Trojaner-Board - nach Trojanerbefall alle Dateien verschwunden, Screnn schwarz, Fehlermeldungen

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - nach Trojanerbefall alle Dateien verschwunden, Screnn schwarz, Fehlermeldungen (https://www.trojaner-board.de/98524-trojanerbefall-alle-dateien-verschwunden-screnn-schwarz-fehlermeldungen.html)

Combofix Logfile:

Code:

ComboFix 11-05-11.01 - Perner 11.05.2011  20:34:19.1.2 - x86

ausgeführt von:: c:\users\Perner\Desktop\cofi.exe.exe

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files\Acer\Acer Bio Protection\PwdFilter.dll

c:\users\Perner\AppData\Local\llqpuuz.dat

c:\users\Perner\AppData\Local\llqpuuz_nav.dat

c:\users\Perner\AppData\Local\llqpuuz_navps.dat

c:\users\Perner\AppData\Roaming\Desktopicon

c:\users\Perner\AppData\Roaming\Desktopicon\eBay.ico

c:\users\Perner\AppData\Roaming\Desktopicon\uninst.exe

.

.

(((((((((((((((((((((((   Dateien erstellt von 2011-04-11 bis 2011-05-11  ))))))))))))))))))))))))))))))

.

.

2011-05-11 18:52 . 2011-05-11 18:57        --------        d-----w-        c:\users\Perner\AppData\Local\temp

2011-05-11 18:26 . 2011-05-11 18:28        --------        dc----w-        C:\cofi

2011-05-11 08:05 . 2011-04-07 12:01        2409784        ----a-w-        c:\program files\Windows Mail\OESpamFilter.dat

2011-05-10 18:34 . 2011-04-11 07:04        7071056        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{E65A42D0-1B69-4468-B2B4-D60C28C588A8}\mpengine.dll

2011-05-05 19:39 . 2011-05-05 19:39        --------        dc----w-        C:\_OTL

2011-05-03 18:49 . 2011-05-03 18:49        --------        d-----w-        c:\windows\system32\TVUAx

2011-05-01 11:11 . 2011-05-01 11:11        --------        dc----w-        C:\My Music

2011-05-01 03:23 . 2011-05-01 03:23        --------        d-----w-        c:\users\Perner\AppData\Local\Apple_Inc

2011-04-29 15:19 . 2011-04-29 15:19        --------        d-----w-        c:\program files\ERUNT

2011-04-29 14:45 . 2011-04-29 14:45        --------        d-----w-        c:\users\Perner\AppData\Roaming\Malwarebytes

2011-04-29 14:45 . 2010-12-20 16:09        38224        ----a-w-        c:\windows\system32\drivers\mbamswissarmy.sys

2011-04-29 14:45 . 2011-04-29 14:45        --------        d-----w-        c:\programdata\Malwarebytes

2011-04-29 14:45 . 2010-12-20 16:08        20952        ----a-w-        c:\windows\system32\drivers\mbam.sys

2011-04-28 16:19 . 2011-04-28 16:19        49664        ----a-w-        c:\program files\Internet Explorer\JSProfilerCore.dll

2011-04-27 22:39 . 2011-04-27 22:40        --------        d-----w-        c:\program files\STOPzilla!

2011-04-27 22:39 . 2011-04-27 22:39        --------        d-----w-        c:\program files\Common Files\iS3

2011-04-27 22:39 . 2011-05-11 18:55        --------        d-----w-        c:\programdata\STOPzilla!

2011-04-27 19:20 . 2011-03-03 15:40        28672        ----a-w-        c:\windows\system32\Apphlpdm.dll

2011-04-27 19:20 . 2011-03-03 13:35        4240384        ----a-w-        c:\windows\system32\GameUXLegacyGDFs.dll

2011-04-27 19:19 . 2011-03-12 21:55        876032        ----a-w-        c:\windows\system32\XpsPrint.dll

2011-04-25 16:17 . 2011-04-25 16:17        546256        ----a-r-        c:\windows\system32\SZComp5.dll

2011-04-25 16:17 . 2011-04-25 16:17        22992        ----a-r-        c:\windows\system32\SZIO5.dll

2011-04-25 16:17 . 2011-04-25 16:17        132560        ----a-r-        c:\windows\system32\IS3HTUI5.dll

2011-04-25 16:17 . 2011-04-25 16:17        99792        ----a-r-        c:\windows\system32\IS3Svc5.dll

2011-04-25 16:17 . 2011-04-25 16:17        99792        ----a-r-        c:\windows\system32\IS3Inet5.dll

2011-04-25 16:17 . 2011-04-25 16:17        67024        ----a-r-        c:\windows\system32\IS3Hks5.dll

2011-04-25 16:17 . 2011-04-25 16:17        452048        ----a-r-        c:\windows\system32\SZBase5.dll

2011-04-25 16:17 . 2011-04-25 16:17        398800        ----a-r-        c:\windows\system32\IS3DBA5.dll

2011-04-25 16:17 . 2011-04-25 16:17        28624        ----a-r-        c:\windows\system32\IS3XDat5.dll

2011-04-25 16:17 . 2011-04-25 16:17        738768        ----a-r-        c:\windows\system32\IS3Base5.dll

2011-04-25 16:17 . 2011-04-25 16:17        390608        ----a-r-        c:\windows\system32\IS3UI5.dll

2011-04-25 16:17 . 2011-04-25 16:17        230864        ----a-r-        c:\windows\system32\IS3Win325.dll

2011-04-19 21:15 . 2011-04-19 21:15        --------        d-----w-        c:\windows\system32\Adobe

2011-04-15 18:58 . 2011-02-16 14:02        292864        ----a-w-        c:\windows\system32\atmfd.dll

2011-04-15 18:58 . 2011-02-16 16:16        34304        ----a-w-        c:\windows\system32\atmlib.dll

2011-04-15 18:56 . 2011-03-03 15:42        739328        ----a-w-        c:\windows\system32\inetcomm.dll

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-03-17 19:21 . 2009-07-17 21:07        137656        ----a-w-        c:\windows\system32\drivers\avipbb.sys

2011-03-03 15:40 . 2011-04-27 19:20        173056        ----a-w-        c:\windows\apppatch\AcXtrnal.dll

2011-03-03 15:40 . 2011-04-27 19:20        542720        ----a-w-        c:\windows\apppatch\AcLayers.dll

2011-03-03 15:40 . 2011-04-27 19:20        458752        ----a-w-        c:\windows\apppatch\AcSpecfc.dll

2011-03-03 15:40 . 2011-04-27 19:20        2159616        ----a-w-        c:\windows\apppatch\AcGenral.dll

2011-02-22 14:13 . 2011-03-23 16:09        288768        ----a-w-        c:\windows\system32\XpsGdiConverter.dll

2011-02-22 13:33 . 2011-03-23 16:09        1068544        ----a-w-        c:\windows\system32\DWrite.dll

2011-02-22 13:33 . 2011-03-23 16:09        797696        ----a-w-        c:\windows\system32\FntCache.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

2009-06-04 17:04        1144712        ----a-w-        c:\program files\Ask.com\GenericAskToolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-06-04 1144712]

.

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]

[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-06-04 1144712]

.

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]

[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2008-03-04 22:38        121392        ----a-w-        c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-04 1037608]

"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-03-11 397312]

"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896]

"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-03-07 544768]

"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-02-25 34040]

"RtHDVCpl"="RtHDVCpl.exe" [2008-03-11 5296128]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]

"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-10-03 178712]

"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]

"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-04-28 809480]

"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-09-07 152872]

"WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104]

"Skytel"="Skytel.exe" [2007-11-20 1826816]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-10-08 47904]

"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2009-05-21 173288]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-01-25 421160]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]

"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2009-09-07 206120]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-01-22 40368]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000]

2008-07-15 13:28        3024896        ----a-w-        c:\program files\Acer\Acer Bio Protection\WinNotify.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk

backup=c:\windows\pss\Acer VCM.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^Users^Perner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk]

path=c:\users\Perner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk

backup=c:\windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup

backupExtension=.Startup

.

[HKLM\~\startupfolder\C:^Users^Perner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]

path=c:\users\Perner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk

backup=c:\windows\pss\OpenOffice.org 3.2.lnk.Startup

backupExtension=.Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2011-01-25 14:08        421160        ----a-w-        c:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]

2010-03-04 13:10        2192672        ----a-w-        c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]

2009-05-21 13:42        173288        ------w-        c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]

2010-06-24 14:41        247144        ----a-w-        c:\program files\TomTom HOME 2\TomTomHOMERunner.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

"AntiVirusOverride"=dword:00000001

.

R0 is3srv;is3srv;c:\windows\system32\drivers\is3srv.sys [2009-12-07 61328]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 gupdate1ca2816452f5999;Google Update Service (gupdate1ca2816452f5999);c:\program files\Google\Update\GoogleUpdate.exe [2009-08-28 133104]

R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-08-28 133104]

R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-04-11 84240]

R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

S0 AlfaFF;AlfaFF File System mini-filter;c:\windows\system32\Drivers\AlfaFF.sys [2008-07-15 43184]

S0 szkg5;szkg5;c:\windows\system32\DRIVERS\szkg.sys [2009-12-07 61328]

S0 szkgfs;szkgfs;c:\windows\system32\drivers\szkgfs.sys [2010-05-12 59280]

S1 ui11rdr;ui11rdr;c:\windows\system32\DRIVERS\ui11rdr.sys [2010-11-12 144384]

S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};Power Control [2011/01/10 13:10];c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [2009-09-11 16:43 87536]

S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-04-27 136360]

S2 AvskeyService;AVSKey-Lock;d:\mp\AVSKey-Lock\AVSKey.exe [2007-11-05 4641634]

S2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-02-25 21752]

S2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2009-04-16 75048]

S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]

S2 IGBASVC;iGroupTec Service;c:\program files\Acer\Acer Bio Protection\BASVC.exe [2008-07-15 3474432]

S2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-02-25 49152]

S2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368]

S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-02-25 131072]

S2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [2008-01-10 233472]

S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2010-06-24 92008]

S2 vfsFPService;Validity Fingerprint Service;c:\windows\system32\vfsFPService.exe [2008-04-22 599344]

S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2007-12-18 54784]

S3 vfs101x;vfs101x;c:\windows\system32\drivers\vfs101x.sys [2008-04-22 40752]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs        REG_MULTI_SZ           BthServ

LocalServiceAndNoImpersonation        REG_MULTI_SZ           FontCache

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]

2011-04-28 16:19        114176        ----a-w-        c:\windows\System32\advpack.dll

.

Inhalt des "geplante Tasks" Ordners

.

2011-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-28 19:32]

.

2011-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-28 19:32]

.

2011-05-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2051833895-3156580812-787731633-1000Core.job

- c:\users\Perner\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-27 18:07]

.

2011-05-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2051833895-3156580812-787731633-1000UA.job

- c:\users\Perner\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-27 18:07]

.

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://de.yahoo.com/?fr=fp-yie9

mStart Page = hxxp://de.intl.acer.yahoo.com

uInternet Settings,ProxyOverride = *.local

IE: &FreeRIP Search - c:\program files\FreeRIP3\Toolband.dll/MENUSEARCH.HTM

IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html

IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

Toolbar-{081230F8-EA50-42A9-983C-D22ABC2EED3B} - (no file)

HKLM-Run-eRecoveryService - (no file)

MSConfigStartUp-mcagent_exe - c:\program files\McAfee.com\Agent\mcagent.exe

MSConfigStartUp-NokiaOviSuite2 - c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe

AddRemove-eBay Icon - c:\users\Perner\AppData\Roaming\Desktopicon\uninst.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2011-05-11 20:57

Windows 6.0.6002 Service Pack 2 NTFS

.

Scanne versteckte Prozesse... 

.

Scanne versteckte Autostarteinträge... 

.

Scanne versteckte Dateien... 

.

Scan erfolgreich abgeschlossen

versteckte Dateien: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]

"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

.

- - - - - - - > 'Explorer.exe'(2636)

c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll

c:\windows\system32\btncopy.dll

c:\windows\System32\ui11np.dll

.

------------------------ Weitere laufende Prozesse ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\program files\Common Files\iS3\Anti-Spyware\SZServer.exe

c:\windows\system32\Ati2evxx.exe

c:\program files\Acer\Acer Bio Protection\CompPtcVUI.exe

c:\windows\system32\agrsmsvc.exe

c:\program files\Avira\AntiVir Desktop\avguard.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Avira\AntiVir Desktop\avshadow.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe

c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\acer\Mobility Center\MobilityService.exe

c:\program files\Cyberlink\Shared files\RichVideo.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\windows\system32\wbem\unsecapp.exe

c:\windows\system32\conime.exe

c:\program files\STOPzilla!\STOPzilla.exe

c:\windows\system32\wbem\unsecapp.exe

c:\program files\Windows Media Player\wmpnetwk.exe

.

**************************************************************************

.

Zeit der Fertigstellung: 2011-05-11  21:05:20 - PC wurde neu gestartet

ComboFix-quarantined-files.txt  2011-05-11 19:05

.

Vor Suchlauf: 18 Verzeichnis(se), 54.319.824.896 Bytes frei

Nach Suchlauf: 21 Verzeichnis(se), 60.913.733.632 Bytes frei

.

- - End Of File - - 2CE3518801DFD830C66C6D22321B590C

--- --- ---

Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.

Doppelklick auf die MBRCheck.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Das Tool braucht nur wenige Sekunden.
Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.

Poste mir bitte den Inhalt des .txt Dokumentes

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: Acer
BIOS Manufacturer: Acer
System Manufacturer: Acer
System Product Name: Aspire 6920
Logical Drives Mask: 0x0000002c

Kernel Drivers (total 165):
0x8264C000 \SystemRoot\system32\ntkrnlpa.exe
0x82619000 \SystemRoot\system32\hal.dll
0x80408000 \SystemRoot\system32\kdcom.dll
0x8040F000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x8047F000 \SystemRoot\system32\PSHED.dll
0x80490000 \SystemRoot\system32\BOOTVID.dll
0x80498000 \SystemRoot\system32\CLFS.SYS
0x804D9000 \SystemRoot\system32\CI.dll
0x805B9000 \SystemRoot\system32\DRIVERS\szkg.sys
0x805C7000 \SystemRoot\system32\drivers\szkgfs.sys
0x8060D000 \SystemRoot\system32\drivers\Wdf01000.sys
0x8067E000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8068C000 \SystemRoot\system32\drivers\acpi.sys
0x806D2000 \SystemRoot\system32\drivers\WMILIB.SYS
0x806DB000 \SystemRoot\system32\drivers\msisadrv.sys
0x806E3000 \SystemRoot\system32\drivers\pci.sys
0x8070A000 \SystemRoot\System32\drivers\partmgr.sys
0x80719000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x8071C000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x80726000 \SystemRoot\system32\drivers\volmgr.sys
0x80735000 \SystemRoot\System32\drivers\volmgrx.sys
0x8077F000 \SystemRoot\system32\drivers\intelide.sys
0x80786000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x80794000 \SystemRoot\System32\drivers\mountmgr.sys
0x807A4000 \SystemRoot\System32\Drivers\UBHelper.sys
0x8A407000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x8A4CF000 \SystemRoot\system32\drivers\atapi.sys
0x8A4D7000 \SystemRoot\system32\drivers\ataport.SYS
0x8A4F5000 \SystemRoot\system32\drivers\msahci.sys
0x8A4FF000 \SystemRoot\system32\drivers\fltmgr.sys
0x8A531000 \SystemRoot\system32\drivers\fileinfo.sys
0x8A541000 \SystemRoot\system32\DRIVERS\psdfilter.sys
0x8A54A000 \SystemRoot\system32\Drivers\AlfaFF.sys
0x8A553000 \SystemRoot\system32\Drivers\ksecdd.sys
0x8A609000 \SystemRoot\system32\drivers\ndis.sys
0x8A714000 \SystemRoot\system32\drivers\msrpc.sys
0x8A73F000 \SystemRoot\system32\drivers\NETIO.SYS
0x8A806000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8A916000 \SystemRoot\system32\drivers\volsnap.sys
0x8A94F000 \SystemRoot\System32\Drivers\spldr.sys
0x8A957000 \SystemRoot\System32\Drivers\mup.sys
0x8A966000 \SystemRoot\System32\drivers\ecache.sys
0x8A98D000 \SystemRoot\system32\drivers\disk.sys
0x8A99E000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x8A9BF000 \SystemRoot\system32\drivers\crcdisk.sys
0x8E8D4000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8E8DF000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x8E8E8000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8E8F7000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8EA05000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x8EED4000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8EF74000 \SystemRoot\System32\drivers\watchdog.sys
0x8E900000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8EF80000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8EF8B000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8EFC9000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8EFD8000 \SystemRoot\system32\DRIVERS\L1E60x86.sys
0x8F204000 \SystemRoot\system32\DRIVERS\NETw4v32.sys
0x8F47C000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8F480000 \SystemRoot\system32\DRIVERS\itecir.sys
0x8F4D8000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8F4EB000 \SystemRoot\system32\DRIVERS\DKbFltr.sys
0x8F4F5000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8F500000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x8F52F000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x8F531000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8F53C000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8F554000 \SystemRoot\system32\DRIVERS\NTIDrvr.sys
0x8F55C000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x8F562000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x8F591000 \SystemRoot\system32\DRIVERS\storport.sys
0x8F5D2000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8F5DD000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8F5F4000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8E98D000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8EFE9000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8E9B0000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8E9C4000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8E9D9000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8F200000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8A9D5000 \SystemRoot\system32\DRIVERS\ks.sys
0x8E9E9000 \SystemRoot\system32\DRIVERS\circlass.sys
0x8E800000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8A77A000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8A787000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8A7BC000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x807AC000 \SystemRoot\system32\drivers\HdAudio.sys
0x8A7CD000 \SystemRoot\system32\drivers\portcls.sys
0x8A5C4000 \SystemRoot\system32\drivers\drmk.sys
0x90400000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x90206000 \SystemRoot\system32\DRIVERS\AGRSM.sys
0x9032C000 \SystemRoot\system32\drivers\modem.sys
0x90339000 \SystemRoot\system32\DRIVERS\hidir.sys
0x90344000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x90354000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x9035B000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x90364000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x9036C000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x90375000 \SystemRoot\System32\Drivers\Null.SYS
0x9037C000 \SystemRoot\System32\Drivers\Beep.SYS
0x90383000 \SystemRoot\System32\drivers\vga.sys
0x9038F000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x903B0000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x903B8000 \SystemRoot\system32\drivers\rdpencdd.sys
0x903C0000 \SystemRoot\System32\Drivers\Msfs.SYS
0x903CB000 \SystemRoot\System32\Drivers\Npfs.SYS
0x903D9000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x9080B000 \SystemRoot\System32\drivers\tcpip.sys
0x908F5000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x90910000 \SystemRoot\system32\DRIVERS\tdx.sys
0x90926000 \SystemRoot\system32\DRIVERS\smb.sys
0x9093A000 \SystemRoot\system32\drivers\afd.sys
0x90982000 \SystemRoot\System32\DRIVERS\netbt.sys
0x909B4000 \SystemRoot\system32\DRIVERS\pacer.sys
0x909CA000 \SystemRoot\system32\DRIVERS\netbios.sys
0x909D8000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x805D4000 \SystemRoot\System32\DRIVERS\ui11rdr.sys
0x909EB000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0x90C0B000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x90C47000 \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys
0x90C4B000 \SystemRoot\system32\drivers\nsiproxy.sys
0x90C55000 \SystemRoot\System32\Drivers\dfsc.sys
0x90C6C000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x90C92000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x90C9B000 \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys
0x90C9D000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x90CB4000 \SystemRoot\System32\Drivers\usbvideo.sys
0x90CD5000 \SystemRoot\system32\drivers\vfs101x.sys
0x90CE2000 \SystemRoot\System32\Drivers\crashdmp.sys
0x90CEF000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x96450000 \SystemRoot\System32\win32k.sys
0x90DB7000 \SystemRoot\System32\drivers\Dxapi.sys
0x90DC1000 \SystemRoot\system32\DRIVERS\monitor.sys
0x96670000 \SystemRoot\System32\TSDDD.dll
0x96690000 \SystemRoot\System32\cdd.dll
0x90DD0000 \SystemRoot\system32\drivers\luafv.sys
0x90DEB000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x8E80A000 \SystemRoot\system32\drivers\spsys.sys
0x903E2000 \SystemRoot\system32\DRIVERS\ipfltdrv.sys
0x8E8BA000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x9E207000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x9E231000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x9E23B000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x9E24E000 \SystemRoot\system32\drivers\HTTP.sys
0x9E2BB000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x9E2D8000 \SystemRoot\system32\DRIVERS\bowser.sys
0x9E2F1000 \SystemRoot\System32\drivers\mpsdrv.sys
0x9E306000 \SystemRoot\system32\drivers\mrxdav.sys
0x9E327000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x9E346000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x9E37F000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x9E397000 \SystemRoot\System32\DRIVERS\srv2.sys
0x9FA0B000 \SystemRoot\System32\DRIVERS\srv.sys
0x9FA5A000 \SystemRoot\system32\DRIVERS\atksgt.sys
0x9FA9D000 \??\C:\Windows\system32\drivers\int15.sys
0x9FAA4000 \SystemRoot\system32\DRIVERS\lirsgt.sys
0x9FAA9000 \??\C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys
0x9FAC7000 \SystemRoot\system32\drivers\peauth.sys
0x9FBA5000 \SystemRoot\system32\DRIVERS\PSDNServ.sys
0x9FBAE000 \SystemRoot\system32\DRIVERS\PSDVdisk.sys
0x9FBC0000 \SystemRoot\System32\Drivers\secdrv.SYS
0x9FBCA000 \SystemRoot\System32\drivers\tcpipreg.sys
0x9E3BF000 \??\C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl
0x9FBD6000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x77060000 \Windows\System32\ntdll.dll

Processes (total 99):
0 System Idle Process
4 System
460 C:\Windows\System32\smss.exe
532 csrss.exe
592 C:\Windows\System32\wininit.exe
604 csrss.exe
636 C:\Windows\System32\services.exe
648 C:\Windows\System32\lsass.exe
656 C:\Windows\System32\lsm.exe
772 C:\Windows\System32\winlogon.exe
848 C:\Windows\System32\svchost.exe
928 C:\Windows\System32\svchost.exe
968 C:\Windows\System32\svchost.exe
1064 C:\Windows\System32\Ati2evxx.exe
1084 C:\Windows\System32\svchost.exe
1136 C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
1192 C:\Windows\System32\svchost.exe
1204 C:\Windows\System32\svchost.exe
1272 C:\Windows\System32\audiodg.exe
1296 C:\Windows\System32\svchost.exe
1320 C:\Windows\System32\SLsvc.exe
1368 C:\Windows\System32\svchost.exe
1428 C:\Windows\System32\Ati2evxx.exe
1492 C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
1544 C:\Windows\System32\vfsFPService.exe
1636 C:\Windows\System32\svchost.exe
1856 C:\Windows\System32\spoolsv.exe
1880 C:\Program Files\Avira\AntiVir Desktop\sched.exe
1900 C:\Windows\System32\svchost.exe
1036 C:\Windows\System32\agrsmsvc.exe
1260 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
1604 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1704 D:\mp\AVSKey-Lock\AVSKey.EXE
1592 C:\Program Files\Bonjour\mDNSResponder.exe
1576 C:\Windows\System32\svchost.exe
304 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
632 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
1376 C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
2056 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
2088 C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
2240 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
2272 C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
2356 C:\Program Files\Common Files\LightScribe\LSSrvc.exe
2392 C:\ACER\Mobility Center\MobilityService.exe
2528 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
2608 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
2720 C:\Windows\System32\dwm.exe
2760 C:\Windows\System32\taskeng.exe
2788 C:\Windows\explorer.exe
2808 C:\Windows\System32\svchost.exe
2836 C:\Program Files\Cyberlink\Shared files\RichVideo.exe
2852 C:\Program Files\Acer\Acer VCM\RS_Service.exe
2876 C:\Windows\System32\taskeng.exe
2904 C:\Windows\System32\svchost.exe
2948 C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
2984 C:\Windows\System32\svchost.exe
3020 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
3132 C:\Windows\System32\SearchIndexer.exe
3412 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
3432 C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
3440 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
3460 C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
3492 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
3508 C:\Windows\RtHDVCpl.exe
3540 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
3560 C:\Windows\PLFSetI.exe
3820 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
1948 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
504 unsecapp.exe
2364 WmiPrvSE.exe
3112 C:\Users\Perner\AppData\Local\temp\RtkBtMnt.exe
3744 C:\Program Files\Launch Manager\LManager.exe
1220 C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
3380 C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
2620 C:\Program Files\iTunes\iTunesHelper.exe
3932 C:\Program Files\Common Files\Java\Java Update\jusched.exe
3852 C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
3068 C:\Windows\ehome\ehtray.exe
3700 C:\Program Files\Windows Media Player\wmpnscfg.exe
2712 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
2632 C:\Program Files\Windows Media Player\wmpnetwk.exe
3312 C:\Windows\ehome\ehmsas.exe
4600 C:\Windows\System32\svchost.exe
4816 C:\Windows\System32\wbem\unsecapp.exe
4920 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
5244 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
5260 C:\Program Files\iPod\bin\iPodService.exe
496 C:\Program Files\7-Zip\7zFM.exe
5256 C:\Windows\System32\wuauclt.exe
5992 C:\Program Files\Internet Explorer\iexplore.exe
5872 C:\Program Files\Internet Explorer\iexplore.exe
5084 C:\Windows\System32\Macromed\Flash\FlashUtil10n_ActiveX.exe
5784 C:\Windows\System32\SearchFilterHost.exe
5016 taskeng.exe
4736 C:\Windows\System32\SearchProtocolHost.exe
728 dllhost.exe
4484 dllhost.exe
4460 C:\Users\Perner\Desktop\MBRCheck.exe
4360 C:\Windows\System32\conime.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`40100000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x0000001f`1c500000 (NTFS)

PhysicalDrive0 Model Number: HitachiHTS542525K9SA00, Rev: BBFOC31P

Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 1BD01CAC429595C1D0CBBF8C10C0B8BA957B5116

Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.

Enter your choice:

Done!

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: Acer
BIOS Manufacturer: Acer
System Manufacturer: Acer
System Product Name: Aspire 6920
Logical Drives Mask: 0x0000002c

Kernel Drivers (total 165):
0x8264C000 \SystemRoot\system32\ntkrnlpa.exe
0x82619000 \SystemRoot\system32\hal.dll
0x80408000 \SystemRoot\system32\kdcom.dll
0x8040F000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x8047F000 \SystemRoot\system32\PSHED.dll
0x80490000 \SystemRoot\system32\BOOTVID.dll
0x80498000 \SystemRoot\system32\CLFS.SYS
0x804D9000 \SystemRoot\system32\CI.dll
0x805B9000 \SystemRoot\system32\DRIVERS\szkg.sys
0x805C7000 \SystemRoot\system32\drivers\szkgfs.sys
0x8060D000 \SystemRoot\system32\drivers\Wdf01000.sys
0x8067E000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8068C000 \SystemRoot\system32\drivers\acpi.sys
0x806D2000 \SystemRoot\system32\drivers\WMILIB.SYS
0x806DB000 \SystemRoot\system32\drivers\msisadrv.sys
0x806E3000 \SystemRoot\system32\drivers\pci.sys
0x8070A000 \SystemRoot\System32\drivers\partmgr.sys
0x80719000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x8071C000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x80726000 \SystemRoot\system32\drivers\volmgr.sys
0x80735000 \SystemRoot\System32\drivers\volmgrx.sys
0x8077F000 \SystemRoot\system32\drivers\intelide.sys
0x80786000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x80794000 \SystemRoot\System32\drivers\mountmgr.sys
0x807A4000 \SystemRoot\System32\Drivers\UBHelper.sys
0x8A407000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x8A4CF000 \SystemRoot\system32\drivers\atapi.sys
0x8A4D7000 \SystemRoot\system32\drivers\ataport.SYS
0x8A4F5000 \SystemRoot\system32\drivers\msahci.sys
0x8A4FF000 \SystemRoot\system32\drivers\fltmgr.sys
0x8A531000 \SystemRoot\system32\drivers\fileinfo.sys
0x8A541000 \SystemRoot\system32\DRIVERS\psdfilter.sys
0x8A54A000 \SystemRoot\system32\Drivers\AlfaFF.sys
0x8A553000 \SystemRoot\system32\Drivers\ksecdd.sys
0x8A609000 \SystemRoot\system32\drivers\ndis.sys
0x8A714000 \SystemRoot\system32\drivers\msrpc.sys
0x8A73F000 \SystemRoot\system32\drivers\NETIO.SYS
0x8A806000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8A916000 \SystemRoot\system32\drivers\volsnap.sys
0x8A94F000 \SystemRoot\System32\Drivers\spldr.sys
0x8A957000 \SystemRoot\System32\Drivers\mup.sys
0x8A966000 \SystemRoot\System32\drivers\ecache.sys
0x8A98D000 \SystemRoot\system32\drivers\disk.sys
0x8A99E000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x8A9BF000 \SystemRoot\system32\drivers\crcdisk.sys
0x8E8D4000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8E8DF000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x8E8E8000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8E8F7000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8EA05000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x8EED4000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8EF74000 \SystemRoot\System32\drivers\watchdog.sys
0x8E900000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8EF80000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8EF8B000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8EFC9000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8EFD8000 \SystemRoot\system32\DRIVERS\L1E60x86.sys
0x8F204000 \SystemRoot\system32\DRIVERS\NETw4v32.sys
0x8F47C000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8F480000 \SystemRoot\system32\DRIVERS\itecir.sys
0x8F4D8000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8F4EB000 \SystemRoot\system32\DRIVERS\DKbFltr.sys
0x8F4F5000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8F500000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x8F52F000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x8F531000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8F53C000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8F554000 \SystemRoot\system32\DRIVERS\NTIDrvr.sys
0x8F55C000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x8F562000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x8F591000 \SystemRoot\system32\DRIVERS\storport.sys
0x8F5D2000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8F5DD000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8F5F4000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8E98D000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8EFE9000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8E9B0000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8E9C4000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8E9D9000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8F200000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8A9D5000 \SystemRoot\system32\DRIVERS\ks.sys
0x8E9E9000 \SystemRoot\system32\DRIVERS\circlass.sys
0x8E800000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8A77A000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8A787000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8A7BC000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x807AC000 \SystemRoot\system32\drivers\HdAudio.sys
0x8A7CD000 \SystemRoot\system32\drivers\portcls.sys
0x8A5C4000 \SystemRoot\system32\drivers\drmk.sys
0x90400000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x90206000 \SystemRoot\system32\DRIVERS\AGRSM.sys
0x9032C000 \SystemRoot\system32\drivers\modem.sys
0x90339000 \SystemRoot\system32\DRIVERS\hidir.sys
0x90344000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x90354000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x9035B000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x90364000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x9036C000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x90375000 \SystemRoot\System32\Drivers\Null.SYS
0x9037C000 \SystemRoot\System32\Drivers\Beep.SYS
0x90383000 \SystemRoot\System32\drivers\vga.sys
0x9038F000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x903B0000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x903B8000 \SystemRoot\system32\drivers\rdpencdd.sys
0x903C0000 \SystemRoot\System32\Drivers\Msfs.SYS
0x903CB000 \SystemRoot\System32\Drivers\Npfs.SYS
0x903D9000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x9080B000 \SystemRoot\System32\drivers\tcpip.sys
0x908F5000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x90910000 \SystemRoot\system32\DRIVERS\tdx.sys
0x90926000 \SystemRoot\system32\DRIVERS\smb.sys
0x9093A000 \SystemRoot\system32\drivers\afd.sys
0x90982000 \SystemRoot\System32\DRIVERS\netbt.sys
0x909B4000 \SystemRoot\system32\DRIVERS\pacer.sys
0x909CA000 \SystemRoot\system32\DRIVERS\netbios.sys
0x909D8000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x805D4000 \SystemRoot\System32\DRIVERS\ui11rdr.sys
0x909EB000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0x90C0B000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x90C47000 \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys
0x90C4B000 \SystemRoot\system32\drivers\nsiproxy.sys
0x90C55000 \SystemRoot\System32\Drivers\dfsc.sys
0x90C6C000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x90C92000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x90C9B000 \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys
0x90C9D000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x90CB4000 \SystemRoot\System32\Drivers\usbvideo.sys
0x90CD5000 \SystemRoot\system32\drivers\vfs101x.sys
0x90CE2000 \SystemRoot\System32\Drivers\crashdmp.sys
0x90CEF000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x96450000 \SystemRoot\System32\win32k.sys
0x90DB7000 \SystemRoot\System32\drivers\Dxapi.sys
0x90DC1000 \SystemRoot\system32\DRIVERS\monitor.sys
0x96670000 \SystemRoot\System32\TSDDD.dll
0x96690000 \SystemRoot\System32\cdd.dll
0x90DD0000 \SystemRoot\system32\drivers\luafv.sys
0x90DEB000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x8E80A000 \SystemRoot\system32\drivers\spsys.sys
0x903E2000 \SystemRoot\system32\DRIVERS\ipfltdrv.sys
0x8E8BA000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x9E207000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x9E231000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x9E23B000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x9E24E000 \SystemRoot\system32\drivers\HTTP.sys
0x9E2BB000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x9E2D8000 \SystemRoot\system32\DRIVERS\bowser.sys
0x9E2F1000 \SystemRoot\System32\drivers\mpsdrv.sys
0x9E306000 \SystemRoot\system32\drivers\mrxdav.sys
0x9E327000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x9E346000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x9E37F000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x9E397000 \SystemRoot\System32\DRIVERS\srv2.sys
0x9FA0B000 \SystemRoot\System32\DRIVERS\srv.sys
0x9FA5A000 \SystemRoot\system32\DRIVERS\atksgt.sys
0x9FA9D000 \??\C:\Windows\system32\drivers\int15.sys
0x9FAA4000 \SystemRoot\system32\DRIVERS\lirsgt.sys
0x9FAA9000 \??\C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys
0x9FAC7000 \SystemRoot\system32\drivers\peauth.sys
0x9FBA5000 \SystemRoot\system32\DRIVERS\PSDNServ.sys
0x9FBAE000 \SystemRoot\system32\DRIVERS\PSDVdisk.sys
0x9FBC0000 \SystemRoot\System32\Drivers\secdrv.SYS
0x9FBCA000 \SystemRoot\System32\drivers\tcpipreg.sys
0x9E3BF000 \??\C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl
0x9FBD6000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x77060000 \Windows\System32\ntdll.dll

Processes (total 99):
0 System Idle Process
4 System
460 C:\Windows\System32\smss.exe
532 csrss.exe
592 C:\Windows\System32\wininit.exe
604 csrss.exe
636 C:\Windows\System32\services.exe
648 C:\Windows\System32\lsass.exe
656 C:\Windows\System32\lsm.exe
772 C:\Windows\System32\winlogon.exe
848 C:\Windows\System32\svchost.exe
928 C:\Windows\System32\svchost.exe
968 C:\Windows\System32\svchost.exe
1064 C:\Windows\System32\Ati2evxx.exe
1084 C:\Windows\System32\svchost.exe
1136 C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
1192 C:\Windows\System32\svchost.exe
1204 C:\Windows\System32\svchost.exe
1272 C:\Windows\System32\audiodg.exe
1296 C:\Windows\System32\svchost.exe
1320 C:\Windows\System32\SLsvc.exe
1368 C:\Windows\System32\svchost.exe
1428 C:\Windows\System32\Ati2evxx.exe
1492 C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
1544 C:\Windows\System32\vfsFPService.exe
1636 C:\Windows\System32\svchost.exe
1856 C:\Windows\System32\spoolsv.exe
1880 C:\Program Files\Avira\AntiVir Desktop\sched.exe
1900 C:\Windows\System32\svchost.exe
1036 C:\Windows\System32\agrsmsvc.exe
1260 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
1604 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1704 D:\mp\AVSKey-Lock\AVSKey.EXE
1592 C:\Program Files\Bonjour\mDNSResponder.exe
1576 C:\Windows\System32\svchost.exe
304 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
632 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
1376 C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
2056 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
2088 C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
2240 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
2272 C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
2356 C:\Program Files\Common Files\LightScribe\LSSrvc.exe
2392 C:\ACER\Mobility Center\MobilityService.exe
2528 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
2608 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
2720 C:\Windows\System32\dwm.exe
2760 C:\Windows\System32\taskeng.exe
2788 C:\Windows\explorer.exe
2808 C:\Windows\System32\svchost.exe
2836 C:\Program Files\Cyberlink\Shared files\RichVideo.exe
2852 C:\Program Files\Acer\Acer VCM\RS_Service.exe
2876 C:\Windows\System32\taskeng.exe
2904 C:\Windows\System32\svchost.exe
2948 C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
2984 C:\Windows\System32\svchost.exe
3020 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
3132 C:\Windows\System32\SearchIndexer.exe
3412 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
3432 C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
3440 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
3460 C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
3492 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
3508 C:\Windows\RtHDVCpl.exe
3540 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
3560 C:\Windows\PLFSetI.exe
3820 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
1948 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
504 unsecapp.exe
2364 WmiPrvSE.exe
3112 C:\Users\Perner\AppData\Local\temp\RtkBtMnt.exe
3744 C:\Program Files\Launch Manager\LManager.exe
1220 C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
3380 C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
2620 C:\Program Files\iTunes\iTunesHelper.exe
3932 C:\Program Files\Common Files\Java\Java Update\jusched.exe
3852 C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
3068 C:\Windows\ehome\ehtray.exe
3700 C:\Program Files\Windows Media Player\wmpnscfg.exe
2712 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
2632 C:\Program Files\Windows Media Player\wmpnetwk.exe
3312 C:\Windows\ehome\ehmsas.exe
4600 C:\Windows\System32\svchost.exe
4816 C:\Windows\System32\wbem\unsecapp.exe
4920 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
5244 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
5260 C:\Program Files\iPod\bin\iPodService.exe
496 C:\Program Files\7-Zip\7zFM.exe
5256 C:\Windows\System32\wuauclt.exe
5992 C:\Program Files\Internet Explorer\iexplore.exe
5872 C:\Program Files\Internet Explorer\iexplore.exe
5084 C:\Windows\System32\Macromed\Flash\FlashUtil10n_ActiveX.exe
5784 C:\Windows\System32\SearchFilterHost.exe
5016 taskeng.exe
4736 C:\Windows\System32\SearchProtocolHost.exe
728 dllhost.exe
4484 dllhost.exe
4460 C:\Users\Perner\Desktop\MBRCheck.exe
4360 C:\Windows\System32\conime.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`40100000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x0000001f`1c500000 (NTFS)

PhysicalDrive0 Model Number: HitachiHTS542525K9SA00, Rev: BBFOC31P

Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 1BD01CAC429595C1D0CBBF8C10C0B8BA957B5116

Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.

Enter your choice:

Done!

Wieso 2x mbrcheck?
Was ist mit den anderen Logs?

entschuldige, habe ich nicht mit absicht so gepostet. das gmer stürtze jedesmal ab sodass ich den pc neu starten musste.

OSAM Logfile:

Code:

Report of OSAM: Autorun Manager v5.0.11926.0

Online Solutions. Complex Protection for Information Systems

Saved at 12:29:13 on 16.05.2011
 

OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit

Default Browser: Microsoft Corporation Internet Explorer 9.00.8112.16421
 

Scanner Settings

[x] Rootkits detection (hidden registry)

[x] Rootkits detection (hidden files)

[x] Retrieve files information

[x] Check Microsoft signatures
 

Filters

[ ] Trusted entries

[ ] Empty entries

[x] Hidden registry entries (rootkit activity)

[x] Exclusively opened files

[x] Not found files

[x] Files without detailed information

[x] Existing files

[ ] Non-startable services

[ ] Non-startable drivers

[x] Active entries

[x] Disabled entries
 
 

[Common]

-----( %SystemRoot%\Tasks )-----

"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

"GoogleUpdateTaskUserS-1-5-21-2051833895-3156580812-787731633-1000Core.job" - "Google Inc." - C:\Users\Perner\AppData\Local\Google\Update\GoogleUpdate.exe

"GoogleUpdateTaskUserS-1-5-21-2051833895-3156580812-787731633-1000UA.job" - "Google Inc." - C:\Users\Perner\AppData\Local\Google\Update\GoogleUpdate.exe
 

[Control Panel Objects]

-----( %SystemRoot%\system32 )-----

"DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl

"ISUSPM.cpl" - "Macrovision Corporation" - C:\Windows\system32\ISUSPM.cpl

"PhysX.cpl" - "NVIDIA Corporation" - C:\Windows\system32\PhysX.cpl

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----

"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl
 

[Drivers]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

"AlfaFF File System mini-filter" (AlfaFF) - "Alfa Corporation" - C:\Windows\System32\Drivers\AlfaFF.sys

"atksgt" (atksgt) - ? - C:\Windows\System32\DRIVERS\atksgt.sys  (File found, but it contains no detailed information)

"avgio" (avgio) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avgio.sys

"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys

"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys

"Dritek General Port I/O" (DritekPortIO) - "Dritek System Inc." - C:\PROGRA~1\LAUNCH~1\DPortIO.sys

"int15" (int15) - "Acer, Inc." - C:\Windows\system32\drivers\int15.sys

"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)

"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)

"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)

"is3srv" (is3srv) - "iS3 Inc." - C:\Windows\System32\drivers\is3srv.sys

"lirsgt" (lirsgt) - ? - C:\Windows\System32\DRIVERS\lirsgt.sys  (File found, but it contains no detailed information)

"Nokia USB Generic" (nmwcdc) - ? - C:\Windows\System32\drivers\ccdcmbo.sys  (File not found)

"Nokia USB Phone Parent" (nmwcd) - ? - C:\Windows\System32\drivers\ccdcmb.sys  (File not found)

"NTIPPKernel" (NTIPPKernel) - "Cyberlink Corp." - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys

"PSDFilter" (PSDFilter) - "Egis Incorporated" - C:\Windows\System32\DRIVERS\psdfilter.sys

"PSDNServ" (PSDNServ) - "Egis Incorporated" - C:\Windows\System32\DRIVERS\PSDNServ.sys

"PSDVdisk" (psdvdisk) - "Egis Incorporated" - C:\Windows\System32\DRIVERS\PSDVdisk.sys

"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys

"szkg5" (szkg5) - "iS3 Inc." - C:\Windows\System32\DRIVERS\szkg.sys

"szkgfs" (szkgfs) - "iS3, Inc." - C:\Windows\System32\drivers\szkgfs.sys

"UBHelper" (UBHelper) - "NewTech Infosystems Corporation" - C:\Windows\system32\drivers\UBHelper.sys

"ui11rdr" (ui11rdr) - "1&1 Internet AG" - C:\Windows\System32\DRIVERS\ui11rdr.sys

"Upper Class Filter Driver" (NTIDrvr) - "NewTech Infosystems, Inc." - C:\Windows\System32\DRIVERS\NTIDrvr.sys

"upperdev" (upperdev) - ? - C:\Windows\System32\DRIVERS\usbser_lowerflt.sys  (File not found)

"UsbserFilt" (UsbserFilt) - ? - C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys  (File not found)
 

[Explorer]

-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----

{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll

{0561EC90-CE54-4f0c-9C55-E226110A740C} "{0561EC90-CE54-4f0c-9C55-E226110A740C}" - ? -   (File not found | COM-object registry key not found)

{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll

-----( HKLM\Software\Classes\Protocols\Filter )-----

{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

-----( HKLM\Software\Classes\Protocols\Handler )-----

{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll

{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----

{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -   (File not found | COM-object registry key not found)

{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll

{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)

{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)

{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -   (File not found | COM-object registry key not found)

{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} "DragDropProtect Class" - "Egis Incorporated" - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

{2b45bd21-71f8-4c8c-a87a-7eeb25a1a3e0} "EPM-PO Shell Extension" - ? -   (File not found | COM-object registry key not found)

{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -   (File not found | COM-object registry key not found)

{8F9D8FBE-C5C1-4B65-986E-51235C9283E8} "FPLaunchCache" - "Arachnoid Biometrics Identification Group Corp." - C:\Program Files\Acer\Acer Bio Protection\FPLaunchCache.dll

{327669A0-59A7-4be9-B99E-1C9F3A57611A} "Haali Matroska Thumbnail Exctractor" - ? -   (File not found | COM-object registry key not found)

{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -   (File not found | COM-object registry key not found)

{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll

{00020d75-0000-0000-c000-000000000046} "lnkfile" - ? -   (File not found | COM-object registry key not found)

{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll

{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll

{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll

{7842554E-6BED-11D2-8CDB-B05550C10000} "Monitor Class" - "Broadcom Corporation." - C:\Windows\system32\btncopy.dll

{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll

{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll

{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll

{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll

{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - c:\program files\real\realplayer\rpshell.dll

{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)

{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)

{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll

{62DF97A2-3635-4412-AE30-80B164BC88AD} "ShellContextMenuHandler Class" - "1&1 Internet AG" - C:\Program Files\1&1\1&1 Upload-Manager\SHNDLERS.DLL

{5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - ? - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll

{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -   (File not found | COM-object registry key not found)
 

[Internet Explorer]

-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----

<binary data> "Ask Toolbar" - "Ask.com" - C:\Program Files\Ask.com\GenericAskToolbar.dll

ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)

-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----

{6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} "ContactExtractor Class" - "Facebook" - C:\Windows\Downloaded Program Files\contactx.dll / https://register.facebook.com/controls/contactx.dll

{0CCA191D-13A6-4E29-B746-314DEE697D83} "Facebook Photo Uploader 5 Control" - "The Facebook" - C:\Windows\Downloaded Program Files\PhotoUploader5.ocx / hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

{8100D56A-5661-482C-BEE8-AFECE305D968} "Facebook Photo Uploader 5 Control" - "The Facebook" - C:\Windows\Downloaded Program Files\PhotoUploader55.ocx / hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

{5D637FAD-E202-48D1-8F18-5B9C459BD1E3} "Image Uploader Control" - "Aurigma, Inc." - C:\Windows\Downloaded Program Files\ImageUploader5.ocx / hxxp://www.fotokasten.de/javaapplet/ImageUploader5.cab

{CAC677B6-4963-4305-9066-0BD135CD9233} "IPSUploader4 Control" - "IP Labs GmbH - Germany" - C:\Windows\Downloaded Program Files\IPSUploader4.ocx / hxxp://as.photoprintit.de/ips-opdata/layout/default_cms01/activex/IPSUploader4.cab

{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "Java Plug-in 1.6.0_07" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} "QuickTime Object" - "Apple Inc." - C:\Program Files\QuickTime\QTPlugin.ocx / hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash10n.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

{3860DD98-0549-4D50-AA72-5D17D200EE10} "Windows Live OneCare safety scanner control" - "Microsoft Corporation" - C:\Program Files\Windows Live Safety Center\wlscCtrl2.dll / hxxp://cdn.scan.onecare.live.com/resource/download/scanner/de-DE/wlscctrl2.cab

{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? -   (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

{E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? -   (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----

"@btrez.dll,-4015" - ? - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

{77BF5300-1474-4EC7-9980-D32B190E9B07} "ClsidExtension" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

"Quick-Launching Area" - ? - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe

{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

{77BF5300-1474-4EC7-9980-D32B190E9B07} "Skype" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----

<binary data> "Acer eDataSecurity Management" - "Egis Incorporated." - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll

<binary data> "Ask Toolbar" - "Ask.com" - C:\Program Files\Ask.com\GenericAskToolbar.dll

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

{D4027C7F-154A-4066-A1AD-4243D8127440} "Ask Toolbar" - "Ask.com" - C:\Program Files\Ask.com\GenericAskToolbar.dll

{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll

{3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealPlayer" - c:\program files\real\realplayer\rpbrowserrecordplugin.dll

{22BF413B-C6D2-4d91-82A9-A0F997BA588C} "Skype add-on (mastermind)" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

{E3215F20-3212-11D6-9F8B-00D0B743919D} "STOPzilla Browser Helper Object" - "iS3, Inc." - C:\Program Files\STOPzilla!\SZIEBHO.dll

{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

{02478D38-C3F9-4efb-9B51-7695ECA05670} "{02478D38-C3F9-4efb-9B51-7695ECA05670}" - ? -   (File not found | COM-object registry key not found)

{5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" - ? -   (File not found | COM-object registry key not found)
 

[Logon]

-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----

"desktop.ini" - ? - C:\Users\Perner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----

"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

"BTTray.lnk" - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe  (Shortcut exists | File exists)

-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----

"StartupPrograms" - ? - rdpclip  (File not found)

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----

"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

"AppleSyncNotifier" - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

"ArcadeDeluxeAgent" - "CyberLink Corp." - "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"

"BkupTray" - ? - "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"

"CLMLServer" - "CyberLink" - "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"

"eAudio" - "Acer Incorporated" - "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"

"eDataSecurity Loader" - "Egis Incorporated" - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe

"ePower_DMC" - "Acer Inc." - C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe

"IAAnotif" - "Intel Corporation" - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

"iTunesHelper" - "Apple Inc." - "C:\Program Files\iTunes\iTunesHelper.exe"

"LManager" - "Dritek System Inc." - C:\PROGRA~1\LAUNCH~1\LManager.exe

"PlayMovie" - "Acer Corp." - "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"

"PLFSetI" - ? - C:\Windows\PLFSetI.exe

"StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"WarReg_PopUp" - "Acer Incorporated" - C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
 

[Network Providers]

-----( HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order )-----

"1&1 SmartDrive" - "1&1 Internet AG" - C:\Windows\System32\ui11np.dll
 

[Print Monitors]

-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----

"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll
 

[Services]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

"@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\sched.exe

"AVSKey-Lock" (AvskeyService) - ? - D:\mp\AVSKey-Lock\AVSKey.exe  (File found, but it contains no detailed information)

"CLHNService" (CLHNService) - ? - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe

"Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files\Cyberlink\Shared files\RichVideo.exe

"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe

"eDataSecurity Service" (eDataSecurity Service) - "Egis Incorporated" - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe

"Empowering Technology Service" (ETService) - ? - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

"Google Update Service (gupdate1ca2816452f5999)" (gupdate1ca2816452f5999) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

"iGroupTec Service" (IGBASVC) - ? - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe  (File found, but it contains no detailed information)

"Intel(R) Matrix Storage Event Monitor" (IAANTMON) - "Intel Corporation" - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe

"LightScribeService Direct Disc Labeling Service" (LightScribeService) - "Hewlett-Packard Company" - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

"MobilityService" (MobilityService) - ? - C:\Acer\Mobility Center\MobilityService.exe

"NTI Backup Now 5 Agent Service" (BUNAgentSvc) - "NewTech Infosystems, Inc." - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe

"NTI Backup Now 5 Backup Service" (NTIBackupSvc) - "NewTech InfoSystems, Inc." - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

"NTI Backup Now 5 Scheduler Service" (NTISchedulerSvc) - ? - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe  (File found, but it contains no detailed information)

"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

"Raw Socket Service" (RS_Service) - "Acer Incorporated" - C:\Program Files\Acer\Acer VCM\RS_Service.exe

"ServiceLayer" (ServiceLayer) - "Nokia" - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

"STOPzilla Service" (szserver) - "iS3, Inc." - C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe

"TomTomHOMEService" (TomTomHOMEService) - "TomTom" - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

"Validity Fingerprint Service" (vfsFPService) - "Validity Sensors, Inc." - C:\Windows\system32\vfsFPService.exe

"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
 

[Winlogon]

-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----

"AWinNotifyVitaKey MC3000" - "Arachnoid Biometrics Identification Group Corp." - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
 

[Winsock Providers]

-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----

"mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll
 

===[ Logfile end ]=========================================[ Logfile end ]===

--- --- ---

If You have questions or want to get some help, You can visit Online Solutions :: Index

Zitat:

232 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 1BD01CAC429595C1D0CBBF8C10C0B8BA957B5116

Wir sollten den MBR manuell fixen. Sichere für den Fall der Fälle alle wichtigen Daten.

Hast Du noch andere Betriebssysteme außer Vista installiert?
Wenn nicht: Schau mal hier => Vista Notfall/Recovery-CD 32-Bit - Dr. Windows

Lad das iso runter, brenn es zB mit ImgBurn per Imagebrennfunktion auf eine CD und starte damit den Rechner (von dieser CD booten).

Falls Du eine normale Vista-Installations-DVD hast, brauchst Du das o.g. Image nicht sondern kannst einfach von der Vista-DVD booten.

Klick auf Computerreparaturoptionen, weiter, Eingabeaufforderung - die Konsole öffnet sich. Da bitte bootrec.exe /fixboot eintippen (mit enter bestätigen), dann bootrec.exe /fixmbr eintippen (mit enter bestätigen) - Rechner neustarten, CD vorher rausnehmen. Erstell danach wieder neue Logs mit MBRCheck und wenn es geht GMER.