| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Acer Laptop-Rechner arbeitet auf Hochtouren ohne jeglichen GrundWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.01.2011, 19:19
| #1 |
| |  Acer Laptop-Rechner arbeitet auf Hochtouren ohne jeglichen Grund Guten Abend allerseits! Seit einigen Monaten hat mein Acer Aspire 5570Z Laptop mit Windows Vista trotz Outpost Firewall, Avast Antivirus Software, AdAware und TuneUp überprüfungen ein Problem. Egal ob ich ein Programm öffne, den Computer anschalte oder gar nichts anstelle, der Rechner fängt immer wieder an sich selbst zu überlasten. Ich kenne mich mit Trojanern überhaupt nicht aus und bin auch in Sachen Computer nicht sonderlich bewandert. Trotz den oben erwähnten Programmen und den damit behobenen "Fehlern" hat sich die Situation nicht verbessert.  Womöglich wurde dieses Thema schon mehrfach behandelt, ich habe danach gesucht es aber nicht gefunden. Auch auf "Suchmaschienen" konnte ich keine Lösung finden, bis auf die Weiterleitung zu diesem Forum, wo ich nun auf eure Hilfe hoffe. Auch wenn das Thema bereits abgehandelt wurde, wäre ich froh um einen Link, da ich so blind wie ich bin -->  nicht weiss wohin...Es ist sehr anstrengend,immer wieder eine halbe Stunde warten zu müssen, bis der Laptop sich wieder "eingekriegt" hat und ich weiter arbeiten kann... Könnte es an einem Trojaner liegen? Oder wo bin ich mit diesem "Bug?" richtig? Welche "Daten" oder "Informationen" benötigt man/Ihr damit das Problem ersichtlich wird?  Vielen Dank im Vorhinein... Andreas |
|
07.01.2011, 19:24
| #2 |
| /// Malware-holic   |  Acer Laptop-Rechner arbeitet auf Hochtouren ohne jeglichen Grund verzichte auf solchen tuning müll. der macht dir am ende nur das betriebssystem kaputt, aber schneller macht ers nicht.Systemscan mit OTL
__________________download otl: http://filepony.de/download-otl/ Doppelklick auf die OTL.exe (user von Windows 7 und Vista: Rechtsklick als Administrator ausführen) 1. Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output 2. Hake an "scan all users" 3. Unter "Extra Registry wähle: "Use Safelist" "LOP Check" "Purity Check" 4. Kopiere in die Textbox: netsvcs msconfig safebootminimal safebootnetwork activex drivers32 %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %SYSTEMDRIVE%\*.exe /md5start userinit.exe eventlog.dll scecli.dll netlogon.dll cngaudit.dll ws2ifsl.sys sceclt.dll ntelogon.dll winlogon.exe logevent.dll user32.DLL explorer.exe iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys /md5stop %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles CREATERESTOREPOINT 5. Klicke "Scan" 6. 2 reporte werden erstellt: OTL.Txt Extras.Txt beide posten
__________________ |
|
08.01.2011, 09:56
| #3 |
| | Acer Laptop-Rechner arbeitet auf Hochtouren ohne jeglichen Grund Vielen Dank Markus für die Antwort
__________________  Ja diese TuneUp-Programme haben mir auch nur ärger eingebracht da hast du recht, klingt so vielversprechend...  Ich führe gerade den Scan mit OTL durch. Mir ist noch eingefallen, dass beim Oeffnen des Laufwerks "D:" jedes mel der Explorer zusammenbricht und sich dann neustartet. Es ist immer die gleiche Prozedur  ---------------------------------------------------------------------- "Windows-Explorer funktioniert nicht mehr. Windows kann online für eine Lösung für das Problem suchen..... In den Problemdetails steht: Problemsignatur: Problemereignisname: APPCRASH Anwendungsname: Explorer.EXE Anwendungsversion: 6.0.6001.18164 Anwendungszeitstempel: 4907e242 Fehlermodulname: CLDemuxer.ax Fehlermodulversion: 1.0.0.2728 Fehlermodulzeitstempel: 4247c0b2 Ausnahmecode: c0000005 Ausnahmeoffset: 00014a2c Betriebsystemversion: 6.0.6001.2.1.0.768.3 Gebietsschema-ID: 2055 Zusatzinformation 1: 40d4 Zusatzinformation 2: 4062ad41ec8067256aa4c5e2b56d3c79 Zusatzinformation 3: 40d4 Zusatzinformation 4: 4062ad41ec8067256aa4c5e2b56d3c79 Lesen Sie unsere Datenschutzrichtlinie: hxxp://go.microsoft.com/fwlink/?linkid=50163&clcid=0x0407 ---------------------------------------------------------------------- hängt das vieleicht auch mit dem gleichen Problem zusammen?  als anhang ist die datei zu gross darum hier: --------------------------------------------------------------------- OTL.txt:OTL Logfile: Code:
ATTFilter OTL logfile created on: 07.01.2011 22:10:29 - Run 1 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\Therese\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy 1'013.00 Mb Total Physical Memory | 331.00 Mb Available Physical Memory | 33.00% Memory free 2.00 Gb Paging File | 1.00 Gb Available in Paging File | 55.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 52.14 Gb Total Space | 10.24 Gb Free Space | 19.65% Space Free | Partition Type: NTFS Drive D: | 51.84 Gb Total Space | 15.61 Gb Free Space | 30.12% Space Free | Partition Type: NTFS Drive G: | 74.51 Gb Total Space | 7.99 Gb Free Space | 10.73% Space Free | Partition Type: FAT32 Computer Name: THERESE-PC | User Name: Therese | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Therese\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Windows\System32\TUProgSt.exe (TuneUp Software) PRC - C:\Programme\AVG\AVG PC Tuneup 2011\BoostSpeed.exe (AVG) PRC - C:\Programme\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) PRC - C:\Programme\Alwil Software\Avast4\ashServ.exe (ALWIL Software) PRC - C:\Programme\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software) PRC - C:\Programme\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software) PRC - C:\Programme\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) PRC - C:\Programme\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation) PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe () PRC - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.) PRC - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer) PRC - C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.) PRC - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.) PRC - C:\Acer\Mobility Center\MobilityService.exe () PRC - C:\Programme\Common Files\microsoft shared\VS7DEBUG\mdm.exe (Microsoft Corporation) PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems) ========== Modules (SafeList) ========== MOD - C:\Users\Therese\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (LiveUpdate Notice Ex) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe File not found SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe File not found SRV - (acssrv) -- C:\Programme\Agnitum\Outpost Firewall Pro\acs.exe (Agnitum Ltd.) SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (TuneUp.ProgramStatisticsSvc) -- C:\Windows\System32\TUProgSt.exe (TuneUp Software) SRV - (TuneUp.Defrag) -- C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software) SRV - (nosGetPlusHelper) getPlus(R) -- C:\Programme\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.) SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software) SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software) SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software) SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software) SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (eSettingsService) -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe () SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.) SRV - (WMIService) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer) SRV - (eNet Service) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.) SRV - (eLockService) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.) SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe () SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems) ========== Driver Services (SafeList) ========== DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (SandBox) -- C:\Windows\System32\drivers\SandBox.sys (Agnitum Ltd.) DRV - (ASWFilt) -- C:\Windows\System32\Filt\ASWFilt.dll (Agnitum Ltd.) DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (afwcore) -- C:\Windows\System32\drivers\afwcore.sys (Agnitum Ltd.) DRV - (afw) -- C:\Windows\System32\drivers\afw.sys (Agnitum Ltd.) DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software) DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software) DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software) DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software) DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.) DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys () DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.) DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell) DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation) DRV - (ialm) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems) DRV - (tifm21) -- C:\Windows\System32\drivers\tifm21.sys (Texas Instruments) DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1530654440-1645392781-752654200-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data] IE - HKU\S-1-5-21-1530654440-1645392781-752654200-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = hxxp://de.rd.yahoo.com/customize/ycomp/defaults/sp/*hxxp://de.yahoo.com IE - HKU\S-1-5-21-1530654440-1645392781-752654200-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search IE - HKU\S-1-5-21-1530654440-1645392781-752654200-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 IE - HKU\S-1-5-21-1530654440-1645392781-752654200-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-1530654440-1645392781-752654200-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-1530654440-1645392781-752654200-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1530654440-1645392781-752654200-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.urfer-art.ch" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.90 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185 FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900 FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.01.06 17:43:44 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.01.06 17:43:45 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.31 15:42:14 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.31 15:42:14 | 000,000,000 | ---D | M] [2009.09.13 08:52:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Therese\AppData\Roaming\mozilla\Extensions [2011.01.07 18:07:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Therese\AppData\Roaming\mozilla\Firefox\Profiles\ifs45c82.default\extensions [2010.12.31 11:44:41 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Therese\AppData\Roaming\mozilla\Firefox\Profiles\ifs45c82.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.10.29 16:28:00 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Therese\AppData\Roaming\mozilla\Firefox\Profiles\ifs45c82.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2011.01.01 20:00:45 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Therese\AppData\Roaming\mozilla\Firefox\Profiles\ifs45c82.default\extensions\DTToolbar@toolbarnet.com [2011.01.01 20:00:37 | 000,002,059 | ---- | M] () -- C:\Users\Therese\AppData\Roaming\Mozilla\Firefox\Profiles\ifs45c82.default\searchplugins\daemon-search.xml [2011.01.02 02:27:55 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.01.06 17:43:44 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO [2011.01.06 17:43:45 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA [2009.09.14 19:30:47 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2010.12.31 15:42:05 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.12.31 15:42:05 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.12.31 15:42:06 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.12.31 15:42:06 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.12.31 15:42:06 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\divx\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programme\divx\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-1530654440-1645392781-752654200-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [avast!] C:\Programme\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe (Agnitum Ltd.) O4 - HKLM..\Run: [OutpostMonitor] C:\Programme\Agnitum\Outpost Firewall Pro\op_mon.exe (Agnitum Ltd.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-1530654440-1645392781-752654200-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKU\S-1-5-21-1530654440-1645392781-752654200-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation) O24 - Desktop WallPaper: C:\Urfer\Fotoalbum2\IMG_0824.JPG O24 - Desktop BackupWallPaper: C:\Urfer\Fotoalbum2\IMG_0824.JPG O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2001.09.25 12:08:44 | 001,572,864 | R--- | M] () - F:\Autorun.exe -- [ CDFS ] O32 - AutoRun File - [2001.09.25 12:08:44 | 000,000,135 | R--- | M] () - F:\Autorun.inf -- [ CDFS ] O33 - MountPoints2\{d89b894b-72c0-11de-890d-001b242ef995}\Shell\AutoRun\command - "" = WD_Windows_Tools\Setup.exe O33 - MountPoints2\{f4b76a7c-caf4-11df-862d-001b242ef995}\Shell - "" = AutoRun O33 - MountPoints2\{f4b76a7c-caf4-11df-862d-001b242ef995}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found O33 - MountPoints2\{f57bb464-15d6-11e0-acd5-001b242ef995}\Shell - "" = AutoRun O33 - MountPoints2\{f57bb464-15d6-11e0-acd5-001b242ef995}\Shell\AutoRun\command - "" = F:\Autorun.exe -- [2001.09.25 12:08:44 | 001,572,864 | R--- | M] () O33 - MountPoints2\{f57bb464-15d6-11e0-acd5-001b242ef995}\Shell\readit\command - "" = notepad readme.doc O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {0EEB34F6-991D-4a1b-8EEB-772DA0EADB22} - Microsoft Office Communicator 2007 ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.i420 - i420vfw.dll File not found Drivers32: vidc.yv12 - yv12vfw.dll File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.01.07 22:07:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Therese\Desktop\OTL.exe [2011.01.07 12:47:51 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.01.07 12:47:50 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2011.01.07 12:47:48 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011.01.07 12:47:48 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011.01.07 12:47:48 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011.01.07 12:47:48 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.01.07 12:47:47 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.01.07 12:47:47 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011.01.07 12:47:46 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011.01.07 12:47:46 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011.01.07 12:47:45 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011.01.07 12:47:44 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011.01.07 12:47:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011.01.07 12:47:43 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011.01.07 12:47:43 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011.01.07 12:47:42 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011.01.07 12:47:40 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011.01.07 12:44:56 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2011.01.07 12:44:56 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2011.01.07 12:44:55 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2011.01.07 12:44:55 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2011.01.07 12:44:55 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll [2011.01.07 12:44:54 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2011.01.07 12:44:54 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2011.01.07 12:44:54 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2011.01.07 12:44:53 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2011.01.07 12:44:53 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2011.01.07 12:44:53 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2011.01.07 12:44:52 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2011.01.07 12:44:52 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2011.01.07 12:44:51 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe [2011.01.07 12:44:50 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2011.01.07 12:44:49 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2011.01.07 12:44:48 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011.01.07 12:44:48 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011.01.07 12:44:48 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011.01.07 12:44:44 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2011.01.07 12:44:44 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2011.01.07 12:44:43 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe [2011.01.07 12:44:43 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2011.01.07 12:44:43 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2011.01.07 12:44:43 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe [2011.01.07 09:02:09 | 000,000,000 | R--D | C] -- C:\Users\Therese\Documents\Notes [2011.01.07 01:53:43 | 000,000,000 | ---D | C] -- C:\Users\Therese\AppData\Roaming\AVG [2011.01.07 01:48:34 | 000,328,296 | ---- | C] (Agnitum Ltd.) -- C:\Windows\System32\drivers\afwcore.sys [2011.01.07 01:47:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Agnitum [2011.01.07 01:47:37 | 000,710,696 | ---- | C] (Agnitum Ltd.) -- C:\Windows\System32\drivers\SandBox.sys [2011.01.07 01:47:36 | 000,034,920 | ---- | C] (Agnitum Ltd.) -- C:\Windows\System32\drivers\afw.sys [2011.01.07 01:45:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\Filt [2011.01.07 01:45:11 | 000,000,000 | ---D | C] -- C:\Programme\Agnitum [2011.01.07 01:44:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Agnitum [2011.01.07 01:35:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC Tuneup 2011 [2011.01.07 01:35:29 | 000,000,000 | ---D | C] -- C:\Programme\AVG [2011.01.07 01:34:07 | 000,000,000 | ---D | C] -- C:\Users\Therese\Desktop\AVG PC Tuneup v10.0.0.22 [2011.01.07 01:32:30 | 000,000,000 | ---D | C] -- C:\AVG PC Tuneup 2011 v10.0.0.22 Final Software + Crack [2011.01.07 01:30:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Empowering Technology [2011.01.07 01:29:38 | 000,716,800 | ---- | C] (HiTRUST) -- C:\Windows\System32\ShowErrUI.dll [2011.01.07 01:29:38 | 000,352,256 | ---- | C] (TODO: <公司名>) -- C:\Windows\System32\UI.dll [2011.01.07 00:29:16 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan [2011.01.07 00:29:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NSS [2011.01.07 00:29:16 | 000,000,000 | ---D | C] -- C:\Programme\Norton Security Scan [2011.01.07 00:29:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton [2011.01.07 00:29:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NSS\0207030.022 [2011.01.07 00:29:11 | 000,000,000 | ---D | C] -- C:\Programme\NortonInstaller [2011.01.07 00:29:11 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller [2011.01.06 17:43:55 | 000,000,000 | ---D | C] -- C:\Users\Therese\AppData\Roaming\Local [2011.01.03 18:01:25 | 000,000,000 | ---D | C] -- C:\Users\Therese\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Westwood [2011.01.03 16:55:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood [2011.01.03 16:49:06 | 000,000,000 | ---D | C] -- C:\Westwood [2011.01.03 15:37:06 | 000,000,000 | ---D | C] -- C:\Users\Therese\Documents\Visual Studio 2005 [2011.01.01 22:46:14 | 000,000,000 | ---D | C] -- C:\Civilization V [2011.01.01 22:44:02 | 000,000,000 | ---D | C] -- C:\Command & Conquer - Red Alert 2 [2011.01.01 22:07:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LucasArts [2011.01.01 22:03:36 | 000,000,000 | ---D | C] -- C:\Programme\LucasArts [2011.01.01 21:46:21 | 000,000,000 | ---D | C] -- C:\Users\Therese\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raven Software [2011.01.01 21:46:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raven Software [2011.01.01 21:42:40 | 000,000,000 | ---D | C] -- C:\Programme\Soldier of Fortune II - Double Helix GOLD [2011.01.01 21:41:32 | 000,266,293 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.000 [2011.01.01 20:28:31 | 000,000,000 | ---D | C] -- C:\Star Wars Jedi Knight - Jedi Academy (2 Cds) [2011.01.01 20:26:07 | 000,000,000 | ---D | C] -- C:\Soldier.Of.Fortune.II.Double.Helix.Gold.Edition.PC.Game(djDEVASTATE™) [2011.01.01 20:05:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Psygnosis [2011.01.01 20:05:04 | 000,000,000 | ---D | C] -- C:\Programme\Psygnosis [2011.01.01 20:04:45 | 000,305,664 | ---- | C] (InstallShield Software Corporation ) -- C:\Windows\IsUn0407.exe [2011.01.01 20:00:37 | 000,000,000 | ---D | C] -- C:\Programme\DAEMON Tools Toolbar [2011.01.01 19:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2011.01.01 19:54:06 | 000,000,000 | ---D | C] -- C:\Programme\DAEMON Tools Lite [2011.01.01 19:53:57 | 000,000,000 | ---D | C] -- C:\Users\Therese\AppData\Roaming\DAEMON Tools Lite [2011.01.01 19:53:54 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2010.12.31 16:16:13 | 000,000,000 | ---D | C] -- C:\Programme\Rockstar Games [2010.12.31 16:16:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games [2010.12.31 15:16:38 | 000,000,000 | ---D | C] -- C:\Users\Therese\AppData\Roaming\Hamachi [2010.12.31 15:08:24 | 000,017,480 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\System32\drivers\hamachi.sys [2010.12.31 15:08:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hamachi [2010.12.31 15:08:18 | 000,000,000 | ---D | C] -- C:\Programme\Hamachi [2010.12.31 11:51:21 | 000,000,000 | ---D | C] -- C:\Users\Therese\AppData\Roaming\skypePM [2010.12.31 11:47:07 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Skype [2010.12.31 11:47:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2010.12.31 11:47:04 | 000,000,000 | R--D | C] -- C:\Programme\Skype [2010.12.31 11:47:03 | 000,000,000 | ---D | C] -- C:\Users\Therese\AppData\Roaming\Skype [2010.12.31 11:46:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2010.12.22 21:38:02 | 000,000,000 | ---D | C] -- C:\Users\Therese\AppData\Roaming\TS3Client [2010.12.22 21:37:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client [2010.12.22 21:37:02 | 000,000,000 | ---D | C] -- C:\Programme\TeamSpeak 3 Client [2010.12.21 18:47:45 | 000,000,000 | ---D | C] -- C:\Users\Therese\AppData\Roaming\teamspeak2 [2010.12.21 18:47:33 | 000,034,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lhacm.acm [2010.12.21 18:47:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Teamspeak2 RC2 [2010.12.14 22:06:29 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll [2010.12.14 22:06:28 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2010.12.14 22:06:25 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2010.12.14 22:01:27 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010.12.14 21:51:34 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2010.12.14 21:51:02 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010.12.14 21:51:01 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010.12.14 21:50:59 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2010.12.14 21:49:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2009.06.16 13:03:56 | 000,126,976 | ---- | C] ( ) -- C:\Windows\System32\Interop.SHDocVw.dll [2004.11.10 21:14:39 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll [1 C:\Users\Therese\Desktop\*.tmp files -> C:\Users\Therese\Desktop\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.01.07 22:08:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Therese\Desktop\OTL.exe [2011.01.07 22:00:02 | 000,000,522 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job [2011.01.07 21:46:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.01.07 20:46:24 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.01.07 20:46:24 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.01.07 19:14:50 | 000,004,544 | ---- | M] () -- C:\Users\Therese\Desktop\Neues Journal-Dokument.jnt [2011.01.07 17:28:56 | 000,000,478 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Therese.job [2011.01.07 14:53:54 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.01.07 14:46:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.01.07 14:45:52 | 1063,440,384 | -HS- | M] () -- C:\hiberfil.sys [2011.01.07 10:53:53 | 000,633,824 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.01.07 10:53:53 | 000,591,872 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.01.07 10:53:53 | 000,127,582 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.01.07 10:53:53 | 000,105,752 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.01.07 09:08:02 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2011.01.07 00:29:16 | 000,000,172 | ---- | M] () -- C:\Windows\System32\drivers\NSS\0207030.022\isolate.ini [2011.01.05 19:34:36 | 000,000,480 | ---- | M] () -- C:\Users\Therese\Desktop\Fotoalbum2.lnk [2011.01.03 15:11:14 | 000,000,512 | ---- | M] () -- C:\Users\Therese\Desktop\Bewerbung.lnk [2011.01.02 02:18:26 | 000,051,200 | ---- | M] () -- C:\Users\Therese\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.01.01 21:46:24 | 000,000,770 | ---- | M] () -- C:\Windows\Sof2.INI [2010.12.31 15:08:25 | 000,017,480 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\drivers\hamachi.sys [2010.12.31 11:51:36 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat [2010.12.21 18:47:33 | 000,034,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lhacm.acm [2010.12.15 06:41:22 | 001,721,816 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [1 C:\Users\Therese\Desktop\*.tmp files -> C:\Users\Therese\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.01.07 19:14:50 | 000,004,544 | ---- | C] () -- C:\Users\Therese\Desktop\Neues Journal-Dokument.jnt [2011.01.07 12:47:45 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2011.01.07 01:47:42 | 000,000,049 | ---- | C] () -- C:\Windows\transp.gif [2011.01.07 01:29:43 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Outlook Addin.dll [2011.01.07 01:29:38 | 000,822,784 | ---- | C] () -- C:\Windows\System32\UIVCL.dll [2011.01.07 01:29:38 | 000,032,768 | ---- | C] () -- C:\Windows\System32\TC_res.dll [2011.01.07 01:29:37 | 000,045,056 | ---- | C] () -- C:\Windows\System32\SC_res.dll [2011.01.07 01:29:37 | 000,045,056 | ---- | C] () -- C:\Windows\System32\EN_res.dll [2011.01.07 00:29:24 | 000,000,478 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for Therese.job [2011.01.07 00:29:16 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\NSS\0207030.022\isolate.ini [2011.01.05 19:34:37 | 000,000,480 | ---- | C] () -- C:\Users\Therese\Desktop\Fotoalbum2.lnk [2011.01.03 15:11:27 | 000,000,512 | ---- | C] () -- C:\Users\Therese\Desktop\Bewerbung.lnk [2011.01.01 21:41:14 | 000,000,770 | ---- | C] () -- C:\Windows\Sof2.INI [2010.12.31 11:51:36 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.11.07 15:26:34 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini [2010.10.31 14:38:32 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2010.10.31 14:38:32 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2009.08.03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009.06.16 13:03:58 | 000,053,248 | ---- | C] () -- C:\Windows\System32\dossec.dll [2007.09.16 10:58:32 | 000,697,328 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2007.09.11 15:34:23 | 000,000,155 | ---- | C] () -- C:\Windows\winamp.ini [2007.09.11 15:17:41 | 000,051,200 | ---- | C] () -- C:\Users\Therese\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007.08.29 14:02:28 | 000,000,030 | ---- | C] () -- C:\Windows\SETPANEL.INI [2007.08.29 14:02:24 | 000,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI [2007.08.28 23:11:38 | 000,000,037 | ---- | C] () -- C:\Windows\Acer.ini [2007.02.12 16:02:08 | 000,010,752 | ---- | C] () -- C:\Windows\System32\MSNChatHook.dll [2007.02.06 23:56:28 | 000,053,248 | ---- | C] () -- C:\Windows\System32\APISlice.dll [2006.11.29 21:30:18 | 000,152,576 | ---- | C] () -- C:\Windows\System32\CryptoAPI.dll [2006.11.16 22:41:40 | 000,082,432 | ---- | C] () -- C:\Windows\System32\keyManager.dll [2006.11.03 18:05:34 | 000,053,248 | ---- | C] () -- C:\Windows\System32\LogSPWusage.dll [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2004.11.11 06:49:40 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll [2004.11.11 04:22:39 | 000,000,117 | ---- | C] () -- C:\Windows\Alaunch.ini [2004.11.11 04:21:55 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1114.dll [2004.11.11 04:21:55 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2004.11.11 04:21:55 | 000,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll [2004.11.11 04:21:53 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2004.11.11 04:21:53 | 000,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll [2004.11.10 21:25:47 | 000,076,584 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys [2004.11.10 21:25:47 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys [2004.11.10 21:24:54 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll [2004.11.10 21:14:39 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll [2004.11.10 21:07:44 | 000,198,144 | ---- | C] () -- C:\Windows\System32\_psisdecd.dll [2004.01.14 00:46:34 | 000,172,032 | ---- | C] () -- C:\Windows\System32\tifmicon.dll [2001.12.26 15:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001.09.03 22:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001.07.30 15:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001.07.23 21:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll ========== LOP Check ========== [2011.01.07 02:00:45 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\AVG [2011.01.07 01:45:34 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\Azureus [2011.01.01 20:02:47 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\DAEMON Tools Lite [2010.11.07 23:42:12 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\DAEMON Tools Pro [2010.10.26 23:17:45 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\FileZilla [2010.10.21 22:53:22 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\gtk-2.0 [2011.01.06 17:43:55 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\Local [2010.10.26 12:19:14 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\Nvu [2010.12.01 16:37:31 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\Photo DVD Slideshow [2010.12.31 12:14:16 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\TS3Client [2010.10.12 17:24:45 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\TuneUp Software [2011.01.07 22:00:02 | 000,000,522 | ---- | M] () -- C:\Windows\Tasks\1-Klick-Wartung.job [2011.01.07 14:44:34 | 000,032,564 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2011.01.02 02:20:34 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\Adobe [2009.10.13 08:03:21 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\AdobeUM [2011.01.07 02:00:45 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\AVG [2011.01.07 01:45:34 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\Azureus [2010.11.02 08:07:30 | 000,000,000 | R--D | M] -- C:\Users\Therese\AppData\Roaming\Brother [2007.08.28 23:23:30 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\CyberLink [2011.01.01 20:02:47 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\DAEMON Tools Lite [2010.11.07 23:42:12 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\DAEMON Tools Pro [2010.10.21 19:57:59 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\DivX [2010.10.26 23:17:45 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\FileZilla [2010.10.21 22:53:22 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\gtk-2.0 [2011.01.01 16:37:06 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\Hamachi [2007.08.28 23:11:54 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\Identities [2010.10.31 14:31:25 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\InstallShield [2011.01.06 17:43:55 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\Local [2007.08.28 23:11:41 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\Macromedia [2006.11.02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\Media Center Programs [2011.01.07 19:15:04 | 000,000,000 | --SD | M] -- C:\Users\Therese\AppData\Roaming\Microsoft [2009.09.13 08:52:53 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\Mozilla [2010.11.07 16:48:53 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\Nero [2010.10.26 12:19:14 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\Nvu [2010.12.01 16:37:31 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\Photo DVD Slideshow [2010.10.05 23:16:05 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\Real [2011.01.06 17:39:50 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\Skype [2011.01.06 17:39:31 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\skypePM [2010.12.21 18:47:47 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\teamspeak2 [2010.12.31 12:14:16 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\TS3Client [2010.10.12 17:24:45 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\TuneUp Software [2007.09.11 15:33:28 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\vlc [2010.10.14 00:19:20 | 000,000,000 | ---D | M] -- C:\Users\Therese\AppData\Roaming\WinRAR < %APPDATA%\*.exe /s > [2010.10.13 18:31:14 | 000,310,208 | ---- | M] (Georgia Institute of Technology) -- C:\Users\Therese\AppData\Roaming\Azureus\plugins\mlab\ShaperProbeC.exe [2010.08.13 08:13:32 | 000,032,032 | ---- | M] (NOS Microsystems Ltd.) -- C:\Users\Therese\AppData\Roaming\Mozilla\Firefox\Profiles\ifs45c82.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe [2010.12.21 18:46:15 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Therese\AppData\Roaming\Real\Update\setup3.13\setup.exe [2010.03.25 11:08:26 | 013,407,072 | ---- | M] () -- C:\Users\Therese\AppData\Roaming\Real\Update\setup3.13\chr\ChromeInstaller.exe [2010.10.22 18:10:16 | 000,190,632 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Therese\AppData\Roaming\Real\Update\setup3.13\chr_helper\LaunchHelper.exe [2010.05.13 12:09:52 | 000,220,272 | ---- | M] (Google Inc.) -- C:\Users\Therese\AppData\Roaming\Real\Update\setup3.13\gtb\GOOGLE_TOOLBAR\GoogleToolbarInstaller.exe [2010.10.22 18:10:16 | 000,190,632 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Therese\AppData\Roaming\Real\Update\setup3.13\gtb_helper\LaunchHelper.exe [2010.12.07 06:53:57 | 026,454,672 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Therese\AppData\Roaming\Real\Update\setup3.13\rp\RealPlayer_de.exe [2010.12.02 14:29:50 | 000,092,328 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Therese\AppData\Roaming\Real\Update\setup3.13\ui_data\vista.exe < %SYSTEMDRIVE%\*.exe > [2010.12.01 16:36:39 | 000,000,286 | ---- | M] () -- C:\Gamebound.exe < MD5 for: AGP440.SYS > [2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys [2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\2e5f114e20ecbd999499689940a1c721\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys [2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: ENETHOOK.DLL > [2006.12.28 20:07:22 | 000,090,112 | ---- | M] (acer) MD5=D1DDFF67D47BD6762A6B2282E5C354AD -- C:\Acer\Empowering Technology\eNet\eNetHook.dll [2006.12.28 20:07:22 | 000,090,112 | ---- | M] (acer) MD5=D1DDFF67D47BD6762A6B2282E5C354AD -- C:\Windows\System32\eNetHook.dll < MD5 for: EXPLORER.EXE > [2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe [2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe [2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe [2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\2e5f114e20ecbd999499689940a1c721\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe [2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe [2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe [2008.01.19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe < MD5 for: IASTORV.SYS > [2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys [2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll [2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\2e5f114e20ecbd999499689940a1c721\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008.01.19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll [2008.01.19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys [2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: SCECLI.DLL > [2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll [2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll [2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\2e5f114e20ecbd999499689940a1c721\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll [2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll < MD5 for: USER32.DLL > [2007.09.15 15:15:38 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=63B4F59D7C89B1BF5277F1FFEFD491CD -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll [2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\SoftwareDistribution\Download\2e5f114e20ecbd999499689940a1c721\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll [2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll [2007.09.15 15:15:39 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll [2006.11.02 10:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll [2008.01.19 08:36:46 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll [2008.01.19 08:36:46 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll < MD5 for: USERINIT.EXE > [2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe [2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe < MD5 for: WINLOGON.EXE > [2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\2e5f114e20ecbd999499689940a1c721\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe [2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe [2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < MD5 for: WS2IFSL.SYS > [2006.11.02 09:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys [2008.01.19 06:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys [2008.01.19 06:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > [2010.11.07 22:58:16 | 000,697,328 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys < %systemroot%\System32\config\*.sav > [2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2006.11.02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2008.01.19 08:38:03 | 000,242,744 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll [2008.01.19 08:36:10 | 000,225,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 186 bytes -> C:\ProgramData\TEMP:0B4227B4 @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:A31FAD21 < End of report > ----------------------------------------------------------------------OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 07.01.2011 22:10:29 - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\Therese\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
1'013.00 Mb Total Physical Memory | 331.00 Mb Available Physical Memory | 33.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 55.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 52.14 Gb Total Space | 10.24 Gb Free Space | 19.65% Space Free | Partition Type: NTFS
Drive D: | 51.84 Gb Total Space | 15.61 Gb Free Space | 30.12% Space Free | Partition Type: NTFS
Drive G: | 74.51 Gb Total Space | 7.99 Gb Free Space | 10.73% Space Free | Partition Type: FAT32
Computer Name: THERESE-PC | User Name: Therese | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.js [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.txt [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-1530654440-1645392781-752654200-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Acer\Empowering Technology\eDataSecurity\encryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption -- ()
"C:\Acer\Empowering Technology\eDataSecurity\decryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption -- ()
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1BC63A6A-F1A4-41D0-8BD8-AC9D7C999A4A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1CE5C224-335E-428D-947D-733B66BF9C24}" = lport=139 | protocol=6 | dir=in | app=system |
"{34E5C03B-6A0F-46E0-90C1-8799312443BE}" = lport=138 | protocol=17 | dir=in | app=system |
"{365159D4-BA6D-4501-8648-DF6E4981CC5C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{367F8114-530B-44E7-BFC6-BDCE47D8FEDE}" = rport=137 | protocol=17 | dir=out | app=system |
"{5CE9B9FB-247F-4FA3-BAD1-3483334D7934}" = rport=138 | protocol=17 | dir=out | app=system |
"{64D63B67-03BC-4288-9B76-2263F11852F4}" = lport=445 | protocol=6 | dir=in | app=system |
"{A10446D9-FB9D-4304-A4CE-2251D9019274}" = lport=137 | protocol=17 | dir=in | app=system |
"{A7078211-FF2A-4171-95BC-921193B1017E}" = rport=139 | protocol=6 | dir=out | app=system |
"{D206CB6D-EC97-48BA-A515-3C3D9B377EBC}" = rport=445 | protocol=6 | dir=out | app=system |
"{ECD5E636-AF99-46E9-93D7-A6B97B6D48F7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{42A77DC1-AFCF-49DA-B8BC-23BDF4018750}" = protocol=6 | dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\mce deluxe suite.exe |
"{5BF40290-6268-4961-B660-3AC6D3328C2B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{644197F1-AA50-47EE-9CAC-92155B1FDC53}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{800E1FE0-8808-4AAF-BA09-977048AFFB2F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A8797E93-5D2C-4B56-BF68-520E459E1881}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B3EEC1C7-1C37-408F-A930-30631B75511E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D854AE80-A788-4D61-BA2C-0B65B2B7320A}" = protocol=17 | dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\mce deluxe suite.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{0409969E-BEFB-44D3-90B9-63BE50FBAE5E}" = TIPCI
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0FCA0973-24C0-48EA-8CF6-71B53C135C09}" = Microsoft Office Communicator 2007
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}" = Star Wars Jedi Knight Jedi Academy
"{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}" = GTA2
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A4A602B-BA0B-4C94-9182-5F317BC0AD53}" = Dybuster Premium
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{31FC0DD1-4C81-40CE-9CE5-E75B3A7D8FA7}" = Dybuster Premium Update
"{3998C068-937A-4346-BB2C-9F5AFEEA46E2}" = Dybuster Premium Update
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A08B59E-A9F0-4F4D-B7E5-6875D7F13327}" = Brother MFL-Pro Suite DCP-145C
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{499C316D-4E90-48D9-BD5C-FEA3ED8058A2}" = Dybuster Premium Update
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{70AB1576-7883-2313-C650-7A71270B1031}" = Nero 7 Ultra Edition
"{722A6DC0-2CB0-4D23-AA4A-505A9D4709D8}" = Dybuster Basic
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7B9952E3-3DEF-4F4A-981D-0FD8943ED292}" = Dybuster Premium
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{8264fef1-532a-4c37-a561-ec61caa75f46}" = Nero 9
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROPLUSR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROPLUSR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROPLUSR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROPLUSR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROPLUSR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROPLUSR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUSR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUSR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUSR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROPLUSR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_PROPLUSR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROPLUSR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AE188BC8-FFAA-4B4C-B402-5FD7E906DB04}" = Dybuster Basic Update
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{CBB25040-2D43-4868-930C-F08B812F2BF8}" = Acer eDataSecurity Management
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E431C518-2EE2-471E-9234-BE995C36D513}" = Acer eDataSecurity Management 1.00.21
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Deluxe
"{EFCB897E-3134-4062-A73D-BA8956B62269}" = Dybuster Basic Update
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"8461-7759-5462-8226" = Vuze
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Agnitum Outpost Firewall Pro_is1" = Outpost Firewall Pro 7.0.4
"avast!" = avast! Antivirus
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"Easy_Reading_Program_1.0" = Easy Reading Program
"Google Chrome" = Google Chrome
"GridVista" = Acer GridVista
"Hamachi" = Hamachi 1.0.1.5
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{0409969E-BEFB-44D3-90B9-63BE50FBAE5E}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"LehrerOffice Win_is1" = LehrerOffice Win
"LManager" = Launch Manager
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"NSS" = Norton Security Scan
"Nvu_is1" = Nvu 1.0
"Photo DVD Slideshow Professional" = Photo DVD Slideshow Pro 8.07
"PROPLUSR" = Microsoft Office Professional Plus 2007
"RealPlayer 6.0" = RealPlayer
"Red Alert 2" = Command & Conquer Red Alert 2
"Rollcage Stage II" = Rollcage Stage II
"Soldier of Fortune II - Double Helix GOLD" = Soldier of Fortune II - Double Helix GOLD
"SUPER ©" = SUPER © Version 2010.bld.42 (Nov 7, 2010)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VideoLAN VLC media player 0.8.2
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR
"WOLAPI" = Westwood Shared Internet Components
"Yuri's Revenge" = Command && Conquer Red Alert 2 - Yuri's Revenge
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1530654440-1645392781-752654200-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.3.4.1
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 01.01.2011 11:36:08 | Computer Name = Therese-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
G:\Urfer\dokumente\Arbeitszeugnis2.jpg failed, 00000015.
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
|
|
08.01.2011, 13:29
| #4 |
| /// Malware-holic | Acer Laptop-Rechner arbeitet auf Hochtouren ohne jeglichen Grund hmm ich sehe das vista nicht aktuell gehalten wurde. mit fehlersuche und updaten würden wir ne lange zeit benötigen. dein laptop hat doch sicher ne recovery funktion. ich würde daher vorschlagen, wir gehen den weg mit der geringeren arbeit, und sichern deine wichtigen daten und setzen den laptop auf werkseinstellungen zurück. dann helfe ich dir, ihn vernünftig abzusichern etc. und dann verzichte auf tuning misst, man brauchts nicht.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.01.2011, 14:36
| #5 |
| |  Acer Laptop-Rechner arbeitet auf Hochtouren ohne jeglichen Grund Ja gut wie muss ich jetzt vorgehen? Muss ich meine Daten auf eine Externe Festplatte speichern oder kann ich einen Ordner anlegen, welchen ich auf dem Laufwerk C: lassen kann? Recovery hab ich nur das von "AVG File Recovery" gefunden mit der Suchfunktion von Vista... |
|
08.01.2011, 14:53
| #6 |
| /// Malware-holic | Acer Laptop-Rechner arbeitet auf Hochtouren ohne jeglichen Grund ne auf c: kannst du nichts lassen. du kannst aber auf d und g speichern. hast du ne windows cd zu dem laptop bekommen? oder ne recovery cd?
__________________ --> Acer Laptop-Rechner arbeitet auf Hochtouren ohne jeglichen Grund |
|
08.01.2011, 15:42
| #7 |
| |  Acer Laptop-Rechner arbeitet auf Hochtouren ohne jeglichen Grund hmm ich habe nachgeschaut, habe aber keine CD gefunden und ich mag mich auch nicht erinnern, eine erhalten zu haben. Wo kann ich so eine bestellen? |
|
08.01.2011, 15:49
| #8 |
| /// Malware-holic | Acer Laptop-Rechner arbeitet auf Hochtouren ohne jeglichen Grund hmm hast du das handbuch noch? da könnte man rein sehen, obs ne recovery funktion gibt. na windows cds bekommst du sonst bei jedem mediamarkt etc. ich würde dann aber gleich win 7 nutzen, läuft geschmeidiger find ich.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.01.2011, 15:56
| #9 |
| |  Acer Laptop-Rechner arbeitet auf Hochtouren ohne jeglichen Grund Ein Freund hat mir gesagt, es seie nicht so einfach, Windows Vista mit Windows 7 zu überschreiben. Siehst du da keine Probleme und mit welchen Kosten muss ich da rechnen? |
|
08.01.2011, 16:04
| #10 |
| /// Malware-holic | Acer Laptop-Rechner arbeitet auf Hochtouren ohne jeglichen Grund nein probleme gibts eher selten Windows 7 Upgrade Advisor - Download - Microsoft Windows dieses tool mal laufen lassen. das gibt uns erste hinweise ob es probleme geben kann. ich glaub win 7 kostet rund 100 € aber nimm nicht die starter edition, die ist eingeschrenkt. könnte aber auch schon n bissel billiger sein.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.01.2011, 21:36
| #11 |
| | Acer Laptop-Rechner arbeitet auf Hochtouren ohne jeglichen Grund dieses Programm meint... System Details Upgradeoptionen verfügbar Sie können ein Upgrade auf 32-Bit-Windows 7 Home Premium oder Ultimate ausführen. Ausführliche Anweisungen zum Upgradevorgang online abrufen 13.4 GB freier Speicherplatz auf C verfügbar: Sie benötigen mindestens 16 GB freien Festplattenspeicherplatz, um 32-Bit-Windows 7 installieren zu können. Sie können Speicherplatz freigeben, indem Sie nicht benötigte Dateien von der Festplatte löschen, oder wenden Sie sich an den PC-Hersteller oder -Händler, um zu erfahren, ob für Ihren PC eine Festplatte mit mehr Speicherkapazität verfügbar ist. Sie können auch eine benutzerdefinierte Installation auf einer anderen Festplatte vornehmen. Weitere Informationen zur benutzerdefinierten Installation Windows Mail und Jugendschutz (Webfilter) Diese Features sind nicht mehr in Windows 7 enthalten. Es sind ähnliche Programme für Windows 7 von anderen Softwareherstellern erhältlich. Weitere Informationen auf der Microsoft-Website erhalten Weitere Informationen von Acer, inc. Acer, inc. hat eine Website, auf der Sie weitere Informationen über die Ausführung von Windows 7 auf Ihrem PC erhalten können. Acer, inc.-Website besuchen Windows-Aero-Unterstützung Ihre Grafikkarte unterstützt die Windows-Aero-Benutzeroberfläche. Weitere Informationen zu Windows Aero erhalten Sie online. CPU-Geschwindigkeit: 1.7 GHz Ihre CPU erfüllt die Mindestanforderung von 1 GHz. 1.0 GB RAM Ihr PC erfüllt die Mindestanforderung von 1 GB. Geräte Status Details Agere Systems HDA Modem Agere Unbekannt Uns liegen keine Kompatibilitätsinformationen zu diesem Gerät vor. Atheros AR5007EG Wireless Network Adapter Atheros Communications Inc. Kompatibel Dieses Gerät ist mit Windows 7 kompatibel. Brother DCP-145C Brother Kompatibel Dieses Gerät ist mit Windows 7 kompatibel. Brother DCP-145C Printer Brother Kompatibel Dieses Gerät ist mit Windows 7 kompatibel. Marvell Yukon 88E8038 PCI-E Fast Ethernet Controller Marvell Kompatibel Dieses Gerät ist mit Windows 7 kompatibel. Mobile Intel(R) 945GM Express Chipset Family Intel Corporation Kompatibel Dieses Gerät ist mit Windows 7 kompatibel. Mobile Intel(R) 945GM Express Chipset Family Intel Corporation Kompatibel Dieses Gerät ist mit Windows 7 kompatibel. Realtek High Definition Audio Realtek Kompatibel Dieses Gerät ist mit Windows 7 kompatibel. Texas Instruments PCI-8x12/7x12/6x12 CardBus-Controller Texas Instruments Kompatibel Dieses Gerät ist mit Windows 7 kompatibel. Texas Instruments PCIxx12 Integrated FlashMedia Controller Texas Instruments Inc Kostenloses Update verfügbar Der Hersteller stellt eine Software zur Verfügung, mit der dieses Gerät unter Windows 7 verwendet werden kann. Die Software auf der Website des Herstellers kostenlos erhalten USB-Druckerunterstützung Microsoft Kompatibel Dieses Gerät ist mit Windows 7 kompatibel. USB-Massenspeichergerät Kompatibles USB-Speichergerät Kompatibel Dieses Gerät ist mit Windows 7 kompatibel. Programme Status Details Nero 7 Ultra Edition version 7.01.0735 Nero AG Zuerst deinstallieren Dieses Programm muss vor dem Upgrade auf Windows 7 deinstalliert werden. Wenn Sie dieses Programm unter Windows 7 neu installieren und ausführen, kann es zu Problemen kommen. Besuchen Sie die Website des Herausgebers, um eine mögliche Lösung zu finden. NTI Backup NOW! 4.7 version 4 NewTech Infosystems Nicht kompatibel Diese Version des Programms kann unter Windows 7 nicht verwendet werden. Wir empfehlen, vor der Ausführung des Upgrades dieses Programm zu deinstallieren. Besuchen Sie die Website des Herausgebers, um eine mögliche Lösung zu finden. Acer Empowering Technology version 2.5.3005 Acer Inc. Bekannte Probleme Bei der Ausführung dieses Programms unter Windows 7 können Probleme auftreten. Wir empfehlen, dieses Programm vor dem Upgrade zu deinstallieren. Acer eNet Management version 2.6.3002 Acer Inc. Bekannte Probleme Bei der Ausführung dieses Programms unter Windows 7 können Probleme auftreten. Wir empfehlen, dieses Programm vor dem Upgrade zu deinstallieren. Adobe AIR version 1.1.0.5790 Adobe Systems Inc. Kostenloses Update verfügbar Uns liegen keine Kompatibilitätsinformationen über diese Version des Programms vor. Kostenloses Update auf eine kompatible Version erhalten Adobe Reader 7.0 version 7.0.0 Adobe Systems Incorporated Bekannte Probleme Bei der Ausführung dieses Programms unter Windows 7 können Probleme auftreten. Wir empfehlen, dieses Programm vor dem Upgrade zu deinstallieren. Online eine Lösung suchen Winamp version 5.56 Nullsoft, Inc Update verfügbar Uns liegen keine Kompatibilitätsinformationen über diese Version des Programms vor. Auf eine kompatible Version aktualisieren avast! Antivirus version 4.8 Alwil Software Dieses Programm hat das Microsoft-Logo "Kompatibel mit Windows 7" erhalten. Weitere Informationen zum Logo "Kompatibel mit Windows 7" Microsoft Office Communicator 2007 version 2.0.6362.0 Microsoft Corporation Dieses Programm hat das Microsoft-Logo "Kompatibel mit Windows 7" erhalten. Weitere Informationen zum Logo "Kompatibel mit Windows 7" Microsoft Office Professional Plus 2007 version 12.0.6425.1000 Microsoft Corporation Dieses Programm hat das Microsoft-Logo "Kompatibel mit Windows 7" erhalten. Weitere Informationen zum Logo "Kompatibel mit Windows 7" Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 version 8.0.50727.4053 Microsoft Corporation Dieses Programm hat das Microsoft-Logo "Kompatibel mit Windows 7" erhalten. Weitere Informationen zum Logo "Kompatibel mit Windows 7" Nero 9 Nero AG Dieses Programm hat das Microsoft-Logo "Kompatibel mit Windows 7" erhalten. Weitere Informationen zum Logo "Kompatibel mit Windows 7" Windows 7 Upgrade Advisor version 2.0.5000.0 Microsoft Corporation Dieses Programm hat das Microsoft-Logo "Kompatibel mit Windows 7" erhalten. Weitere Informationen zum Logo "Kompatibel mit Windows 7" Adobe Photoshop CS3 version 10.0 Adobe Systems Incorporated Kompatibel Dieses Programm ist mit Windows 7 kompatibel. Microsoft Visual C++ 2005 Redistributable version 8.0.56336 Microsoft Corporation Kompatibel Dieses Programm ist mit Windows 7 kompatibel. Microsoft Works version 08.05.0822 Microsoft Corporation Kompatibel Dieses Programm ist mit Windows 7 kompatibel. ist das nun gut oder schlecht? |
|
09.01.2011, 12:49
| #12 |
| /// Malware-holic | Acer Laptop-Rechner arbeitet auf Hochtouren ohne jeglichen Grund du kannst win 7 nutzen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu Acer Laptop-Rechner arbeitet auf Hochtouren ohne jeglichen Grund |
| acer, acer aspire, adaware, antivirus, arbeitet, avast, avast antivirus, bli, computer, fehler, firewall, forum, gesucht, laptop, laptop acer, link, lösung, nichts, outpost, programm, programme, rechner, rechner ueberlastet, situation, software, trojaner, weiterleitung, windows, windows vista |
Linear-Darstellung
