| |
| |||||||
Log-Analyse und Auswertung: Win7 verlangt Passwort obwohl keins gesetzt ist. Trojaner?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
26.01.2011, 18:13
| #1 |
| |  Win7 verlangt Passwort obwohl keins gesetzt ist. Trojaner? Hallo, seit einigen wochen, habe ich immer das gleiche Problem, nach dem Hochfahren verlangt mein Laptop ein Passwort, obwohl ich keines erstellt habe. Der Latop ist neu, d.h. im Dezember gekauft. Im Endeffekt konnte ich dann nur wieder darauf zugreifen, weil ich mit Linux die Passwörter gelöscht habe. Danach habe ich die Windows Funktion zur Kennwortrücksetzung benutzt (auf USB stick). Ich habe das Notebook dann umgetauscht, weil Word auch nicht mehr funktionierte und dachte damit wäre die Sache erledigt. Nichts da! Der neue Laptop ist grade mal 4 Tage alt und auch der hat eben nach einem Passwort gefragt- wieder von Linux gelöscht und Windows war dann wieder zugreifbar. Da es jetzt schon das zweite Notebook ist, bei dem es passiert, kann es ja nicht am System liegen, sondern nur! an den Updates und den Programmen die ich heruntergeladen habe. Virenprogramm von avast! ist installiert und updated sich regelmäßig, hat bei einem Scan auch nichts gefunden. Im sonstigen Umfeld des Internets habe ich auch nichts zu diesem Thema gefunden, außer dass es sich um Trojaner handeln könnte. Deshalb hab ich jetzt mal hijack ausprobiert und bitte euch mir bei der Auswertung zu helfen. Danke im Vorraus Geändert von plum-marmela (26.01.2011 um 18:42 Uhr) |
|
26.01.2011, 20:35
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Win7 verlangt Passwort obwohl keins gesetzt ist. Trojaner? Was genau heißt nach dem Passwort fragen? Funktioniert die automatische Anmeldung nicht und du musst dich einloggen wobei das Passwortfeld leer bleibt?
__________________
__________________ |
|
26.01.2011, 21:11
| #3 |
| | Win7 verlangt Passwort obwohl keins gesetzt ist. Trojaner? ich muss ein passwort eingeben so dass das system überhaupt erst nutzbar ist.
__________________Computer fährt hoch bis zur wilkommensseite und fragt dann nach Kennwort. d.h. ich muss "irgendwas" eingeben (keine ahnung was), denn ich hab ja kein passwort eingegeben, sonst wäre auch mein problem gar nicht da ;-) leer lassen funktioniert nicht --> kennwort falsch und sonst klappt die automatische anmeldung, wenn mal nicht nach dem passwort gefragt ist, damit hab ich kein problem. |
|
26.01.2011, 21:34
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win7 verlangt Passwort obwohl keins gesetzt ist. Trojaner? Nutzen noch andere diesen Rechner?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
26.01.2011, 21:48
| #5 |
| | Win7 verlangt Passwort obwohl keins gesetzt ist. Trojaner? nein, bin alleiniger nutzer |
|
26.01.2011, 22:19
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win7 verlangt Passwort obwohl keins gesetzt ist. Trojaner? Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ --> Win7 verlangt Passwort obwohl keins gesetzt ist. Trojaner? |
|
27.01.2011, 02:17
| #7 |
| | Win7 verlangt Passwort obwohl keins gesetzt ist. Trojaner? oben im ersten Eintrag ist auch noch ein log von hijack.... ich bin so froh, dass hier einer versucht mir zu helfen ;-)OTL Logfile: Code:
ATTFilter OTL logfile created on: 27.01.2011 01:47:16 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\***\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 284,99 Gb Total Space | 232,79 Gb Free Space | 81,68% Space Free | Partition Type: NTFS Drive D: | 4,22 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: MOOSE-PC | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.01.27 01:45:52 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\***\Downloads\OTL.exe PRC - [2011.01.13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastUI.exe PRC - [2011.01.13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe PRC - [2011.01.11 00:25:06 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe PRC - [2010.12.08 22:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe PRC - [2010.12.03 20:43:34 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2010.12.03 20:43:34 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe PRC - [2010.06.28 14:23:12 | 000,265,984 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe PRC - [2010.06.28 14:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe PRC - [2010.06.22 07:34:48 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe PRC - [2010.06.22 07:34:48 | 000,305,744 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe PRC - [2010.06.22 07:34:46 | 000,968,272 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2010.06.09 17:54:22 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe PRC - [2010.05.27 03:41:24 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe PRC - [2010.04.24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2010.04.24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2010.04.13 17:57:58 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010.04.13 17:57:56 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2010.03.18 05:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010.03.18 05:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010.03.11 06:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe PRC - [2010.03.11 06:11:42 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe PRC - [2010.02.28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe PRC - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe PRC - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe PRC - [2009.05.14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe ========== Modules (SafeList) ========== MOD - [2011.01.27 01:45:52 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\***\Downloads\OTL.exe MOD - [2011.01.24 18:25:17 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\snxhk.dll MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.01.13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2010.05.27 05:59:42 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2010.07.13 12:59:30 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010.06.28 14:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2010.06.22 07:34:48 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2010.06.11 13:27:26 | 000,868,896 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV - [2010.06.01 23:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU) SRV - [2010.05.27 03:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService) SRV - [2010.04.24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2010.04.24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2010.04.13 17:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.18 05:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2010.03.18 05:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.05.14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.01.13 09:37:23 | 000,062,032 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2010.07.09 04:51:50 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:64bit: - [2010.06.17 10:18:28 | 000,246,376 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2010.05.27 06:39:14 | 006,856,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2010.05.27 05:25:38 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010.05.15 13:48:28 | 000,384,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM) DRV:64bit: - [2010.05.11 11:11:38 | 002,229,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2010.04.24 01:10:32 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2010.04.24 01:10:28 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2010.04.24 01:10:28 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2010.04.24 01:10:20 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2010.04.20 03:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2010.04.13 17:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.01.27 04:05:00 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - [2010.01.20 14:48:56 | 000,332,688 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11) DRV:64bit: - [2009.12.10 12:25:10 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009.09.17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R) DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.06.03 03:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2009.06.03 03:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2009.06.03 03:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5742g&r=273601110475l0434z1j5v48122427 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5742g&r=273601110475l0434z1j5v48122427 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5742g&r=273601110475l0434z1j5v48122427 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5742g&r=273601110475l0434z1j5v48122427 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5742g&r=273601110475l0434z1j5v48122427 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5742g&r=273601110475l0434z1j5v48122427 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "mail.yahoo.com" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.01.24 19:53:24 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.01.24 19:53:24 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.01.24 18:23:11 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.01.24 18:23:09 | 000,000,000 | ---D | M] [2011.01.24 18:37:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2011.01.26 11:13:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\y4gnqqwv.default\extensions [2011.01.24 20:04:01 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\y4gnqqwv.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.01.24 19:49:35 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\y4gnqqwv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011.01.24 18:23:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.01.24 19:53:24 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO [2011.01.24 19:53:24 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA [2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.) O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKCU..\Run: [EPSON SX218 Series] File not found O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O13 - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008.06.10 13:32:43 | 000,000,044 | R--- | M] () - D:\Autorun.inf -- [ UDF ] O33 - MountPoints2\{97f3d873-d3f6-11df-a259-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{97f3d873-d3f6-11df-a259-806e6f6e6963}\Shell\AutoRun\command - "" = D:\StartUp.exe -- [2010.09.07 08:17:47 | 000,655,231 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.01.27 01:47:51 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes [2011.01.27 01:47:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.01.27 01:47:45 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.01.27 01:47:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.01.27 01:47:37 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.01.27 01:47:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.01.26 18:44:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trojancheck 6 [2011.01.24 22:28:21 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Drakensang [2011.01.24 22:27:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ProtectDisc Driver Installer [2011.01.24 22:27:29 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\ProtectDISC [2011.01.24 22:26:44 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll [2011.01.24 22:26:44 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll [2011.01.24 22:26:44 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll [2011.01.24 22:26:44 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll [2011.01.24 22:26:43 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll [2011.01.24 22:26:43 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll [2011.01.24 22:26:43 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll [2011.01.24 22:26:43 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll [2011.01.24 22:26:43 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll [2011.01.24 22:26:43 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll [2011.01.24 22:26:42 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll [2011.01.24 22:26:42 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll [2011.01.24 22:26:41 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll [2011.01.24 22:26:41 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll [2011.01.24 22:26:41 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll [2011.01.24 22:26:41 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll [2011.01.24 22:26:41 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll [2011.01.24 22:26:41 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll [2011.01.24 22:26:40 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll [2011.01.24 22:26:40 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll [2011.01.24 22:26:39 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll [2011.01.24 22:26:39 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2011.01.24 22:26:39 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll [2011.01.24 22:26:39 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2011.01.24 22:26:39 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll [2011.01.24 22:26:39 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2011.01.24 22:26:38 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll [2011.01.24 22:26:38 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll [2011.01.24 22:26:38 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll [2011.01.24 22:26:38 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll [2011.01.24 22:26:37 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll [2011.01.24 22:26:37 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll [2011.01.24 22:26:37 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll [2011.01.24 22:26:37 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll [2011.01.24 22:26:37 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll [2011.01.24 22:26:37 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll [2011.01.24 22:26:37 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll [2011.01.24 22:26:37 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll [2011.01.24 22:26:36 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll [2011.01.24 22:26:36 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll [2011.01.24 22:26:36 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll [2011.01.24 22:26:36 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll [2011.01.24 22:26:35 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll [2011.01.24 22:26:35 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll [2011.01.24 22:26:35 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll [2011.01.24 22:26:35 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll [2011.01.24 22:26:34 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll [2011.01.24 22:26:34 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll [2011.01.24 22:26:34 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll [2011.01.24 22:26:34 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll [2011.01.24 22:26:33 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll [2011.01.24 22:26:33 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll [2011.01.24 22:26:33 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll [2011.01.24 22:26:33 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll [2011.01.24 22:26:31 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll [2011.01.24 22:26:31 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll [2011.01.24 22:26:31 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll [2011.01.24 22:26:31 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll [2011.01.24 22:26:31 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll [2011.01.24 22:26:31 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll [2011.01.24 22:26:30 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll [2011.01.24 22:26:30 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll [2011.01.24 22:26:30 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll [2011.01.24 22:26:30 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll [2011.01.24 22:26:30 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll [2011.01.24 22:26:30 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll [2011.01.24 22:26:29 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll [2011.01.24 22:26:29 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll [2011.01.24 22:26:29 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll [2011.01.24 22:26:29 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll [2011.01.24 22:26:28 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll [2011.01.24 22:26:28 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll [2011.01.24 22:26:28 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll [2011.01.24 22:26:28 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll [2011.01.24 22:26:28 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll [2011.01.24 22:26:28 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll [2011.01.24 22:26:27 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll [2011.01.24 22:26:27 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll [2011.01.24 22:26:27 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll [2011.01.24 22:26:27 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll [2011.01.24 22:26:27 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll [2011.01.24 22:26:27 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2011.01.24 22:26:26 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll [2011.01.24 22:26:26 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll [2011.01.24 22:26:26 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll [2011.01.24 22:26:26 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll [2011.01.24 22:26:26 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll [2011.01.24 22:26:26 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll [2011.01.24 22:26:25 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll [2011.01.24 22:26:25 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll [2011.01.24 22:26:24 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll [2011.01.24 22:26:24 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll [2011.01.24 22:26:24 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll [2011.01.24 22:26:24 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll [2011.01.24 22:26:20 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll [2011.01.24 22:26:20 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll [2011.01.24 22:26:19 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll [2011.01.24 22:26:19 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll [2011.01.24 22:26:19 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll [2011.01.24 22:26:19 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll [2011.01.24 22:26:19 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll [2011.01.24 22:26:19 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll [2011.01.24 22:26:18 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll [2011.01.24 22:26:18 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll [2011.01.24 22:26:18 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll [2011.01.24 22:26:18 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll [2011.01.24 22:26:17 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll [2011.01.24 22:26:17 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll [2011.01.24 22:26:17 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll [2011.01.24 22:26:17 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll [2011.01.24 22:26:16 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll [2011.01.24 22:26:16 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll [2011.01.24 22:26:11 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll [2011.01.24 22:26:11 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll [2011.01.24 22:26:10 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll [2011.01.24 22:26:10 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll [2011.01.24 22:26:10 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll [2011.01.24 22:26:10 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll [2011.01.24 22:26:10 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll [2011.01.24 22:26:10 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll [2011.01.24 22:26:10 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll [2011.01.24 22:26:10 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll [2011.01.24 22:26:09 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll [2011.01.24 22:26:09 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll [2011.01.24 22:26:09 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll [2011.01.24 22:26:09 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll [2011.01.24 22:26:08 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll [2011.01.24 22:26:08 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll [2011.01.24 22:26:07 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll [2011.01.24 22:26:07 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll [2011.01.24 22:25:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drakensang [2011.01.24 22:15:46 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Adobe [2011.01.24 22:12:53 | 000,000,000 | ---D | C] -- C:\Spiele [2011.01.24 22:10:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch) [2011.01.24 21:01:58 | 000,000,000 | RH-D | C] -- C:\MSOCache [2011.01.24 20:57:17 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications [2011.01.24 20:04:00 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers [2011.01.24 20:03:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [2011.01.24 20:03:29 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\DVDVideoSoft [2011.01.24 20:03:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft [2011.01.24 20:03:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft [2011.01.24 20:03:17 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\DVDVideoSoft [2011.01.24 19:53:28 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Local [2011.01.24 19:53:17 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\DivX [2011.01.24 19:53:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2011.01.24 19:52:59 | 000,000,000 | ---D | C] -- C:\Programme\DivX [2011.01.24 19:52:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus [2011.01.24 19:52:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared [2011.01.24 19:51:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX [2011.01.24 19:50:57 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2011.01.24 19:44:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP [2011.01.24 19:44:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIMP-2.0 [2011.01.24 19:26:17 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\sternchen [2011.01.24 19:25:30 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.2 [2011.01.24 19:24:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3 [2011.01.24 19:23:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\redist [2011.01.24 19:23:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\readmes [2011.01.24 19:23:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\licenses [2011.01.24 19:19:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2011.01.24 19:19:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2011.01.24 19:13:01 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Toni [2011.01.24 19:05:13 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\ABBYY [2011.01.24 19:04:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 9.0 Sprint [2011.01.24 19:04:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint [2011.01.24 19:04:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ABBYY [2011.01.24 19:04:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ABBYY [2011.01.24 19:03:06 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\EPSON [2011.01.24 19:02:51 | 000,010,752 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\E_GCINST.DLL [2011.01.24 19:02:44 | 000,118,784 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_ILMGDE.DLL [2011.01.24 19:02:41 | 000,088,064 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_IBCBGDE.DLL [2011.01.24 19:02:27 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON [2011.01.24 19:02:14 | 000,464,384 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\SysNative\esxw2ud.dll [2011.01.24 19:02:14 | 000,128,392 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\SysNative\esdevapp.exe [2011.01.24 19:02:14 | 000,017,408 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\esxcdev.dll [2011.01.24 19:02:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON [2011.01.24 19:02:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\epson [2011.01.24 18:46:38 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\SoftGrid Client [2011.01.24 18:46:38 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\SoftGrid Client [2011.01.24 18:45:44 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office [2011.01.24 18:45:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client [2011.01.24 18:45:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2011.01.24 18:45:37 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\TP [2011.01.24 18:37:14 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Mozilla [2011.01.24 18:37:14 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Mozilla [2011.01.24 18:23:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox [2011.01.24 18:23:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2011.01.24 18:21:43 | 000,273,488 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2011.01.24 18:21:43 | 000,237,168 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011.01.24 18:21:43 | 000,062,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2011.01.24 18:21:43 | 000,051,792 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2011.01.24 18:21:43 | 000,029,264 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2011.01.24 18:21:43 | 000,020,560 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2011.01.24 18:21:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2011.01.24 18:21:24 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2011.01.24 18:21:23 | 000,188,216 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2011.01.24 18:21:18 | 000,000,000 | ---D | C] -- C:\Programme\Alwil Software [2011.01.24 18:21:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software [2011.01.24 18:17:00 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Adobe [2011.01.24 18:14:46 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Google [2011.01.24 18:14:46 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Google [2011.01.24 18:13:14 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Intel Corporation [2011.01.24 18:13:09 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\EgisTec IPS [2011.01.24 18:13:08 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Macromedia [2011.01.24 18:12:51 | 000,000,000 | R--D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2011.01.24 18:12:51 | 000,000,000 | R--D | C] -- C:\Users\***\Searches [2011.01.24 18:12:51 | 000,000,000 | R--D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2011.01.24 18:12:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Identities [2011.01.24 18:12:39 | 000,000,000 | R--D | C] -- C:\Users\***\Contacts [2011.01.24 18:12:37 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\VirtualStore [2011.01.24 18:11:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OEM [2011.01.24 18:11:35 | 000,000,000 | ---D | C] -- C:\Programme\Acer Accessory Store [2011.01.24 18:10:48 | 000,000,000 | --SD | C] -- C:\Users\***\AppData\Roaming\Microsoft [2011.01.24 18:10:48 | 000,000,000 | R--D | C] -- C:\Users\***\Videos [2011.01.24 18:10:48 | 000,000,000 | R--D | C] -- C:\Users\***\Saved Games [2011.01.24 18:10:48 | 000,000,000 | R--D | C] -- C:\Users\***\Pictures [2011.01.24 18:10:48 | 000,000,000 | R--D | C] -- C:\Users\***\Music [2011.01.24 18:10:48 | 000,000,000 | R--D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2011.01.24 18:10:48 | 000,000,000 | R--D | C] -- C:\Users\***\Links [2011.01.24 18:10:48 | 000,000,000 | R--D | C] -- C:\Users\***\Favorites [2011.01.24 18:10:48 | 000,000,000 | R--D | C] -- C:\Users\***\Downloads [2011.01.24 18:10:48 | 000,000,000 | R--D | C] -- C:\Users\***\Documents [2011.01.24 18:10:48 | 000,000,000 | R--D | C] -- C:\Users\***\Desktop [2011.01.24 18:10:48 | 000,000,000 | R--D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2011.01.24 18:10:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Vorlagen [2011.01.24 18:10:48 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Verlauf [2011.01.24 18:10:48 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Temporary Internet Files [2011.01.24 18:10:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Startmenü [2011.01.24 18:10:48 | 000,000,000 | -HSD | C] -- C:\Users\***\SendTo [2011.01.24 18:10:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Recent [2011.01.24 18:10:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Netzwerkumgebung [2011.01.24 18:10:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Lokale Einstellungen [2011.01.24 18:10:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Videos [2011.01.24 18:10:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Musik [2011.01.24 18:10:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Eigene Dateien [2011.01.24 18:10:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Bilder [2011.01.24 18:10:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Druckumgebung [2011.01.24 18:10:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Cookies [2011.01.24 18:10:48 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Anwendungsdaten [2011.01.24 18:10:48 | 000,000,000 | -HSD | C] -- C:\Users\***\Anwendungsdaten [2011.01.24 18:10:48 | 000,000,000 | -H-D | C] -- C:\Users\***\AppData [2011.01.24 18:10:48 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Temp [2011.01.24 18:10:48 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Microsoft [2011.01.24 18:10:48 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Media Center Programs [2011.01.24 18:10:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2011.01.24 18:10:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2011.01.24 18:10:31 | 000,000,000 | -HSD | C] -- C:\Recovery [2011.01.24 18:10:31 | 000,000,000 | -HSD | C] -- C:\Programme [2011.01.24 18:10:31 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien [2011.01.24 18:10:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2011.01.24 18:10:31 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2011.01.24 18:10:31 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2011.01.24 18:10:31 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2011.01.24 18:10:31 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2011.01.24 18:10:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2011.01.24 18:10:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2011.01.24 14:13:36 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\vlc [2011.01.24 10:43:07 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Microsoft Games [2011.01.24 10:42:41 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys [2011.01.24 10:42:39 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll [2011.01.24 10:42:34 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011.01.24 10:42:33 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2011.01.24 10:42:32 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2011.01.24 10:42:32 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2011.01.24 10:42:32 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2011.01.24 10:42:32 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011.01.24 10:42:32 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2011.01.24 10:42:32 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011.01.24 10:42:32 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011.01.24 10:42:32 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011.01.24 10:42:32 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2011.01.24 10:42:32 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2011.01.24 10:42:32 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2011.01.24 10:42:32 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2011.01.24 10:30:44 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011.01.24 10:30:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Cisco Systems [2011.01.24 10:30:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\McAfee [2011.01.24 02:56:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2011.01.24 02:42:44 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll [2011.01.24 02:42:44 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll [2011.01.24 02:42:44 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe [2011.01.24 02:42:44 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe [2011.01.24 02:42:44 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll [2011.01.24 02:42:44 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll [2011.01.24 02:42:44 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll [2011.01.24 02:42:44 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll [2011.01.24 02:42:40 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe [2011.01.24 02:42:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2011.01.24 02:40:51 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2011.01.24 02:40:51 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2011.01.24 02:40:51 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2011.01.24 02:40:40 | 001,736,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2011.01.24 02:40:26 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2011.01.24 02:40:26 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2011.01.24 02:40:25 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll [2011.01.24 02:40:25 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax [2011.01.24 02:40:25 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax [2011.01.24 02:40:25 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax [2011.01.24 02:40:25 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax [2011.01.24 02:40:16 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll [2011.01.24 02:40:16 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll [2011.01.24 02:40:14 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll [2011.01.24 02:40:14 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll [2011.01.24 02:40:11 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll [2011.01.24 02:40:11 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll [2011.01.24 02:40:08 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll [2011.01.24 02:40:08 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll [2011.01.24 02:40:08 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll [2011.01.24 02:40:08 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll [2011.01.24 02:40:08 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe [2011.01.24 02:40:07 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll [2011.01.24 02:40:07 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe [2011.01.24 02:40:07 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe [2011.01.24 02:39:59 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll [2011.01.24 02:39:57 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll [2011.01.24 02:39:57 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2011.01.24 02:39:57 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2011.01.24 02:39:56 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll [2011.01.24 02:39:56 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll [2011.01.24 02:39:54 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2011.01.24 02:39:54 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2011.01.24 02:39:54 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2011.01.24 02:39:54 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2011.01.24 02:39:53 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll [2011.01.24 02:39:53 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll [2011.01.24 02:39:52 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll [2011.01.24 02:39:52 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll [2011.01.24 02:39:50 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll [2011.01.24 02:39:49 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2011.01.24 02:39:38 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll [2011.01.24 02:39:37 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll [2011.01.24 02:39:35 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL [2011.01.24 02:39:35 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL [2011.01.24 02:34:34 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2011.01.24 02:27:28 | 000,000,000 | ---D | C] -- C:\OKIDATA [2011.01.24 02:27:02 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\InstallShield [2011.01.24 02:14:15 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\ElevatedDiagnostics [2011.01.24 02:12:05 | 000,000,000 | ---D | C] -- C:\eula [2011.01.22 12:16:39 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\profiles [2011.01.12 11:36:28 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Nachhilfe [2011.01.11 21:26:25 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\wg pixx [2011.01.04 15:28:06 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Uni [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.01.27 01:30:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.01.26 22:22:13 | 000,004,096 | ---- | M] () -- C:\Users\Public\Documents\00001119.LCS [2011.01.26 18:30:01 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.01.26 17:39:59 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.01.26 17:39:59 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.01.26 17:31:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.01.26 17:31:52 | 3113,254,912 | -HS- | M] () -- C:\hiberfil.sys [2011.01.26 17:27:11 | 001,500,018 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.01.26 17:27:11 | 000,654,610 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.01.26 17:27:11 | 000,616,452 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.01.26 17:27:11 | 000,130,192 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.01.26 17:27:11 | 000,106,574 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.01.24 22:25:01 | 000,001,621 | ---- | M] () -- C:\Users\***\Desktop\Drakensang.lnk [2011.01.24 19:50:39 | 000,052,224 | ---- | M] () -- C:\Users\***\Desktop\5th_lists_of_topics_taken.doc [2011.01.24 18:44:06 | 001,526,948 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.01.24 18:37:16 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat [2011.01.24 18:21:43 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2011.01.24 02:50:35 | 000,289,296 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.01.24 02:19:56 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2011.01.24 00:10:24 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2011.01.24 00:10:24 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2011.01.22 18:01:22 | 000,015,709 | ---- | M] () -- C:\Users\***\Documents\bookmarks-2011-01-22.json [2011.01.22 15:28:44 | 000,024,576 | ---- | M] () -- C:\Users\***\Documents\Popart.doc [2011.01.22 14:38:26 | 000,018,944 | ---- | M] () -- C:\Users\***\Documents\Wa(h)re Kunst.doc [2011.01.22 13:38:00 | 000,569,047 | ---- | M] () -- C:\Users\***\Documents\warenaesthetik.pdf [2011.01.21 10:43:28 | 000,051,342 | ---- | M] () -- C:\Users\***\Documents\amazon.JPG [2011.01.21 10:42:14 | 000,050,048 | ---- | M] () -- C:\Users\***\Documents\rücksendeetticket.JPG [2011.01.20 18:23:40 | 000,015,015 | ---- | M] () -- C:\Users\***\Documents\Notebook Reklamation.odt [2011.01.19 12:43:32 | 000,014,082 | ---- | M] () -- C:\Users\***\Documents\Tag-ein Tag-aus Kochen.docx [2011.01.18 15:49:18 | 007,528,448 | ---- | M] () -- C:\Users\***\Desktop\praat.exe [2011.01.15 02:21:44 | 000,015,397 | ---- | M] () -- C:\Users\***\Documents\Knilch.docx [2011.01.15 02:08:24 | 000,041,953 | ---- | M] () -- C:\Users\***\Documents\Adjektivliste.pdf [2011.01.14 16:30:52 | 000,195,148 | ---- | M] () -- C:\Users\***\Documents\elchfürgroß.jpg [2011.01.13 09:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2011.01.13 09:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2011.01.13 09:47:23 | 000,237,168 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011.01.13 09:41:44 | 000,273,488 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2011.01.13 09:40:20 | 000,051,792 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2011.01.13 09:37:34 | 000,029,264 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2011.01.13 09:37:23 | 000,062,032 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2011.01.13 09:37:12 | 000,020,560 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2011.01.12 11:18:14 | 000,016,573 | ---- | M] () -- C:\Users\***\Documents\WG-Kasse.docx [2011.01.10 19:57:50 | 000,004,096 | ---- | M] () -- C:\Users\***\Documents\00001119.LCS [2011.01.07 19:50:36 | 000,966,144 | ---- | M] () -- C:\Users\***\Documents\Unbenannt 1.ppt [2011.01.07 18:18:22 | 000,014,346 | ---- | M] () -- C:\Users\***\Documents\Since I want to be a teacher.docx [2011.01.02 23:14:22 | 000,004,096 | ---- | M] () -- C:\Users\***\Documents\00001539.LCS [2010.12.29 16:41:36 | 001,904,614 | ---- | M] () -- C:\Users\***\Documents\img002.jpg [2010.12.29 16:39:50 | 001,708,030 | ---- | M] () -- C:\Users\***\Documents\img001.jpg [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.01.24 22:27:36 | 000,004,096 | ---- | C] () -- C:\Users\Public\Documents\00001119.LCS [2011.01.24 22:25:01 | 000,001,621 | ---- | C] () -- C:\Users\***\Desktop\Drakensang.lnk [2011.01.24 19:46:23 | 007,528,448 | ---- | C] () -- C:\Users\***\Desktop\praat.exe [2011.01.24 19:29:27 | 000,052,224 | ---- | C] () -- C:\Users\***\Desktop\5th_lists_of_topics_taken.doc [2011.01.24 18:45:52 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.01.24 18:37:16 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2011.01.24 18:25:04 | 000,001,108 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.01.24 18:25:04 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.01.24 18:21:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2011.01.24 18:12:57 | 000,001,413 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2011.01.24 18:12:52 | 000,001,447 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2011.01.24 02:19:56 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2011.01.22 15:28:42 | 000,024,576 | ---- | C] () -- C:\Users\***\Documents\Popart.doc [2011.01.22 14:38:20 | 000,018,944 | ---- | C] () -- C:\Users\***\Documents\Wa(h)re Kunst.doc [2011.01.22 14:08:38 | 000,015,709 | ---- | C] () -- C:\Users\***\Documents\bookmarks-2011-01-22.json [2011.01.22 13:37:59 | 000,569,047 | ---- | C] () -- C:\Users\***\Documents\warenaesthetik.pdf [2011.01.21 10:43:27 | 000,051,342 | ---- | C] () -- C:\Users\***\Documents\amazon.JPG [2011.01.21 10:42:11 | 000,050,048 | ---- | C] () -- C:\Users\***\Documents\rücksendeetticket.JPG [2011.01.20 18:23:37 | 000,015,015 | ---- | C] () -- C:\Users\***\Documents\Notebook Reklamation.odt [2011.01.19 12:43:31 | 000,014,082 | ---- | C] () -- C:\Users\***\Documents\Tag-ein Tag-aus Kochen.docx [2011.01.15 02:21:41 | 000,015,397 | ---- | C] () -- C:\Users\***\Documents\Knilch.docx [2011.01.15 02:08:22 | 000,041,953 | ---- | C] () -- C:\Users\***\Documents\Adjektivliste.pdf [2011.01.14 16:30:50 | 000,195,148 | ---- | C] () -- C:\Users\***\Documents\elchfürgroß.jpg [2011.01.12 11:18:11 | 000,016,573 | ---- | C] () -- C:\Users\***\Documents\WG-Kasse.docx [2011.01.07 19:29:48 | 000,966,144 | ---- | C] () -- C:\Users\***\Documents\Unbenannt 1.ppt [2011.01.07 18:18:19 | 000,014,346 | ---- | C] () -- C:\Users\***\Documents\Since I want to be a teacher.docx [2011.01.02 23:14:21 | 000,004,096 | ---- | C] () -- C:\Users\***\Documents\00001539.LCS [2010.12.29 17:04:30 | 000,004,096 | ---- | C] () -- C:\Users\***\Documents\00001119.LCS [2010.12.29 16:41:07 | 001,904,614 | ---- | C] () -- C:\Users\***\Documents\img002.jpg [2010.12.29 16:39:47 | 001,708,030 | ---- | C] () -- C:\Users\***\Documents\img001.jpg [2010.10.10 00:02:30 | 000,000,637 | ---- | C] () -- C:\Windows\AutoSetFrequency.ini [2010.10.10 00:02:30 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini [2010.07.13 12:45:37 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe [2010.07.13 12:16:01 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.dll [2010.05.25 19:43:14 | 003,099,136 | ---- | C] () -- C:\Program Files (x86)\openofficeorg32.msi [2010.05.25 19:41:42 | 000,460,088 | ---- | C] () -- C:\Program Files (x86)\setup.exe [2010.05.25 19:40:04 | 145,988,770 | ---- | C] () -- C:\Program Files (x86)\openofficeorg1.cab [2010.05.25 18:46:20 | 000,000,290 | ---- | C] () -- C:\Program Files (x86)\setup.ini [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 27.01.2011 01:47:16 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\***\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284,99 Gb Total Space | 232,79 Gb Free Space | 81,68% Space Free | Partition Type: NTFS
Drive D: | 4,22 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: MOOSE-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9EA64B79-30A1-F52E-D801-B07CF05FFFAF}" = ccc-utility64
"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller
"{D8DACA27-C2D9-9E8E-A8A5-A10E0C670D01}" = ATI Catalyst Install Manager
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"EPSON SX218 Series" = Druckerdeinstallation für EPSON SX218 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{016095EE-5BB3-791C-A558-06412FF78691}" = CCC Help Russian
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{10F4A085-EA81-594B-C0B8-ADF013D26B8E}" = CCC Help Turkish
"{14EC371D-145C-9AC3-B3A8-EA90C6B0325E}" = PX Profile Update
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1942E836-414C-4414-672B-93FCC8CC18AB}" = CCC Help Danish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{284AE43C-30E4-B57E-A234-05496D05AB68}" = Catalyst Control Center Graphics Previews Vista
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{32354BAB-8BAE-7189-6E3F-922D47292D3D}" = CCC Help Czech
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4E242AB2-86A7-4231-82A9-1E4226D23CA8}" = Catalyst Control Center - Branding
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5735A865-CD31-5788-DA38-AAB06EAED9F4}" = CCC Help Hungarian
"{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1" = Acer GameZone Console
"{5901E428-EC91-71EE-BA56-9417E40BE182}" = ccc-core-static
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60AA5155-39C7-14AA-FB4B-489B1C8DE9A1}" = CCC Help Chinese Traditional
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{72449E65-4852-2FD9-F603-D77E39DD3CF6}" = CCC Help Finnish
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7703542C-3842-C5EE-2452-B006F441A162}" = CCC Help Polish
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{7F529418-344D-3792-F7B6-04EB805F5931}" = CCC Help English
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}" = Spin & Win
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111355427}" = Poker Pop
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}" = Airport Mania First Flight
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{91F29ED6-6C82-F83D-BF8D-3E67D18E7249}" = Catalyst Control Center Localization All
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{990EEE1A-4D64-16AF-A944-AD97AE080D26}" = CCC Help German
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A98031B-0A1A-AFDC-87F4-AAFDC1E97B7D}" = CCC Help Portuguese
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{AEAA9D8A-A347-0FC4-5CAF-D9F2236FCF49}" = CCC Help French
"{AEB43F42-8F9D-DBD8-0B11-941CC27C174A}" = CCC Help Norwegian
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C2EE73BE-CD73-6EC9-A5A0-0E080A60A00E}" = CCC Help Chinese Standard
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CFCF4223-BC7B-110C-4E19-5FF025721C4B}" = CCC Help Spanish
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E17D581A-6949-6A53-7A18-E80C6BDCC800}" = CCC Help Italian
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E327C2A5-E236-44C4-A410-B899403A49A9}" = B400 Series PCL Driver from OKI® Printing Solutions for Windows
"{E96D1A04-B0B4-0788-D70F-0A9BB9C503BD}" = CCC Help Korean
"{EB5E21BC-AC56-A45D-5593-A1C55A380677}" = CCC Help Swedish
"{ECEDC447-3EED-6F90-CB39-0A49BD2D63DE}" = CCC Help Thai
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EF45FBBD-3CE8-698B-AC44-C693468F53D3}" = CCC Help Greek
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F47BEA79-07F3-5602-76B4-B9B9042269A1}" = Catalyst Control Center InstallProxy
"{F73D3B6A-4E5F-E93D-C7C3-65DE80BEE0E7}" = CCC Help Dutch
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint
"{F9D7691A-E3CD-EF15-DE38-EDF0BB1E345F}" = CCC Help Japanese
"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast5" = avast! Free Antivirus
"DivX Setup.divx.com" = DivX-Setup
"Drakensang_is1" = Drakensang
"EPSON Scanner" = EPSON Scan
"EPSON SX218 Series Manual" = EPSON SX218 Series Handbuch
"Free Studio_is1" = Free Studio version 5.0.3
"Identity Card" = Identity Card
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.5
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 09.10.2010 19:26:07 | Computer Name = WIN-NVBHH7O40QV | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Windows Live\Photo Gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 09.10.2010 19:26:07 | Computer Name = WIN-NVBHH7O40QV | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Windows Live\Photo Gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
[ System Events ]
Error - 23.01.2011 21:19:52 | Computer Name = ***-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
Error - 23.01.2011 21:19:53 | Computer Name = ***-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
Error - 23.01.2011 21:19:53 | Computer Name = ***-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
< End of report >
Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 5612 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 27.01.2011 02:12:36 mbam-log-2011-01-27 (02-12-36).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Durchsuchte Objekte: 256967 Laufzeit: 23 Minute(n), 40 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
27.01.2011, 09:40
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win7 verlangt Passwort obwohl keins gesetzt ist. Trojaner? Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.01.2011, 10:56
| #9 |
| | Win7 verlangt Passwort obwohl keins gesetzt ist. Trojaner? nein, da gibt es keine anderen logfiles. Nur eine Kopie, die ich vom logfile erstellt habe. Beide sind da drin, beide haben das gleiche datum und kennungsnummern. sorry,.... hatte das programm ja vorher nocht nicht, wie soll es dann logfiles erstellen? |
|
28.01.2011, 11:01
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win7 verlangt Passwort obwohl keins gesetzt ist. Trojaner? Sieht unauffällig aus. Definiere für den User mal ein Passwort, benutz nicht das leere Passwort und schau nach, ob sich das wieder "von allein"  ändert. (was ich nicht wirklich glauben kann, von allein ändern sich Passwörter nicht)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.01.2011, 11:14
| #11 |
| | Win7 verlangt Passwort obwohl keins gesetzt ist. Trojaner? Danke für die Auswertung. Ich weiß selber, dass Windows (egal wie viel darüber von andern gemeckert wird) nicht selbstständig passwörter erstellt. kann ja nur sein, dass irgendeiner sich bei mir ab und an "einhackt" aus welchem grund auch immer, denn hier gibts nix zu holen. erstelle jetzt selber ein passwort, habe eine firewall installiert und noscript und adblock... vielleicht klappts ja dann.... Danke |
|
28.01.2011, 13:42
| #12 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win7 verlangt Passwort obwohl keins gesetzt ist. Trojaner?Zitat:
Zitat:
 Verwende die Windows-Firewall und einen DSL-Router nach Möglichkeit.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.01.2011, 22:40
| #13 |
| | Win7 verlangt Passwort obwohl keins gesetzt ist. Trojaner? jetzt ging das alles bis heute gut und dann: kam ein Bluescreen,.... das ominöse windows update, dass den bluescreen bei einigen verursacht hab ich gar nicht, details dazu hier: Problemsignatur: Problemereignisname: BlueScreen Betriebsystemversion: 6.1.7600.2.0.0.768.3 Gebietsschema-ID: 1031 Zusatzinformationen zum Problem: BCCode: 7f BCP1: 0000000000000008 BCP2: 0000000080050033 BCP3: 00000000000006F8 BCP4: FFFFF80002E49EC0 OS Version: 6_1_7600 Service Pack: 0_0 Product: 768_1 Dateien, die bei der Beschreibung des Problems hilfreich sind: C:\Windows\Minidump\013111-20248-01.dmp C:\Users\***\AppData\Local\Temp\WER-52385-0.sysdata.xml Was heißt das? |
|
31.01.2011, 22:43
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win7 verlangt Passwort obwohl keins gesetzt ist. Trojaner? Die Meldung ist nichtssagend. Was genau hast du alles davor gemacht?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.01.2011, 23:06
| #15 |
| | Win7 verlangt Passwort obwohl keins gesetzt ist. Trojaner? ich hab so ein freeware spiel runtergeladen,... während ich das gespielt habe, ist es zum ersten mal blau geworden,... hab eine systemwiederherstellung versucht, die ist beim 1. Mal fehlgeschlagen, weil angeblich das virenprogramm die durchführung stört. Virenprogramm ausgeschaltet und nochmal versucht. Wieder nicht geklappt. Dann habe ich das malwareprogramm noch mal scannen lassen, aber auch dabei wurd es wieder blau, also kein ergebnis. |
|
| Themen zu Win7 verlangt Passwort obwohl keins gesetzt ist. Trojaner? |
| auswertung, avast, avast!, gelöscht, hijack, laptop, linux, neu, neue, neue laptop, nicht mehr, notebook, passwort, passwörter, problem, programme, scan, stick, system, trojaner, trojaner?, updates, usb, usb stick, win, win7, windows |
Linear-Darstellung
