Home » Viren, Trojaner & Malware Forum » "security protection" und andere probleme » Themenansicht

"security protection" und andere probleme
#0
26.08.2011, 14:11
BloodySun
Member

Beiträge: 47
#1 Hallo..

der Laptop meiner Tochter ist verseucht. erst hatte sie ein ominöses sicherheitsprogramm dauf, das ich dank combofix entfernt bekommen habe. security protection, oder so ähnlich hiess das.. (COMBOFIX-bericht ist auch angehängt)
sie hat aber vorher, ohne mir was zu sagen von den Problemen, einfach windows recovery gestartet und "formatiert"
hat die probleme in soweit gelöst, das der pc zumindest wieder zu starten ging. (Vorher konnte man, laut ihrer Aussage, weder starten noch die win7-reparatur erfolgreich durchführen, noch eine systemwiederherstellung machen.

Jetzt hatte ich angefangen Dr.Web cureit laufen zu lassen, der fand dann auf anhieb einen Backdoor.tsdss. 4005, leider hat sich da der laptop neugestartet dank windowsupdate *sigh* so das ich das vorerst nicht beenden konnte.

Jetzt habe ich mal den OTL laufen lassen und wollte euch mal drübersehn lassen.

hier also der log:

Code

OTL logfile created on: 26.08.2011 14:24:32 - Run 2
OTL by OldTimer - Version 3.2.26.5     Folder = C:\Users\GINA.GINA-PC\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,02 Gb Available Physical Memory | 50,46% Memory free
7,99 Gb Paging File | 5,97 Gb Available in Paging File | 74,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 360,51 Gb Total Space | 283,42 Gb Free Space | 78,62% Space Free | Partition Type: NTFS
 
Computer Name: GINA-PC | User Name: GINA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC -  File not found
PRC - C:\Users\GINA.GINA-PC\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
PRC - C:\Windows\SysWOW64\PING.EXE (Microsoft Corporation)
PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)
PRC - C:\Windows\PLFSetI.exe ()
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\PLFSetI.exe ()
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (Partner Service) -- C:\ProgramData\Partner\Partner.exe (Google Inc.)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:[b]64bit:[/b] - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:[b]64bit:[/b] - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:[b]64bit:[/b] - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:[b]64bit:[/b] - (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:[b]64bit:[/b] - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:[b]64bit:[/b] - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:[b]64bit:[/b] - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:[b]64bit:[/b] - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:[b]64bit:[/b] - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:[b]64bit:[/b] - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:[b]64bit:[/b] - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (RSUSBSTOR) -- C:\Windows\System32\Drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (DKbFltr) Dritek Keyboard Filter Driver (64-bit) -- C:\Windows\SysWOW64\Drivers\DKbFltr.sys (Dritek System Inc.)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5732z&r=27360811l315l0394z145t48j2c883
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5732z&r=27360811l315l0394z145t48j2c883
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5732z&r=27360811l315l0394z145t48j2c883
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.08.26 13:33:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011.08.26 13:34:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GINA.GINA-PC\AppData\Roaming\mozilla\Extensions
[2011.08.26 13:33:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
File not found (No name found) -- 
[2011.08.12 08:13:04 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.08.12 06:19:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.08.12 06:14:12 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.08.12 06:19:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.08.12 06:19:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.08.12 06:19:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.08.12 06:19:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.08.25 13:28:06 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:[b]64bit:[/b] - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher]  File not found
O4 - HKLM..\Run: [ArcadeDeluxeAgent]  File not found
O4 - HKLM..\Run: [EgisTecLiveUpdate]  File not found
O4 - HKLM..\Run: [LManager]  File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NortonOnlineBackupReminder]  File not found
O4 - HKLM..\Run: [PlayMovie]  File not found
O4 - HKLM..\Run: [StartCCC]  File not found
O4 - HKCU..\Run: [BrowserChoice]  File not found
O4 - HKCU..\Run: [Spyware Doctor with AntiVirus]  File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:[b]64bit:[/b] - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\GINA.GINA-PC\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\GINA.GINA-PC\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011.08.26 13:34:44 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\AppData\Roaming\Mozilla
[2011.08.26 13:34:44 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\AppData\Local\Mozilla
[2011.08.26 13:33:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.08.26 12:46:14 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2011.08.25 23:19:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011.08.25 23:15:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2011.08.25 14:35:58 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2011.08.25 14:35:58 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2011.08.25 14:33:16 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\DoctorWeb
[2011.08.25 14:02:55 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\AppData\Roaming\Malwarebytes
[2011.08.25 14:02:33 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.08.25 14:02:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.08.25 14:02:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.08.25 14:02:21 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.08.25 14:02:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.08.25 13:58:37 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\AppData\Local\Diagnostics
[2011.08.25 13:53:55 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\GINA.GINA-PC\Desktop\OTL.exe
[2011.08.25 13:13:21 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011.08.25 13:13:21 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011.08.25 13:13:20 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011.08.25 13:13:08 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.08.25 13:13:01 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.08.25 13:04:52 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011.08.25 12:33:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phyxion.net
[2011.08.25 12:33:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Phyxion.net
[2011.08.25 12:07:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.08.25 12:07:33 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.08.24 10:27:29 | 000,000,000 | ---D | C] -- C:\Windows\de-DE
[2011.08.24 10:27:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2011.08.24 10:27:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\de-DE
[2011.08.24 10:27:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de
[2011.08.24 10:27:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0407
[2011.08.24 10:27:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2011.08.24 10:27:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0407
[2011.08.24 10:27:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de
[2011.08.24 10:26:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbrpm.sys.mui
[2011.08.24 10:25:31 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\fvevol.sys.mui
[2011.08.24 10:24:35 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\qwavedrv.sys.mui
[2011.08.24 10:24:25 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\nwifi.sys.mui
[2011.08.24 10:24:25 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\qwavedrv.sys.mui
[2011.08.24 10:24:12 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\serial.sys.mui
[2011.08.24 10:24:12 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui
[2011.08.24 10:24:12 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui
[2011.08.24 10:24:12 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\battc.sys.mui
[2011.08.24 10:24:12 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\IPMIDrv.sys.mui
[2011.08.24 10:24:12 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tpm.sys.mui
[2011.08.24 10:24:12 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\parport.sys.mui
[2011.08.24 10:24:12 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\MTConfig.sys.mui
[2011.08.24 10:24:11 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\volsnap.sys.mui
[2011.08.24 10:24:11 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbport.sys.mui
[2011.08.24 10:24:11 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\processr.sys.mui
[2011.08.24 10:24:11 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\intelppm.sys.mui
[2011.08.24 10:24:11 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdppm.sys.mui
[2011.08.24 10:24:11 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdk8.sys.mui
[2011.08.24 10:24:11 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbhub.sys.mui
[2011.08.24 10:24:11 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ohci1394.sys.mui
[2011.08.24 10:24:11 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\1394ohci.sys.mui
[2011.08.24 10:24:11 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\i8042prt.sys.mui
[2011.08.24 10:24:11 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\acpi.sys.mui
[2011.08.24 10:24:11 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pci.sys.mui
[2011.08.24 10:24:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\sermouse.sys.mui
[2011.08.24 10:24:11 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\kbdclass.sys.mui
[2011.08.24 10:24:11 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mouclass.sys.mui
[2011.08.24 10:24:11 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wacompen.sys.mui
[2011.08.24 10:24:11 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vhdmp.sys.mui
[2011.08.24 10:24:11 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vdrvroot.sys.mui
[2011.08.24 10:24:11 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\isapnp.sys.mui
[2011.08.24 10:24:11 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\hdaudbus.sys.mui
[2011.08.24 10:24:11 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ataport.sys.mui
[2011.08.24 10:24:11 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\umbus.sys.mui
[2011.08.24 10:24:11 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mssmbios.sys.mui
[2011.08.24 10:24:11 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mouhid.sys.mui
[2011.08.24 10:24:11 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vwifibus.sys.mui
[2011.08.24 10:24:11 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ULIAGPKX.SYS.mui
[2011.08.24 10:24:11 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\UAGP35.SYS.mui
[2011.08.24 10:24:11 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\NV_AGP.SYS.mui
[2011.08.24 10:24:11 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\kbdhid.sys.mui
[2011.08.24 10:24:11 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\GAGP30KX.SYS.mui
[2011.08.24 10:24:11 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\AGP440.sys.mui
[2011.08.24 10:24:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wd.sys.mui
[2011.08.24 10:24:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\disk.sys.mui
[2011.08.24 10:24:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\cdrom.sys.mui
[2011.08.24 10:24:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdide.sys.mui
[2011.08.24 10:24:08 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tcpip.sys.mui
[2011.08.24 10:24:08 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mpio.sys.mui
[2011.08.24 10:24:08 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthport.sys.mui
[2011.08.24 10:24:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\msdsm.sys.mui
[2011.08.24 10:24:08 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pcmcia.sys.mui
[2011.08.24 10:24:08 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthpan.sys.mui
[2011.08.24 10:24:08 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui
[2011.08.24 10:24:08 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\portcls.sys.mui
[2011.08.24 10:24:08 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\HdAudio.sys.mui
[2011.08.24 10:24:08 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\serscan.sys.mui
[2011.08.24 10:24:08 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rndismpx.sys.mui
[2011.08.24 10:24:08 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rndismp6.sys.mui
[2011.08.24 10:24:08 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\hidbth.sys.mui
[2011.08.24 10:24:08 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pnpmem.sys.mui
[2011.08.24 10:24:08 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\Dot4usb.sys.mui
[2011.08.24 10:24:08 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\BTHUSB.SYS.mui
[2011.08.24 10:24:08 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui
[2011.08.24 10:24:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ws2ifsl.sys.mui
[2011.08.24 10:24:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthenum.sys.mui
[2011.08.24 10:23:33 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pacer.sys.mui
[2011.08.24 10:23:30 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bfe.dll.mui
[2011.08.24 10:23:30 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\modem.sys.mui
[2011.08.24 10:23:27 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\afd.sys.mui
[2011.08.24 10:23:27 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ipnat.sys.mui
[2011.08.24 10:23:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\volmgrx.sys.mui
[2011.08.24 10:23:05 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tunnel.sys.mui
[2011.08.24 10:23:05 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\luafv.sys.mui
[2011.08.24 10:23:05 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rdbss.sys.mui
[2011.08.24 10:23:05 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\srv.sys.mui
[2011.08.24 10:23:05 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\scfilter.sys.mui
[2011.08.24 10:23:04 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ntfs.sys.mui
[2011.08.24 10:23:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\ndiscap.sys.mui
[2011.08.24 10:22:53 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndisuio.sys.mui
[2011.08.24 10:22:53 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\partmgr.sys.mui
[2011.08.24 10:22:53 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mountmgr.sys.mui
[2011.08.24 10:22:36 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\RNDISMP.sys.mui
[2011.08.24 10:22:35 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\tcpip.sys.mui
[2011.08.24 10:22:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndiscap.sys.mui
[2011.08.24 10:22:35 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\scfilter.sys.mui
[2011.08.24 10:22:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\fltmgr.sys.mui
[2011.08.24 10:22:29 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wdf01000.sys.mui
[2011.08.24 10:22:27 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndis.sys.mui
[2011.08.24 10:22:23 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\http.sys.mui
[2011.08.24 10:22:23 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\bfe.dll.mui
[2011.08.24 10:22:23 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\pacer.sys.mui
[2011.08.24 10:22:23 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\scsiport.sys.mui
[2011.08.24 09:23:12 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2011.08.24 09:20:53 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\AppData\Local\ElevatedDiagnostics
[2011.08.24 09:08:40 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2011.08.24 09:08:15 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\AppData\Local\Adobe
[2011.08.24 06:06:06 | 000,000,000 | R--D | C] -- C:\Backup
[2011.08.24 02:35:33 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011.08.24 02:31:45 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\Tracing
[2011.08.24 02:21:51 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\AppData\Local\Apps
[2011.08.24 02:21:47 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\AppData\Local\Deployment
[2011.08.24 01:51:59 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4r.dll
[2011.08.24 01:51:58 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4a.dll
[2011.08.24 01:51:18 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\AppData\Roaming\DVDVideoSoft
[2011.08.24 01:50:16 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.08.24 01:50:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2011.08.24 01:49:49 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\Documents\DVDVideoSoft
[2011.08.24 01:49:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2011.08.24 01:49:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2011.08.24 01:49:03 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Arcade Deluxe
[2011.08.24 01:48:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cyberlink
[2011.08.24 01:44:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer Arcade Deluxe
[2011.08.24 01:40:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
[2011.08.24 01:34:52 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\AppData\Roaming\Skype
[2011.08.24 01:34:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.08.24 01:34:32 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011.08.24 01:34:21 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2011.08.24 01:34:21 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2011.08.24 01:33:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011.08.24 01:32:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2011.08.24 01:32:13 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011.08.24 01:31:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2011.08.24 01:31:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011.08.24 01:31:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2011.08.24 01:29:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2011.08.24 01:24:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2011.08.24 01:24:01 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\AppData\Local\Microsoft Help
[2011.08.24 01:18:35 | 001,654,784 | ---- | C] (SuYin) -- C:\Windows\Acer Crystal Eye webcam.EXE
[2011.08.24 01:18:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam
[2011.08.24 01:17:57 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\AppData\Roaming\InstallShield
[2011.08.24 01:16:44 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\AppData\Roaming\Adobe
[2011.08.24 01:15:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Atheros_L1e
[2011.08.24 01:13:58 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\AppData\Roaming\Google
[2011.08.24 01:13:57 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\AppData\Local\Google
[2011.08.24 01:13:09 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\AppData\Roaming\ATI
[2011.08.24 01:13:09 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\AppData\Local\ATI
[2011.08.24 01:13:08 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2011.08.24 01:12:14 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\AppData\Local\EgisTec
[2011.08.24 01:12:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
[2011.08.24 01:12:08 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\AppData\Roaming\Macromedia
[2011.08.24 01:10:39 | 000,000,000 | R--D | C] -- C:\Users\GINA.GINA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.08.24 01:10:39 | 000,000,000 | R--D | C] -- C:\Users\GINA.GINA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.08.24 01:10:37 | 000,000,000 | R--D | C] -- C:\Users\GINA.GINA-PC\Searches
[2011.08.24 01:10:01 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\AppData\Roaming\Identities
[2011.08.24 01:09:53 | 000,000,000 | R--D | C] -- C:\Users\GINA.GINA-PC\Contacts
[2011.08.24 01:09:46 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\AppData\Local\VirtualStore
[2011.08.24 01:06:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OEM
[2011.08.24 01:06:08 | 000,000,000 | ---D | C] -- C:\Program Files\Acer Accessory Store
[2011.08.24 01:05:22 | 000,000,000 | -HSD | C] -- C:\Users\GINA.GINA-PC\Vorlagen
[2011.08.24 01:05:22 | 000,000,000 | -HSD | C] -- C:\Users\GINA.GINA-PC\AppData\Local\Verlauf
[2011.08.24 01:05:22 | 000,000,000 | -HSD | C] -- C:\Users\GINA.GINA-PC\AppData\Local\Temporary Internet Files
[2011.08.24 01:05:22 | 000,000,000 | -HSD | C] -- C:\Users\GINA.GINA-PC\Startmenü
[2011.08.24 01:05:22 | 000,000,000 | -HSD | C] -- C:\Users\GINA.GINA-PC\SendTo
[2011.08.24 01:05:22 | 000,000,000 | -HSD | C] -- C:\Users\GINA.GINA-PC\Recent
[2011.08.24 01:05:22 | 000,000,000 | -HSD | C] -- C:\Users\GINA.GINA-PC\Netzwerkumgebung
[2011.08.24 01:05:22 | 000,000,000 | -HSD | C] -- C:\Users\GINA.GINA-PC\Lokale Einstellungen
[2011.08.24 01:05:22 | 000,000,000 | -HSD | C] -- C:\Users\GINA.GINA-PC\Documents\Eigene Videos
[2011.08.24 01:05:22 | 000,000,000 | -HSD | C] -- C:\Users\GINA.GINA-PC\Documents\Eigene Musik
[2011.08.24 01:05:22 | 000,000,000 | -HSD | C] -- C:\Users\GINA.GINA-PC\Eigene Dateien
[2011.08.24 01:05:22 | 000,000,000 | -HSD | C] -- C:\Users\GINA.GINA-PC\Documents\Eigene Bilder
[2011.08.24 01:05:22 | 000,000,000 | -HSD | C] -- C:\Users\GINA.GINA-PC\Druckumgebung
[2011.08.24 01:05:22 | 000,000,000 | -HSD | C] -- C:\Users\GINA.GINA-PC\Cookies
[2011.08.24 01:05:22 | 000,000,000 | -HSD | C] -- C:\Users\GINA.GINA-PC\AppData\Local\Anwendungsdaten
[2011.08.24 01:05:22 | 000,000,000 | -HSD | C] -- C:\Users\GINA.GINA-PC\Anwendungsdaten
[2011.08.24 01:05:21 | 000,000,000 | --SD | C] -- C:\Users\GINA.GINA-PC\AppData\Roaming\Microsoft
[2011.08.24 01:05:21 | 000,000,000 | R--D | C] -- C:\Users\GINA.GINA-PC\Videos
[2011.08.24 01:05:21 | 000,000,000 | R--D | C] -- C:\Users\GINA.GINA-PC\Saved Games
[2011.08.24 01:05:21 | 000,000,000 | R--D | C] -- C:\Users\GINA.GINA-PC\Pictures
[2011.08.24 01:05:21 | 000,000,000 | R--D | C] -- C:\Users\GINA.GINA-PC\Music
[2011.08.24 01:05:21 | 000,000,000 | R--D | C] -- C:\Users\GINA.GINA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.08.24 01:05:21 | 000,000,000 | R--D | C] -- C:\Users\GINA.GINA-PC\Links
[2011.08.24 01:05:21 | 000,000,000 | R--D | C] -- C:\Users\GINA.GINA-PC\Favorites
[2011.08.24 01:05:21 | 000,000,000 | R--D | C] -- C:\Users\GINA.GINA-PC\Downloads
[2011.08.24 01:05:21 | 000,000,000 | R--D | C] -- C:\Users\GINA.GINA-PC\Documents
[2011.08.24 01:05:21 | 000,000,000 | R--D | C] -- C:\Users\GINA.GINA-PC\Desktop
[2011.08.24 01:05:21 | 000,000,000 | R--D | C] -- C:\Users\GINA.GINA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.08.24 01:05:21 | 000,000,000 | -H-D | C] -- C:\Users\GINA.GINA-PC\AppData
[2011.08.24 01:05:21 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\AppData\Local\Temp
[2011.08.24 01:05:21 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\AppData\Local\Microsoft
[2011.08.24 01:05:21 | 000,000,000 | ---D | C] -- C:\Users\GINA.GINA-PC\AppData\Roaming\Media Center Programs
[2011.08.24 01:04:36 | 000,000,000 | ---D | C] -- C:\Recovery
[2011.08.24 01:04:35 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2011.08.24 01:04:35 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2011.08.24 01:04:35 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2011.08.24 01:04:35 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2011.08.24 00:56:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011.08.24 00:53:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2011.08.24 00:51:11 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011.08.24 00:51:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2011.08.24 00:47:53 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011.07.29 10:43:41 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2011.01.07 03:48:36 | 000,446,976 | ---- | C] (WanSoftware) -- C:\ProgramData\ftsKmDbJNThG.dll
[2009.10.03 04:24:40 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011.08.26 14:01:17 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.26 13:33:33 | 000,001,138 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.08.26 13:28:04 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.26 13:28:03 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.26 13:27:36 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.08.26 13:27:36 | 000,643,866 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.08.26 13:27:36 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.08.26 13:27:36 | 000,126,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.08.26 13:27:36 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.08.26 13:21:07 | 000,001,754 | ---- | M] () -- C:\Users\Public\Desktop\Browserwahl.lnk
[2011.08.26 13:20:53 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.08.26 13:19:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.08.26 13:19:33 | 3219,632,128 | -HS- | M] () -- C:\hiberfil.sys
[2011.08.26 12:39:04 | 000,001,181 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Works.lnk
[2011.08.26 12:34:13 | 075,471,120 | ---- | M] () -- C:\Users\GINA.GINA-PC\Desktop\4n482y43.exe
[2011.08.25 14:11:21 | 000,302,592 | ---- | M] () -- C:\Users\GINA.GINA-PC\Desktop\smyep54i.exe
[2011.08.25 14:02:35 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.08.25 13:54:01 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\GINA.GINA-PC\Desktop\OTL.exe
[2011.08.25 13:28:06 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011.08.25 12:42:47 | 313,277,411 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.08.25 12:07:37 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.08.24 10:26:51 | 000,295,922 | ---- | M] () -- C:\Windows\SysNative\perfi007.dat
[2011.08.24 10:26:51 | 000,038,104 | ---- | M] () -- C:\Windows\SysNative\perfd007.dat
[2011.08.24 10:26:02 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbrpm.sys.mui
[2011.08.24 10:25:31 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\fvevol.sys.mui
[2011.08.24 10:25:17 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UMDF\de-DE\WpdMtpDr.dll.mui
[2011.08.24 10:24:35 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\qwavedrv.sys.mui
[2011.08.24 10:24:25 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\nwifi.sys.mui
[2011.08.24 10:24:25 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\qwavedrv.sys.mui
[2011.08.24 10:24:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\serial.sys.mui
[2011.08.24 10:24:12 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui
[2011.08.24 10:24:12 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui
[2011.08.24 10:24:12 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\battc.sys.mui
[2011.08.24 10:24:12 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\IPMIDrv.sys.mui
[2011.08.24 10:24:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tpm.sys.mui
[2011.08.24 10:24:12 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\parport.sys.mui
[2011.08.24 10:24:12 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\MTConfig.sys.mui
[2011.08.24 10:24:11 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\volsnap.sys.mui
[2011.08.24 10:24:11 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbport.sys.mui
[2011.08.24 10:24:11 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\processr.sys.mui
[2011.08.24 10:24:11 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\intelppm.sys.mui
[2011.08.24 10:24:11 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdppm.sys.mui
[2011.08.24 10:24:11 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdk8.sys.mui
[2011.08.24 10:24:11 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbhub.sys.mui
[2011.08.24 10:24:11 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ohci1394.sys.mui
[2011.08.24 10:24:11 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\1394ohci.sys.mui
[2011.08.24 10:24:11 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\i8042prt.sys.mui
[2011.08.24 10:24:11 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\acpi.sys.mui
[2011.08.24 10:24:11 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pci.sys.mui
[2011.08.24 10:24:11 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\sermouse.sys.mui
[2011.08.24 10:24:11 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\kbdclass.sys.mui
[2011.08.24 10:24:11 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mouclass.sys.mui
[2011.08.24 10:24:11 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wacompen.sys.mui
[2011.08.24 10:24:11 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vhdmp.sys.mui
[2011.08.24 10:24:11 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vdrvroot.sys.mui
[2011.08.24 10:24:11 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\isapnp.sys.mui
[2011.08.24 10:24:11 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\hdaudbus.sys.mui
[2011.08.24 10:24:11 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ataport.sys.mui
[2011.08.24 10:24:11 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\umbus.sys.mui
[2011.08.24 10:24:11 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mssmbios.sys.mui
[2011.08.24 10:24:11 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mouhid.sys.mui
[2011.08.24 10:24:11 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vwifibus.sys.mui
[2011.08.24 10:24:11 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ULIAGPKX.SYS.mui
[2011.08.24 10:24:11 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\UAGP35.SYS.mui
[2011.08.24 10:24:11 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\NV_AGP.SYS.mui
[2011.08.24 10:24:11 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\kbdhid.sys.mui
[2011.08.24 10:24:11 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\GAGP30KX.SYS.mui
[2011.08.24 10:24:11 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\AGP440.sys.mui
[2011.08.24 10:24:11 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wd.sys.mui
[2011.08.24 10:24:11 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\disk.sys.mui
[2011.08.24 10:24:11 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\cdrom.sys.mui
[2011.08.24 10:24:11 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdide.sys.mui
[2011.08.24 10:24:08 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tcpip.sys.mui
[2011.08.24 10:24:08 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mpio.sys.mui
[2011.08.24 10:24:08 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthport.sys.mui
[2011.08.24 10:24:08 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UMDF\de-DE\WUDFUsbccidDriver.dll.mui
[2011.08.24 10:24:08 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\msdsm.sys.mui
[2011.08.24 10:24:08 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pcmcia.sys.mui
[2011.08.24 10:24:08 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthpan.sys.mui
[2011.08.24 10:24:08 | 000,004,096 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui
[2011.08.24 10:24:08 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\portcls.sys.mui
[2011.08.24 10:24:08 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\HdAudio.sys.mui
[2011.08.24 10:24:08 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\serscan.sys.mui
[2011.08.24 10:24:08 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rndismpx.sys.mui
[2011.08.24 10:24:08 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rndismp6.sys.mui
[2011.08.24 10:24:08 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\hidbth.sys.mui
[2011.08.24 10:24:08 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pnpmem.sys.mui
[2011.08.24 10:24:08 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\Dot4usb.sys.mui
[2011.08.24 10:24:08 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\BTHUSB.SYS.mui
[2011.08.24 10:24:08 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui
[2011.08.24 10:24:08 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ws2ifsl.sys.mui
[2011.08.24 10:24:08 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthenum.sys.mui
[2011.08.24 10:23:33 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pacer.sys.mui
[2011.08.24 10:23:30 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bfe.dll.mui
[2011.08.24 10:23:30 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\modem.sys.mui
[2011.08.24 10:23:27 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\afd.sys.mui
[2011.08.24 10:23:27 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ipnat.sys.mui
[2011.08.24 10:23:27 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\volmgrx.sys.mui
[2011.08.24 10:23:05 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tunnel.sys.mui
[2011.08.24 10:23:05 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\luafv.sys.mui
[2011.08.24 10:23:05 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rdbss.sys.mui
[2011.08.24 10:23:05 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\srv.sys.mui
[2011.08.24 10:23:05 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\scfilter.sys.mui
[2011.08.24 10:23:04 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ntfs.sys.mui
[2011.08.24 10:23:04 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\ndiscap.sys.mui
[2011.08.24 10:22:53 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndisuio.sys.mui
[2011.08.24 10:22:53 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\partmgr.sys.mui
[2011.08.24 10:22:53 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mountmgr.sys.mui
[2011.08.24 10:22:36 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\RNDISMP.sys.mui
[2011.08.24 10:22:35 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\tcpip.sys.mui
[2011.08.24 10:22:35 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndiscap.sys.mui
[2011.08.24 10:22:35 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\scfilter.sys.mui
[2011.08.24 10:22:29 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\fltmgr.sys.mui
[2011.08.24 10:22:29 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wdf01000.sys.mui
[2011.08.24 10:22:27 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndis.sys.mui
[2011.08.24 10:22:23 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\http.sys.mui
[2011.08.24 10:22:23 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\bfe.dll.mui
[2011.08.24 10:22:23 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\pacer.sys.mui
[2011.08.24 10:22:23 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\scsiport.sys.mui
[2011.08.24 09:23:14 | 000,001,662 | ---- | M] () -- C:\Users\Public\Desktop\Recuva.lnk
[2011.08.24 02:35:53 | 000,343,008 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.08.24 01:34:33 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.08.24 01:13:26 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2011.08.24 01:03:48 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011.08.24 01:03:47 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011.08.24 00:58:06 | 000,000,006 | ---- | M] () -- C:\Windows\SysNative\PLD_Framework.cmd
[2011.08.24 00:48:18 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011.08.26 13:33:33 | 000,001,138 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.08.26 13:33:32 | 000,001,150 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.08.26 13:21:07 | 000,001,754 | ---- | C] () -- C:\Users\Public\Desktop\Browserwahl.lnk
[2011.08.26 12:39:04 | 000,001,181 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Works.lnk
[2011.08.26 12:32:41 | 075,471,120 | ---- | C] () -- C:\Users\GINA.GINA-PC\Desktop\4n482y43.exe
[2011.08.25 14:11:04 | 000,302,592 | ---- | C] () -- C:\Users\GINA.GINA-PC\Desktop\smyep54i.exe
[2011.08.25 14:02:35 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.08.25 13:13:21 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011.08.25 13:13:21 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011.08.25 13:13:21 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.08.25 13:13:21 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.08.25 13:13:21 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.08.25 12:42:47 | 313,277,411 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.08.25 12:07:36 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.08.24 10:28:53 | 000,643,866 | ---- | C] () -- C:\Windows\SysNative\perfh007.dat
[2011.08.24 10:28:53 | 000,295,922 | ---- | C] () -- C:\Windows\SysNative\perfi007.dat
[2011.08.24 10:28:53 | 000,126,394 | ---- | C] () -- C:\Windows\SysNative\perfc007.dat
[2011.08.24 10:28:53 | 000,038,104 | ---- | C] () -- C:\Windows\SysNative\perfd007.dat
[2011.08.24 09:23:14 | 000,001,662 | ---- | C] () -- C:\Users\Public\Desktop\Recuva.lnk
[2011.08.24 02:31:38 | 000,001,110 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.24 02:31:23 | 000,001,106 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.08.24 01:42:00 | 000,002,569 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
[2011.08.24 01:40:47 | 000,001,193 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works-Start.lnk
[2011.08.24 01:34:33 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.08.24 01:18:35 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2011.08.24 01:18:35 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2011.08.24 01:18:35 | 000,020,480 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe
[2011.08.24 01:18:35 | 000,008,362 | ---- | C] () -- C:\Windows\Suyin.reg
[2011.08.24 01:18:35 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini
[2011.08.24 01:13:26 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2011.08.24 01:11:09 | 000,001,443 | ---- | C] () -- C:\Users\GINA.GINA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.08.24 01:11:08 | 000,001,409 | ---- | C] () -- C:\Users\GINA.GINA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.08.24 00:48:18 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.01.07 10:41:02 | 000,000,280 | ---- | C] () -- C:\ProgramData\~TC81xPxs9wX
[2011.01.07 10:41:02 | 000,000,168 | ---- | C] () -- C:\ProgramData\~TC81xPxs9wXr
[2011.01.07 10:40:54 | 000,000,552 | ---- | C] () -- C:\ProgramData\TC81xPxs9wX
[2010.02.03 21:30:10 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009.07.13 23:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009.07.13 23:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009.07.13 23:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011.08.24 01:51:39 | 000,000,000 | ---D | M] -- C:\Users\GINA.GINA-PC\AppData\Roaming\DVDVideoSoft
[2011.08.24 01:50:16 | 000,000,000 | ---D | M] -- C:\Users\GINA.GINA-PC\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.07.14 07:08:49 | 000,005,222 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 376 bytes -> C:\WinRE{33875bcb0-c571-4ac4-9d2d-87796275a886}:$WIMMOUNTDATA
@Alternate Data Stream - 153 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 152 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:93DE1838
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:1D32EC29
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:E3C56885
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:4CF61E54

< End of report >
  


und hier der Combofix log

Code

ComboFix 11-08-24.06 - GINA 25.08.2011  13:16:01.1.2 - x64 NETWORK
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.4094.3328 [GMT 2:00]
ausgeführt von:: c:\users\GINA.GINA-PC\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
c:\program files (x86)\Launch Manager\LManager.exe
c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe
c:\programdata\defender.exe
c:\users\GINA.GINA-PC\AppData\Roaming\.#
c:\users\GINA.GINA-PC\AppData\Roaming\.#\MBX@480@2302770.###
c:\users\GINA.GINA-PC\AppData\Roaming\.#\MBX@480@23027A0.###
c:\users\Public\Desktop\Security Protection.lnk
c:\windows\Fonts\42445qB.com
c:\windows\Tasks\At1.job
c:\windows\Tasks\At12.job
c:\windows\Tasks\At14.job
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-07-25 bis 2011-08-25  ))))))))))))))))))))))))))))))
.
.
2011-08-25 11:25 . 2011-08-25 11:25    --------    d-----w-    c:\users\Default\AppData\Local\temp
2011-08-25 11:04 . 2011-08-25 11:04    --------    d-----w-    c:\programdata\PC Tools
2011-08-25 10:51 . 2010-03-04 04:32    243712    ----a-w-    c:\windows\system32\drivers\ks.sys
2011-08-25 10:33 . 2011-08-25 10:33    --------    d-----w-    c:\program files (x86)\Phyxion.net
2011-08-25 10:16 . 2011-07-13 04:53    8578896    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{F06911B3-E36F-4CB4-A9FF-3AD265300647}\mpengine.dll
2011-08-25 10:07 . 2011-08-25 10:33    --------    d-----w-    c:\program files\CCleaner
2011-08-24 08:27 . 2011-08-24 08:27    --------    d-----w-    c:\windows\de-DE
2011-08-24 08:27 . 2011-08-24 08:27    --------    d-----w-    c:\windows\SysWow64\XPSViewer
2011-08-24 08:27 . 2011-08-24 08:27    --------    d-----w-    c:\windows\SysWow64\wbem\de-DE
2011-08-24 08:27 . 2011-08-24 08:27    --------    d-----w-    c:\windows\SysWow64\drivers\UMDF\de-DE
2011-08-24 08:27 . 2011-08-24 08:27    --------    d-----w-    c:\windows\SysWow64\drivers\de-DE
2011-08-24 08:27 . 2011-08-24 08:27    --------    d-----w-    c:\windows\SysWow64\de
2011-08-24 08:27 . 2011-08-24 08:27    --------    d-----w-    c:\windows\SysWow64\0407
2011-08-24 08:27 . 2011-08-24 08:27    --------    d-----w-    c:\windows\system32\drivers\UMDF\de-DE
2011-08-24 08:27 . 2011-08-24 08:27    --------    d-----w-    c:\windows\system32\drivers\de-DE
2011-08-24 08:27 . 2011-08-24 08:27    --------    d-----w-    c:\windows\system32\0407
2011-08-24 08:27 . 2011-08-24 08:27    --------    d-----w-    c:\windows\system32\wbem\de-DE
2011-08-24 08:27 . 2011-08-24 08:27    --------    d-----w-    c:\windows\system32\de
2011-08-24 08:24 . 2011-08-24 08:24    3584    ----a-w-    c:\windows\system32\Spool\prtprocs\x64\de-DE\LXKPTPRC.DLL.mui
2011-08-24 07:23 . 2011-08-24 07:23    --------    d-----w-    c:\program files\Recuva
2011-08-24 04:06 . 2011-08-24 06:01    --------    d-----r-    C:\Backup
2011-08-23 23:51 . 2009-08-03 20:34    82432    ----a-w-    c:\windows\SysWow64\msxml4r.dll
2011-08-23 23:51 . 2009-08-03 20:34    1233920    ----a-w-    c:\windows\SysWow64\msxml4.dll
2011-08-23 23:51 . 2009-08-03 20:34    44544    ----a-w-    c:\windows\SysWow64\msxml4a.dll
2011-08-23 23:49 . 2011-08-23 23:50    --------    d-----w-    c:\program files (x86)\Common Files\DVDVideoSoft
2011-08-23 23:49 . 2011-08-23 23:49    --------    d-----w-    c:\program files (x86)\DVDVideoSoft
2011-08-23 23:49 . 2001-09-05 02:18    77824    ----a-w-    c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2011-08-23 23:49 . 2001-09-05 02:18    225280    ----a-w-    c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2011-08-23 23:49 . 2001-09-05 02:14    176128    ----a-w-    c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2011-08-23 23:49 . 2001-09-05 02:13    32768    ----a-w-    c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2011-08-23 23:49 . 2007-03-13 12:54    610436    ----a-w-    c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2011-08-23 23:48 . 2011-08-23 23:48    --------    d-----w-    c:\program files (x86)\Cyberlink
2011-08-23 23:44 . 2011-08-23 23:53    --------    d-----w-    c:\program files (x86)\Acer Arcade Deluxe
2011-08-23 23:34 . 2011-08-23 23:34    --------    d-----r-    c:\program files (x86)\Skype
2011-08-23 23:34 . 2006-11-29 11:06    4398360    ----a-w-    c:\windows\system32\d3dx9_32.dll
2011-08-23 23:34 . 2006-11-29 11:06    3426072    ----a-w-    c:\windows\SysWow64\d3dx9_32.dll
2011-08-23 23:33 . 2011-08-23 23:33    --------    d-----w-    c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-08-23 23:32 . 2011-08-23 23:32    --------    d-----w-    c:\program files (x86)\Microsoft
2011-08-23 23:31 . 2011-08-23 23:31    --------    d-----w-    c:\program files (x86)\Windows Live SkyDrive
2011-08-23 23:31 . 2011-08-23 23:35    --------    d-----w-    c:\program files (x86)\Windows Live
2011-08-23 23:29 . 2011-08-23 23:29    --------    d-----w-    c:\program files (x86)\Common Files\Windows Live
2011-08-23 23:24 . 2011-08-23 23:24    --------    d-----w-    c:\program files (x86)\Microsoft Visual Studio 8
2011-08-23 23:18 . 2009-05-27 08:54    1654784    ----a-w-    c:\windows\Acer Crystal Eye webcam.EXE
2011-08-23 23:18 . 2009-05-27 08:48    8362    ----a-w-    c:\windows\Suyin.reg
2011-08-23 23:18 . 2008-12-30 11:42    626688    ----a-w-    c:\windows\Image.dll
2011-08-23 23:18 . 2008-07-29 17:29    200704    ----a-w-    c:\windows\PLFSetI.exe
2011-08-23 23:18 . 2008-06-25 12:22    20480    ----a-w-    c:\windows\USB_VIDEO_REG.exe
2011-08-23 23:15 . 2011-08-23 23:15    --------    d-----w-    c:\windows\SysWow64\Atheros_L1e
2011-08-23 23:13 . 2011-08-23 23:13    --------    d-----w-    c:\program files\Synaptics
2011-08-23 23:06 . 2011-08-23 23:06    --------    d-----w-    c:\program files (x86)\OEM
2011-08-23 23:06 . 2011-08-23 23:06    --------    d-----w-    c:\program files\Acer Accessory Store
2011-08-23 23:05 . 2011-08-24 00:31    --------    d-----w-    c:\users\GINA.GINA-PC
2011-08-23 23:04 . 2011-08-23 23:04    --------    d-----w-    C:\Recovery
2011-08-23 23:04 . 2011-08-23 23:04    --------    d-sh--we    c:\users\Default\Vorlagen
2011-08-23 23:04 . 2011-08-23 23:04    --------    d-sh--we    c:\users\Default\Startmenü
2011-08-23 23:04 . 2011-08-23 23:04    --------    d-sh--we    c:\users\Default\Netzwerkumgebung
2011-08-23 23:04 . 2011-08-23 23:04    --------    d-sh--we    c:\users\Default\Lokale Einstellungen
2011-08-23 23:04 . 2011-08-23 23:04    --------    d-sh--we    c:\users\Default\Eigene Dateien
2011-08-23 23:04 . 2011-08-23 23:04    --------    d-sh--we    c:\users\Default\Druckumgebung
2011-08-23 23:04 . 2011-08-23 23:04    --------    d-sh--we    c:\users\Default\AppData\Local\Verlauf
2011-08-23 23:04 . 2011-08-23 23:04    --------    d-sh--we    c:\users\Default\AppData\Local\Anwendungsdaten
2011-08-23 23:04 . 2011-08-23 23:04    --------    d-sh--we    c:\users\Default\Anwendungsdaten
2011-08-23 23:04 . 2011-08-23 23:04    --------    d-sh--we    c:\program files\Gemeinsame Dateien
2011-08-23 22:53 . 2011-08-23 22:53    --------    d-----w-    c:\program files\Common Files\ATI Technologies
2011-08-23 22:51 . 2011-08-23 22:51    --------    d-----w-    c:\program files\ATI
2011-08-23 22:51 . 2011-08-23 22:56    --------    d-----w-    c:\program files (x86)\ATI Technologies
2011-08-23 22:48 . 2011-08-23 22:48    0    ----a-w-    c:\windows\ativpsrm.bin
2011-07-29 08:43 . 2011-07-29 08:43    --------    d-----w-    c:\programdata\regid.1986-12.com.adobe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-24 08:24 . 2011-08-24 08:24    2560    ----a-w-    c:\windows\SysWow64\drivers\de-DE\qwavedrv.sys.mui
2011-08-24 08:23 . 2011-08-24 08:23    2560    ----a-w-    c:\windows\SysWow64\drivers\de-DE\scfilter.sys.mui
2011-08-24 08:23 . 2011-08-24 08:23    5632    ----a-w-    c:\windows\SysWow64\drivers\de-DE\ndiscap.sys.mui
2011-08-24 08:22 . 2011-08-24 08:22    51712    ----a-w-    c:\windows\SysWow64\drivers\de-DE\tcpip.sys.mui
2011-08-24 08:22 . 2011-08-24 08:22    29696    ----a-w-    c:\windows\SysWow64\drivers\de-DE\bfe.dll.mui
2011-08-24 08:22 . 2011-08-24 08:22    16896    ----a-w-    c:\windows\SysWow64\drivers\de-DE\pacer.sys.mui
2011-08-23 22:58 . 2009-10-03 02:34    6    ----a-w-    c:\windows\system32\PLD_Framework.cmd
.
[code]<pre>
c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent .exe
c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService .exe
c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl .exe
c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart .exe
c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate .exe
c:\program files (x86)\Launch Manager\LManager .exe
c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation .exe
</pre>
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2009-10-03 02:55 433648 ----a-w- c:\programdata\Partner\Partner.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-08-06 17:18 120104 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spyware Doctor with AntiVirus"="c:\users\GINA.GINA-PC\Desktop\PCTools_Safe_Install.exe" [N/A]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [N/A]
"EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" [N/A]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [N/A]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [N/A]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [N/A]
"ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [N/A]
"PlayMovie"="c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-24 135664]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-24 135664]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
R3 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe [2009-10-03 332272]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2009-09-02 225280]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2009-08-29 844320]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-08-06 311592]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2011-08-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-24 00:30]
.
2011-08-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-24 00:30]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2009-10-03 02:55 750064 ----a-w- c:\programdata\Partner\Partner64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-08-06 17:19 137512 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-08-29 824352]
"mwlDaemon"="c:\program files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-08-06 349480]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [N/A]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5732z&r=27360811l315l0394z145t48j2c883
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5732z&r=27360811l315l0394z145t48j2c883
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Free YouTube to MP3 Converter - c:\users\GINA.GINA-PC\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.0.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
Toolbar-Locked - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
c:\windows\Syswow64\ping.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-08-25 13:45:44 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2011-08-25 11:45
.
Vor Suchlauf: 13 Verzeichnis(se), 286.142.066.688 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 308.324.974.592 Bytes frei
.
- - End Of File - - 9558A8EB8BE582342737B723264FF646
[/Code]
Dieser Beitrag wurde am 26.08.2011 um 15:56 Uhr von BloodySun editiert.
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:
Seite(n): 1