Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Desktop schwarz und Festplatte angeblich kaputt, die X-te (https://www.trojaner-board.de/100642-desktop-schwarz-festplatte-angeblich-kaputt-x-te.html)

WolleCW 21.06.2011 21:53
Desktop schwarz und Festplatte angeblich kaputt, die X-te
 
Guten Tag,
habe seid heute Probleme mit meinem Laptop.
Habe mir die anderen ähnlichen Beiträge schonmal angeschaut.
Bei mir sagt er auch,dass meine Festplatte hinüber ist, aber bei Antivir, Anti-Malware und SuperAntispyware zeigen die trotzdem die Daten an.
Kann auf den Explorer und das Internet zugreifen, aber nicht mehr auf die Datein von 2 Laufwerken.
Habe schonmal den OTL-log machen lassen.
Hoffe ihr könnt einem armen Studenten helfen.
Lg WolleCW

OTL-Log:OTL Logfile:
Code:
OTL logfile created on: 21.06.2011 21:18:15 - Run 1
OTL by OldTimer - Version 3.2.24.1    Folder = C:\Users\mm\Music\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 46,05% Memory free
6,19 Gb Paging File | 4,61 Gb Available in Paging File | 74,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 120,92 Gb Total Space | 31,11 Gb Free Space | 25,73% Space Free | Partition Type: NTFS
Drive D: | 164,18 Gb Total Space | 20,67 Gb Free Space | 12,59% Space Free | Partition Type: NTFS
Drive E: | 164,18 Gb Total Space | 42,45 Gb Free Space | 25,86% Space Free | Partition Type: NTFS
 
Computer Name: CHRISINFERNO | User Name: mm | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\mm\Music\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\34660088.exe (AnkhSVN)
PRC - C:\ProgramData\SuHEcubHqhenx.exe (AnkhSVN)
PRC - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - E:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - e:\Program Files\Virtual CD v10\System\VC10SecS.exe (H+H Software GmbH)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Programme\Acer\Acer Bio Protection\CompPtcVUI.exe (Arachnoid Biometrics Identification Group Corp.)
PRC - C:\Programme\Acer\Acer Bio Protection\BASVC.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
PRC - C:\Windows\System32\vfsFPService.exe (Validity Sensors, Inc.)
PRC - C:\Programme\EDIMAX\Common\RalinkRegistryWriter.exe (Ralink Technology, Corp.)
PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\ACER\Mobility Center\MobilityService.exe ()
PRC - C:\Programme\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (Rocket Division Software)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\mm\Music\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (CVPND) -- E:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (VC10SecS) -- e:\Program Files\Virtual CD v10\System\VC10SecS.exe (H+H Software GmbH)
SRV - (IGBASVC) -- C:\Programme\Acer\Acer Bio Protection\BASVC.exe ()
SRV - (Adobe Version Cue CS4) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated)
SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (RS_Service) -- C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
SRV - (ETService) -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (vfsFPService) -- C:\Windows\System32\vfsFPService.exe (Validity Sensors, Inc.)
SRV - (RalinkRegistryWriter) -- C:\Programme\EDIMAX\Common\RalinkRegistryWriter.exe (Ralink Technology, Corp.)
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (CLHNService) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()
SRV - (StarWindServiceAE) -- C:\Programme\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (Rocket Division Software)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (CVPNDRVA) -- C:\Windows\System32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (vdrv1000) -- C:\Windows\System32\drivers\vdrv1000.sys (H+H Software GmbH)
DRV - (AlfaFF) -- C:\Windows\system32\Drivers\AlfaFF.sys (Alfa Corporation)
DRV - (L1E) -- C:\Windows\System32\drivers\L1E60x86.sys (Atheros Communications, Inc.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (USBCCID) -- C:\Windows\System32\drivers\usbccid.sys (Microsoft Corporation)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (HH10Help.sys) -- C:\Windows\System32\drivers\HH10Help.sys (H+H Software GmbH)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Programme\Acer Arcade Deluxe\PlayMovie\000.fcl (Cyberlink Corp.)
DRV - (vfs101x) -- C:\Windows\System32\drivers\vfs101x.sys (Validity Sensors, Inc.)
DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corp.)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (NTIPPKernel) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys (Cyberlink Corp.)
DRV - (itecir) -- C:\Windows\System32\drivers\itecir.sys (ITE Tech. Inc. )
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys ()
DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (DritekPortIO) -- C:\Programme\Launch Manager\DPortIO.sys (Dritek System Inc.)
DRV - (AF15BDA) -- C:\Windows\System32\drivers\AF15BDA.sys (AfaTech                  )
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0809&m=aspire_6935
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0809&m=aspire_6935
 
 
IE - HKU\.DEFAULT\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0809&m=aspire_6935
IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\Search Settings\SearchSettings.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-302941472-1964095108-563845418-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig?hl=#t_0"
FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.3.7
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.8
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009.08.10 21:19:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.01.05 02:56:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.06.15 15:50:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.15 15:50:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.04.29 20:39:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.01.05 02:56:04 | 000,000,000 | ---D | M]
 
[2011.04.29 20:39:35 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\mm\AppData\Roaming\mozilla\Extensions
[2011.04.29 20:39:35 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\mm\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009.10.28 21:39:45 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\mm\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2011.06.17 10:11:49 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\mm\AppData\Roaming\mozilla\Firefox\Profiles\k63joh69.default\extensions
[2010.09.09 22:34:18 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\mm\AppData\Roaming\mozilla\Firefox\Profiles\k63joh69.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.06.05 19:04:12 | 000,000,000 | -H-D | M] (iMacros for Firefox) -- C:\Users\mm\AppData\Roaming\mozilla\Firefox\Profiles\k63joh69.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2011.06.17 10:11:49 | 000,000,000 | -H-D | M] (DownloadHelper) -- C:\Users\mm\AppData\Roaming\mozilla\Firefox\Profiles\k63joh69.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.06.05 19:04:09 | 000,000,000 | -H-D | M] (Adblock Plus) -- C:\Users\mm\AppData\Roaming\mozilla\Firefox\Profiles\k63joh69.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.06.05 19:04:16 | 000,000,000 | -H-D | M] (FastestFox) -- C:\Users\mm\AppData\Roaming\mozilla\Firefox\Profiles\k63joh69.default\extensions\smarterwiki@wikiatic.com
[2011.06.21 17:38:47 | 000,001,056 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\Mozilla\Firefox\Profiles\k63joh69.default\searchplugins\icqplugin.xml
[2010.02.28 21:29:23 | 000,002,064 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\Mozilla\Firefox\Profiles\k63joh69.default\searchplugins\youtube-videosuche.xml
[2011.06.15 15:50:25 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009.08.31 13:45:20 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.04.20 07:56:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.14 00:02:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.25 09:53:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) --
[2010.04.11 11:19:58 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
[2010.04.20 07:56:48 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.14 00:02:42 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.25 09:53:16 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.04.14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll
[2010.09.15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.10.12 16:26:38 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Programme\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.03.03 01:26:17 | 000,001,315 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O1 - Hosts: 127.0.0.1 71i.de
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts:   
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts:   
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts:   
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts:   
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts:   
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts:   
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts:   
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts:   
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts:   
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts:   
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts:   
O1 - Hosts: 9 more lines...
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - E:\Program Files\CS4\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\Search Settings\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - E:\Program Files\CS4\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-302941472-1964095108-563845418-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Programme\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-302941472-1964095108-563845418-1000..\Run: []  File not found
O4 - HKU\S-1-5-21-302941472-1964095108-563845418-1000..\Run: [AdobeBridge]  File not found
O4 - HKU\S-1-5-21-302941472-1964095108-563845418-1000..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-302941472-1964095108-563845418-1000..\Run: [SuHEcubHqhenx] C:\ProgramData\SuHEcubHqhenx.exe (AnkhSVN)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll - C:\Programme\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O24 - Desktop WallPaper: C:\Users\mm\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\mm\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a59387c4-e072-11de-b713-00a0d1ae1104}\Shell - "" = AutoRun
O33 - MountPoints2\{a59387c4-e072-11de-b713-00a0d1ae1104}\Shell\AutoRun\command - "" = J:\OblivionLauncher.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk - C:\Programme\Acer\Acer VCM\AcerVCM.exe - (Acer Incorporated)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk - C:\Programme\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe - (Adobe Systems, Inc.)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk - C:\Programme\ArcSoft\TotalMedia 3\TMMonitor.exe - (ArcSoft, Inc.)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk - C:\Windows\Installer\{21E247D4-5E27-4BEA-AA4D-19A81203FE2A}\Icon3E5562ED7.ico - ()
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Wireless Utility.lnk - C:\Programme\EDIMAX\Common\RaUI.exe - (Edimax Technology Co.)
MsConfig - StartUpFolder: C:^Users^mm^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk - C:\Users\mm\AppData\Roaming\Dropbox\bin\Dropbox.exe - ()
MsConfig - StartUpFolder: C:^Users^mm^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Trillian.lnk - C:\Programme\Trillian\trillian.exe - (Cerulean Studios)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AlcoholAutomount - hkey= - key= - C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe (Alcohol Soft Development Team)
MsConfig - StartUpReg: ArcadeDeluxeAgent - hkey= - key= - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
MsConfig - StartUpReg: avgnt - hkey= - key= - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
MsConfig - StartUpReg: BkupTray - hkey= - key= - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
MsConfig - StartUpReg: CLMLServer - hkey= - key= - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig - StartUpReg: eAudio - hkey= - key= - C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
MsConfig - StartUpReg: eDataSecurity Loader - hkey= - key= - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
MsConfig - StartUpReg: ehTray.exe - hkey= - key= - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
MsConfig - StartUpReg: ePower_DMC - hkey= - key= - C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
MsConfig - StartUpReg: EPSON SX100 Series - hkey= - key= -  File not found
MsConfig - StartUpReg: IAAnotif - hkey= - key= - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
MsConfig - StartUpReg: LManager - hkey= - key= - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
MsConfig - StartUpReg: NokiaMServer - hkey= - key= - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
MsConfig - StartUpReg: NokiaMusic FastStart - hkey= - key= - C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia)
MsConfig - StartUpReg: NokiaOviSuite2 - hkey= - key= - C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
MsConfig - StartUpReg: NvCplDaemon - hkey= - key= -  File not found
MsConfig - StartUpReg: NvMediaCenter - hkey= - key= -  File not found
MsConfig - StartUpReg: PlayMovie - hkey= - key= - C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
MsConfig - StartUpReg: PLFSetI - hkey= - key= - C:\Windows\PLFSetI.exe ()
MsConfig - StartUpReg: ProductReg - hkey= - key= - C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: RGSC - hkey= - key= -  File not found
MsConfig - StartUpReg: RtHDVCpl - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
MsConfig - StartUpReg: SearchSettings - hkey= - key= - C:\Programme\Search Settings\SearchSettings.exe (Spigot, Inc.)
MsConfig - StartUpReg: Sidebar - hkey= - key= - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: Skytel - hkey= - key= - C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: SUPERAntiSpyware - hkey= - key= - C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - StartUpReg: SynTPEnh - hkey= - key= - C:\Programme\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: VC10Player - hkey= - key= - e:\Program Files\Virtual CD v10\System\VC10Play.exe (H+H Software GmbH)
MsConfig - StartUpReg: WinampAgent - hkey= - key= - E:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig - StartUpReg: Windows Defender - hkey= - key= -  File not found
MsConfig - StartUpReg: WMPNSCFG - hkey= - key= - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
MsConfig - StartUpReg: ZPdtWzdVitaKey MC3000 - hkey= - key= - C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
MsConfig - State: "startup" - 1
MsConfig - State: "services" - 0
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - Service
SafeBootMin: MCODS - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: mcmscsvc - Service
SafeBootNet: MCODS - Service
SafeBootNet: Messenger - Service
SafeBootNet: MpfService - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {64470216-5EDF-4035-2C49-819AC9C5947E} -
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker 2.6
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {FB2EF7B1-3857-45AB-94DB-FE63E1CB8074} -
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.divxa32 - C:\Windows\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv50 - C:\Windows\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.06.21 19:33:42 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Repair
[2011.06.21 19:33:21 | 000,372,736 | -H-- | C] (AnkhSVN) -- C:\ProgramData\34660088.exe
[2011.06.21 19:24:15 | 000,462,848 | -H-- | C] (AnkhSVN) -- C:\ProgramData\SuHEcubHqhenx.exe
[2011.06.16 11:35:58 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.06.16 11:35:56 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.06.16 11:35:56 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.06.16 11:35:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.06.15 11:00:06 | 000,000,000 | -H-D | C] -- C:\Users\mm\Desktop\Oblivion
[2011.06.15 10:25:52 | 000,000,000 | -H-D | C] -- C:\Users\mm\Desktop\RegSeeker
[2011.06.13 16:57:45 | 000,000,000 | -H-D | C] -- C:\Users\mm\Documents\MeinSpore-Kreationen
[2011.06.13 16:51:44 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Roaming\Spore
[2011.06.13 16:48:07 | 000,000,000 | -H-D | C] -- C:\Users\mm\Desktop\Spore
[2011.06.13 14:02:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\Skype Extras
[2011.06.13 14:02:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.06.13 14:02:11 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Skype
[2011.06.12 23:38:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2011.06.12 23:37:07 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Roaming\Lionhead Studios
[2011.06.12 17:29:47 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Local\Ubisoft Game Launcher
[2011.06.12 17:29:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\Ubisoft
[2011.06.12 17:25:57 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Roaming\PunkBuster
[2011.06.12 17:25:22 | 000,000,000 | ---D | C] -- C:\Programme\Ubisoft
[2011.06.12 14:07:29 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Local\by_dekart811
[2011.06.12 13:19:43 | 002,106,216 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2011.06.12 13:19:43 | 001,998,168 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2011.06.12 13:19:43 | 001,868,128 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2011.06.12 13:19:43 | 000,527,192 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2011.06.12 13:19:43 | 000,470,880 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2011.06.12 13:19:43 | 000,248,672 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2011.06.12 13:19:43 | 000,239,960 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2011.06.12 13:19:43 | 000,074,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2011.06.12 13:19:42 | 000,528,216 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2011.06.12 13:19:42 | 000,238,936 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2011.06.12 13:19:42 | 000,074,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2011.06.12 13:19:42 | 000,022,360 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2011.06.12 12:43:46 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Local\FalloutNV
[2011.06.08 23:41:19 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Local\SKIDROW
[2011.06.08 23:31:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve
[2011.06.07 22:08:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5
[2011.06.07 17:17:26 | 000,000,000 | -H-D | C] -- C:\Programme\ICQ7.5
[2011.05.30 11:11:40 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Roaming\.minecraft
[2011.05.28 13:39:20 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Roaming\go
[2011.05.28 13:39:18 | 000,000,000 | -H-D | C] -- C:\ProgramData\Easybits GO
[2009.01.11 01:36:50 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.06.21 21:10:03 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.06.21 21:06:24 | 000,637,068 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.06.21 21:06:24 | 000,604,322 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.06.21 21:06:24 | 000,129,844 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.06.21 21:06:24 | 000,107,460 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.06.21 21:02:58 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011.06.21 21:00:46 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.06.21 21:00:32 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.21 21:00:32 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.21 21:00:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.21 21:00:16 | 3218,042,880 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.21 20:59:27 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.06.21 20:39:10 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2011.06.21 20:36:22 | 000,404,640 | -H-- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.06.21 20:20:20 | 000,000,240 | -H-- | M] () -- C:\ProgramData\~34660088
[2011.06.21 20:20:12 | 000,000,168 | -H-- | M] () -- C:\ProgramData\~34660088r
[2011.06.21 19:33:43 | 000,000,595 | -H-- | M] () -- C:\Users\mm\Desktop\Windows Vista Repair.lnk
[2011.06.21 19:33:27 | 000,000,344 | -H-- | M] () -- C:\ProgramData\34660088
[2011.06.21 19:33:22 | 000,372,736 | -H-- | M] (AnkhSVN) -- C:\ProgramData\34660088.exe
[2011.06.21 19:24:14 | 000,462,848 | -H-- | M] (AnkhSVN) -- C:\ProgramData\SuHEcubHqhenx.exe
[2011.06.21 18:14:32 | 000,088,602 | -H-- | M] () -- C:\ProgramData\nvModes.dat
[2011.06.21 18:14:32 | 000,088,602 | -H-- | M] () -- C:\ProgramData\nvModes.001
[2011.06.20 21:16:06 | 036,964,286 | -H-- | M] () -- C:\Users\mm\Desktop\sd.flv
[2011.06.17 17:46:07 | 000,078,336 | -H-- | M] () -- C:\Users\mm\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.17 01:22:26 | 000,426,787 | -H-- | M] () -- C:\Users\mm\Desktop\spacecore1.jpg
[2011.06.17 01:01:29 | 000,269,122 | -H-- | M] () -- C:\Users\mm\Desktop\space_core_wallpaper_2_by_deathonabun-d3eta23.jpg
[2011.06.16 00:50:47 | 000,040,209 | -H-- | M] () -- C:\Users\mm\Desktop\Turret Opera (Cara Mia) - SATB.pdf
[2011.06.15 17:27:43 | 000,000,023 | -H-- | M] () -- C:\Windows\BlendSettings.ini
[2011.06.14 13:20:21 | 000,000,900 | -H-- | M] () -- C:\Users\mm\Desktop\SporeApp.exe - Verknüpfung.lnk
[2011.06.07 22:35:47 | 009,181,434 | -H-- | M] () -- C:\Users\mm\Desktop\andreas_bourani_-_nur_in_meinem_kopf_radio_edit.mp3
[2011.06.07 22:33:46 | 005,660,546 | -H-- | M] () -- C:\Users\mm\Desktop\bruno_mars_-_the_lazy_song.mp3
[2011.05.24 19:14:10 | 000,222,080 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2011.05.23 22:47:31 | 000,007,592 | -H-- | M] () -- C:\Users\mm\AppData\Local\d3d9caps.dat
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.06.21 20:20:12 | 000,000,240 | -H-- | C] () -- C:\ProgramData\~34660088
[2011.06.21 20:20:12 | 000,000,168 | -H-- | C] () -- C:\ProgramData\~34660088r
[2011.06.21 19:33:43 | 000,000,595 | -H-- | C] () -- C:\Users\mm\Desktop\Windows Vista Repair.lnk
[2011.06.21 19:33:27 | 000,000,344 | -H-- | C] () -- C:\ProgramData\34660088
[2011.06.20 21:05:38 | 036,964,286 | -H-- | C] () -- C:\Users\mm\Desktop\sd.flv
[2011.06.17 01:16:14 | 000,426,787 | -H-- | C] () -- C:\Users\mm\Desktop\spacecore1.jpg
[2011.06.17 01:01:29 | 000,269,122 | -H-- | C] () -- C:\Users\mm\Desktop\space_core_wallpaper_2_by_deathonabun-d3eta23.jpg
[2011.06.16 00:50:42 | 000,040,209 | -H-- | C] () -- C:\Users\mm\Desktop\Turret Opera (Cara Mia) - SATB.pdf
[2011.06.15 15:50:28 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.06.14 13:20:23 | 000,000,900 | -H-- | C] () -- C:\Users\mm\Desktop\SporeApp.exe - Verknüpfung.lnk
[2011.06.12 17:26:00 | 000,189,248 | -H-- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011.06.12 17:25:58 | 000,075,136 | -H-- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011.06.07 22:32:56 | 009,181,434 | -H-- | C] () -- C:\Users\mm\Desktop\andreas_bourani_-_nur_in_meinem_kopf_radio_edit.mp3
[2011.06.07 22:32:20 | 005,660,546 | -H-- | C] () -- C:\Users\mm\Desktop\bruno_mars_-_the_lazy_song.mp3
[2011.05.28 13:39:20 | 000,001,589 | -H-- | C] () -- C:\Users\mm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spielen (EasyBits GO).lnk
[2011.04.09 18:55:28 | 000,179,261 | -H-- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.12.03 17:05:10 | 000,000,634 | -H-- | C] () -- C:\Windows\WinInit.Ini
[2010.10.29 11:31:20 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2010.04.13 13:16:46 | 000,000,796 | -H-- | C] () -- C:\Users\mm\AppData\Local\RT3070_{92BF1D77-2785-4757-B074-3F456D960FD4}_sta
[2010.04.13 13:16:45 | 000,000,807 | -H-- | C] () -- C:\Users\mm\AppData\Local\RT3070_{92BF1D77-2785-4757-B074-3F456D960FD4}_prof
[2010.04.13 13:13:32 | 000,014,640 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2010.04.13 13:13:32 | 000,004,096 | ---- | C] () -- C:\Windows\System32\drivers\rt2870.bin
[2010.04.13 13:12:50 | 000,020,480 | -H-- | C] () -- C:\Windows\System32\RAEXTUI.dll
[2010.03.05 14:35:39 | 000,000,113 | -H-- | C] () -- C:\Windows\(null)toolkit.ini
[2010.02.20 20:49:40 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.02.20 20:49:40 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010.01.29 18:51:53 | 000,000,023 | -H-- | C] () -- C:\Windows\BlendSettings.ini
[2010.01.22 01:16:24 | 000,004,896 | -H-- | C] () -- C:\ProgramData\kbkwknay.ayh
[2009.12.03 18:05:38 | 000,000,245 | -H-- | C] () -- C:\Windows\System32\AF15IRTBL.bin
[2009.11.25 01:23:55 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009.11.17 13:08:34 | 000,197,424 | -H-- | C] () -- C:\Windows\System32\vpnapi.dll
[2009.10.19 18:17:00 | 000,043,520 | -H-- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2009.09.29 21:05:35 | 000,111,932 | -H-- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2009.09.29 21:05:35 | 000,024,903 | -H-- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2009.09.29 21:05:35 | 000,021,390 | -H-- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2009.09.29 21:05:35 | 000,020,148 | -H-- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2009.09.29 21:05:35 | 000,011,811 | -H-- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2009.09.29 21:05:35 | 000,004,943 | -H-- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2009.09.29 21:05:35 | 000,001,146 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2009.09.29 21:05:35 | 000,001,139 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2009.09.29 21:05:35 | 000,001,139 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2009.09.29 21:05:35 | 000,001,136 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2009.09.29 21:05:35 | 000,001,129 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2009.09.29 21:05:35 | 000,001,129 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2009.09.29 21:05:35 | 000,001,120 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2009.09.29 21:05:35 | 000,001,107 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2009.09.29 21:05:35 | 000,001,104 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2009.09.29 21:05:35 | 000,000,097 | -H-- | C] () -- C:\Windows\System32\PICSDK.ini
[2009.09.29 21:05:34 | 000,031,053 | -H-- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2009.09.29 21:05:34 | 000,027,417 | -H-- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2009.09.29 21:05:34 | 000,026,154 | -H-- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2009.09.29 21:02:20 | 000,000,025 | -H-- | C] () -- C:\Windows\CDESX100DEFGIPS.ini
[2009.09.26 01:55:39 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009.09.18 17:22:43 | 000,004,096 | -H-- | C] () -- C:\Windows\d3dx.dat
[2009.09.13 21:37:57 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.13 21:37:57 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.09.09 20:14:50 | 000,007,592 | -H-- | C] () -- C:\Users\mm\AppData\Local\d3d9caps.dat
[2009.08.11 15:26:32 | 000,078,336 | -H-- | C] () -- C:\Users\mm\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.08.10 13:00:25 | 000,000,000 | -H-- | C] () -- C:\Windows\nsreg.dat
[2009.08.10 11:24:13 | 000,088,602 | -H-- | C] () -- C:\ProgramData\nvModes.dat
[2009.08.10 11:24:13 | 000,088,602 | -H-- | C] () -- C:\ProgramData\nvModes.001
[2009.08.10 10:53:33 | 000,626,688 | -H-- | C] () -- C:\Windows\Image.dll
[2009.08.10 10:53:33 | 000,200,704 | -H-- | C] () -- C:\Windows\PLFSetI.exe
[2009.08.10 10:53:33 | 000,009,216 | -H-- | C] () -- C:\Windows\usbvideo_reg.exe
[2009.08.10 10:53:33 | 000,000,036 | -H-- | C] () -- C:\Windows\PidList.ini
[2009.08.10 10:52:16 | 000,118,784 | -H-- | C] () -- C:\Windows\System32\VMC3KAPI.dll
[2009.01.11 01:34:58 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2009.01.10 19:13:08 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2009.01.10 19:13:08 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2009.01.10 18:43:02 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2009.01.10 18:22:30 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2009.01.10 18:22:30 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2009.01.10 18:22:30 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2009.01.10 18:20:35 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2009.01.10 17:17:40 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.10.07 10:13:30 | 000,197,912 | -H-- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 10:13:22 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 10:13:20 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 10:13:20 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 10:13:20 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 10:13:20 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 10:13:20 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 10:13:20 | 000,058,648 | -H-- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008.01.21 09:15:58 | 000,637,068 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 09:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 09:15:58 | 000,129,844 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 09:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007.11.14 16:17:34 | 000,204,800 | -H-- | C] () -- C:\Windows\System32\CogentBioSDK.dll
[2007.01.26 08:32:18 | 000,069,632 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 002,227,760 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,604,322 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,107,460 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001.12.26 17:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.09.04 00:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 17:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 23:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
 
========== LOP Check ==========
 
[2009.01.10 18:58:59 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console
[2009.01.10 18:58:59 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console
[2009.08.10 16:18:42 | 000,000,000 | -HSD | M] -- C:\Users\mm\AppData\Roaming\.#
[2011.05.30 11:11:46 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\.minecraft
[2009.08.10 11:11:07 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Acer
[2009.01.10 18:58:59 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Acer GameZone Console
[2011.03.20 18:04:01 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Bioshock
[2011.03.28 19:42:25 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Bioshock2
[2009.10.16 22:15:06 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\DAEMON Tools
[2009.12.04 03:22:38 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\DAEMON Tools Lite
[2010.05.06 03:31:22 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\DC++
[2010.12.12 15:32:03 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Dropbox
[2010.02.23 17:01:46 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\EPSON
[2009.08.10 16:20:30 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\eSobi
[2009.08.11 18:01:37 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Flood Light Games
[2010.01.22 03:12:08 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\FreeFLVConverter
[2011.06.21 17:33:47 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\go
[2009.09.20 16:59:20 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Go Go Gourmet
[2011.06.21 21:07:39 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\ICQ
[2009.11.04 23:43:29 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\LimeWire
[2011.06.12 23:37:07 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Lionhead Studios
[2011.03.08 00:46:32 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\ManyCam
[2009.09.16 00:46:46 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Meridian93
[2011.05.18 23:42:20 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Miranda
[2011.01.05 03:48:01 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Nokia
[2011.01.05 03:48:05 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Nokia Ovi Suite
[2009.08.10 20:56:50 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Opera
[2011.01.05 03:06:44 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\PC Suite
[2009.12.30 00:12:27 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\ProtectDisc
[2011.06.12 17:25:57 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\PunkBuster
[2011.06.13 16:58:07 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Spore
[2011.04.29 20:39:33 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Thunderbird
[2010.01.27 02:44:38 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Trillian
[2009.08.10 10:51:44 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Validity
[2010.03.12 15:02:51 | 000,000,000 | --SD | M] -- C:\Users\mm\AppData\Roaming\Virtual CD v10
[2011.06.21 20:59:27 | 000,032,554 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2009.08.10 16:18:42 | 000,000,000 | -HSD | M] -- C:\Users\mm\AppData\Roaming\.#
[2011.05.30 11:11:46 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\.minecraft
[2009.08.10 11:11:07 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Acer
[2009.01.10 18:58:59 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Acer GameZone Console
[2011.06.03 00:50:27 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Adobe
[2009.12.06 17:51:03 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\ArcSoft
[2010.11.26 12:14:43 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Avira
[2011.03.20 18:04:01 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Bioshock
[2011.03.28 19:42:25 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Bioshock2
[2009.09.03 03:12:23 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\CyberLink
[2009.10.16 22:15:06 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\DAEMON Tools
[2009.12.04 03:22:38 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\DAEMON Tools Lite
[2010.05.06 03:31:22 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\DC++
[2009.12.13 00:22:20 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\DivX
[2010.12.12 15:32:03 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Dropbox
[2011.06.13 14:15:30 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\dvdcss
[2010.02.23 17:01:46 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\EPSON
[2009.08.10 16:20:30 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\eSobi
[2009.08.11 18:01:37 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Flood Light Games
[2010.01.22 03:12:08 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\FreeFLVConverter
[2011.06.21 17:33:47 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\go
[2009.09.20 16:59:20 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Go Go Gourmet
[2009.08.10 12:58:52 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Google
[2009.08.10 20:40:53 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\GRETECH
[2011.06.21 21:07:39 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\ICQ
[2009.08.10 10:50:46 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Identities
[2009.08.10 10:53:22 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\InstallShield
[2009.08.11 22:42:04 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Intel
[2009.11.04 23:43:29 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\LimeWire
[2011.06.12 23:37:07 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Lionhead Studios
[2009.08.10 11:12:27 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Macromedia
[2010.09.16 17:08:13 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Malwarebytes
[2011.03.08 00:46:32 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\ManyCam
[2006.11.02 14:37:34 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Media Center Programs
[2009.09.16 00:46:46 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Meridian93
[2011.03.19 18:54:44 | 000,000,000 | --SD | M] -- C:\Users\mm\AppData\Roaming\Microsoft
[2011.05.18 23:42:20 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Miranda
[2009.08.10 13:00:31 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Mozilla
[2011.04.11 00:29:17 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\NCH Software
[2011.01.05 03:48:01 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Nokia
[2011.01.05 03:48:05 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Nokia Ovi Suite
[2009.08.10 20:56:50 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Opera
[2011.01.05 03:06:44 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\PC Suite
[2009.12.30 00:12:27 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\ProtectDisc
[2011.06.12 17:25:57 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\PunkBuster
[2009.12.13 19:54:57 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Real
[2009.11.08 01:42:16 | 000,000,000 | RH-D | M] -- C:\Users\mm\AppData\Roaming\SecuROM
[2011.06.21 21:12:07 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Skype
[2011.05.28 12:13:55 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\skypePM
[2011.06.13 16:58:07 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Spore
[2010.09.16 17:00:16 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\SUPERAntiSpyware.com
[2011.04.29 20:39:33 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Thunderbird
[2010.01.27 02:44:38 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Trillian
[2011.05.17 19:25:59 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\U3
[2009.08.10 10:51:44 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Validity
[2010.03.12 15:02:51 | 000,000,000 | --SD | M] -- C:\Users\mm\AppData\Roaming\Virtual CD v10
[2011.06.21 18:21:56 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\vlc
[2011.05.23 23:15:44 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\Winamp
[2009.09.13 23:19:35 | 000,000,000 | -H-D | M] -- C:\Users\mm\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2010.02.26 07:10:20 | 021,979,992 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2010.04.30 17:57:39 | 000,089,831 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2009.10.28 21:39:40 | 000,163,840 | -H-- | M] (Mozilla Foundation) -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\crashreporter.exe
[2009.10.28 21:39:41 | 000,196,608 | -H-- | M] (Mozilla Foundation) -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\updater.exe
[2009.10.28 21:39:41 | 000,014,848 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\xpcshell.exe
[2009.10.28 21:39:41 | 000,077,824 | -H-- | M] (Mozilla Foundation) -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\xpicleanup.exe
[2009.10.28 21:39:41 | 000,266,240 | -H-- | M] (Mozilla Foundation) -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\xpidl.exe
[2009.10.28 21:39:41 | 000,018,432 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\xpt_dump.exe
[2009.10.28 21:39:41 | 000,014,336 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\xpt_link.exe
[2009.10.28 21:39:41 | 000,073,728 | -H-- | M] (Mozilla Foundation) -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner-stub.exe
[2009.10.28 21:39:41 | 000,102,400 | -H-- | M] (Mozilla Foundation) -- C:\Users\mm\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner.exe
[2009.09.14 20:27:58 | 000,010,134 | RH-- | M] () -- C:\Users\mm\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2008.02.13 09:07:36 | 000,393,216 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\NCH Software\Components\aacenc3\aacenc3.exe
[2007.11.27 09:41:32 | 000,405,504 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\NCH Software\Components\mp3el2\lame.exe
[2011.02.24 17:07:45 | 000,835,440 | RH-- | M] () -- C:\Users\mm\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe
[2010.01.15 02:43:03 | 000,439,816 | -H-- | M] (RealNetworks, Inc.) -- C:\Users\mm\AppData\Roaming\Real\Update\setup3.09\setup.exe
[2009.12.14 03:55:08 | 000,079,368 | -H-- | M] (RealNetworks, Inc.) -- C:\Users\mm\AppData\Roaming\Real\Update\setup3.09\RUP\vista.exe
[2007.10.23 09:27:20 | 000,110,592 | -H-- | M] () -- C:\Users\mm\AppData\Roaming\U3\temp\cleanup.exe
[2008.05.02 10:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Users\mm\AppData\Roaming\U3\temp\Launchpad Removal.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2007.01.12 23:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Programme\Cyberlink\PowerDirector\EventLog.dll
 
< MD5 for: EXPLORER.EXE  >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2008.07.20 18:44:44 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\Programme\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008.07.20 18:44:44 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\Windows\System32\drivers\iaStor.sys
[2008.07.20 18:44:44 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7b6e77f6\iaStor.sys
[2008.07.20 18:44:54 | 000,402,456 | ---- | M] (Intel Corporation) MD5=FC28E90F2204D8FD147FA9BFA8A51C01 -- C:\Programme\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.12.04 03:13:39 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2011.05.18 22:09:14 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2011.05.18 22:09:14 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2011.05.18 22:09:12 | 000,118,784 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\iepeers.dll
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:DAFD38AE
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:7CACEF61
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:4220A65C
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:798A3728
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:2634FC95
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:A42A9F39
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:793F316E
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:05113FB9
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:73933431
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:F65733F1
 
< End of report >
--- --- ---

cosinus 26.06.2011 13:12
Zitat:
Bei mir sagt er auch,dass meine Festplatte hinüber ist, aber bei Antivir, Anti-Malware und SUPERAntiSpyware zeigen die trotzdem die Daten an.
Wo sind die Logs von diesen beiden Tools? Bitte alles posten

WolleCW 27.06.2011 10:20
Avira AntiVir Personal
Erstellungsdatum der Reportdatei: Dienstag, 21. Juni 2011 20:21

Es wird nach 2790993 Virenstämmen gesucht.

Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer : Avira AntiVir Personal - FREE Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows Vista
Windowsversion : (Service Pack 2) [6.0.6002]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : CHRISINFERNO

Versionsinformationen:
BUILD.DAT : 10.0.0.648 31823 Bytes 01.04.2011 18:23:00
AVSCAN.EXE : 10.0.4.2 442024 Bytes 22.05.2011 09:34:15
AVSCAN.DLL : 10.0.3.0 56168 Bytes 30.03.2010 11:42:16
LUKE.DLL : 10.0.3.2 104296 Bytes 11.12.2010 10:32:14
LUKERES.DLL : 10.0.0.0 13672 Bytes 14.01.2010 11:59:47
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 10:24:04
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 16:23:57
VBASE002.VDF : 7.11.3.0 1950720 Bytes 09.02.2011 17:10:07
VBASE003.VDF : 7.11.5.225 1980416 Bytes 07.04.2011 10:11:15
VBASE004.VDF : 7.11.8.178 2354176 Bytes 31.05.2011 08:38:22
VBASE005.VDF : 7.11.8.179 2048 Bytes 31.05.2011 08:38:22
VBASE006.VDF : 7.11.8.180 2048 Bytes 31.05.2011 08:38:23
VBASE007.VDF : 7.11.8.181 2048 Bytes 31.05.2011 08:38:23
VBASE008.VDF : 7.11.8.182 2048 Bytes 31.05.2011 08:38:23
VBASE009.VDF : 7.11.8.183 2048 Bytes 31.05.2011 08:38:23
VBASE010.VDF : 7.11.8.184 2048 Bytes 31.05.2011 08:38:23
VBASE011.VDF : 7.11.8.185 2048 Bytes 31.05.2011 08:38:23
VBASE012.VDF : 7.11.8.186 2048 Bytes 31.05.2011 08:38:23
VBASE013.VDF : 7.11.8.222 121856 Bytes 02.06.2011 08:38:25
VBASE014.VDF : 7.11.9.7 134656 Bytes 04.06.2011 09:39:46
VBASE015.VDF : 7.11.9.42 136192 Bytes 06.06.2011 09:39:46
VBASE016.VDF : 7.11.9.72 117248 Bytes 07.06.2011 09:39:46
VBASE017.VDF : 7.11.9.107 130560 Bytes 09.06.2011 09:39:47
VBASE018.VDF : 7.11.9.143 132096 Bytes 10.06.2011 09:39:47
VBASE019.VDF : 7.11.9.172 141824 Bytes 14.06.2011 08:43:09
VBASE020.VDF : 7.11.9.214 144896 Bytes 15.06.2011 08:43:10
VBASE021.VDF : 7.11.9.244 196608 Bytes 16.06.2011 08:43:11
VBASE022.VDF : 7.11.9.245 2048 Bytes 16.06.2011 08:43:11
VBASE023.VDF : 7.11.9.246 2048 Bytes 16.06.2011 08:43:11
VBASE024.VDF : 7.11.9.247 2048 Bytes 16.06.2011 08:43:11
VBASE025.VDF : 7.11.9.248 2048 Bytes 16.06.2011 08:43:11
VBASE026.VDF : 7.11.9.249 2048 Bytes 16.06.2011 08:43:11
VBASE027.VDF : 7.11.9.250 2048 Bytes 16.06.2011 08:43:11
VBASE028.VDF : 7.11.9.251 2048 Bytes 16.06.2011 08:43:12
VBASE029.VDF : 7.11.9.252 2048 Bytes 16.06.2011 08:43:12
VBASE030.VDF : 7.11.9.253 2048 Bytes 16.06.2011 08:43:12
VBASE031.VDF : 7.11.10.12 60416 Bytes 17.06.2011 08:43:12
Engineversion : 8.2.5.20
AEVDF.DLL : 8.1.2.1 106868 Bytes 14.11.2010 19:04:30
AESCRIPT.DLL : 8.1.3.65 1606010 Bytes 28.05.2011 10:15:26
AESCN.DLL : 8.1.7.2 127349 Bytes 11.12.2010 10:32:13
AESBX.DLL : 8.2.1.34 323957 Bytes 03.06.2011 08:38:40
AERDL.DLL : 8.1.9.9 639347 Bytes 26.03.2011 10:09:24
AEPACK.DLL : 8.2.6.9 557429 Bytes 18.06.2011 08:43:25
AEOFFICE.DLL : 8.1.1.25 205178 Bytes 03.06.2011 08:38:39
AEHEUR.DLL : 8.1.2.128 3547512 Bytes 18.06.2011 08:43:22
AEHELP.DLL : 8.1.17.2 246135 Bytes 22.05.2011 09:34:15
AEGEN.DLL : 8.1.5.6 401780 Bytes 22.05.2011 09:34:15
AEEMU.DLL : 8.1.3.0 393589 Bytes 11.12.2010 10:32:11
AECORE.DLL : 8.1.21.1 196983 Bytes 28.05.2011 10:15:22
AEBB.DLL : 8.1.1.0 53618 Bytes 14.11.2010 19:04:30
AVWINLL.DLL : 10.0.0.0 19304 Bytes 14.01.2010 11:59:10
AVPREF.DLL : 10.0.0.0 44904 Bytes 14.01.2010 11:59:07
AVREP.DLL : 10.0.0.10 174120 Bytes 22.05.2011 09:34:15
AVREG.DLL : 10.0.3.2 53096 Bytes 14.11.2010 19:04:30
AVSCPLR.DLL : 10.0.4.2 84840 Bytes 22.05.2011 09:34:15
AVARKT.DLL : 10.0.22.6 231784 Bytes 11.12.2010 10:32:14
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26.01.2010 09:53:25
SQLITE3.DLL : 3.6.19.0 355688 Bytes 28.01.2010 12:57:53
AVSMTP.DLL : 10.0.0.17 63848 Bytes 16.03.2010 15:38:54
NETNT.DLL : 10.0.0.0 11624 Bytes 19.02.2010 14:40:55
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28.01.2010 13:10:08
RCTEXT.DLL : 10.0.58.0 98152 Bytes 14.11.2010 19:04:30

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: niedrig
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:, E:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: mittel

Beginn des Suchlaufs: Dienstag, 21. Juni 2011 20:21

Der Suchlauf nach versteckten Objekten wird begonnen.
Der Suchlauf wurde abgebrochen!


Ende des Suchlaufs: Dienstag, 21. Juni 2011 20:36
Benötigte Zeit: 15:34 Minute(n)

Der Suchlauf wurde abgebrochen!

0 Verzeichnisse wurden überprüft
0 Dateien wurden geprüft
0 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
0 Dateien ohne Befall
0 Archive wurden durchsucht
0 Warnungen
0 Hinweise
64273 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4629

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

22.06.2011 00:09:47
mbam-log-2011-06-22 (00-09-47).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 335739
Laufzeit: 1 Stunde(n), 37 Minute(n), 6 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)


SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 06/21/2011 at 10:31 PM

Application Version : 4.54.1000

Core Rules Database Version : 5517
Trace Rules Database Version: 3329

Scan type : Complete Scan
Total Scan Time : 00:53:41

Memory items scanned : 774
Memory threats detected : 0
Registry items scanned : 10137
Registry threats detected : 0
File items scanned : 38484
File threats detected : 4

Adware.Tracking Cookie
C:\Users\mm\AppData\Roaming\Microsoft\Windows\Cookies\mm@ad2.adfarm1.adition[1].txt
C:\Users\mm\AppData\Roaming\Microsoft\Windows\Cookies\mm@doubleclick[1].txt
C:\Users\mm\AppData\Roaming\Microsoft\Windows\Cookies\mm@ad4.adfarm1.adition[1].txt
C:\Users\mm\AppData\Roaming\Microsoft\Windows\Cookies\mm@adfarm1.adition[1].txt

cosinus 27.06.2011 11:07
Zitat:
Malwarebytes' Anti-Malware 1.46
Datenbank Version: 4629
Was scannst du mit so einer uralten Version deinen Rechner, das ist reine Zeitverschwendung!
Aktualisiere auf das neuste Malwarebytes. Lad das Setup neu runter, installier es und lass die Signaturen aktualisieren. Danach einen neuen Vollscan machen.

WolleCW 27.06.2011 21:15
Hat sich alles erledigt. Neueste version des Malware-programm + unhide.exe hat meine ganzen Datein wiedergebracht. Danke für den Tipp.

cosinus 28.06.2011 11:53
Ja ich will das Log aber sehen, fertig sind wir hier noch nicht.

WolleCW 28.06.2011 16:19
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Datenbank Version: 6961

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

27.06.2011 21:36:44
mbam-log-2011-06-27 (21-36-44).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Durchsuchte Objekte: 462450
Laufzeit: 1 Stunde(n), 47 Minute(n), 46 Sekunde(n)

Infizierte Speicherprozesse: 2
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 5

Infizierte Speicherprozesse:
c:\programdata\suhecubhqhenx.exe (Trojan.FakeHDD) -> 3192 -> Unloaded process successfully.
c:\programdata\34660088.exe (Trojan.FraudPack.PF) -> 3604 -> Unloaded process successfully.

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SuHEcubHqhenx (Trojan.FakeHDD) -> Value: SuHEcubHqhenx -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\programdata\suhecubhqhenx.exe (Trojan.FakeHDD) -> Quarantined and deleted successfully.
c:\programdata\34660088.exe (Trojan.FraudPack.PF) -> Quarantined and deleted successfully.
c:\program files\alcohol soft\alcohol 52\Langs\AX_RU.dll (Malware.Packer.GenX) -> Quarantined and deleted successfully.
c:\Users\mm\AppData\Local\Temp\2FD.tmp (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully.
c:\Users\mm\AppData\Local\Temp\tmp6FA4.tmp (Trojan.FakeHDD) -> Quarantined and deleted successfully.

cosinus 28.06.2011 20:01
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
PRC - C:\ProgramData\34660088.exe (AnkhSVN)
PRC - C:\ProgramData\SuHEcubHqhenx.exe (AnkhSVN)
O4 - HKU\S-1-5-21-302941472-1964095108-563845418-1000..\Run: [SuHEcubHqhenx] C:\ProgramData\SuHEcubHqhenx.exe (AnkhSVN)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a59387c4-e072-11de-b713-00a0d1ae1104}\Shell - "" = AutoRun
O33 - MountPoints2\{a59387c4-e072-11de-b713-00a0d1ae1104}\Shell\AutoRun\command - "" = J:\OblivionLauncher.exe
[2011.06.21 19:33:42 | 000,000,000 | -H-D | C] -- C:\Users\mm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Repair
[2011.06.21 19:33:21 | 000,372,736 | -H-- | C] (AnkhSVN) -- C:\ProgramData\34660088.exe
[2011.06.21 19:24:15 | 000,462,848 | -H-- | C] (AnkhSVN) -- C:\ProgramData\SuHEcubHqhenx.exe
[2011.06.15 11:00:06 | 000,000,000 | -H-D | C] -- C:\Users\mm\Desktop\Oblivion
[2011.06.15 10:25:52 | 000,000,000 | -H-D | C] -- C:\Users\mm\Desktop\RegSeeker
[2011.06.21 20:20:20 | 000,000,240 | -H-- | M] () -- C:\ProgramData\~34660088
[2011.06.21 20:20:12 | 000,000,168 | -H-- | M] () -- C:\ProgramData\~34660088r
[2011.06.21 19:33:43 | 000,000,595 | -H-- | M] () -- C:\Users\mm\Desktop\Windows Vista Repair.lnk
[2011.06.21 19:33:27 | 000,000,344 | -H-- | M] () -- C:\ProgramData\34660088
[2011.06.21 19:33:22 | 000,372,736 | -H-- | M] (AnkhSVN) -- C:\ProgramData\34660088.exe
[2011.06.21 19:24:14 | 000,462,848 | -H-- | M] (AnkhSVN) -- C:\ProgramData\SuHEcubHqhenx.exe
[2009.08.10 16:18:42 | 000,000,000 | -HSD | M] -- C:\Users\mm\AppData\Roaming\.#
@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:DAFD38AE
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:7CACEF61
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:4220A65C
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:798A3728
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:2634FC95
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:A42A9F39
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:793F316E
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:05113FB9
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:73933431
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:F65733F1
:Commands
[purity]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

WolleCW 28.06.2011 23:30
========== OTL ==========
No active process named 34660088.exe was found!
No active process named SuHEcubHqhenx.exe was found!
Registry value HKEY_USERS\S-1-5-21-302941472-1964095108-563845418-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SuHEcubHqhenx not found.
File C:\ProgramData\SuHEcubHqhenx.exe not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a59387c4-e072-11de-b713-00a0d1ae1104}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a59387c4-e072-11de-b713-00a0d1ae1104}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a59387c4-e072-11de-b713-00a0d1ae1104}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a59387c4-e072-11de-b713-00a0d1ae1104}\ not found.
File J:\OblivionLauncher.exe not found.
C:\Users\mm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Repair folder moved successfully.
File C:\ProgramData\34660088.exe not found.
File C:\ProgramData\SuHEcubHqhenx.exe not found.
C:\Users\mm\Desktop\Oblivion\Mods folder moved successfully.
C:\Users\mm\Desktop\Oblivion folder moved successfully.
C:\Users\mm\Desktop\RegSeeker\Languages folder moved successfully.
C:\Users\mm\Desktop\RegSeeker\Backup folder moved successfully.
C:\Users\mm\Desktop\RegSeeker folder moved successfully.
C:\ProgramData\~34660088 moved successfully.
C:\ProgramData\~34660088r moved successfully.
File C:\Users\mm\Desktop\Windows Vista Repair.lnk not found.
C:\ProgramData\34660088 moved successfully.
File C:\ProgramData\34660088.exe not found.
File C:\ProgramData\SuHEcubHqhenx.exe not found.
C:\Users\mm\AppData\Roaming\.# folder moved successfully.
ADS C:\ProgramData\Temp:DAFD38AE deleted successfully.
ADS C:\ProgramData\Temp:7CACEF61 deleted successfully.
ADS C:\ProgramData\Temp:4220A65C deleted successfully.
ADS C:\ProgramData\Temp:798A3728 deleted successfully.
ADS C:\ProgramData\Temp:2634FC95 deleted successfully.
ADS C:\ProgramData\Temp:4CF61E54 deleted successfully.
ADS C:\ProgramData\Temp:A42A9F39 deleted successfully.
ADS C:\ProgramData\Temp:793F316E deleted successfully.
ADS C:\ProgramData\Temp:AB689DEA deleted successfully.
ADS C:\ProgramData\Temp:05113FB9 deleted successfully.
ADS C:\ProgramData\Temp:4D066AD2 deleted successfully.
ADS C:\ProgramData\Temp:73933431 deleted successfully.
ADS C:\ProgramData\Temp:5D7E5A8F deleted successfully.
ADS C:\ProgramData\Temp:F65733F1 deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.24.1 log created on 06292011_002941

cosinus 29.06.2011 09:14
Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - also beide Haken setzen, auf Start scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

http://www.trojaner-board.de/attachm...rnen-start.png


Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

WolleCW 29.06.2011 14:52
2011/06/29 15:49:12.0719 4780 TDSS rootkit removing tool 2.5.8.0 Jun 28 2011 19:12:16
2011/06/29 15:49:13.0002 4780 ================================================================================
2011/06/29 15:49:13.0002 4780 SystemInfo:
2011/06/29 15:49:13.0002 4780
2011/06/29 15:49:13.0002 4780 OS Version: 6.0.6002 ServicePack: 2.0
2011/06/29 15:49:13.0002 4780 Product type: Workstation
2011/06/29 15:49:13.0002 4780 ComputerName: CHRISINFERNO
2011/06/29 15:49:13.0002 4780 UserName: mm
2011/06/29 15:49:13.0003 4780 Windows directory: C:\Windows
2011/06/29 15:49:13.0003 4780 System windows directory: C:\Windows
2011/06/29 15:49:13.0003 4780 Processor architecture: Intel x86
2011/06/29 15:49:13.0003 4780 Number of processors: 2
2011/06/29 15:49:13.0003 4780 Page size: 0x1000
2011/06/29 15:49:13.0003 4780 Boot type: Normal boot
2011/06/29 15:49:13.0003 4780 ================================================================================
2011/06/29 15:49:13.0809 4780 Initialize success
2011/06/29 15:49:52.0307 6120 ================================================================================
2011/06/29 15:49:52.0307 6120 Scan started
2011/06/29 15:49:52.0307 6120 Mode: Manual;
2011/06/29 15:49:52.0307 6120 ================================================================================
2011/06/29 15:49:52.0745 6120 acedrv11 (a6fe70357a68ad1e279cd1012419cce6) C:\Windows\system32\drivers\acedrv11.sys
2011/06/29 15:49:52.0861 6120 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/06/29 15:49:53.0237 6120 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\Windows\system32\drivers\adfs.sys
2011/06/29 15:49:53.0390 6120 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/06/29 15:49:53.0502 6120 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/06/29 15:49:53.0707 6120 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/06/29 15:49:53.0786 6120 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/06/29 15:49:53.0862 6120 AF15BDA (639a9c2dab390769be8fa23854435876) C:\Windows\system32\Drivers\AF15BDA.sys
2011/06/29 15:49:54.0142 6120 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\Windows\system32\drivers\Afc.sys
2011/06/29 15:49:54.0288 6120 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
2011/06/29 15:49:54.0506 6120 AgereSoftModem (38325c6aa8eae011897d61ce48ec6435) C:\Windows\system32\DRIVERS\AGRSM.sys
2011/06/29 15:49:54.0695 6120 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/06/29 15:49:54.0756 6120 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/06/29 15:49:54.0839 6120 AlfaFF (8d59617a9c3dbf4650aa44f4e9215744) C:\Windows\system32\Drivers\AlfaFF.sys
2011/06/29 15:49:54.0876 6120 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/06/29 15:49:54.0899 6120 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/06/29 15:49:54.0935 6120 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/06/29 15:49:54.0972 6120 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/06/29 15:49:55.0019 6120 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2011/06/29 15:49:55.0232 6120 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/06/29 15:49:55.0332 6120 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/06/29 15:49:55.0439 6120 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/06/29 15:49:55.0479 6120 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
2011/06/29 15:49:55.0612 6120 atksgt (3c4b9850a2631c2263507400d029057b) C:\Windows\system32\DRIVERS\atksgt.sys
2011/06/29 15:49:55.0721 6120 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/06/29 15:49:55.0836 6120 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/06/29 15:49:55.0911 6120 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys
2011/06/29 15:49:56.0014 6120 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/06/29 15:49:56.0084 6120 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/06/29 15:49:56.0147 6120 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
2011/06/29 15:49:56.0251 6120 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/06/29 15:49:56.0281 6120 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/06/29 15:49:56.0341 6120 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/06/29 15:49:56.0368 6120 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/06/29 15:49:56.0402 6120 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/06/29 15:49:56.0449 6120 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/06/29 15:49:56.0618 6120 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/06/29 15:49:56.0688 6120 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/06/29 15:49:56.0739 6120 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
2011/06/29 15:49:56.0818 6120 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys
2011/06/29 15:49:56.0945 6120 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys
2011/06/29 15:49:57.0062 6120 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/06/29 15:49:57.0155 6120 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/06/29 15:49:57.0241 6120 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
2011/06/29 15:49:57.0310 6120 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/06/29 15:49:57.0546 6120 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/06/29 15:49:57.0583 6120 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/06/29 15:49:57.0624 6120 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/06/29 15:49:57.0649 6120 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/06/29 15:49:57.0692 6120 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/06/29 15:49:57.0771 6120 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\Windows\system32\DRIVERS\CVirtA.sys
2011/06/29 15:49:57.0944 6120 CVPNDRVA (c23025ac5ae45a105d63bd6e2408edd4) C:\Windows\system32\Drivers\CVPNDRVA.sys
2011/06/29 15:49:58.0235 6120 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
2011/06/29 15:49:58.0376 6120 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/06/29 15:49:58.0831 6120 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
2011/06/29 15:49:58.0919 6120 DNE (b5aa5aa5ac327bd7c1aec0c58f0c1144) C:\Windows\system32\DRIVERS\dne2000.sys
2011/06/29 15:49:59.0000 6120 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys
2011/06/29 15:49:59.0104 6120 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/06/29 15:49:59.0178 6120 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/06/29 15:49:59.0230 6120 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/06/29 15:49:59.0302 6120 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/06/29 15:49:59.0427 6120 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/06/29 15:49:59.0522 6120 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/06/29 15:49:59.0636 6120 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/06/29 15:49:59.0790 6120 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/06/29 15:49:59.0834 6120 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/06/29 15:49:59.0903 6120 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/06/29 15:49:59.0927 6120 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/06/29 15:49:59.0986 6120 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/06/29 15:50:00.0052 6120 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/06/29 15:50:00.0121 6120 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/06/29 15:50:00.0151 6120 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/06/29 15:50:00.0301 6120 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
2011/06/29 15:50:00.0356 6120 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/06/29 15:50:00.0413 6120 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/06/29 15:50:00.0498 6120 HH10Help.sys (d1c92d1e1620da2e22e3f483a73729d7) C:\Windows\system32\drivers\HH10Help.sys
2011/06/29 15:50:00.0542 6120 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/06/29 15:50:00.0579 6120 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys
2011/06/29 15:50:00.0626 6120 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/06/29 15:50:00.0667 6120 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/06/29 15:50:00.0715 6120 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2011/06/29 15:50:00.0743 6120 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/06/29 15:50:00.0787 6120 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/06/29 15:50:00.0868 6120 iaStor (707c1692214b1c290271067197f075f6) C:\Windows\system32\DRIVERS\iaStor.sys
2011/06/29 15:50:00.0906 6120 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/06/29 15:50:01.0009 6120 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/06/29 15:50:01.0046 6120 int15 (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\Windows\system32\drivers\int15.sys
2011/06/29 15:50:01.0113 6120 IntcAzAudAddService (219ca9a36d6de2ec04f958c907673436) C:\Windows\system32\drivers\RTKVHDA.sys
2011/06/29 15:50:01.0163 6120 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/06/29 15:50:01.0239 6120 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/06/29 15:50:01.0273 6120 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/06/29 15:50:01.0333 6120 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/06/29 15:50:01.0367 6120 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/06/29 15:50:01.0393 6120 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/06/29 15:50:01.0425 6120 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/06/29 15:50:01.0463 6120 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/06/29 15:50:01.0488 6120 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/06/29 15:50:01.0531 6120 itecir (8bcd857c7932ad005d5f9c89329da2e1) C:\Windows\system32\DRIVERS\itecir.sys
2011/06/29 15:50:01.0559 6120 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/06/29 15:50:01.0610 6120 JMCR (7e6a3e1cd74e8c97eed06670d2a691da) C:\Windows\system32\DRIVERS\jmcr.sys
2011/06/29 15:50:01.0646 6120 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/06/29 15:50:01.0690 6120 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/06/29 15:50:01.0757 6120 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/06/29 15:50:01.0823 6120 L1E (24abddeb766c8459f9d562eb083b6cb8) C:\Windows\system32\DRIVERS\L1E60x86.sys
2011/06/29 15:50:01.0897 6120 lirsgt (4127e8b6ddb4090e815c1f8852c277d3) C:\Windows\system32\DRIVERS\lirsgt.sys
2011/06/29 15:50:01.0944 6120 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/06/29 15:50:02.0226 6120 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/06/29 15:50:02.0260 6120 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/06/29 15:50:02.0298 6120 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/06/29 15:50:02.0327 6120 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/06/29 15:50:02.0421 6120 MBAMProtector (3d2c13377763eeac0ca6fb46f57217ed) C:\Windows\system32\drivers\mbam.sys
2011/06/29 15:50:02.0470 6120 MBAMSwissArmy (b309912717c29fc67e1ba4730a82b6dd) C:\Windows\system32\drivers\mbamswissarmy.sys
2011/06/29 15:50:02.0530 6120 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/06/29 15:50:02.0576 6120 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/06/29 15:50:02.0641 6120 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/06/29 15:50:02.0666 6120 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/06/29 15:50:02.0695 6120 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/06/29 15:50:02.0798 6120 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/06/29 15:50:02.0834 6120 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/06/29 15:50:02.0875 6120 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/06/29 15:50:02.0906 6120 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/06/29 15:50:02.0954 6120 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/06/29 15:50:03.0010 6120 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/06/29 15:50:03.0227 6120 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/06/29 15:50:03.0273 6120 mrxsmb10 (d4a3c7c580c4ccb5c06f2ada933ad507) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/06/29 15:50:03.0326 6120 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/06/29 15:50:03.0431 6120 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2011/06/29 15:50:03.0462 6120 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/06/29 15:50:03.0506 6120 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/06/29 15:50:03.0548 6120 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/06/29 15:50:03.0592 6120 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/06/29 15:50:03.0618 6120 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/06/29 15:50:03.0637 6120 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/06/29 15:50:03.0687 6120 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/06/29 15:50:03.0764 6120 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/06/29 15:50:03.0828 6120 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/06/29 15:50:03.0896 6120 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/06/29 15:50:04.0058 6120 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/06/29 15:50:04.0309 6120 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/06/29 15:50:04.0363 6120 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/06/29 15:50:04.0393 6120 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/06/29 15:50:04.0459 6120 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/06/29 15:50:04.0501 6120 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/06/29 15:50:04.0525 6120 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/06/29 15:50:04.0595 6120 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/06/29 15:50:04.0691 6120 netr28u (b13cd27ca82d94e8e7f5e75022569e8d) C:\Windows\system32\DRIVERS\netr28u.sys
2011/06/29 15:50:04.0815 6120 NETw5v32 (e559ea9138c77b5d1fda8c558764a25f) C:\Windows\system32\DRIVERS\NETw5v32.sys
2011/06/29 15:50:05.0026 6120 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/06/29 15:50:05.0308 6120 nmwcd (c3963d85b721a7f80d8a55f4e2867a3a) C:\Windows\system32\drivers\ccdcmb.sys
2011/06/29 15:50:05.0355 6120 nmwcdc (3859c69a77793180548802dac9f34a38) C:\Windows\system32\drivers\ccdcmbo.sys
2011/06/29 15:50:05.0405 6120 nmwcdnsu (338f83ee9cb9e15eeacf0cbb90218cbf) C:\Windows\system32\drivers\nmwcdnsu.sys
2011/06/29 15:50:05.0440 6120 nmwcdnsuc (d15bac979144fb69ed28f97b2dd84d48) C:\Windows\system32\drivers\nmwcdnsuc.sys
2011/06/29 15:50:05.0485 6120 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/06/29 15:50:05.0536 6120 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/06/29 15:50:05.0602 6120 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/06/29 15:50:05.0759 6120 NTIDrvr (2757d2ba59aee155209e24942ab127c9) C:\Windows\system32\DRIVERS\NTIDrvr.sys
2011/06/29 15:50:06.0062 6120 NTIPPKernel (547bfa3591c70674b0bfc99354ab78b3) C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys
2011/06/29 15:50:06.0191 6120 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/06/29 15:50:06.0270 6120 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/06/29 15:50:06.0312 6120 NVHDA (723931a765e8cddf7ffcb42f5a72ce79) C:\Windows\system32\drivers\nvhda32v.sys
2011/06/29 15:50:06.0538 6120 nvlddmkm (8c5e88d74712dc6b6208e627f80bad1b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/06/29 15:50:06.0734 6120 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/06/29 15:50:06.0897 6120 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/06/29 15:50:07.0019 6120 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/06/29 15:50:07.0130 6120 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
2011/06/29 15:50:07.0189 6120 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/06/29 15:50:07.0246 6120 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/06/29 15:50:07.0275 6120 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/06/29 15:50:07.0423 6120 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2011/06/29 15:50:07.0478 6120 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/06/29 15:50:07.0529 6120 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2011/06/29 15:50:07.0585 6120 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/06/29 15:50:07.0652 6120 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/06/29 15:50:08.0050 6120 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/06/29 15:50:08.0369 6120 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2011/06/29 15:50:08.0493 6120 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/06/29 15:50:08.0681 6120 PSDFilter (628321c8dd76ad369b362b202e655a68) C:\Windows\system32\DRIVERS\psdfilter.sys
2011/06/29 15:50:08.0810 6120 PSDNServ (79d7117e62709c7690cf3dd55acead37) C:\Windows\system32\DRIVERS\PSDNServ.sys
2011/06/29 15:50:09.0468 6120 psdvdisk (cae5e82827990cf4bd4a49576bde3a43) C:\Windows\system32\DRIVERS\PSDVdisk.sys
2011/06/29 15:50:09.0933 6120 PxHelp20 (d970470f8f39470bdae94d313a1ccdce) C:\Windows\system32\Drivers\PxHelp20.sys
2011/06/29 15:50:10.0531 6120 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/06/29 15:50:10.0678 6120 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/06/29 15:50:11.0168 6120 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/06/29 15:50:11.0494 6120 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/06/29 15:50:11.0594 6120 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/06/29 15:50:11.0801 6120 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/06/29 15:50:12.0230 6120 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/06/29 15:50:12.0380 6120 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/06/29 15:50:12.0446 6120 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/06/29 15:50:12.0484 6120 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/06/29 15:50:12.0516 6120 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/06/29 15:50:12.0581 6120 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/06/29 15:50:12.0707 6120 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/06/29 15:50:12.0823 6120 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/06/29 15:50:12.0987 6120 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2011/06/29 15:50:13.0002 6120 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2011/06/29 15:50:13.0190 6120 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/06/29 15:50:13.0312 6120 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/06/29 15:50:13.0376 6120 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/06/29 15:50:13.0405 6120 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/06/29 15:50:13.0436 6120 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/06/29 15:50:13.0506 6120 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/06/29 15:50:13.0529 6120 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/06/29 15:50:13.0562 6120 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/06/29 15:50:13.0592 6120 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/06/29 15:50:13.0640 6120 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/06/29 15:50:13.0693 6120 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/06/29 15:50:13.0745 6120 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/06/29 15:50:13.0820 6120 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/06/29 15:50:13.0872 6120 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/06/29 15:50:13.0931 6120 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
2011/06/29 15:50:14.0237 6120 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
2011/06/29 15:50:14.0611 6120 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
2011/06/29 15:50:14.0771 6120 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/06/29 15:50:15.0249 6120 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/06/29 15:50:15.0358 6120 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/06/29 15:50:15.0630 6120 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/06/29 15:50:15.0813 6120 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/06/29 15:50:15.0913 6120 SynTP (93d33a3a0a4516584a1394c7821bae2e) C:\Windows\system32\DRIVERS\SynTP.sys
2011/06/29 15:50:16.0348 6120 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2011/06/29 15:50:16.0637 6120 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2011/06/29 15:50:17.0057 6120 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/06/29 15:50:17.0384 6120 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/06/29 15:50:17.0470 6120 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/06/29 15:50:17.0686 6120 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/06/29 15:50:17.0790 6120 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/06/29 15:50:18.0010 6120 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/06/29 15:50:18.0141 6120 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/06/29 15:50:18.0339 6120 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/06/29 15:50:18.0506 6120 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/06/29 15:50:18.0557 6120 UBHelper (f763e070843ee2803de1395002b42938) C:\Windows\system32\drivers\UBHelper.sys
2011/06/29 15:50:18.0644 6120 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/06/29 15:50:18.0934 6120 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/06/29 15:50:19.0037 6120 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/06/29 15:50:19.0226 6120 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/06/29 15:50:19.0591 6120 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/06/29 15:50:19.0862 6120 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/06/29 15:50:20.0226 6120 upperdev (0ccadc7391021376edbb8aa649d04e68) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
2011/06/29 15:50:20.0498 6120 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/06/29 15:50:20.0760 6120 USBCCID (32c068eaf37c92d7194eee1faa1e7853) C:\Windows\system32\DRIVERS\usbccid.sys
2011/06/29 15:50:20.0882 6120 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/06/29 15:50:21.0101 6120 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/06/29 15:50:21.0347 6120 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/06/29 15:50:21.0479 6120 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/06/29 15:50:21.0601 6120 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/06/29 15:50:21.0794 6120 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/06/29 15:50:22.0106 6120 usbser (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\drivers\usbser.sys
2011/06/29 15:50:22.0817 6120 UsbserFilt (68b4f83cccf70a2ff32ee142c234332a) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
2011/06/29 15:50:23.0262 6120 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/06/29 15:50:23.0660 6120 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/06/29 15:50:24.0225 6120 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2011/06/29 15:50:24.0581 6120 vfs101x (4d45a93a7dd638ca2db0a86fbfbf42d1) C:\Windows\system32\drivers\vfs101x.sys
2011/06/29 15:50:24.0782 6120 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/06/29 15:50:25.0199 6120 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/06/29 15:50:25.0526 6120 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/06/29 15:50:25.0614 6120 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/06/29 15:50:25.0929 6120 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/06/29 15:50:26.0118 6120 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/06/29 15:50:26.0473 6120 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/06/29 15:50:27.0081 6120 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/06/29 15:50:27.0502 6120 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/06/29 15:50:27.0665 6120 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/06/29 15:50:28.0031 6120 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/29 15:50:28.0118 6120 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/29 15:50:28.0509 6120 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/06/29 15:50:29.0026 6120 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/06/29 15:50:29.0218 6120 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/06/29 15:50:29.0573 6120 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/06/29 15:50:29.0784 6120 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/06/29 15:50:30.0112 6120 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/06/29 15:50:30.0284 6120 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (4d840c6af3c020ed3a35efba9025cf4a) C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl
2011/06/29 15:50:30.0519 6120 MBR (0x1B8) (bb9d3a6a13c5010348da7c900bb6af50) \Device\Harddisk0\DR0
2011/06/29 15:50:30.0552 6120 MBR (0x1B8) (05d66244d0cd617610b5b8f6bd2baf5d) \Device\Harddisk1\DR1
2011/06/29 15:50:32.0297 6120 Boot (0x1200) (e745aaddfd1fd4b4ec2a45de3ac39af4) \Device\Harddisk0\DR0\Partition0
2011/06/29 15:50:32.0374 6120 Boot (0x1200) (322da769c141b85215d4dad0693910c7) \Device\Harddisk0\DR0\Partition1
2011/06/29 15:50:32.0737 6120 Boot (0x1200) (51f3f0649e42961cce87488de05e4ee5) \Device\Harddisk0\DR0\Partition2
2011/06/29 15:50:32.0742 6120 ================================================================================
2011/06/29 15:50:32.0743 6120 Scan finished
2011/06/29 15:50:32.0743 6120 ================================================================================
2011/06/29 15:50:32.0756 5892 Detected object count: 0
2011/06/29 15:50:32.0756 5892 Actual detected object count: 0

cosinus 29.06.2011 15:05
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.


Alle Zeitangaben in WEZ +1. Es ist jetzt 06:38 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131