\lxdddrs.dll [2006.10.06 18:08:04 | 00,069,632 | ---- | C] () -- C:\Windows\System32\lxddcnv4.dll [2006.05.18 03:47:12 | 00,040,960 | ---- | C] () -- C:\Windows\System32\lxddvs.dll ========== LOP Check ========== [2011.01.30 23:47:34 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\Gutscheinmieze [2011.02.24 12:53:55 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\Lexmark Productivity Studio [2011.01.04 23:43:15 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\LG Electronics [2011.04.21 15:23:52 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\MyPhoneExplorer [2010.12.28 01:07:32 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\OpenOffice.org [2011.03.10 23:58:49 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\Samsung [2011.02.06 21:52:20 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\TuneUp Software [2011.02.06 20:22:32 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\Uniblue [2011.01.27 11:57:02 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\Windows Live Writer [2011.03.01 07:47:35 | 00,032,630 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2010.12.30 11:29:14 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\Adobe [2010.12.27 18:40:24 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\Avira [2011.01.04 00:38:51 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\CyberLink [2011.01.17 18:06:55 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\DivX [2011.01.30 23:47:34 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\Gutscheinmieze [2010.12.28 14:04:11 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\Identities [2011.01.04 23:40:31 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\InstallShield [2011.02.24 12:53:55 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\Lexmark Productivity Studio [2011.01.04 23:43:15 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\LG Electronics [2010.12.27 20:08:34 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\Macromedia [2009.07.14 10:56:41 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\Media Center Programs [2011.04.19 02:38:30 | 00,000,000 | --SD | M] -- C:\Users\Ich\AppData\Roaming\Microsoft [2010.12.27 19:37:06 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\Mozilla [2011.04.21 15:23:52 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\MyPhoneExplorer [2010.12.28 01:07:32 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\OpenOffice.org [2011.03.10 23:58:49 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\Samsung [2011.02.06 21:52:20 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\TuneUp Software [2011.02.06 20:22:32 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\Uniblue [2011.04.21 07:54:15 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\vlc [2011.01.27 11:57:02 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\Windows Live Writer [2011.02.17 13:32:37 | 00,000,000 | -H-D | M] -- C:\Users\Ich\AppData\Roaming\Yahoo! < %APPDATA%\*.exe /s > [2010.06.10 15:19:22 | 00,825,856 | -H-- | M] (Synatix GmbH) -- C:\Users\Ich\AppData\Roaming\Gutscheinmieze\uninstall.exe [2011.01.31 03:01:42 | 87,340,080 | -H-- | M] (Samsung Electronics Co., Ltd. ) -- C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Templates\SamsungKiesSetup.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009.07.14 03:26:15 | 00,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009.07.14 03:26:15 | 00,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys [2009.07.14 03:26:15 | 00,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:26:15 | 00,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009.07.14 03:26:15 | 00,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys [2009.07.14 03:26:15 | 00,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll [2009.07.14 03:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll < MD5 for: EXPLORER.EXE > [2009.07.14 03:14:20 | 02,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe [2009.10.31 07:45:39 | 02,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\explorer.exe [2009.10.31 07:45:39 | 02,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe [2009.08.03 07:49:47 | 02,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe [2009.08.03 07:35:50 | 02,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe [2009.10.31 08:00:51 | 02,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe < MD5 for: IASTOR.SYS > [2009.06.04 12:43:15 | 00,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\drivers\iaStor.sys [2009.06.04 12:43:15 | 00,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_4f144d6467fc7c22\iaStor.sys [2009.06.04 12:43:15 | 00,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_x86_neutral_10aa509d6843c6fc\iaStor.sys < MD5 for: IASTORV.SYS > [2009.07.14 03:20:36 | 00,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys [2009.07.14 03:20:36 | 00,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys [2009.07.14 03:20:36 | 00,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.07.14 03:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll [2009.07.14 03:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll < MD5 for: NVSTOR.SYS > [2009.07.14 03:20:44 | 00,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys [2009.07.14 03:20:44 | 00,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys [2009.07.14 03:20:44 | 00,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 03:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll [2009.07.14 03:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll < MD5 for: USER32.DLL > [2009.07.14 03:16:17 | 00,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\System32\user32.dll [2009.07.14 03:16:17 | 00,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll < MD5 for: USERINIT.EXE > [2009.07.14 03:14:43 | 00,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe [2009.07.14 03:14:43 | 00,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe < MD5 for: WINLOGON.EXE > [2009.10.28 08:17:59 | 00,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe [2009.10.28 08:17:59 | 00,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009.10.28 07:52:08 | 00,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2009.07.14 03:14:45 | 00,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 01:55:02 | 00,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys [2009.07.14 01:55:02 | 00,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009.07.14 03:15:13 | 00,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll [2009.07.14 03:15:13 | 00,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll < End of report > --- --- ---OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 22.04.2011 00:25:25 - Run 1 OTL by OldTimer - Version 3.1.27.0 Folder = C:\Users\Ich\Downloads Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 47,00% Memory free 6,00 Gb Paging File | 4,00 Gb Available in Paging File | 73,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232,88 Gb Total Space | 176,33 Gb Free Space | 75,72% Space Free | Partition Type: NTFS Drive D: | 221,16 Gb Total Space | 221,09 Gb Free Space | 99,97% Space Free | Partition Type: NTFS E: Drive not present or media not loaded Drive F: | 7,47 Gb Total Space | 6,35 Gb Free Space | 84,95% Space Free | Partition Type: FAT32 G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ICH-PC Current User Name: Ich Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) [HKEY_USERS\S-1-5-21-3109488581-3307307930-3629044015-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery "{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery "{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3 "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3 "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program "{2B4E24A0-A06F-488D-87D8-16738E5E1104}" = Windows Live Family Safety "{2BC21CD2-8053-406A-80F6-9AB61717B49D}" = ODF Add-In für Microsoft Office "{2C3CE8F0-F4AD-4D54-A520-975309C617E2}" = LG PC Suite III "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync "{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader "{5B4383F2-37EE-4E97-AD81-F5FF76F286DA}" = OutlookAddInNet3Setup "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security "{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey "{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE) "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{865CD808-6D31-4269-9D36-693CFE75D26A}" = Express Gate "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{96D33319-C14C-3070-A464-CE8416E46487}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86) "{99A4344A-C723-4661-A507-D9D939480358}" = Cisco LEAP Module "{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid "{9BFD5911-93E3-42BB-BFCD-50E4BA5B8D67}" = Cisco EAP-FAST Module "{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1031-7B44-A90100000001}" = Adobe Reader 9.0.1 - Deutsch "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{C0E18DC4-C74A-4889-AE3A-933471023787}" = LG PC Suite III "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "{CD344FA5-6657-47CD-940F-8727EED35595}" = Cisco PEAP Module "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media "{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities "{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service "{D42F84B6-3709-4A50-8502-6719D16AE6C8}" = SRS Premium Sound Control Panel "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2 "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FA02ACAC-9E14-4878-A257-92A22A647C2C}" = LG USB Modem Drivers "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Asus_ULSeries_ScreenSaver" = Asus_ULSeries_ScreenSaver "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "DivX Setup.divx.com" = DivX-Setup "Elantech" = ETDWare PS/2-x86 7.0.5.5_WHQL "HDMI" = Intel(R) Graphics Media Accelerator Driver "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "Lexmark 2500 Series" = Lexmark 2500 Series "MagicPDF_is1" = MagicPDF 2.01 "Messenger Plus!" = Messenger Plus! 5 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86) "Mobile Partner" = Mobile Partner "Mozilla Firefox 4.0 (x86 de)" = Mozilla Firefox 4.0 (x86 de) "MPE" = MyPhoneExplorer "Picasa 3" = Picasa 3 "TuneUp Utilities" = TuneUp Utilities "USB 2.0 VGA UVC WebCam" = USB 2.0 VGA UVC WebCam "VLC media player" = VLC media player 1.1.9 "WinLiveSuite" = Windows Live Essentials "Yahoo! Companion" = Yahoo! Toolbar "Yahoo! Messenger" = Yahoo! Messenger "Yahoo! Search Defender" = Yahoo! Suche Schutzvorkehrung "Yahoo! Software Update" = Yahoo! Software Update ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 15.04.2011 01:09:18 | Computer Name = Ich-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012 Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich. Error - 15.04.2011 01:09:18 | Computer Name = Ich-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011 Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich. Error - 15.04.2011 05:56:31 | Computer Name = Ich-PC | Source = WinMgmt | ID = 10 Description = Error - 15.04.2011 06:00:31 | Computer Name = Ich-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012 Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich. Error - 15.04.2011 06:00:31 | Computer Name = Ich-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012 Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich. Error - 15.04.2011 06:00:31 | Computer Name = Ich-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011 Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich. Error - 15.04.2011 16:28:05 | Computer Name = Ich-PC | Source = WinMgmt | ID = 10 Description = Error - 15.04.2011 16:32:07 | Computer Name = Ich-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012 Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich. Error - 15.04.2011 16:32:08 | Computer Name = Ich-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012 Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich. Error - 15.04.2011 16:32:08 | Computer Name = Ich-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011 Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich. [ System Events ] Error - 13.04.2011 03:53:05 | Computer Name = Ich-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxddCATSCustConnectService erreicht. Error - 13.04.2011 03:53:05 | Computer Name = Ich-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "lxddCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 13.04.2011 14:51:53 | Computer Name = Ich-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxddCATSCustConnectService erreicht. Error - 13.04.2011 14:51:53 | Computer Name = Ich-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "lxddCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 14.04.2011 07:37:23 | Computer Name = Ich-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxddCATSCustConnectService erreicht. Error - 14.04.2011 07:37:23 | Computer Name = Ich-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "lxddCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 14.04.2011 14:52:45 | Computer Name = Ich-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxddCATSCustConnectService erreicht. Error - 14.04.2011 14:52:45 | Computer Name = Ich-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "lxddCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 15.04.2011 01:04:20 | Computer Name = Ich-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxddCATSCustConnectService erreicht. Error - 15.04.2011 01:04:20 | Computer Name = Ich-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "lxddCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 < End of report > |
22.04.2011, 09:57 | #2 |
/// Malware-holic | Das system hat ein problem mit einem oder mehreren installierten IDE/SATA Festplatten erkannt. • Starte bitte die OTL.exe
__________________• Kopiere nun das Folgende in die Textbox. :OTL PRC - C:\ProgramData\uvEWQXCeAJwf.exe (WinTrust) O4 - HKU\S-1-5-21-3109488581-3307307930-3629044015-1000..\Run: [uvEWQXCeAJwf] C:\ProgramData\uvEWQXCeAJwf.exe (WinTrust) :Files C:\ProgramData\GoWNKtoBbTfMqRQ.exe :Commands [purity] [EMPTYFLASH] [emptytemp] [Reboot] • Schliesse bitte nun alle Programme. • Klicke nun bitte auf den Fix Button. • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen. • Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren. öffne computer, öffne C: dann _OTL dort rechtsklick auf moved files wähle zu moved files.rar oder zip hinzufügen. das archiv nach anleitung hochladen: http://www.trojaner-board.de/54791-a...ner-board.html
__________________ |
Themen zu Das system hat ein problem mit einem oder mehreren installierten IDE/SATA Festplatten erkannt. |
0x00000001, avgntflt.sys, corp./icp, device driver, empfohlen, erkannt, excel.exe, festplatte, festplatten, folge, folgende, fontcache, gfnexsrv.exe, iastor.sys, installier, installierte, location, mehreren, neu, nvstor.sys, office 2007, oldtimer, otl.exe, picasa, platte, platten, plug-in, problem, runtergeladen, saver, scan, sched.exe, schlau, searchplugins, shell32.dll, starte, system, system neu, taskhost.exe, usb 2.0, visual studio, webcheck, {dfefcdee-cf1a-4fc8-88ad-48514e463b27} |