|
Plagegeister aller Art und deren Bekämpfung: unbekannter Viren befallWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
10.10.2011, 17:33 | #1 |
| unbekannter Viren befall Hallo, ich bin verzweifelt auf der suche nach hilfe das Netbook meiner Schwester funktioniert nicht mer richtig ich hab keine ahnung was es ist und auch keine ahnung was ich noch machen kann könnt ihr mir helfen? ich bedanke mich schon mal im vorraus Mit freundlichen grüßen kronski |
10.10.2011, 18:46 | #2 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | unbekannter Viren befallZitat:
Wie stellst du dir das vor soll man da nen Ansatz finden?
__________________ |
10.10.2011, 18:48 | #3 |
| unbekannter Viren befall entschuldigunt
__________________ich mach grad alle scanns |
10.10.2011, 18:50 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | unbekannter Viren befall Die Scans ersetzen aber nicht die Problembeschreibung! Wenn wir uns schon in unserer Freizeit um dein Problem (!) kümmern sollen, dann musst du auch schon mal genauer beschreiben was du mit "funktioniert nicht mehr richtig" eigentlich meinst! Das ist deine Bringschuld und nicht unsere Holschuld!
__________________ Logfiles bitte immer in CODE-Tags posten |
10.10.2011, 18:50 | #5 |
| unbekannter Viren befall defogger: defogger_disable by jpshortstuff (23.02.10.1) Log created at 00:39 on 01/01/2002 (Marlene) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- entschuldigung also die probleme sind: das wlan funktioniert nicht ich kann nicht alle dateien auf meine externe festplatte ziehen und er kann nicht updaten hier das logfile von malwarebytes: Malwarebytes' Anti-Malware 1.51.2.1300 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: 7907 Windows 6.1.7601 Service Pack 1 Internet Explorer 8.0.7601.17514 01.01.2002 02:19:14 mbam-log-2002-01-01 (02-19-14).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 265173 Laufzeit: 1 Stunde(n), 55 Minute(n), 15 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) hier die OTL logfiles OTL Logfile: Code:
ATTFilter OTL logfile created on: 1/1/2002 2:26:22 AM - Run 1 OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Marlene\Desktop Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1015.24 Mb Total Physical Memory | 400.36 Mb Available Physical Memory | 39.43% Memory free 1.99 Gb Paging File | 1.21 Gb Available in Paging File | 60.62% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 80.00 Gb Total Space | 17.92 Gb Free Space | 22.40% Space Free | Partition Type: NTFS Drive D: | 59.03 Gb Total Space | 20.77 Gb Free Space | 35.18% Space Free | Partition Type: NTFS Computer Name: EEE-PC | User Name: Marlene | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/09/27 21:34:02 | 000,894,304 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe PRC - [2011/09/27 20:08:40 | 000,745,880 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011/06/30 11:35:03 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2011/06/24 05:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2011/04/28 13:27:12 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2011/03/21 19:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010/12/08 22:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe PRC - [2010/12/08 20:30:06 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010/01/14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2009/09/11 09:34:38 | 000,750,008 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotkeyService.exe PRC - [2009/09/11 04:41:02 | 000,100,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe PRC - [2009/08/19 01:35:56 | 000,219,136 | ---- | M] () -- C:\Windows\System32\AsusService.exe PRC - [2002/01/01 00:55:50 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Marlene\Desktop\OTL.exe ========== Modules (No Company Name) ========== MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011/03/21 19:57:34 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011/03/21 19:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (ACDaemon) SRV - [2011/09/27 20:08:40 | 000,745,880 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater) SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011/06/30 11:35:03 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011/06/29 14:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion) SRV - [2011/04/28 13:27:12 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2009/08/19 01:35:56 | 000,219,136 | ---- | M] () [Auto | Running] -- C:\Windows\System32\AsusService.exe -- (AsusService) SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011/06/30 11:35:09 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011/06/30 11:35:09 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009/10/05 16:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2009/07/27 08:06:46 | 000,051,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) DRV - [2009/07/20 10:29:00 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr) DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009/03/25 16:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm) DRV - [2009/03/25 16:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) DRV - [2009/03/25 16:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) DRV - [2009/03/25 16:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex) DRV - [2009/03/25 16:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM) DRV - [2009/03/25 16:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS) DRV - [2009/03/25 16:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl) DRV - [2009/02/13 11:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2008/01/09 10:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Asus | MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = ASUS Eee Family | Easy to Learn, Work and Play [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = ASUS Eee Family | Easy to Learn, Work and Play [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Asus | MSN IE - HKCU\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll (Spigot, Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=827316" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm" FF - prefs.js..browser.search.param.yahoo-type: "${8}" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.8 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:4.6 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1 FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.6 FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=827316&p=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: c:\Program Files\Sony\Media Go\npmediago.dll (Sony Creative Software Inc) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010/12/28 10:58:25 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010/12/28 10:58:28 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2002/01/01 15:29:25 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2002/01/01 15:27:24 | 000,000,000 | ---D | M] [2009/12/15 16:32:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marlene\AppData\Roaming\Mozilla\Extensions [2011/07/29 18:11:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marlene\AppData\Roaming\Mozilla\Firefox\Profiles\01ypt6zi.default\extensions [2011/05/10 18:08:52 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Marlene\AppData\Roaming\Mozilla\Firefox\Profiles\01ypt6zi.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011/06/29 14:39:25 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Marlene\AppData\Roaming\Mozilla\Firefox\Profiles\01ypt6zi.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010/09/14 16:58:57 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Marlene\AppData\Roaming\Mozilla\Firefox\Profiles\01ypt6zi.default\extensions\personas@christopher.beard [2002/01/01 21:35:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2010/08/01 22:43:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2002/01/01 21:35:58 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM [2002/01/01 21:35:59 | 000,000,000 | ---D | M] (pdfforge Toolbar) -- C:\PROGRAM FILES\PDFFORGE TOOLBAR\FF [2011/09/23 05:44:20 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010/07/17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011/09/23 02:52:52 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011/09/23 02:46:24 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011/09/23 02:52:52 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011/09/23 02:52:52 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2011/09/23 02:52:52 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2011/09/23 02:52:52 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll File not found O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll (Spigot, Inc.) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll File not found O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found. O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll File not found O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [HotkeyService] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray File not found O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) O4 - HKLM..\Run: [SuperHybridEngine] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated) O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Marlene\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E50694D-488B-45CD-8E10-1628597B4270}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{0425763c-b0d8-11df-a709-90e6ba21bc22}\Shell - "" = AutoRun O33 - MountPoints2\{0425763c-b0d8-11df-a709-90e6ba21bc22}\Shell\AutoRun\command - "" = E:\Startme.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/09/26 20:15:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011/09/26 20:14:43 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011/09/12 19:23:44 | 000,000,000 | ---D | C] -- C:\Users\Marlene\Documents\Handysicherung [2011/09/02 15:27:32 | 000,000,000 | ---D | C] -- C:\Users\Marlene\Documents\WG Regensburg [2011/08/09 10:45:20 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2011/08/09 10:38:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011/08/09 10:38:02 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2011/07/05 13:09:17 | 000,000,000 | ---D | C] -- C:\windows\System32\SPReview [2011/07/05 13:05:01 | 000,000,000 | ---D | C] -- C:\windows\System32\EventProviders [2011/07/03 09:30:36 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\windows\System32\fms.dll [2011/06/27 08:08:41 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update [2011/05/10 18:08:49 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Roaming\DVDVideoSoftIEHelpers [2011/05/10 18:08:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Plasmoo [2011/03/27 13:07:17 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Roaming\Opera [2011/03/27 13:07:17 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Local\Opera [2011/03/27 13:07:05 | 000,000,000 | ---D | C] -- C:\Program Files\Opera [2011/03/19 18:20:22 | 000,000,000 | ---D | C] -- C:\Program Files\Avanquest update [2011/03/19 18:20:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Avanquest [2011/03/19 18:20:06 | 000,000,000 | ---D | C] -- C:\Users\Marlene\Documents\Sony Ericsson [2011/03/19 18:18:14 | 000,000,000 | ---D | C] -- C:\ProgramData\BVRP Software [2011/03/01 23:06:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Google [2011/02/16 21:07:36 | 000,000,000 | ---D | C] -- C:\Users\Marlene\Documents\Au-Pair Unterlagen [2011/01/17 14:46:37 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Roaming\Avira [2010/12/28 10:58:39 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Roaming\Local [2010/12/28 10:57:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine [2010/12/28 10:56:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus [2010/12/17 10:06:25 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Local\Sony Ericsson [2010/12/06 15:31:16 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\windows\System32\drivers\avgntdd.sys [2010/12/06 15:31:16 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\windows\System32\drivers\avgntmgr.sys [2010/12/05 18:41:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot [2010/12/05 18:40:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator [2010/12/05 18:40:23 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator [2010/12/01 15:15:51 | 000,000,000 | ---D | C] -- C:\Users\Marlene\Documents\Religion [2010/11/27 17:07:11 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2010/11/25 18:19:56 | 000,000,000 | ---D | C] -- C:\Users\Marlene\Documents\Wirtschaft [2010/11/14 21:47:13 | 000,000,000 | ---D | C] -- C:\Users\Marlene\Podcasts [2010/11/14 21:47:13 | 000,000,000 | ---D | C] -- C:\Users\Marlene\Documents\Media Go [2010/11/14 17:16:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony [2010/11/14 17:16:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sony Shared [2010/11/14 17:14:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation [2010/11/14 17:10:30 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Roaming\Sony Setup [2010/11/14 17:10:05 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Setup [2010/11/12 01:44:54 | 000,094,208 | ---- | C] (DivX, Inc.) -- C:\windows\System32\dpl100.dll [2010/11/08 23:57:04 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\windows\System32\DivXControlPanelApplet.cpl [2010/11/07 18:00:16 | 000,000,000 | ---D | C] -- C:\windows\Minidump [2010/11/02 14:18:43 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Roaming\DivX [2010/11/02 14:14:44 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Local\Google [2010/11/02 14:14:41 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2010/11/02 14:09:01 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2010/11/02 11:06:52 | 000,000,000 | ---D | C] -- C:\Users\Marlene\Documents\Sonstiges [2010/11/02 11:06:03 | 000,000,000 | ---D | C] -- C:\Users\Marlene\Documents\Mathe [2010/09/30 18:31:52 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Roaming\InstallShield [2010/08/26 12:27:13 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Local\Sony [2010/08/26 12:22:25 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe9EC4.dll [2010/08/26 12:22:20 | 000,027,632 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\windows\System32\drivers\seehcri.sys [2010/08/26 12:20:48 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Local\Downloaded Installations [2010/08/26 12:19:51 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Roaming\Sony [2010/08/26 12:08:09 | 000,114,728 | ---- | C] (MCCI Corporation) -- C:\windows\System32\drivers\s1018mdm.sys [2010/08/26 12:08:09 | 000,109,864 | ---- | C] (MCCI Corporation) -- C:\windows\System32\drivers\s1018unic.sys [2010/08/26 12:08:09 | 000,106,208 | ---- | C] (MCCI Corporation) -- C:\windows\System32\drivers\s1018mgmt.sys [2010/08/26 12:08:09 | 000,104,744 | ---- | C] (MCCI Corporation) -- C:\windows\System32\drivers\s1018obex.sys [2010/08/26 12:08:09 | 000,086,824 | ---- | C] (MCCI Corporation) -- C:\windows\System32\drivers\s1018bus.sys [2010/08/26 12:08:09 | 000,026,024 | ---- | C] (MCCI Corporation) -- C:\windows\System32\drivers\s1018nd5.sys [2010/08/26 12:08:09 | 000,015,016 | ---- | C] (MCCI Corporation) -- C:\windows\System32\drivers\s1018mdfl.sys [2010/08/26 12:08:09 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\windows\System32\drivers\s1018whnt.sys [2010/08/26 12:08:09 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\windows\System32\drivers\s1018wh.sys [2010/08/26 12:08:09 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\windows\System32\drivers\s1018cmnt.sys [2010/08/26 12:08:09 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\windows\System32\drivers\s1018cm.sys [2010/08/26 12:08:09 | 000,010,792 | ---- | C] (MCCI Corporation) -- C:\windows\System32\drivers\s1018cr.sys [2010/08/26 12:08:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony Ericsson [2010/08/26 12:08:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson [2010/08/26 12:08:03 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson [2010/08/18 15:14:45 | 000,000,000 | ---D | C] -- C:\windows\System32\x64 [2010/08/05 19:42:57 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Roaming\Nokia [2010/08/05 19:42:56 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Roaming\PC Suite [2010/08/05 19:42:54 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite [2010/08/05 19:41:50 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2010/08/05 19:40:40 | 000,092,672 | ---- | C] (Nokia) -- C:\windows\System32\nmwcdcls.dll [2010/08/05 19:40:38 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia [2010/08/05 19:38:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations [2010/08/01 22:46:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2010/06/29 17:38:53 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Roaming\Philips [2010/06/29 17:35:49 | 020,615,432 | ---- | C] (Macrovision Corporation) -- C:\Users\Marlene\AppData\Roaming\sa1mus08k_02_pal_eng.exe [2010/06/29 17:30:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Napster [2010/06/29 17:29:12 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Local\Programs [2010/06/29 17:28:45 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Local\ArcSoft [2010/06/29 17:28:43 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Roaming\ArcSoft [2010/06/29 17:28:08 | 000,000,000 | -H-D | C] -- C:\ProgramData\ArcSoft [2010/06/29 17:27:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ArcSoft [2010/06/29 17:22:14 | 000,000,000 | ---D | C] -- C:\temp [2010/06/23 17:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2010/06/22 15:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2010/06/22 15:51:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in [2010/06/13 16:56:35 | 000,000,000 | ---D | C] -- C:\Users\Marlene\Documents\Musik [2010/05/21 15:11:51 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Roaming\Apple Computer [2010/05/21 15:11:46 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Local\Apple Computer [2010/05/21 15:10:17 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2010/05/21 15:07:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2010/05/21 15:07:10 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Local\Apple [2010/05/21 15:05:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2010/05/21 15:05:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2010/04/30 13:09:10 | 000,000,000 | R--D | C] -- C:\Users\Marlene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2010/04/30 13:09:10 | 000,000,000 | R--D | C] -- C:\Users\Marlene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2010/04/21 18:04:16 | 000,000,000 | ---D | C] -- C:\Users\Marlene\Documents\DVDVideoSoft [2010/04/14 17:30:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010/04/14 10:40:02 | 000,590,848 | ---- | C] (Nokia) -- C:\windows\System32\drivers\UMDF\PCCSWpdDriver.dll [2010/04/06 11:12:00 | 000,000,000 | ---D | C] -- C:\Users\Marlene\Documents\E-Cam [2010/04/05 08:42:08 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2010/02/26 13:32:52 | 000,662,016 | ---- | C] (Nokia) -- C:\windows\System32\nmwcdcocls.dll [2010/02/19 20:27:36 | 000,720,384 | ---- | C] (DivX, Inc.) -- C:\windows\System32\DivX.dll [2010/02/19 20:27:16 | 000,856,064 | ---- | C] (DivX, Inc.) -- C:\windows\System32\divx_xx0c.dll [2010/02/19 20:27:16 | 000,856,064 | ---- | C] (DivX, Inc.) -- C:\windows\System32\divx_xx07.dll [2010/02/19 20:27:16 | 000,847,872 | ---- | C] (DivX, Inc.) -- C:\windows\System32\divx_xx0a.dll [2010/02/19 20:27:16 | 000,843,776 | ---- | C] (DivX, Inc.) -- C:\windows\System32\divx_xx16.dll [2010/02/19 20:27:16 | 000,839,680 | ---- | C] (DivX, Inc.) -- C:\windows\System32\divx_xx11.dll [2010/02/18 15:46:49 | 000,000,000 | ---D | C] -- C:\Users\Marlene\Documents\Berufsorientierung [2010/02/18 12:58:20 | 000,000,000 | ---D | C] -- C:\Users\Marlene\Documents\Bewerbungsunterlagen [2010/02/03 17:34:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared [2010/02/03 17:34:01 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2010/01/27 17:31:24 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Local\Yahoo [2010/01/27 17:15:36 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Roaming\Yahoo! [2010/01/27 17:11:45 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo! [2010/01/23 11:51:43 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Local\Diagnostics [2010/01/21 16:05:51 | 000,000,000 | ---D | C] -- C:\Users\Marlene\Documents\P-Seminar Reli [2010/01/19 11:59:47 | 000,000,000 | ---D | C] -- C:\Users\Marlene\Documents\W-Seminario Spanisch [2010/01/17 19:43:08 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Local\Microsoft Help [2010/01/02 10:42:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 5 [2009/12/24 13:36:05 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Local\Microsoft Games [2009/12/24 12:34:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Arcade Lab [2009/12/23 21:56:58 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Roaming\GameConsole [2009/12/23 21:56:38 | 000,000,000 | -HSD | C] -- C:\Users\Marlene\AppData\Roaming\.# [2009/12/23 18:22:04 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Local\Adobe [2009/12/20 10:39:13 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Roaming\skypePM [2009/12/20 10:36:15 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Roaming\Skype [2009/12/18 14:50:13 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Roaming\OpenOffice.org [2009/12/15 19:26:24 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2009/12/15 19:21:59 | 000,800,544 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Marlene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jxpiinstall-rv.exe [2009/12/15 18:13:12 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Roaming\Macromedia [2009/12/15 18:13:11 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Roaming\Adobe [2009/12/15 16:32:17 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Roaming\Mozilla [2009/12/15 16:32:17 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Local\Mozilla [2009/12/15 16:28:42 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Local\VirtualStore [2009/12/10 19:07:42 | 000,000,000 | ---D | C] -- C:\Users\Marlene\Documents\Spanisch Referat [2009/12/08 20:03:14 | 000,000,000 | ---D | C] -- C:\Users\Marlene\Programme [2009/12/06 13:16:20 | 000,000,000 | ---D | C] -- C:\ProgramData\InterAction studios [2009/12/05 15:10:17 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.1 [2009/12/05 15:05:58 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3 [2009/12/05 14:08:36 | 000,000,000 | ---D | C] -- C:\Program Files\Sony [2009/12/03 06:18:23 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution [2009/12/02 22:29:08 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2009/12/02 21:35:00 | 000,000,000 | ---D | C] -- C:\windows\ConfigSetRoot [2009/12/02 21:34:07 | 000,000,000 | ---D | C] -- C:\windows\System32\DRVSTORE [2009/12/02 21:33:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework [2009/12/02 21:31:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2009/12/02 21:30:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft [2009/12/02 21:29:58 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2009/12/02 21:29:48 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive [2009/12/02 21:29:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [2009/12/02 21:29:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live [2009/12/02 21:27:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live [2009/12/02 21:25:09 | 000,000,000 | --SD | C] -- C:\Users\Marlene\AppData\Roaming\Microsoft [2009/12/02 21:25:09 | 000,000,000 | R--D | C] -- C:\Users\Marlene\Videos [2009/12/02 21:25:09 | 000,000,000 | R--D | C] -- C:\Users\Marlene\Searches [2009/12/02 21:25:09 | 000,000,000 | R--D | C] -- C:\Users\Marlene\Saved Games [2009/12/02 21:25:09 | 000,000,000 | R--D | C] -- C:\Users\Marlene\Pictures [2009/12/02 21:25:09 | 000,000,000 | R--D | C] -- C:\Users\Marlene\Music [2009/12/02 21:25:09 | 000,000,000 | R--D | C] -- C:\Users\Marlene\Links [2009/12/02 21:25:09 | 000,000,000 | R--D | C] -- C:\Users\Marlene\Favorites [2009/12/02 21:25:09 | 000,000,000 | R--D | C] -- C:\Users\Marlene\Downloads [2009/12/02 21:25:09 | 000,000,000 | R--D | C] -- C:\Users\Marlene\Documents [2009/12/02 21:25:09 | 000,000,000 | R--D | C] -- C:\Users\Marlene\Desktop [2009/12/02 21:25:09 | 000,000,000 | R--D | C] -- C:\Users\Marlene\Contacts [2009/12/02 21:25:09 | 000,000,000 | -H-D | C] -- C:\Users\Marlene\AppData [2009/12/02 21:25:09 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Local\Temp [2009/12/02 21:25:09 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Local\Microsoft [2009/12/02 21:24:14 | 000,000,000 | -HSD | C] -- C:\Recovery [2009/12/02 20:47:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [2009/12/02 20:47:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft [2009/12/02 20:47:26 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft [2009/12/02 19:56:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2009/12/02 19:56:10 | 000,138,192 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avipbb.sys [2009/12/02 19:56:10 | 000,066,616 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avgntflt.sys [2009/12/02 19:56:07 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\ssmdrv.sys [2009/12/02 19:55:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2009/12/02 19:55:27 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2009/12/02 19:39:27 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2009/10/05 16:31:50 | 001,221,632 | ---- | C] (Atheros Communications, Inc.) -- C:\windows\System32\drivers\athr.sys [2009/09/14 22:08:09 | 000,000,000 | -HSD | C] -- C:\Boot [2009/09/14 06:09:59 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2009/08/20 05:42:43 | 000,027,648 | ---- | C] (ASUSTek Computer Inc.) -- C:\windows\System32\AsusSender.exe [2009/08/19 21:41:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\E-Cam [2009/08/19 21:41:34 | 000,000,000 | ---D | C] -- C:\Program Files\E-Cam [2009/08/19 21:39:14 | 008,082,800 | ---- | C] (Boingo Wireless, Inc.) -- C:\Users\Public\Desktop\Boingo Wi-Fi Setup.exe [2009/08/19 21:35:40 | 000,000,000 | ---D | C] -- C:\Program Files\EeePC [2009/08/19 21:30:53 | 000,035,624 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe [2009/08/19 21:30:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Park [2009/08/19 21:30:34 | 000,000,000 | ---D | C] -- C:\Program Files\Oberon Media [2009/08/19 21:30:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Oberon Media [2009/08/19 21:24:45 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS [2009/08/19 21:24:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS [2009/08/19 21:21:37 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics [2009/08/19 21:18:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink Driver [2009/08/19 19:57:07 | 001,176,064 | ---- | C] (Atheros Communications, Inc.) -- C:\windows\System32\athr.sys [2009/08/19 19:57:07 | 000,000,000 | ---D | C] -- C:\Program Files\Atheros [2009/08/19 19:57:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros [2009/08/19 19:20:31 | 000,000,000 | ---D | C] -- C:\windows\System32\Atheros_L1e [2009/08/19 19:19:11 | 000,000,000 | ---D | C] -- C:\windows\System32\SRSLabs [2009/08/19 19:19:10 | 000,000,000 | ---D | C] -- C:\windows\System32\RTCOM [2009/08/19 19:18:53 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\System32\RP3DHT32.dll [2009/08/19 19:18:52 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\System32\RP3DAA32.dll [2009/08/19 19:18:52 | 000,160,256 | ---- | C] (Fortemedia Corporation) -- C:\windows\System32\FMAPO.dll [2009/08/19 19:18:51 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2009/08/19 19:18:51 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2009/08/19 19:18:49 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp [2009/08/19 19:18:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2009/08/19 19:14:42 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\windows\System32\CSVer.dll [2009/08/19 19:14:42 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2009/08/19 19:14:22 | 000,000,000 | ---D | C] -- C:\Intel [2009/08/19 18:00:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR [2009/08/19 06:23:12 | 000,000,000 | ---D | C] -- C:\windows\System32\Macromed [2009/08/19 06:22:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2009/08/19 06:22:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2009/08/19 06:22:53 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2009/08/19 06:22:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2009/08/19 06:11:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8 [2009/08/19 06:10:19 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2009/08/19 06:08:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works [2009/08/19 06:08:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2009/08/19 06:08:11 | 000,000,000 | ---D | C] -- C:\windows\PCHEALTH [2009/08/19 06:08:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2009/08/19 06:06:47 | 000,000,000 | ---D | C] -- C:\windows\SHELLNEW [2009/08/19 06:06:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2009/08/19 06:06:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2009/08/19 06:06:09 | 000,000,000 | RH-D | C] -- C:\MSOCache [2009/08/19 06:05:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2009/08/19 06:04:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2009/08/19 06:04:51 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2009/08/19 06:04:38 | 000,000,000 | -HSD | C] -- C:\windows\Installer [2009/08/19 06:04:37 | 000,000,000 | ---D | C] -- C:\windows\AP [2009/08/14 10:00:08 | 000,013,880 | ---- | C] ( ) -- C:\windows\System32\drivers\kbfiltr.sys [2009/08/14 10:00:07 | 000,051,712 | ---- | C] (Atheros Communications, Inc.) -- C:\windows\System32\drivers\L1C62x86.sys [2009/07/26 02:27:53 | 000,000,000 | ---D | C] -- C:\windows\de-DE [2009/07/26 02:27:40 | 000,000,000 | ---D | C] -- C:\windows\System32\0407 [2009/07/26 02:27:39 | 000,000,000 | ---D | C] -- C:\windows\System32\drivers\UMDF\de-DE [2009/07/26 02:27:39 | 000,000,000 | ---D | C] -- C:\windows\System32\drivers\de-DE [2009/07/26 02:27:36 | 000,000,000 | ---D | C] -- C:\windows\System32\de [2009/07/26 02:25:51 | 000,033,280 | ---- | C] (Marvell) -- C:\windows\System32\drivers\de-DE\yk62x86.sys.mui [2009/07/26 02:25:51 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\windows\System32\drivers\de-DE\BrSerIb.sys.mui [2009/07/26 02:25:51 | 000,010,752 | ---- | C] (Agere Systems) -- C:\windows\System32\drivers\de-DE\ltmdmnt.sys.mui [2009/07/26 02:25:46 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\windows\System32\drivers\de-DE\BrSerId.sys.mui [2009/07/26 02:25:46 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\windows\System32\drivers\de-DE\pscr.sys.mui [2009/07/26 02:25:46 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\windows\System32\drivers\de-DE\BrParwdm.sys.mui [2009/07/26 02:17:14 | 000,000,000 | ---D | C] -- C:\windows\System32\XPSViewer [2009/07/25 09:25:39 | 000,000,000 | ---D | C] -- C:\windows\panther [2009/07/25 09:25:39 | 000,000,000 | ---D | C] -- C:\windows\System32\OEM [2009/07/25 08:27:56 | 000,000,000 | ---D | C] -- C:\windows\Prefetch [2009/07/14 05:56:48 | 000,000,000 | ---D | C] -- C:\windows\System32\winrm [2009/07/14 05:56:48 | 000,000,000 | ---D | C] -- C:\windows\System32\WCN [2009/07/14 05:56:48 | 000,000,000 | ---D | C] -- C:\windows\System32\slmgr [2009/07/14 05:56:48 | 000,000,000 | ---D | C] -- C:\windows\DigitalLocker [2009/07/14 05:56:47 | 000,000,000 | ---D | C] -- C:\windows\System32\Printing_Admin_Scripts [2009/07/14 05:53:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates [2009/07/14 05:53:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Start Menu [2009/07/14 05:53:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Videos [2009/07/14 05:53:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Pictures [2009/07/14 05:53:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Music [2009/07/14 05:53:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favorites [2009/07/14 05:53:55 | 000,000,000 | -HSD | C] -- C:\Documents and Settings [2009/07/14 05:53:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents [2009/07/14 05:53:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop [2009/07/14 05:53:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data [2009/07/14 05:53:23 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information [2009/07/14 05:52:30 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [2009/07/14 05:52:30 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2009/07/14 05:52:30 | 000,000,000 | ---D | C] -- C:\windows\System32\WindowsPowerShell [2009/07/14 05:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar [2009/07/14 05:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices [2009/07/14 05:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Photo Viewer [2009/07/14 05:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player [2009/07/14 05:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Defender [2009/07/14 05:52:30 | 000,000,000 | ---D | C] -- C:\windows\System32\WinBioPlugIns [2009/07/14 05:52:30 | 000,000,000 | ---D | C] -- C:\windows\System32\WinBioDatabase [2009/07/14 05:52:30 | 000,000,000 | ---D | C] -- C:\windows\twain_32 [2009/07/14 05:52:30 | 000,000,000 | ---D | C] -- C:\windows\System32\restore [2009/07/14 05:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2009/07/14 05:52:30 | 000,000,000 | ---D | C] -- C:\windows\Performance [2009/07/14 05:52:30 | 000,000,000 | ---D | C] -- C:\windows\Offline Web Pages [2009/07/14 05:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2009/07/14 05:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games [2009/07/14 05:52:30 | 000,000,000 | ---D | C] -- C:\windows\System32\FxsTmp [2009/07/14 05:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\DVD Maker [2009/07/14 05:52:30 | 000,000,000 | ---D | C] -- C:\windows\Downloaded Program Files [2009/07/14 05:52:30 | 000,000,000 | ---D | C] -- C:\windows\diagnostics [2009/07/14 05:52:30 | 000,000,000 | ---D | C] -- C:\windows\addins [2009/07/14 05:34:21 | 000,000,000 | ---D | C] -- C:\windows\debug [2009/07/14 05:34:16 | 000,000,000 | ---D | C] -- C:\windows\Setup [2009/07/14 05:34:13 | 000,000,000 | ---D | C] -- C:\windows\ServiceProfiles [2009/07/14 05:34:06 | 000,000,000 | --SD | C] -- C:\windows\System32\Microsoft [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\System32\zh-TW [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\System32\zh-HK [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\System32\zh-CN [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\winsxs [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\System32\winevt [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\System32\wfp [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\Web [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\System32\wdi [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\System32\wbem [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\Vss [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\System32\uk-UA [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\System32\tr-TR [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\tracing [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\System32\th-TH [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\Temp [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\Tasks [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\System32\Tasks [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\TAPI [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\System32\sysprep [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\System32\sv-SE [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\System32\sr-Latn-CS [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\System32\sppui [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\System32\spp [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\System32\spool [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\System32\Speech [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\System32\SMI [2009/07/14 03:37:09 | 000,000,000 | ---D | C] -- C:\windows\System32\sl-SI [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\drivers\UMDF [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\sk-SK [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\Setup [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\ru-RU [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\ro-RO [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\Recovery [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\ras [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\pt-PT [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\pt-BR [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\pl-PL [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\oobe [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\nl-NL [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\NetworkList [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\NDF [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\nb-NO [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\MUI [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\Msdtc [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\migwiz [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\migration [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\manifeststore [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\lv-LV [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\lt-LT [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\LogFiles [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\ko-KR [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\ja-JP [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\it-IT [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\inetsrv [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\IME [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\icsxml [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\ias [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\hu-HU [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\hr-HR [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\he-IL [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\GroupPolicyUsers [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\GroupPolicy [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\fr-FR [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\fi-FI [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\et-EE [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\drivers\etc [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\es-ES [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\en-US [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\el-GR [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\DriverStore [2009/07/14 03:37:08 | 000,000,000 | ---D | C] -- C:\windows\System32\drivers [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\System32 [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\system [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\Speech [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\servicing [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\security [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\schemas [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\SchCache [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\Resources [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\rescache [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\registration [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\PolicyDefinitions [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\PLA [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\ModemLogs [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\Microsoft.NET [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\System32\Dism [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\System32\de-DE [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\System32\da-DK [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\System32\cs-CZ [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\System32\config [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\System32\com [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\System32\CodeIntegrity [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\System32\catroot2 [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\System32\catroot [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\System32\Boot [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\System32\bg-BG [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\System32\ar-SA [2009/07/14 03:37:07 | 000,000,000 | ---D | C] -- C:\windows\System32\AdvancedInstallers [2009/07/14 03:37:06 | 000,000,000 | R-SD | C] -- C:\windows\Media [2009/07/14 03:37:06 | 000,000,000 | R-SD | C] -- C:\windows\Fonts [2009/07/14 03:37:06 | 000,000,000 | ---D | C] -- C:\windows\Logs [2009/07/14 03:37:06 | 000,000,000 | ---D | C] -- C:\windows\LiveKernelReports [2009/07/14 03:37:06 | 000,000,000 | ---D | C] -- C:\windows\L2Schemas [2009/07/14 03:37:06 | 000,000,000 | ---D | C] -- C:\windows\inf [2009/07/14 03:37:06 | 000,000,000 | ---D | C] -- C:\windows\IME [2009/07/14 03:37:06 | 000,000,000 | ---D | C] -- C:\windows\Help [2009/07/14 03:37:06 | 000,000,000 | ---D | C] -- C:\windows\Globalization [2009/07/14 03:37:06 | 000,000,000 | ---D | C] -- C:\windows\Cursors [2009/07/14 03:37:06 | 000,000,000 | ---D | C] -- C:\windows\Branding [2009/07/14 03:37:06 | 000,000,000 | ---D | C] -- C:\windows\Boot [2009/07/14 03:37:05 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft [2009/07/14 03:37:05 | 000,000,000 | R-SD | C] -- C:\windows\assembly [2009/07/14 03:37:05 | 000,000,000 | R--D | C] -- C:\Users [2009/07/14 03:37:05 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [2009/07/14 03:37:05 | 000,000,000 | R--D | C] -- C:\Program Files [2009/07/14 03:37:05 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [2009/07/14 03:37:05 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [2009/07/14 03:37:05 | 000,000,000 | -H-D | C] -- C:\ProgramData [2009/07/14 03:37:05 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT [2009/07/14 03:37:05 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Mail [2009/07/14 03:37:05 | 000,000,000 | ---D | C] -- C:\Windows [2009/07/14 03:37:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System [2009/07/14 03:37:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines [2009/07/14 03:37:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services [2009/07/14 03:37:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\microsoft shared [2009/07/14 03:37:05 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer [2009/07/14 03:37:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files [2009/07/14 03:37:05 | 000,000,000 | ---D | C] -- C:\windows\AppPatch [2009/07/14 03:37:05 | 000,000,000 | ---D | C] -- C:\windows\AppCompat [2009/07/14 03:36:15 | 000,000,000 | -HSD | C] -- C:\$Recycle.Bin [2009/07/14 01:59:14 | 000,017,408 | ---- | C] (Brother Industries Ltd.) -- C:\windows\System32\brcoinst.dll [2007/05/30 15:46:31 | 000,904,192 | ---- | C] (Sony Creative Software Inc.) -- C:\Program Files\Setup.exe [2002/01/01 21:35:57 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater [2002/01/01 21:35:56 | 000,000,000 | ---D | C] -- C:\Program Files\pdfforge Toolbar [2002/01/01 02:14:42 | 000,000,000 | ---D | C] -- C:\Users\Marlene\AppData\Roaming\Malwarebytes [2002/01/01 02:14:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2002/01/01 02:14:17 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys [2002/01/01 02:14:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2002/01/01 00:55:44 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\Marlene\Desktop\OTL.exe [4 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/09/26 20:15:41 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys [2011/08/20 09:26:05 | 000,002,210 | ---- | M] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 2.0.lnk [2011/08/09 10:38:46 | 000,001,815 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011/07/14 08:25:30 | 000,342,760 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2011/06/30 11:35:09 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\windows\System32\drivers\avipbb.sys [2011/06/30 11:35:09 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\windows\System32\drivers\avgntflt.sys [2011/06/27 07:54:07 | 000,001,152 | ---- | M] () -- C:\windows\System32\mapisvc.inf [2011/06/13 17:12:39 | 000,002,062 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk [2011/06/13 17:12:39 | 000,001,549 | ---- | M] () -- C:\Users\Marlene\Desktop\DivX Movies.lnk [2011/05/10 18:08:12 | 000,001,356 | ---- | M] () -- C:\Users\Marlene\Desktop\Free YouTube to MP3 Converter.lnk [2010/11/20 13:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr [2010/11/20 13:19:02 | 000,093,696 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\windows\System32\fms.dll [2010/11/14 17:16:27 | 000,001,855 | ---- | M] () -- C:\Users\Public\Desktop\Media Go.lnk [2010/11/12 01:44:54 | 000,094,208 | ---- | M] (DivX, Inc.) -- C:\windows\System32\dpl100.dll [2010/11/10 02:45:49 | 000,010,429 | ---- | M] () -- C:\windows\System32\ScavengeSpace.xml [2010/11/08 23:57:04 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\windows\System32\DivXControlPanelApplet.cpl [2010/11/05 03:20:53 | 000,146,852 | ---- | M] () -- C:\windows\System32\systemsf.ebd [2010/11/05 03:20:45 | 000,105,559 | ---- | M] () -- C:\windows\System32\RacRules.xml [2010/08/26 12:22:25 | 000,148,736 | ---- | M] (Avanquest Software) -- C:\ProgramData\hpe9EC4.dll [2010/08/08 10:16:53 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf [2010/08/08 10:15:24 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf [2010/06/26 17:53:55 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2010/05/01 09:44:51 | 000,002,693 | ---- | M] () -- C:\Users\Marlene\Desktop\Microsoft Office Word 2007.lnk [2010/04/14 10:40:02 | 000,590,848 | ---- | M] (Nokia) -- C:\windows\System32\drivers\UMDF\PCCSWpdDriver.dll [2010/02/26 13:32:52 | 000,662,016 | ---- | M] (Nokia) -- C:\windows\System32\nmwcdcocls.dll [2010/02/26 13:32:50 | 000,092,672 | ---- | M] (Nokia) -- C:\windows\System32\nmwcdcls.dll [2010/02/19 20:27:36 | 000,720,384 | ---- | M] (DivX, Inc.) -- C:\windows\System32\DivX.dll [2010/02/19 20:27:16 | 000,856,064 | ---- | M] (DivX, Inc.) -- C:\windows\System32\divx_xx0c.dll [2010/02/19 20:27:16 | 000,856,064 | ---- | M] (DivX, Inc.) -- C:\windows\System32\divx_xx07.dll [2010/02/19 20:27:16 | 000,847,872 | ---- | M] (DivX, Inc.) -- C:\windows\System32\divx_xx0a.dll [2010/02/19 20:27:16 | 000,843,776 | ---- | M] (DivX, Inc.) -- C:\windows\System32\divx_xx16.dll [2010/02/19 20:27:16 | 000,839,680 | ---- | M] (DivX, Inc.) -- C:\windows\System32\divx_xx11.dll [2010/01/17 17:54:47 | 000,003,584 | ---- | M] () -- C:\Users\Marlene\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/12/26 16:46:48 | 000,000,000 | ---- | M] () -- C:\Users\Marlene\AppData\Roaming\wklnhst.dat [2009/12/10 21:17:52 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat [2009/12/03 06:22:15 | 000,048,637 | ---- | M] () -- C:\windows\System32\license.rtf [2009/12/02 21:31:37 | 000,000,020 | ---- | M] () -- C:\windows\(úÒ [2009/12/02 20:47:56 | 000,001,197 | ---- | M] () -- C:\Users\Marlene\Desktop\DVDVideoSoft Free Studio.lnk [2009/12/02 19:56:26 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2009/10/05 16:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) -- C:\windows\System32\drivers\athr.sys [2009/09/23 18:45:20 | 000,039,440 | ---- | M] () -- C:\windows\System32\iglhxs32.vp [2009/09/23 17:45:12 | 001,921,265 | ---- | M] () -- C:\windows\System32\iglhxa32.cpa [2009/09/23 17:45:12 | 000,060,254 | ---- | M] () -- C:\windows\System32\iglhxg32.vp [2009/09/23 17:45:12 | 000,060,226 | ---- | M] () -- C:\windows\System32\iglhxc32.vp [2009/09/23 17:45:12 | 000,060,015 | ---- | M] () -- C:\windows\System32\iglhxo32.vp [2009/09/23 17:45:12 | 000,001,090 | ---- | M] () -- C:\windows\System32\iglhxa32.vp [2009/09/11 04:30:58 | 000,002,460 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HotKeyMon.lnk [2009/08/19 21:21:45 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_Kernel_SynTP_01007.Wdf [2009/08/19 06:25:48 | 000,001,100 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\tmchlang.lnk [2009/08/19 06:22:54 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2009/08/19 01:35:56 | 000,219,136 | ---- | M] () -- C:\windows\System32\AsusService.exe [2009/08/18 23:36:40 | 000,027,648 | ---- | M] (ASUSTek Computer Inc.) -- C:\windows\System32\AsusSender.exe [2009/08/13 04:49:00 | 008,082,800 | ---- | M] (Boingo Wireless, Inc.) -- C:\Users\Public\Desktop\Boingo Wi-Fi Setup.exe [2009/08/10 09:53:04 | 000,053,248 | ---- | M] (Windows XP Bundled build C-Centric Single User) -- C:\windows\System32\CSVer.dll [2009/07/27 08:06:46 | 000,051,712 | ---- | M] (Atheros Communications, Inc.) -- C:\windows\System32\drivers\L1C62x86.sys [2009/07/26 02:27:16 | 000,295,922 | ---- | M] () -- C:\windows\System32\perfi007.dat [2009/07/26 02:27:16 | 000,038,104 | ---- | M] () -- C:\windows\System32\perfd007.dat [2009/07/26 02:25:51 | 000,033,280 | ---- | M] (Marvell) -- C:\windows\System32\drivers\de-DE\yk62x86.sys.mui [2009/07/26 02:25:51 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\windows\System32\drivers\de-DE\BrSerIb.sys.mui [2009/07/26 02:25:51 | 000,010,752 | ---- | M] (Agere Systems) -- C:\windows\System32\drivers\de-DE\ltmdmnt.sys.mui [2009/07/26 02:25:46 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\windows\System32\drivers\de-DE\BrSerId.sys.mui [2009/07/26 02:25:46 | 000,004,096 | ---- | M] (SCM Microsystems, Inc.) -- C:\windows\System32\drivers\de-DE\pscr.sys.mui [2009/07/26 02:25:46 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\windows\System32\drivers\de-DE\BrParwdm.sys.mui [2009/07/25 08:29:39 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2009/07/23 19:06:58 | 000,035,624 | ---- | M] (Oberon Media) -- C:\ProgramData\FullRemove.exe [2009/07/22 15:09:58 | 000,047,924 | ---- | M] () -- C:\windows\System32\athrext.cat [2009/07/20 10:29:00 | 000,013,880 | ---- | M] ( ) -- C:\windows\System32\drivers\kbfiltr.sys [2009/07/17 03:31:38 | 001,176,064 | ---- | M] (Atheros Communications, Inc.) -- C:\windows\System32\athr.sys [2009/07/17 03:29:34 | 000,277,960 | ---- | M] () -- C:\windows\System32\netathr.inf [2009/07/14 05:56:51 | 000,021,504 | ---- | M] () -- C:\windows\System32\umstartup.etl [2009/07/14 05:47:13 | 000,009,216 | ---- | M] () -- C:\windows\System32\umstartup000.etl [2009/07/14 05:42:29 | 000,001,244 | ---- | M] () -- C:\windows\System32\migwiz.lnk [2009/07/14 02:15:00 | 000,073,728 | ---- | M] () -- C:\windows\System32\BthpanContextHandler.dll [2009/07/14 02:15:00 | 000,064,000 | ---- | M] () -- C:\windows\System32\BWContextHandler.dll [2009/07/14 02:15:00 | 000,017,408 | ---- | M] (Brother Industries Ltd.) -- C:\windows\System32\brcoinst.dll [2009/07/14 01:34:40 | 000,291,294 | ---- | M] () -- C:\windows\System32\perfi009.dat [2009/07/14 01:34:38 | 000,031,548 | ---- | M] () -- C:\windows\System32\perfd009.dat [2009/07/14 00:06:14 | 000,004,453 | ---- | M] () -- C:\windows\System32\odbcconf.rsp [2009/07/13 23:58:08 | 000,043,131 | ---- | M] () -- C:\windows\mib.bin [2009/07/13 23:38:23 | 000,071,951 | ---- | M] () -- C:\windows\System32\ieuinit.inf [2009/07/13 22:38:33 | 000,000,610 | ---- | M] () -- C:\windows\System32\WdsUnattendTemplate.xml [2009/07/13 21:29:26 | 000,000,714 | ---- | M] () -- C:\windows\System32\RestartManager.mof [2009/07/13 21:29:26 | 000,000,176 | ---- | M] () -- C:\windows\System32\RestartManagerUninstall.mof [2009/06/29 05:16:48 | 000,160,256 | ---- | M] (Fortemedia Corporation) -- C:\windows\System32\FMAPO.dll [2009/06/19 04:07:52 | 000,013,931 | ---- | M] () -- C:\windows\System32\RaCoInst.dat [2009/06/10 22:47:11 | 000,047,679 | ---- | M] () -- C:\windows\System32\diskmgmt.msc [2009/06/10 22:46:53 | 000,008,280 | ---- | M] () -- C:\windows\System32\spcinstrumentation.man [2009/06/10 22:46:08 | 000,145,640 | ---- | M] () -- C:\windows\System32\devmgmt.msc [2009/06/10 22:44:34 | 003,170,304 | ---- | M] () -- C:\windows\System32\boot.sdi [2009/06/10 22:43:22 | 000,000,874 | ---- | M] () -- C:\windows\System32\manage-bde.wsf [2009/06/10 22:43:20 | 000,144,862 | ---- | M] () -- C:\windows\System32\tpm.msc [2009/06/10 22:42:54 | 000,028,420 | ---- | M] () -- C:\windows\System32\bios1.rom [2009/06/10 22:42:54 | 000,018,832 | ---- | M] () -- C:\windows\System32\v7vga.rom [2009/06/10 22:42:54 | 000,008,191 | ---- | M] () -- C:\windows\System32\bios4.rom [2009/06/10 22:42:49 | 000,000,707 | ---- | M] () -- C:\windows\_default.pif [2009/06/10 22:42:32 | 000,021,232 | ---- | M] () -- C:\windows\System32\graphics.pro [2009/06/10 22:42:20 | 000,002,577 | ---- | M] () -- C:\windows\System32\config.nt [2009/06/10 22:42:20 | 000,001,688 | ---- | M] () -- C:\windows\System32\autoexec.nt [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009/06/10 22:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys [2009/06/10 22:42:08 | 000,000,843 | ---- | M] () -- C:\windows\System32\onlinesetup.cmd [2009/06/10 22:42:07 | 000,004,041 | ---- | M] () -- C:\windows\System32\xwizard.dtd [2009/06/10 22:41:29 | 000,211,938 | ---- | M] () -- C:\windows\System32\lcphrase.tbl [2009/06/10 22:41:29 | 000,024,114 | ---- | M] () -- C:\windows\System32\lcptr.tbl [2009/06/10 22:40:47 | 000,201,034 | ---- | M] () -- C:\windows\System32\winrm.vbs [2009/06/10 22:40:47 | 000,004,675 | ---- | M] () -- C:\windows\System32\wsmanconfig_schema.xml [2009/06/10 22:40:47 | 000,002,426 | ---- | M] () -- C:\windows\System32\WsmTxt.xsl [2009/06/10 22:40:47 | 000,001,559 | ---- | M] () -- C:\windows\System32\WsmPty.xsl [2009/06/10 22:40:47 | 000,000,035 | ---- | M] () -- C:\windows\System32\winrm.cmd [2009/06/10 22:39:59 | 000,001,041 | ---- | M] () -- C:\windows\System32\tcpbidi.xml [2009/06/10 22:39:54 | 000,003,577 | ---- | M] () -- C:\windows\System32\sysprtj.sep [2009/06/10 22:39:54 | 000,003,214 | ---- | M] () -- C:\windows\System32\sysprint.sep [2009/06/10 22:39:53 | 000,000,114 | ---- | M] () -- C:\windows\System32\pcl.sep [2009/06/10 22:39:53 | 000,000,051 | ---- | M] () -- C:\windows\System32\pscript.sep [2009/06/10 22:39:44 | 000,144,673 | ---- | M] () -- C:\windows\System32\WmiMgmt.msc [2009/06/10 22:39:37 | 000,017,463 | ---- | M] () -- C:\windows\System32\drivers\etc\services [2009/06/10 22:39:37 | 000,003,683 | ---- | M] () -- C:\windows\System32\drivers\etc\lmhosts.sam [2009/06/10 22:39:37 | 000,001,358 | ---- | M] () -- C:\windows\System32\drivers\etc\protocol [2009/06/10 22:39:37 | 000,000,824 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts [2009/06/10 22:39:37 | 000,000,407 | ---- | M] () -- C:\windows\System32\drivers\etc\networks [2009/06/10 22:39:18 | 000,001,820 | ---- | M] () -- C:\windows\System32\rasctrnm.h [2009/06/10 22:38:48 | 000,113,629 | ---- | M] () -- C:\windows\System32\slmgr.vbs [2009/06/10 22:38:43 | 000,145,059 | ---- | M] () -- C:\windows\System32\taskschd.msc [2009/06/10 22:38:33 | 000,145,127 | ---- | M] () -- C:\windows\System32\eventvwr.msc [2009/06/10 22:38:10 | 000,017,935 | ---- | M] () -- C:\windows\System32\EventViewer_EventDetails.xsl [2009/06/10 22:36:33 | 000,063,070 | ---- | M] () -- C:\windows\System32\certmgr.msc [2009/06/10 22:34:45 | 000,215,943 | ---- | M] () -- C:\windows\System32\dssec.dat [2009/06/10 22:34:23 | 000,316,640 | ---- | M] () -- C:\windows\WMSysPr9.prx [2009/06/10 22:32:47 | 000,000,741 | ---- | M] () -- C:\windows\System32\NOISE.DAT [2009/06/10 22:32:07 | 000,002,060 | ---- | M] () -- C:\windows\System32\noise.jpn [2009/06/10 22:31:26 | 000,145,519 | ---- | M] () -- C:\windows\System32\perfmon.msc [2009/06/10 22:29:34 | 000,000,697 | ---- | M] () -- C:\windows\System32\NOISE.THA [2009/06/10 22:29:29 | 011,967,524 | ---- | M] () -- C:\windows\System32\korwbrkr.lex [2009/06/10 22:29:29 | 000,001,486 | ---- | M] () -- C:\windows\System32\noise.kor [2009/06/10 22:29:28 | 000,001,696 | ---- | M] () -- C:\windows\System32\NOISE.CHT [2009/06/10 22:29:17 | 000,001,696 | ---- | M] () -- C:\windows\System32\NOISE.CHS [2009/06/10 22:27:46 | 000,115,091 | ---- | M] () -- C:\windows\System32\WF.msc [2009/06/10 22:27:38 | 000,000,003 | ---- | M] () -- C:\windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf [2009/06/10 22:26:15 | 000,144,998 | ---- | M] () -- C:\windows\System32\lusrmgr.msc [2009/06/10 22:26:10 | 000,673,088 | ---- | M] () -- C:\windows\System32\mlang.dat [2009/06/10 22:26:01 | 000,127,213 | ---- | M] () -- C:\windows\System32\ega.cpi [2009/06/10 22:25:52 | 000,063,411 | ---- | M] () -- C:\windows\System32\NAPCLCFG.MSC [2009/06/10 22:21:09 | 000,092,745 | ---- | M] () -- C:\windows\System32\services.msc [2009/06/10 22:21:07 | 000,144,909 | ---- | M] () -- C:\windows\System32\fsmgmt.msc [2009/06/10 22:21:06 | 000,113,256 | ---- | M] () -- C:\windows\System32\compmgmt.msc [2009/06/10 22:21:06 | 000,041,587 | ---- | M] () -- C:\windows\System32\azman.msc [2009/06/10 22:19:05 | 000,040,552 | ---- | M] () -- C:\windows\System32\gatherNetworkInfo.vbs [2009/06/10 22:19:05 | 000,021,812 | ---- | M] () -- C:\windows\System32\NetTrace.PLA.Diagnostics.xml [2009/06/10 22:18:29 | 000,000,565 | ---- | M] () -- C:\windows\System32\NdfEventView.xml [2009/06/10 22:17:44 | 000,124,118 | ---- | M] () -- C:\windows\System32\comexp.msc [2009/06/10 22:16:56 | 000,002,233 | ---- | M] () -- C:\windows\System32\12520850.cpx [2009/06/10 22:16:56 | 000,002,151 | ---- | M] () -- C:\windows\System32\12520437.cpx [2009/06/10 22:16:38 | 000,002,727 | ---- | M] () -- C:\windows\System32\locationnotificationsview.xml [2009/06/10 22:15:19 | 000,001,988 | ---- | M] () -- C:\windows\System32\ticrf.rat [2009/06/10 22:15:18 | 000,008,798 | ---- | M] () -- C:\windows\System32\icrav03.rat [2009/06/10 22:15:06 | 000,076,060 | ---- | M] () -- C:\windows\System32\xpsrchvw.xml [2009/06/10 22:14:45 | 000,048,201 | ---- | M] () -- C:\windows\Starter.xml [2009/06/10 22:14:29 | 003,440,660 | ---- | M] () -- C:\windows\System32\drivers\gm.dls [2009/06/10 04:04:46 | 000,043,614 | ---- | M] () -- C:\windows\System32\oemlogo.bmp [2009/06/10 03:59:08 | 000,000,910 | ---- | M] () -- C:\windows\System32\oemlogo.png [2009/05/11 12:49:28 | 000,051,992 | ---- | M] (AVIRA GmbH) -- C:\windows\System32\drivers\avgntdd.sys [2009/05/11 12:49:28 | 000,017,016 | ---- | M] (AVIRA GmbH) -- C:\windows\System32\drivers\avgntmgr.sys [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\windows\System32\drivers\ssmdrv.sys [2009/04/15 07:45:00 | 000,000,712 | ---- | M] () -- C:\windows\System32\drivers\SamSfPa.dat [2009/03/25 16:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) -- C:\windows\System32\drivers\s1018mdm.sys [2009/03/25 16:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) -- C:\windows\System32\drivers\s1018unic.sys [2009/03/25 16:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) -- C:\windows\System32\drivers\s1018mgmt.sys [2009/03/25 16:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) -- C:\windows\System32\drivers\s1018obex.sys [2009/03/25 16:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) -- C:\windows\System32\drivers\s1018bus.sys [2009/03/25 16:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) -- C:\windows\System32\drivers\s1018nd5.sys [2009/03/25 16:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) -- C:\windows\System32\drivers\s1018mdfl.sys [2009/03/25 16:48:00 | 000,012,200 | ---- | M] (MCCI Corporation) -- C:\windows\System32\drivers\s1018whnt.sys [2009/03/25 16:48:00 | 000,012,200 | ---- | M] (MCCI Corporation) -- C:\windows\System32\drivers\s1018wh.sys [2009/03/25 16:48:00 | 000,012,200 | ---- | M] (MCCI Corporation) -- C:\windows\System32\drivers\s1018cmnt.sys [2009/03/25 16:48:00 | 000,012,200 | ---- | M] (MCCI Corporation) -- C:\windows\System32\drivers\s1018cm.sys [2009/03/25 16:48:00 | 000,010,792 | ---- | M] (MCCI Corporation) -- C:\windows\System32\drivers\s1018cr.sys [2009/03/08 22:32:30 | 000,290,304 | ---- | M] (Dolby Laboratories, Inc.) -- C:\windows\System32\RP3DHT32.dll [2009/03/08 22:30:48 | 000,290,304 | ---- | M] (Dolby Laboratories, Inc.) -- C:\windows\System32\RP3DAA32.dll [2009/02/05 04:57:48 | 000,000,008 | ---- | M] () -- C:\windows\System32\drivers\rtkhdaud.dat [2008/07/31 03:31:52 | 000,021,864 | ---- | M] () -- C:\windows\AsAcpiSvrLang.ini [2008/01/09 10:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\windows\System32\drivers\seehcri.sys [2007/05/30 15:46:31 | 000,904,192 | ---- | M] (Sony Creative Software Inc.) -- C:\Program Files\Setup.exe [2002/01/01 21:55:04 | 000,001,775 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk [2002/01/01 15:28:02 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2002/01/01 02:14:28 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2002/01/01 00:55:50 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Marlene\Desktop\OTL.exe [2002/01/01 00:36:19 | 000,000,000 | ---- | M] () -- C:\Users\Marlene\defogger_reenable [2002/01/01 00:34:05 | 000,050,477 | ---- | M] () -- C:\Users\Marlene\Desktop\Defogger.exe [2002/01/01 00:12:14 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2002/01/01 00:12:14 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2002/01/01 00:07:38 | 000,629,360 | ---- | M] () -- C:\windows\System32\perfh007.dat [2002/01/01 00:07:38 | 000,599,246 | ---- | M] () -- C:\windows\System32\perfh009.dat [2002/01/01 00:07:38 | 000,120,200 | ---- | M] () -- C:\windows\System32\perfc007.dat [2002/01/01 00:07:38 | 000,037,582 | ---- | M] () -- C:\windows\System32\perfc009.dat [2002/01/01 00:01:29 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2002/01/01 00:01:24 | 798,416,896 | -HS- | M] () -- C:\hiberfil.sys [4 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/09/26 20:15:41 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011/08/09 10:38:46 | 000,001,815 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011/07/03 09:33:32 | 000,146,852 | ---- | C] () -- C:\windows\System32\systemsf.ebd [2011/07/03 09:29:23 | 000,010,429 | ---- | C] () -- C:\windows\System32\ScavengeSpace.xml [2011/07/03 09:28:48 | 000,105,559 | ---- | C] () -- C:\windows\System32\RacRules.xml [2011/06/13 17:12:39 | 000,001,549 | ---- | C] () -- C:\Users\Marlene\Desktop\DivX Movies.lnk [2011/06/13 17:12:16 | 000,002,062 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk [2011/05/10 18:08:12 | 000,001,356 | ---- | C] () -- C:\Users\Marlene\Desktop\Free YouTube to MP3 Converter.lnk [2011/04/28 14:03:36 | 000,002,210 | ---- | C] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 2.0.lnk [2010/12/28 10:58:58 | 000,001,549 | ---- | C] () -- C:\Users\Marlene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DivX Movies.lnk [2010/12/28 10:57:50 | 000,001,082 | ---- | C] () -- C:\Users\Marlene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DivX Plus Player.lnk [2010/12/28 10:56:27 | 000,002,201 | ---- | C] () -- C:\Users\Marlene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [2010/12/05 18:40:39 | 000,000,989 | ---- | C] () -- C:\Users\Marlene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDFCreator.lnk [2010/12/05 18:40:28 | 000,116,224 | ---- | C] () -- C:\windows\System32\pdfcmnnt.dll [2010/08/26 12:21:46 | 000,001,855 | ---- | C] () -- C:\Users\Public\Desktop\Media Go.lnk [2010/08/08 10:16:53 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf [2010/08/08 10:15:24 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf [2010/06/26 17:53:55 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2010/06/22 15:51:17 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk [2010/05/21 15:07:07 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2010/05/01 09:44:51 | 000,002,693 | ---- | C] () -- C:\Users\Marlene\Desktop\Microsoft Office Word 2007.lnk [2010/04/05 08:42:08 | 000,001,409 | ---- | C] () -- C:\Users\Marlene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2010/01/17 17:54:47 | 000,003,584 | ---- | C] () -- C:\Users\Marlene\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/12/26 16:46:48 | 000,000,000 | ---- | C] () -- C:\Users\Marlene\AppData\Roaming\wklnhst.dat [2009/12/10 21:17:52 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009/12/08 20:07:52 | 000,000,775 | ---- | C] () -- C:\Users\Marlene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ6.5.lnk [2009/12/03 06:15:26 | 798,416,896 | -HS- | C] () -- C:\hiberfil.sys [2009/12/02 21:31:36 | 000,000,020 | ---- | C] () -- C:\windows\(úÒ [2009/12/02 20:47:56 | 000,001,197 | ---- | C] () -- C:\Users\Marlene\Desktop\DVDVideoSoft Free Studio.lnk [2009/12/02 19:56:26 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2009/12/02 19:39:52 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2009/09/23 18:45:20 | 000,039,440 | ---- | C] () -- C:\windows\System32\iglhxs32.vp [2009/09/23 17:45:12 | 001,921,265 | ---- | C] () -- C:\windows\System32\iglhxa32.cpa [2009/09/23 17:45:12 | 000,060,254 | ---- | C] () -- C:\windows\System32\iglhxg32.vp [2009/09/23 17:45:12 | 000,060,226 | ---- | C] () -- C:\windows\System32\iglhxc32.vp [2009/09/23 17:45:12 | 000,060,015 | ---- | C] () -- C:\windows\System32\iglhxo32.vp [2009/09/23 17:45:12 | 000,001,090 | ---- | C] () -- C:\windows\System32\iglhxa32.vp [2009/09/14 22:08:09 | 000,383,786 | RHS- | C] () -- C:\bootmgr [2009/09/12 02:56:43 | 000,002,460 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HotKeyMon.lnk [2009/08/20 05:42:43 | 000,219,136 | ---- | C] () -- C:\windows\System32\AsusService.exe [2009/08/20 05:42:43 | 000,021,864 | ---- | C] () -- C:\windows\AsAcpiSvrLang.ini [2009/08/19 21:21:45 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_Kernel_SynTP_01007.Wdf [2009/08/19 21:18:56 | 000,013,931 | ---- | C] () -- C:\windows\System32\RaCoInst.dat [2009/08/19 19:57:07 | 000,277,960 | ---- | C] () -- C:\windows\System32\netathr.inf [2009/08/19 19:57:07 | 000,047,924 | ---- | C] () -- C:\windows\System32\athrext.cat [2009/08/19 19:18:55 | 000,000,712 | ---- | C] () -- C:\windows\System32\drivers\SamSfPa.dat [2009/08/19 19:18:55 | 000,000,008 | ---- | C] () -- C:\windows\System32\drivers\rtkhdaud.dat [2009/08/19 18:00:20 | 000,000,979 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk [2009/08/19 06:25:48 | 000,001,100 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\tmchlang.lnk [2009/08/19 06:22:54 | 000,002,503 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2009/08/19 06:05:30 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk [2009/07/26 02:28:45 | 000,629,360 | ---- | C] () -- C:\windows\System32\perfh007.dat [2009/07/26 02:28:45 | 000,295,922 | ---- | C] () -- C:\windows\System32\perfi007.dat [2009/07/26 02:28:45 | 000,120,200 | ---- | C] () -- C:\windows\System32\perfc007.dat [2009/07/26 02:28:45 | 000,038,104 | ---- | C] () -- C:\windows\System32\perfd007.dat [2009/07/25 09:25:39 | 000,043,614 | ---- | C] () -- C:\windows\System32\oemlogo.bmp [2009/07/25 09:25:39 | 000,000,910 | ---- | C] () -- C:\windows\System32\oemlogo.png [2009/07/25 08:29:39 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat [2009/07/14 05:48:09 | 000,048,201 | ---- | C] () -- C:\windows\Starter.xml [2009/07/14 05:46:52 | 000,048,637 | ---- | C] () -- C:\windows\System32\license.rtf [2009/07/14 05:46:36 | 000,001,515 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [2009/07/14 05:42:30 | 000,001,352 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk [2009/07/14 05:42:30 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk [2009/07/14 05:42:29 | 000,001,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk [2009/07/14 05:42:29 | 000,001,244 | ---- | C] () -- C:\windows\System32\migwiz.lnk [2009/07/14 05:42:26 | 000,001,152 | ---- | C] () -- C:\windows\System32\mapisvc.inf [2009/07/14 05:42:24 | 000,001,210 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk [2009/07/14 05:34:15 | 000,009,696 | -H-- | C] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2009/07/14 05:34:15 | 000,009,696 | -H-- | C] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2009/07/14 05:34:00 | 000,021,504 | ---- | C] () -- C:\windows\System32\umstartup.etl [2009/07/14 05:34:00 | 000,009,216 | ---- | C] () -- C:\windows\System32\umstartup000.etl [2009/07/14 05:33:53 | 000,342,760 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT [2009/07/14 03:05:48 | 000,599,246 | ---- | C] () -- C:\windows\System32\perfh009.dat [2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat [2009/07/14 03:05:48 | 000,037,582 | ---- | C] () -- C:\windows\System32\perfc009.dat [2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat [2009/07/14 03:05:05 | 011,967,524 | ---- | C] () -- C:\windows\System32\korwbrkr.lex [2009/07/14 03:05:05 | 000,001,696 | ---- | C] () -- C:\windows\System32\NOISE.CHT [2009/07/14 03:05:05 | 000,001,696 | ---- | C] () -- C:\windows\System32\NOISE.CHS [2009/07/14 03:05:05 | 000,001,486 | ---- | C] () -- C:\windows\System32\noise.kor [2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT [2009/07/14 03:05:05 | 000,000,697 | ---- | C] () -- C:\windows\System32\NOISE.THA [2009/07/14 03:05:03 | 000,003,683 | ---- | C] () -- C:\windows\System32\drivers\etc\lmhosts.sam [2009/07/14 03:04:17 | 000,017,463 | ---- | C] () -- C:\windows\System32\drivers\etc\services [2009/07/14 03:04:17 | 000,001,358 | ---- | C] () -- C:\windows\System32\drivers\etc\protocol [2009/07/14 03:04:17 | 000,000,824 | ---- | C] () -- C:\windows\System32\drivers\etc\hosts [2009/07/14 03:04:17 | 000,000,407 | ---- | C] () -- C:\windows\System32\drivers\etc\networks [2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat [2009/07/14 03:04:04 | 000,002,577 | ---- | C] () -- C:\windows\System32\config.nt [2009/07/14 03:04:04 | 000,001,688 | ---- | C] () -- C:\windows\System32\autoexec.nt [2009/07/14 03:04:04 | 000,000,024 | ---- | C] () -- C:\autoexec.bat [2009/07/14 03:04:04 | 000,000,010 | ---- | C] () -- C:\config.sys [2009/07/14 03:03:57 | 000,008,798 | ---- | C] () -- C:\windows\System32\icrav03.rat [2009/07/14 03:03:57 | 000,001,988 | ---- | C] () -- C:\windows\System32\ticrf.rat [2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin [2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll [2009/07/14 00:11:57 | 000,000,003 | ---- | C] () -- C:\windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf [2009/07/14 00:08:01 | 000,003,577 | ---- | C] () -- C:\windows\System32\sysprtj.sep [2009/07/14 00:08:01 | 000,000,114 | ---- | C] () -- C:\windows\System32\pcl.sep [2009/07/14 00:08:01 | 000,000,051 | ---- | C] () -- C:\windows\System32\pscript.sep [2009/07/14 00:06:14 | 000,004,453 | ---- | C] () -- C:\windows\System32\odbcconf.rsp [2009/07/13 23:41:10 | 000,002,233 | ---- | C] () -- C:\windows\System32\12520850.cpx [2009/07/13 23:38:23 | 000,071,951 | ---- | C] () -- C:\windows\System32\ieuinit.inf [2009/07/13 23:12:16 | 000,063,411 | ---- | C] () -- C:\windows\System32\NAPCLCFG.MSC [2009/07/13 23:11:17 | 000,115,091 | ---- | C] () -- C:\windows\System32\WF.msc [2009/07/13 23:10:48 | 000,021,812 | ---- | C] () -- C:\windows\System32\NetTrace.PLA.Diagnostics.xml [2009/07/13 23:06:29 | 000,201,034 | ---- | C] () -- C:\windows\System32\winrm.vbs [2009/07/13 23:06:29 | 000,004,675 | ---- | C] () -- C:\windows\System32\wsmanconfig_schema.xml [2009/07/13 23:06:29 | 000,002,426 | ---- | C] () -- C:\windows\System32\WsmTxt.xsl [2009/07/13 23:06:29 | 000,001,559 | ---- | C] () -- C:\windows\System32\WsmPty.xsl [2009/07/13 23:01:40 | 000,124,118 | ---- | C] () -- C:\windows\System32\comexp.msc [2009/07/13 22:55:47 | 000,144,998 | ---- | C] () -- C:\windows\System32\lusrmgr.msc [2009/07/13 22:47:53 | 000,063,070 | ---- | C] () -- C:\windows\System32\certmgr.msc [2009/07/13 22:46:10 | 000,145,127 | ---- | C] () -- C:\windows\System32\eventvwr.msc [2009/07/13 22:46:10 | 000,017,935 | ---- | C] () -- C:\windows\System32\EventViewer_EventDetails.xsl [2009/07/13 22:46:09 | 000,145,059 | ---- | C] () -- C:\windows\System32\taskschd.msc [2009/07/13 22:46:01 | 000,144,673 | ---- | C] () -- C:\windows\System32\WmiMgmt.msc [2009/07/13 22:44:22 | 000,144,909 | ---- | C] () -- C:\windows\System32\fsmgmt.msc [2009/07/13 22:44:22 | 000,113,256 | ---- | C] () -- C:\windows\System32\compmgmt.msc [2009/07/13 22:44:22 | 000,092,745 | ---- | C] () -- C:\windows\System32\services.msc [2009/07/13 22:44:22 | 000,041,587 | ---- | C] () -- C:\windows\System32\azman.msc [2009/07/13 22:38:38 | 000,024,114 | ---- | C] () -- C:\windows\System32\lcptr.tbl [2009/07/13 22:38:33 | 000,000,610 | ---- | C] () -- C:\windows\System32\WdsUnattendTemplate.xml [2009/07/13 22:34:35 | 000,047,679 | ---- | C] () -- C:\windows\System32\diskmgmt.msc [2009/07/13 22:33:45 | 000,000,714 | ---- | C] () -- C:\windows\System32\RestartManager.mof [2009/07/13 22:33:45 | 000,000,176 | ---- | C] () -- C:\windows\System32\RestartManagerUninstall.mof [2009/07/13 22:30:30 | 000,000,707 | ---- | C] () -- C:\windows\_default.pif [2009/07/13 22:30:26 | 000,018,832 | ---- | C] () -- C:\windows\System32\v7vga.rom [2009/07/13 22:30:26 | 000,008,191 | ---- | C] () -- C:\windows\System32\bios4.rom [2009/07/13 22:28:41 | 000,145,519 | ---- | C] () -- C:\windows\System32\perfmon.msc [2009/07/13 22:23:44 | 000,145,640 | ---- | C] () -- C:\windows\System32\devmgmt.msc [2009/07/13 22:20:44 | 000,144,862 | ---- | C] () -- C:\windows\System32\tpm.msc [2009/07/13 21:31:17 | 000,127,213 | ---- | C] () -- C:\windows\System32\ega.cpi [2009/07/13 21:30:24 | 000,000,843 | ---- | C] () -- C:\windows\System32\onlinesetup.cmd [2009/07/13 21:22:04 | 000,000,874 | ---- | C] () -- C:\windows\System32\manage-bde.wsf [2009/06/10 22:46:53 | 000,008,280 | ---- | C] () -- C:\windows\System32\spcinstrumentation.man [2009/06/10 22:44:34 | 003,170,304 | ---- | C] () -- C:\windows\System32\boot.sdi [2009/06/10 22:42:54 | 000,028,420 | ---- | C] () -- C:\windows\System32\bios1.rom [2009/06/10 22:42:32 | 000,021,232 | ---- | C] () -- C:\windows\System32\graphics.pro [2009/06/10 22:42:07 | 000,004,041 | ---- | C] () -- C:\windows\System32\xwizard.dtd [2009/06/10 22:41:29 | 000,211,938 | ---- | C] () -- C:\windows\System32\lcphrase.tbl [2009/06/10 22:40:47 | 000,000,035 | ---- | C] () -- C:\windows\System32\winrm.cmd [2009/06/10 22:39:59 | 000,001,041 | ---- | C] () -- C:\windows\System32\tcpbidi.xml [2009/06/10 22:39:54 | 000,003,214 | ---- | C] () -- C:\windows\System32\sysprint.sep [2009/06/10 22:39:18 | 000,001,820 | ---- | C] () -- C:\windows\System32\rasctrnm.h [2009/06/10 22:38:48 | 000,113,629 | ---- | C] () -- C:\windows\System32\slmgr.vbs [2009/06/10 22:34:23 | 000,316,640 | ---- | C] () -- C:\windows\WMSysPr9.prx [2009/06/10 22:32:07 | 000,002,060 | ---- | C] () -- C:\windows\System32\noise.jpn [2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat [2009/06/10 22:19:05 | 000,040,552 | ---- | C] () -- C:\windows\System32\gatherNetworkInfo.vbs [2009/06/10 22:18:29 | 000,000,565 | ---- | C] () -- C:\windows\System32\NdfEventView.xml [2009/06/10 22:16:56 | 000,002,151 | ---- | C] () -- C:\windows\System32\12520437.cpx [2009/06/10 22:16:38 | 000,002,727 | ---- | C] () -- C:\windows\System32\locationnotificationsview.xml [2009/06/10 22:15:06 | 000,076,060 | ---- | C] () -- C:\windows\System32\xpsrchvw.xml [2009/06/10 22:14:28 | 003,440,660 | ---- | C] () -- C:\windows\System32\drivers\gm.dls [2002/01/01 21:55:04 | 000,001,787 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2002/01/01 21:55:04 | 000,001,775 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk [2002/01/01 15:28:01 | 000,001,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2002/01/01 02:14:28 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2002/01/01 00:36:19 | 000,000,000 | ---- | C] () -- C:\Users\Marlene\defogger_reenable [2002/01/01 00:34:01 | 000,050,477 | ---- | C] () -- C:\Users\Marlene\Desktop\Defogger.exe ========== LOP Check ========== [2010/10/03 12:01:18 | 000,000,000 | -HSD | M] -- C:\Users\Marlene\AppData\Roaming\.# [2011/05/10 18:08:49 | 000,000,000 | ---D | M] -- C:\Users\Marlene\AppData\Roaming\DVDVideoSoftIEHelpers [2009/12/23 21:56:59 | 000,000,000 | ---D | M] -- C:\Users\Marlene\AppData\Roaming\GameConsole [2010/12/28 10:58:39 | 000,000,000 | ---D | M] -- C:\Users\Marlene\AppData\Roaming\Local [2010/08/08 10:19:20 | 000,000,000 | ---D | M] -- C:\Users\Marlene\AppData\Roaming\Nokia [2009/12/18 14:50:13 | 000,000,000 | ---D | M] -- C:\Users\Marlene\AppData\Roaming\OpenOffice.org [2011/04/13 19:56:27 | 000,000,000 | ---D | M] -- C:\Users\Marlene\AppData\Roaming\Opera [2010/08/08 10:16:34 | 000,000,000 | ---D | M] -- C:\Users\Marlene\AppData\Roaming\PC Suite [2010/06/29 17:38:53 | 000,000,000 | ---D | M] -- C:\Users\Marlene\AppData\Roaming\Philips [2010/08/26 12:26:56 | 000,000,000 | ---D | M] -- C:\Users\Marlene\AppData\Roaming\Sony [2010/11/14 17:10:30 | 000,000,000 | ---D | M] -- C:\Users\Marlene\AppData\Roaming\Sony Setup [2011/07/14 08:04:37 | 000,032,632 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < Malwarebytes' Anti-Malware 1.51.2.1300 > < Malwarebytes : Free anti-malware, anti-virus and spyware removal download > < > < Datenbank Version: 7907 > < > < Windows 6.1.7601 Service Pack 1 > < Internet Explorer 8.0.7601.17514 > < > < 01.01.2002 02:19:14 > < mbam-log-2002-01-01 (02-19-14).txt > < > < Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) > < Durchsuchte Objekte: 265173 > < Laufzeit: 1 Stunde(n), 55 Minute(n), 15 Sekunde(n) > < > < Infizierte Speicherprozesse: 0 > < Infizierte Speichermodule: 0 > < Infizierte Registrierungsschlüssel: 0 > < Infizierte Registrierungswerte: 0 > < Infizierte Dateiobjekte der Registrierung: 0 > < Infizierte Verzeichnisse: 0 > < Infizierte Dateien: 0 > < > < Infizierte Speicherprozesse: > < (Keine bösartigen Objekte gefunden) > < > < Infizierte Speichermodule: > < (Keine bösartigen Objekte gefunden) > < > < Infizierte Registrierungsschlüssel: > < (Keine bösartigen Objekte gefunden) > < > < Infizierte Registrierungswerte: > < (Keine bösartigen Objekte gefunden) > < > < Infizierte Dateiobjekte der Registrierung: > < (Keine bösartigen Objekte gefunden) > < > < Infizierte Verzeichnisse: > < (Keine bösartigen Objekte gefunden) > < > < Infizierte Dateien: > < (Keine bösartigen Objekte gefunden) > ========== Alternate Data Streams ========== @Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:4CF61E54 @Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:B88E99C8 @Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:AB689DEA @Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:A724744F @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:734E442A < End of report > |
11.10.2011, 09:38 | #6 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | unbekannter Viren befallZitat:
Bisher nie Funde oder postest du nur rein zufällig das Log ohne Funde?
__________________ --> unbekannter Viren befall |
11.10.2011, 12:08 | #7 | |
| unbekannter Viren befall entschuldigung hier das andere logfile: Zitat:
|
11.10.2011, 14:11 | #8 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | unbekannter Viren befallZitat:
Ist das Datum jeden Tag auf den 01.01.2002 zurückverstellt bei dir?
__________________ Logfiles bitte immer in CODE-Tags posten |
11.10.2011, 14:31 | #9 |
| unbekannter Viren befall das ist der rechner meiner schwester aber soweit ich weiß ist das schon länger |
11.10.2011, 14:39 | #10 |
/// Winkelfunktion /// TB-Süch-Tiger™ | unbekannter Viren befall Tauscht mal die Knopfzelle des Mainboards aus, dann verstellt sich auch nicht jedesmal das Datum. Ein falsches Datum kann zu solchen Problem u.U. schonmal führen, insbesondere ervige Zertifikatsfehler gibt es dann.
__________________ Logfiles bitte immer in CODE-Tags posten |
11.10.2011, 14:41 | #11 |
| unbekannter Viren befall wie kann ich das austauschen und das ist ein netbook |
11.10.2011, 14:48 | #12 |
/// Winkelfunktion /// TB-Süch-Tiger™ | unbekannter Viren befall Kann bei einem netbook schwieriger werden. Verstellt sich denn tatsächlich das Datum jedesmal aufs Neue? Wie alt ist das Geät eigentlich?
__________________ Logfiles bitte immer in CODE-Tags posten |
11.10.2011, 14:53 | #13 |
| unbekannter Viren befall so zwie jahre denke ich |
11.10.2011, 15:11 | #14 |
/// Winkelfunktion /// TB-Süch-Tiger™ | unbekannter Viren befall Und die andere Frage? Verstellt sich das Datum nun jedes Mal aufs Neue oder nicht? Wenn ja wirst du wohl zu einem Fachhändler und/oder Notebook-Werkstatt gehen müssen
__________________ Logfiles bitte immer in CODE-Tags posten |
11.10.2011, 20:50 | #15 |
| unbekannter Viren befall nein ich hab es jetzt ein par mal ein und aus geschaltet |
Themen zu unbekannter Viren befall |
ahnung, befall, bekannter, funktionier, funktioniert, funktioniert nicht, netbook, suche, unbekannter, verzweifel, verzweifelt, viren, viren befall |