Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Festplatte beschädigt. Private Daten sind in Gefahr. windows 7 recovery auf englisch

Festplatte beschädigt. Private Daten sind in Gefahr. windows 7 recovery auf englisch


Log-Analyse und Auswertung: Festplatte beschädigt. Private Daten sind in Gefahr. windows 7 recovery auf englisch

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 21.05.2011, 23:47   #1
kermit44
 
Festplatte beschädigt. Private Daten sind in Gefahr. windows 7 recovery auf englisch - Standard

Festplatte beschädigt. Private Daten sind in Gefahr. windows 7 recovery auf englisch


Guten Abend,

habe mir einen Trojaner eingefangen. Es erscheinen dauerhaft Fehlermeldungen von Windows und Windows 7 Recovery( auf Englisch) springt automatisch an.
Habe schon unhide und Malwarebytes durchlaufen lassen.
Danach habe ich otl gestartet.Habe in anderen Post gesehen das noch etwas in die Textbox eingegeben werden sollte, hab dies mal gemacht. Vielleicht hilft das schneller weiter.OTL Logfile:
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 21.05.2011 23:31:58 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Alex\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,99 Gb Total Space | 203,05 Gb Free Space | 44,53% Space Free | Partition Type: NTFS
 
Computer Name: HDNETBOOK | User Name: Alex | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Alex\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\26337016.exe (Microsoft Corporation)
PRC - C:\ProgramData\oVlLshwOTG.exe (Microsoft Corporation)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Users\Alex\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Programme\pdf24\pdf24.exe (Geek Software GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\Winamp\winampa.exe ()
PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerTray.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerEvent.exe (Acer Incorporated)
PRC - C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
PRC - C:\Programme\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.)
PRC - C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
PRC - C:\Programme\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
PRC - C:\Programme\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Programme\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.)
PRC - C:\Windows\PLFSetI.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Alex\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll (Microsoft Corporation)
MOD - C:\Programme\Acer\Acer PowerSmart Manager\SysHook.dll (Acer Incorporated)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (TuneUp.Defrag) -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated)
SRV - (CLHNService) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
SRV - (MWLService) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (NTI IScheduleSvc) -- C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Programme\Acer Arcade Deluxe\PlayMovie\000.fcl (CyberLink Corp.)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corp)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (mwlPSDVDisk) -- C:\Windows\System32\drivers\mwlPSDVDisk.sys (Egis Incorporated.)
DRV - (mwlPSDFilter) -- C:\Windows\System32\drivers\mwlPSDFilter.sys (Egis Incorporated.)
DRV - (mwlPSDNServ) -- C:\Windows\System32\drivers\mwlPSDNserv.sys (Egis Incorporated.)
DRV - (k57nd60x) Broadcom NetLink (TM) -- C:\Windows\System32\drivers\k57nd60x.sys (Broadcom Corporation)
DRV - (speedfan) -- C:\Windows\system32\speedfan.sys (Windows (R) 2000 DDK provider)
DRV - (giveio) -- C:\Windows\system32\giveio.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1109&m=aspire_7735
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1109&m=aspire_7735
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-349433845-2558389677-3379201677-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1109&m=aspire_7735
IE - HKU\S-1-5-21-349433845-2558389677-3379201677-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKU\S-1-5-21-349433845-2558389677-3379201677-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-349433845-2558389677-3379201677-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-349433845-2558389677-3379201677-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com [binary data]
IE - HKU\S-1-5-21-349433845-2558389677-3379201677-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.ask.com?o=15003&l=dis
IE - HKU\S-1-5-21-349433845-2558389677-3379201677-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-349433845-2558389677-3379201677-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-349433845-2558389677-3379201677-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-349433845-2558389677-3379201677-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:60222
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "LEO Eng-Deu"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.7
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 48
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.3
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {47E31375-EDAF-4551-8676-BB130487260A}:1.9.1
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
FF - prefs.js..network.proxy.type: 4
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.07.13 20:05:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.30 17:55:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.30 17:55:36 | 000,000,000 | ---D | M]
 
[2010.07.06 16:59:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\Extensions
[2011.05.21 15:22:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\Firefox\Profiles\xf7a914m.default\extensions
[2011.04.27 22:57:32 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Users\Alex\AppData\Roaming\mozilla\Firefox\Profiles\xf7a914m.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2010.08.06 17:08:41 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Alex\AppData\Roaming\mozilla\Firefox\Profiles\xf7a914m.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.04.27 22:57:33 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Alex\AppData\Roaming\mozilla\Firefox\Profiles\xf7a914m.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.05.21 15:22:23 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Alex\AppData\Roaming\mozilla\Firefox\Profiles\xf7a914m.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.07.06 16:59:16 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Alex\AppData\Roaming\mozilla\Firefox\Profiles\xf7a914m.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010.03.13 17:04:10 | 000,002,253 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\xf7a914m.default\searchplugins\askcom.xml
[2011.01.10 22:25:42 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.01.10 22:25:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010.07.06 16:50:59 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2011.01.10 22:25:42 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.05.13 23:52:47 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\ALEX\APPDATA\LOCAL\{47E31375-EDAF-4551-8676-BB130487260A}
[2010.07.06 16:53:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2011.03.28 22:46:51 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011.03.28 22:46:51 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2011.03.28 22:46:51 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2011.03.28 22:46:51 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2011.03.28 22:46:51 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-349433845-2558389677-3379201677-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4 - HKLM..\Run: [AmIcoSinglun] C:\Programme\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mwlDaemon] C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [PDFPrint] C:\Programme\pdf24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe ()
O4 - HKU\S-1-5-21-349433845-2558389677-3379201677-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-349433845-2558389677-3379201677-1000..\Run: [oVlLshwOTG] C:\ProgramData\oVlLshwOTG.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-349433845-2558389677-3379201677-1000..\Run: [Uyuzikapawogepuk] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Alex\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-349433845-2558389677-3379201677-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-349433845-2558389677-3379201677-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Users\Alex\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Alex\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.05.21 23:12:51 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Alex\Desktop\OTL.exe
[2011.05.21 22:18:19 | 000,344,576 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\26337016.exe
[2011.05.21 22:06:24 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Malwarebytes
[2011.05.21 22:05:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.05.21 22:05:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.05.21 22:05:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.05.21 22:05:39 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.05.21 22:05:39 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.05.21 22:04:55 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Alex\Desktop\mbam-setup.exe
[2011.05.21 16:30:31 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Recovery
[2011.05.21 16:21:06 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\oVlLshwOTG.exe
[2011.05.13 23:52:47 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\{47E31375-EDAF-4551-8676-BB130487260A}
[2011.05.11 20:24:27 | 003,957,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.05.11 20:24:27 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.05.07 00:00:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011.04.30 15:43:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ETS
[2011.04.30 15:43:22 | 000,000,000 | ---D | C] -- C:\Programme\ETS
[2011.04.30 15:25:07 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Downloaded Installations
[2009.11.09 05:22:59 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.05.21 23:17:57 | 000,005,872 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.21 23:17:56 | 000,005,872 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.21 23:12:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Alex\Desktop\OTL.exe
[2011.05.21 23:02:03 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.05.21 23:02:03 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.05.21 22:37:15 | 000,606,104 | ---- | M] () -- C:\Users\Alex\Desktop\unhide(3).exe
[2011.05.21 22:33:06 | 000,606,104 | ---- | M] () -- C:\Users\Alex\Desktop\unhide.exe
[2011.05.21 22:31:10 | 000,606,104 | ---- | M] () -- C:\Users\Alex\Desktop\unhide(2).exe
[2011.05.21 22:18:26 | 000,000,144 | ---- | M] () -- C:\ProgramData\~26337016r
[2011.05.21 22:18:26 | 000,000,120 | ---- | M] () -- C:\ProgramData\~26337016
[2011.05.21 22:18:21 | 000,000,336 | ---- | M] () -- C:\ProgramData\26337016
[2011.05.21 22:18:19 | 000,344,576 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\26337016.exe
[2011.05.21 22:17:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.21 22:17:34 | 2411,859,968 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.21 22:05:44 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.21 22:05:09 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Alex\Desktop\mbam-setup.exe
[2011.05.21 21:31:37 | 000,000,120 | ---- | M] () -- C:\Users\Alex\AppData\Local\Hfizulicaken.dat
[2011.05.21 16:30:33 | 000,000,144 | ---- | M] () -- C:\ProgramData\~31907576r
[2011.05.21 16:30:33 | 000,000,120 | ---- | M] () -- C:\ProgramData\~31907576
[2011.05.21 16:30:32 | 000,000,639 | ---- | M] () -- C:\Users\Alex\Desktop\Windows 7 Recovery.lnk
[2011.05.21 16:30:14 | 000,000,336 | ---- | M] () -- C:\ProgramData\31907576
[2011.05.21 16:21:06 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\oVlLshwOTG.exe
[2011.05.21 10:01:30 | 000,000,000 | ---- | M] () -- C:\Users\Alex\AppData\Local\Gpaputiholuracan.bin
 
========== Files Created - No Company Name ==========
 
[2011.05.21 22:37:15 | 000,606,104 | ---- | C] () -- C:\Users\Alex\Desktop\unhide(3).exe
[2011.05.21 22:36:06 | 000,002,489 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.05.21 22:36:06 | 000,002,439 | ---- | C] () -- C:\Users\Public\Desktop\Orion.lnk
[2011.05.21 22:36:06 | 000,001,997 | ---- | C] () -- C:\Users\Public\Desktop\Sony Ericsson PC Suite 5.0.lnk
[2011.05.21 22:36:06 | 000,001,976 | ---- | C] () -- C:\Users\Public\Desktop\MyWinLocker.lnk
[2011.05.21 22:36:06 | 000,001,857 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk
[2011.05.21 22:36:06 | 000,001,818 | ---- | C] () -- C:\Users\Public\Desktop\PDF24 Editor.lnk
[2011.05.21 22:36:06 | 000,001,730 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011.05.21 22:36:06 | 000,001,728 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.05.21 22:36:06 | 000,001,050 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Works.lnk
[2011.05.21 22:36:06 | 000,000,993 | ---- | C] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2011.05.21 22:36:05 | 000,001,988 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011.05.21 22:36:05 | 000,001,766 | ---- | C] () -- C:\Users\Public\Desktop\Media Go.lnk
[2011.05.21 22:36:05 | 000,001,313 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2011.05.21 22:36:05 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.21 22:33:06 | 000,606,104 | ---- | C] () -- C:\Users\Alex\Desktop\unhide.exe
[2011.05.21 22:31:07 | 000,606,104 | ---- | C] () -- C:\Users\Alex\Desktop\unhide(2).exe
[2011.05.21 22:18:26 | 000,000,144 | ---- | C] () -- C:\ProgramData\~26337016r
[2011.05.21 22:18:26 | 000,000,120 | ---- | C] () -- C:\ProgramData\~26337016
[2011.05.21 22:18:21 | 000,000,336 | ---- | C] () -- C:\ProgramData\26337016
[2011.05.21 16:30:33 | 000,000,144 | ---- | C] () -- C:\ProgramData\~31907576r
[2011.05.21 16:30:33 | 000,000,120 | ---- | C] () -- C:\ProgramData\~31907576
[2011.05.21 16:30:32 | 000,000,639 | ---- | C] () -- C:\Users\Alex\Desktop\Windows 7 Recovery.lnk
[2011.05.21 16:30:14 | 000,000,336 | ---- | C] () -- C:\ProgramData\31907576
[2011.05.13 23:52:48 | 000,000,120 | ---- | C] () -- C:\Users\Alex\AppData\Local\Hfizulicaken.dat
[2011.05.13 23:52:48 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Local\Gpaputiholuracan.bin
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.01.14 18:43:08 | 008,676,883 | ---- | C] () -- C:\Windows\System32\mp3Media2.dll
[2010.12.26 23:28:10 | 000,009,039 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\B612.0DA
[2010.12.21 04:27:20 | 000,003,113 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010.12.17 18:00:44 | 000,227,587 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.07.29 20:24:25 | 000,087,552 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
[2010.07.29 20:14:01 | 000,000,024 | ---- | C] () -- C:\Windows\SW_Win9423X24.DLL
[2010.07.28 17:32:14 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.07.13 22:51:46 | 000,006,144 | ---- | C] () -- C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.13 19:59:27 | 000,187,558 | ---- | C] () -- C:\Windows\hpoins36.dat
[2010.07.09 16:03:00 | 000,001,376 | ---- | C] () -- C:\Windows\System32\dciman13.sys
[2010.07.06 17:07:41 | 000,021,532 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2010.07.06 16:42:39 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.04.18 21:29:42 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2010.02.20 19:45:46 | 000,016,452 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\wklnhst.dat
[2010.01.29 22:09:17 | 000,000,578 | ---- | C] () -- C:\Windows\hpomdl36.dat
[2009.11.21 21:34:21 | 000,000,048 | ---- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009.11.14 13:40:21 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009.11.09 22:15:35 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.11.08 21:25:48 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2009.11.08 21:25:48 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2009.11.08 21:25:48 | 000,020,480 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe
[2009.11.08 21:25:48 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2009.11.08 20:50:20 | 000,090,772 | ---- | C] () -- C:\Windows\System32\drivers\RtConvEQ.DAT
[2009.11.08 20:50:20 | 000,000,536 | ---- | C] () -- C:\Windows\System32\drivers\RtHdatEx.dat
[2009.11.08 20:50:20 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat
[2009.11.08 20:50:20 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2009.11.08 20:50:20 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2009.11.08 20:50:20 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2009.07.14 10:47:43 | 000,643,866 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.07.14 10:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.07.14 10:47:43 | 000,126,394 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.07.14 10:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 06:33:53 | 000,334,136 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 04:05:48 | 000,607,190 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 04:05:48 | 000,103,568 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 02:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009.03.12 12:32:52 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2009.02.11 22:03:58 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll
[2009.02.11 22:03:58 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll
[2009.02.11 22:03:57 | 000,000,060 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2008.04.08 15:34:26 | 000,000,427 | ---- | C] () -- C:\Windows\System32\atipblup.dat
[1997.11.17 18:13:16 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys
 
========== LOP Check ==========
 
[2010.07.06 16:58:47 | 000,000,000 | -HSD | M] -- C:\Users\Alex\AppData\Roaming\.#
[2010.07.07 14:26:21 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Acer GameZone Console
[2010.07.06 16:58:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Blitware
[2010.07.06 16:58:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DAEMON Tools Lite
[2010.08.06 17:08:41 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.07.06 16:58:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\eSobi
[2011.01.14 18:19:36 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\FreeFLVConverter
[2010.07.06 16:58:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Gogii Games
[2010.12.31 14:08:00 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Nokuuc
[2010.10.07 17:24:12 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PhotoScape
[2010.07.06 16:59:16 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PlayFirst
[2011.03.27 21:23:49 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PowerCinema
[2010.12.27 00:54:43 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Puex
[2010.12.28 00:44:20 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\seukvlcmaw
[2010.07.06 16:59:17 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Shape games
[2011.03.27 22:17:54 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\SoftDMA
[2010.07.06 16:59:18 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Sony
[2010.07.06 16:59:18 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Template
[2010.07.06 16:59:18 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Thinstall
[2010.07.06 16:59:18 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\TuneUp Software
[2010.07.06 16:59:20 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Ubisoft
[2010.02.12 22:01:46 | 000,000,000 | -HSD | M] -- C:\Users\Public.HDnetbook\AppData\Roaming\.#
[2010.07.06 16:58:11 | 000,000,000 | ---D | M] -- C:\Users\Public.HDnetbook\AppData\Roaming\Acer GameZone Console
[2010.07.06 16:58:11 | 000,000,000 | ---D | M] -- C:\Users\Public.HDnetbook\AppData\Roaming\EA
[2010.07.06 16:58:11 | 000,000,000 | ---D | M] -- C:\Users\Public.HDnetbook\AppData\Roaming\eSobi
[2010.07.06 16:58:12 | 000,000,000 | ---D | M] -- C:\Users\Public.HDnetbook\AppData\Roaming\iWin
[2010.07.06 16:58:16 | 000,000,000 | ---D | M] -- C:\Users\Public.HDnetbook\AppData\Roaming\PowerCinema
[2010.07.06 16:58:16 | 000,000,000 | ---D | M] -- C:\Users\Public.HDnetbook\AppData\Roaming\SoftDMA
[2010.07.06 16:58:16 | 000,000,000 | ---D | M] -- C:\Users\Public.HDnetbook\AppData\Roaming\Template
[2010.07.06 16:58:16 | 000,000,000 | ---D | M] -- C:\Users\Public.HDnetbook\AppData\Roaming\TuneUp Software
[2011.03.21 22:02:18 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.07.06 16:58:47 | 000,000,000 | -HSD | M] -- C:\Users\Alex\AppData\Roaming\.#
[2010.07.07 14:26:21 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Acer GameZone Console
[2011.05.21 16:21:03 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Adobe
[2010.07.06 16:58:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\ATI
[2010.12.09 15:02:48 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Avira
[2010.07.06 16:58:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Blitware
[2010.07.06 16:58:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\CyberLink
[2010.07.06 16:58:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DAEMON Tools Lite
[2010.07.06 16:58:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DivX
[2011.03.27 21:19:25 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\dvdcss
[2010.08.06 17:08:41 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.07.06 16:58:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\eSobi
[2011.01.14 18:19:36 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\FreeFLVConverter
[2010.07.06 16:58:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Gogii Games
[2010.07.06 16:58:48 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Google
[2010.07.13 20:23:12 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\HP
[2010.08.09 18:37:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\HpUpdate
[2010.07.06 16:58:48 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Identities
[2010.07.06 16:58:48 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\InstallShield
[2010.07.06 16:58:48 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Macromedia
[2011.05.21 22:06:24 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Malwarebytes
[2009.07.14 10:56:41 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Media Center Programs
[2010.12.27 23:31:10 | 000,000,000 | --SD | M] -- C:\Users\Alex\AppData\Roaming\Microsoft
[2010.07.06 16:59:14 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Mozilla
[2010.12.31 14:08:00 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Nokuuc
[2010.10.07 17:24:12 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PhotoScape
[2010.07.06 16:59:16 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PlayFirst
[2011.03.27 21:23:49 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PowerCinema
[2010.12.27 00:54:43 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Puex
[2010.07.06 16:59:16 | 000,000,000 | R--D | M] -- C:\Users\Alex\AppData\Roaming\SecuROM
[2010.12.28 00:44:20 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\seukvlcmaw
[2010.07.06 16:59:17 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Shape games
[2010.07.06 16:59:17 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Skype
[2010.07.06 16:59:17 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\skypePM
[2011.03.27 22:17:54 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\SoftDMA
[2010.07.06 16:59:18 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Sony
[2010.07.06 16:59:18 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Template
[2010.07.06 16:59:18 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Thinstall
[2010.07.06 16:59:18 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\TuneUp Software
[2010.07.06 16:59:20 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\U3
[2010.07.06 16:59:20 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Ubisoft
[2011.04.12 23:25:31 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\vlc
[2011.05.19 23:07:55 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Winamp
[2009.11.11 19:43:16 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2009.09.23 17:37:30 | 000,022,352 | ---- | M] (NOS Microsystems Ltd.) -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\xf7a914m.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe
[2009.09.23 17:37:30 | 000,034,112 | ---- | M] (NOS Microsystems Ltd.) -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\xf7a914m.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg_bootstrap.exe
[2007.10.23 10:27:20 | 000,110,592 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\U3\temp\cleanup.exe
[2008.05.02 11:41:48 | 003,493,888 | ---- | M] (SanDisk Corporation) -- C:\Users\Alex\AppData\Roaming\U3\temp\Launchpad Removal.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
 
< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
 
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: EXPLORER.EXE >
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
 
< MD5 for: IASTOR.SYS >
[2009.02.12 03:26:18 | 000,407,576 | ---- | M] (Intel Corporation) MD5=1ADAA4F16073FD0C7270F451FD024E97 -- C:\Acer\Preload\Autorun\DRV\AHCI\Driver64\IaStor.sys
[2009.02.12 03:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Acer\Preload\Autorun\DRV\AHCI\Driver\IaStor.sys
[2009.02.12 03:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Windows\System32\drivers\iaStor.sys
[2009.02.12 03:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_e0c941a8b0e04b56\iaStor.sys
[2009.02.12 03:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_x86_neutral_7009a7672ee571e2\iaStor.sys
 
< MD5 for: IASTORV.SYS >
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
 
< MD5 for: NETLOGON.DLL >
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS >
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
 
< MD5 for: USER32.DLL >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\System32\user32.dll
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
 
< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< End of report >
--- --- ---


Hier noch der extra logfile:
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 21.05.2011 23:31:58 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Alex\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,99 Gb Total Space | 203,05 Gb Free Space | 44,53% Space Free | Partition Type: NTFS
 
Computer Name: HDNETBOOK | User Name: Alex | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-349433845-2558389677-3379201677-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{171E6C1E-B5FC-11DF-B115-005056C00008}" = Google Earth Plug-in
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1CA3A991-B03D-4C92-9922-315E5434E87B}" = PS_AIO_05_C4600_Software_Min
"{1E1746EF-F5BF-4677-8F30-04FE399130DA}" = HP Photosmart C4600 All-In-One Driver Software 14.0 Rel. 5
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 23
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{293F82CD-1BE8-03BC-DBAD-903388CFBB62}" = Catalyst Control Center Localization All
"{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}" = GTA2
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 5.007.01
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3CCB314A-B67C-82D0-1CC6-6BC4AE6D053E}" = Catalyst Control Center InstallProxy
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{47780EB3-F1C5-EAB3-2F71-E9F4DB117038}" = WMV9/VC-1 Video Playback
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{5A4FB792-D98F-409C-24B6-BD2A80D30E3A}" = Catalyst Control Center Graphics Previews Common
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C074912-E427-6A4B-B0C2-6C7A31943175}" = ccc-utility
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{8026256E-BA16-4125-B350-EE6F31E7A638}" = TOEFL Sample Questions
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110184263}" = Puzzle Express
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11037623}" = Tradewinds 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111205743}" = Tri-Peaks Solitaire To Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111232687}" = Ocean Express
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11170417}" = Luxor 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11219217}" = Cradle of Rome
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112270203}" = Dream Day Wedding
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113056167}" = Dream Day Honeymoon
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113297350}" = Cake Mania 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113494430}" = Wedding Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}" = Airport Mania First Flight
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115443300}" = Cooking Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11551977}" = Parking Dash
"{86B247F9-1D5E-CCC6-3280-71486D9A4E70}" = ATI Stream SDK v2 Developer
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{896C5024-AA39-12E8-D6C2-D818B7E3D58F}" = CCC Help English
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial 
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A22BB09-8086-691D-F409-3AF74D9E3BF0}" = ccc-core-static
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AF0B106-56F1-461B-A270-95BC1682E282}" = Broadcom Gigabit NetLink Controller
"{9C3E86F9-FCB0-16EC-C32F-FAA148B52310}" = ATI Catalyst Install Manager
"{9E0E1E3B-229C-4CF9-8A39-4455477327E4}" = C4600
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC08BBA0-96B9-431A-A7D0-D8598E493775}" = RESIDENT EVIL 5
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.3 - Deutsch
"{ADEEF3E4-15A4-F286-38EE-675A8EF0212B}" = Catalyst Control Center InstallProxy
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B47CF9F5-B948-43E8-BC8D-EECB53D3EC6F}_is1" = Plants vs. Zombies
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE0EC61A-02BF-E3E1-D7A8-3DDB7B58FBDF}" = PX Profile Update
"{BF91B300-EEBC-4223-96F3-0FCBF7241B50}" = AmIcoSingLun
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C9C13822-A638-4331-99A3-4498A5901693}" = Media Go
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}" = WinZip 12.0
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"Acer Screensaver" = Acer ScreenSaver
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AVIConverter" = AVIConverter 3.0
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CutePDF Writer Installation" = CutePDF Writer 2.8
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EAX(tm) Unified (SHELL)" = EAX(tm) Unified (SHELL)
"Final Fantasy VII" = Final Fantasy VII
"FINAL FANTASY VIII" = FINAL FANTASY VIII
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.7
"Freez FLV to MP3 Converter v1.5_is1" = Freez FLV to MP3 Converter
"FUSSBALL MANAGER 10" = FUSSBALL MANAGER 10
"Google Desktop" = Google Desktop
"GridVista" = Acer GridVista
"Hardcore" = Hardcore
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"IL Download Manager" = IL Download Manager
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{BF91B300-EEBC-4223-96F3-0FCBF7241B50}" = AmIcoSingLun
"Kain 2" = Legacy of Kain: Soul Reaver
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17)
"PhotoScape" = PhotoScape
"PoiZone" = PoiZone
"Sakura" = Sakura
"Sawer" = Sawer
"SopCast" = SopCast 3.2.8
"SpeedFan" = SpeedFan (remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TIPP10_is1" = TIPP10 Version 2.0.3
"Toxic Biohazard" = Toxic Biohazard
"TuneUp Utilities" = TuneUp Utilities
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.3
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
--- --- ---


Danke schonmal in Vorraus (:

 

Themen zu Festplatte beschädigt. Private Daten sind in Gefahr. windows 7 recovery auf englisch
32 bit, adblock, adobe, antivir, autorun, avira, bho, converter, defender, error, explorer, festplatte, firefox, flash player, format, google earth, install.exe, intranet, launch, locker, logfile, mozilla, mp3, mywinlocker, nvstor.sys, oldtimer, plug-in, realtek, registry, rundll, scan, sched.exe, searchplugins, shell32.dll, software, sptd.sys, start menu, taskhost.exe, temp, trojaner, usb, webcheck, windows


« Das System hat ein Problem mit einem oder mehreren installierten IDE / SATA-Festplatten erkannt. | Fak Alert Rep bitte Hilfe!!!!! »


Ähnliche Themen: Festplatte beschädigt. Private Daten sind in Gefahr. windows 7 recovery auf englisch


  1. Fake HDD. Schwarzer Bildschirm, Nachricht festplatte beschädight private Daten in Gefahr.
    Plagegeister aller Art und deren Bekämpfung - 10.07.2011 (11)
  2. Festplatte beschädigt. Private Daten sind in Gefahr //Catalyst Control Center funktioniert nicht meh
    Plagegeister aller Art und deren Bekämpfung - 24.06.2011 (38)
  3. Festplatte beschädigt, Daten dahin
    Log-Analyse und Auswertung - 13.06.2011 (35)
  4. Beschädigte Festplatte-Cluster gefunden. Private Daten sind in Gefahr
    Log-Analyse und Auswertung - 09.06.2011 (16)
  5. Windows Vista Recovery(Festplatte Defekt)Trojaner dazu schwarzer Bildschirm und alle Daten versteckt
    Log-Analyse und Auswertung - 31.05.2011 (7)
  6. "Stutter.X,"Windows XP recovery"-Aufforderung, "Festplatte beschädigt"-Meldung, Bildschrim schwarz,
    Log-Analyse und Auswertung - 28.05.2011 (20)
  7. windos recovery Festplatte beschädigt Alles Ganz schwarz
    Log-Analyse und Auswertung - 24.05.2011 (3)
  8. "Festplatte beschädigt/Systemneustart/Windows Vista Recovery" Meldungen
    Log-Analyse und Auswertung - 23.05.2011 (3)
  9. Festplatte Cluster beschädigt/Windows Vista Recovery
    Log-Analyse und Auswertung - 21.05.2011 (1)
  10. Festplatte Cluster beschädigt/Windows Xp Recovery/FakeAlert vermutlich TR/Kazy.mekml1
    Plagegeister aller Art und deren Bekämpfung - 16.05.2011 (1)
  11. Kritischer Fehler. Beschädigte Festplatten-Cluster gefunden. Private Daten sind in Gefahr
    Log-Analyse und Auswertung - 04.05.2011 (14)
  12. Festplatte beschädigt. Private Daten sind in Gefahr. AntiVir Fund: TR/Kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 01.05.2011 (16)
  13. Kritischer Fehler. Beschädigte Festplatten-Cluster gefunden. Private Daten sind in Gefahr
    Plagegeister aller Art und deren Bekämpfung - 30.04.2011 (41)
  14. Kritischer Fehler. Beschädigte Festplatten-Cluster gefunden. Private Daten sind in Gefahr
    Plagegeister aller Art und deren Bekämpfung - 29.04.2011 (23)
  15. Kritischer Fehler. Beschädigte Festplatten-Cluster gefunden. Private Daten sind in Gefahr
    Log-Analyse und Auswertung - 29.04.2011 (37)
  16. Kritischer Fehler. Beschädigte Festplatten-Cluster gefunden. Private Dateien sind in Gefahr.
    Log-Analyse und Auswertung - 26.04.2011 (3)
  17. Kritischer Fehler. Beschädigte Festplatten-Cluster gefunden. Private Daten sind in Gefahr
    Alles rund um Windows - 24.04.2011 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Festplatte beschädigt. Private Daten sind in Gefahr. windows 7 recovery auf englisch - Guten Abend, habe mir einen Trojaner eingefangen. Es erscheinen dauerhaft Fehlermeldungen von Windows und Windows 7 Recovery( auf Englisch) springt automatisch an. Habe schon unhide und Malwarebytes durchlaufen lassen. Danach - Festplatte beschädigt. Private Daten sind in Gefahr. windows 7 recovery auf englisch...
Archiv
Du betrachtest: Festplatte beschädigt. Private Daten sind in Gefahr. windows 7 recovery auf englisch auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27