| |
| |||||||
Log-Analyse und Auswertung: White Screen, "... warten Sie, während die Verbindung hergestellt wird" Windows VistaWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
25.03.2012, 19:32
| #1 |
| |  White Screen, "... warten Sie, während die Verbindung hergestellt wird" Windows Vista Hallo, ich habe hier einen Laptop von einem Freund. Der kann seit ca. 2 Wochen nicht ins Internet und hat mir seinen Laptop heute hier gelassen. Tja, nun habe ich festgestellt, dass er das selbe Problem hat wie viele andere hier, wie ich bereits gelesen habe. Weisser Bildschirm nach dem Hochfahren und dann der "Bitte warten Sie..." Text auf Englisch und auf Deutsch. Im abgesicherten Modus genau das gleiche. Ich bitte nun um Hilfe. Code:
ATTFilter OTL logfile created on: 3/25/2012 9:16:52 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 1 (Version = 6.0.6001) - Type = System
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 30.76 Gb Total Space | 1.18 Gb Free Space | 3.84% Space Free | Partition Type: NTFS
Drive D: | 298.09 Gb Total Space | 257.60 Gb Free Space | 86.42% Space Free | Partition Type: NTFS
Drive F: | 249.60 Gb Total Space | 242.36 Gb Free Space | 97.10% Space Free | Partition Type: NTFS
Drive G: | 3.72 Gb Total Space | 2.92 Gb Free Space | 78.43% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
========== Win32 Services (SafeList) ==========
SRV - [2009/06/22 09:21:58 | 000,304,592 | ---- | M] () [Auto] -- D:\Windows\system programy\WTGService.exe -- (WTGService)
SRV - [2009/06/17 06:28:08 | 000,125,200 | R--- | M] (4G Systems GmbH & Co. KG) [Auto] -- C:\Windows\service4g.exe -- (XS Stick Service)
SRV - [2008/11/12 03:27:46 | 003,602,432 | ---- | M] () [Auto] -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2008/10/15 08:31:53 | 000,068,865 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler)
SRV - [2008/10/15 08:30:02 | 000,151,297 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService)
SRV - [2008/06/02 04:25:40 | 000,024,576 | ---- | M] () [Auto] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008/05/14 11:05:30 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008/04/20 12:30:20 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/10 12:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) [Auto] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2007/12/06 10:15:28 | 000,110,592 | ---- | M] () [Auto] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (upperdev)
DRV - File not found [Kernel | On_Demand] -- -- (pccsmcfd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - File not found [Kernel | On_Demand] -- -- (hwdatacard)
DRV - File not found [Kernel | On_Demand] -- -- (cpuz132)
DRV - [2009/05/27 09:49:56 | 000,075,096 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/05/27 09:49:53 | 000,052,056 | ---- | M] (Avira GmbH) [File_System | On_Demand] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt)
DRV - [2009/05/27 09:49:51 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio)
DRV - [2008/11/12 03:27:41 | 000,042,608 | ---- | M] (Alfa Corporation) [File_System | Boot] -- C:\Windows\System32\drivers\AlfaFF.sys -- (AlfaFF)
DRV - [2008/10/31 10:19:38 | 000,103,424 | ---- | M] (Mobile Connector) [Kernel | On_Demand] -- C:\Windows\System32\drivers\cmnsusbser.sys -- (cmnsusbser)
DRV - [2008/07/18 12:23:00 | 007,545,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/06/25 01:05:06 | 000,044,064 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008/06/02 04:20:12 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008/05/19 12:23:00 | 000,047,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\L1E60x86.sys -- (L1E)
DRV - [2008/05/04 21:05:00 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2007/10/18 18:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/03/28 01:51:40 | 000,043,008 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\winbondcir.sys -- (winbondcir)
DRV - [2007/03/01 04:34:22 | 000,028,352 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1108&m=aspire_6930g
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1108&m=aspire_6930g
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Acer_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1108&m=aspire_6930g
IE - HKU\Acer_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKU\Acer_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Acer_ON_C\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com [binary data]
IE - HKU\Acer_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.imesh.com/
IE - HKU\Acer_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Acer_ON_C\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - Reg Error: Key error. File not found
IE - HKU\Acer_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Winamp Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query="
FF - prefs.js..browser.search.selectedEngine: "Winamp Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.pl/"
FF - prefs.js..extensions.enabledItems: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4}:3.8.1.0
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledItems: pl@dictionaries.addons.mozilla.org:1.0.20110621
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..keyword.URL: "hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/13 10:50:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/13 10:50:06 | 000,000,000 | ---D | M]
[2011/09/04 13:52:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\Mozilla\Extensions
[2012/03/13 12:35:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\j98fuqw2.default\extensions
[2010/04/28 06:15:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\j98fuqw2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/09/04 13:52:30 | 000,000,000 | ---D | M] (MediaBar) -- C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\j98fuqw2.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
[2011/12/16 13:37:22 | 000,000,000 | ---D | M] (BittorrentBar_DE Community Toolbar) -- C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\j98fuqw2.default\extensions\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}
[2011/03/13 15:48:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\j98fuqw2.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
[2011/12/16 13:37:22 | 000,000,000 | ---D | M] (Polski slownik poprawnej pisowni) -- C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\j98fuqw2.default\extensions\pl@dictionaries.addons.mozilla.org
[2008/12/14 09:18:39 | 000,002,139 | ---- | M] () -- C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\j98fuqw2.default\searchplugins\MyStart Search.xml
[2011/09/04 13:52:20 | 000,002,503 | ---- | M] () -- C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\j98fuqw2.default\searchplugins\SearchResults.xml
[2009/08/04 13:20:24 | 000,001,196 | ---- | M] () -- C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\j98fuqw2.default\searchplugins\winamp-search.xml
[2011/09/04 13:52:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/09/04 13:52:38 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES\IMESH APPLICATIONS\MEDIABAR\DATAMNGR\FIREFOXEXTENSION
[2009/12/14 15:53:52 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD\FIREFOX\EXT
[2010/08/24 05:31:30 | 000,773,120 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2009/03/06 16:18:06 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2009/03/06 16:18:06 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2009/03/06 16:18:06 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/09/04 13:52:20 | 000,002,503 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2009/03/06 16:18:06 | 000,000,986 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2009/03/06 16:18:06 | 000,000,801 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files\iMesh Applications\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - File not found
O3 - HKLM\..\Toolbar: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files\iMesh Applications\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\Acer_ON_C\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe (iMesh, Inc)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [starter4g] C:\Windows\starter4g.exe (4G Systems GmbH & Co. KG)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
O4 - HKU\Acer_ON_C..\Run: [BitTorrent] File not found
O4 - HKU\Acer_ON_C..\Run: [Gadu-Gadu 10] File not found
O4 - HKU\Acer_ON_C..\Run: [K3aRyluP6SiCkoR] C:\Users\Acer\AppData\Roaming\flint4ytw.exe (All Alex,Inc)
O4 - HKU\Acer_ON_C..\Run: [Kookos] C:\Users\Acer\Kookos\kookos.exe ()
O4 - HKU\Acer_ON_C..\Run: [msnmsgr] File not found
O4 - HKU\Acer_ON_C..\Run: [Orb] File not found
O4 - HKU\Acer_ON_C..\Run: [xpPathRpl] File not found
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [RealUpgradeHelper] C:\Program Files\Common Files\Real\Update_OB\upgrdhlp.exe (RealNetworks, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKU\Acer_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\Acer_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\Acer_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll) - C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngr.dll (iMesh, Inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) - C:\Program Files\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\Acer_ON_C Winlogon: Shell - (C:\Users\Acer\AppData\Roaming\flint4ytw.exe) - C:\Users\Acer\AppData\Roaming\flint4ytw.exe (All Alex,Inc)
O20 - HKU\Acer_ON_C Winlogon: UserInit - (C:\Users\Acer\AppData\Roaming\flint4ytw.exe) - C:\Users\Acer\AppData\Roaming\flint4ytw.exe (All Alex,Inc)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O20 - Winlogon\Notify\spba: DllName - C:\Program Files\Common Files\SPBA\homefus2.dll - C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/10/27 07:03:08 | 000,000,000 | ---D | M] - D:\Autorun -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{1bfd0e53-0d82-11de-9514-001e68dc4223}\Shell - "" = AutoRun
O33 - MountPoints2\{1bfd0e53-0d82-11de-9514-001e68dc4223}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{1bfd0e65-0d82-11de-9514-001e68dc4223}\Shell - "" = AutoRun
O33 - MountPoints2\{1bfd0e65-0d82-11de-9514-001e68dc4223}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{1bfd0e66-0d82-11de-9514-001e68dc4223}\Shell - "" = AutoRun
O33 - MountPoints2\{1bfd0e66-0d82-11de-9514-001e68dc4223}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{1bfd0e6b-0d82-11de-9514-001e68dc4223}\Shell - "" = AutoRun
O33 - MountPoints2\{1bfd0e6b-0d82-11de-9514-001e68dc4223}\Shell\AutoRun\command - "" = H:\setup.exe
O33 - MountPoints2\{244a7e1e-d93e-11e0-b28b-d1cfbbdb0811}\Shell - "" = AutoRun
O33 - MountPoints2\{244a7e1e-d93e-11e0-b28b-d1cfbbdb0811}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{3d7e54c4-c87c-11dd-bb74-001e68dc4223}\Shell - "" = AutoRun
O33 - MountPoints2\{3d7e54c4-c87c-11dd-bb74-001e68dc4223}\Shell\AutoRun\command - "" = F:\pushinst.exe
O33 - MountPoints2\{595e72f8-52ee-11df-afac-001e68dc4223}\Shell - "" = AutoRun
O33 - MountPoints2\{595e72f8-52ee-11df-afac-001e68dc4223}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{a69ce6a3-b087-11dd-949a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a69ce6a3-b087-11dd-949a-806e6f6e6963}\Shell\AutoRun\command - "" = G:\start.exe
O33 - MountPoints2\{d0435ce3-d93b-11e0-86d9-be0a728de413}\Shell - "" = AutoRun
O33 - MountPoints2\{d0435ce3-d93b-11e0-86d9-be0a728de413}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{d0435ce5-d93b-11e0-86d9-be0a728de413}\Shell - "" = AutoRun
O33 - MountPoints2\{d0435ce5-d93b-11e0-86d9-be0a728de413}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{f6fca30d-462a-11de-bd54-001e68dc4223}\Shell - "" = AutoRun
O33 - MountPoints2\{f6fca30d-462a-11de-bd54-001e68dc4223}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{fe6ee880-3bfc-11de-9499-001e68dc4223}\Shell - "" = AutoRun
O33 - MountPoints2\{fe6ee880-3bfc-11de-9499-001e68dc4223}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/03/14 07:01:03 | 000,308,224 | ---- | C] (All Alex,Inc) -- C:\Users\Acer\AppData\Roaming\flint4ytw.exe
[2008/07/22 04:01:25 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[1 C:\Users\Acer\Desktop\*.tmp files -> C:\Users\Acer\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/03/25 13:51:11 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/25 13:25:14 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/25 13:25:13 | 000,092,840 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/03/25 13:25:05 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/25 13:25:05 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/25 13:25:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/18 12:48:31 | 000,000,472 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Acer.job
[2012/03/14 07:01:03 | 000,308,224 | ---- | M] (All Alex,Inc) -- C:\Users\Acer\AppData\Roaming\flint4ytw.exe
[2012/03/13 04:10:56 | 000,000,302 | ---- | M] () -- C:\Users\Acer\AppData\Roaming\wklnhst.dat
[2012/02/29 15:29:44 | 000,091,175 | ---- | M] () -- C:\Users\Acer\Documents\41450405_500_s.jpg
[2012/02/29 15:29:18 | 000,138,326 | ---- | M] () -- C:\Users\Acer\Documents\61892842_500_s.jpg
[2012/02/29 15:28:54 | 000,104,082 | ---- | M] () -- C:\Users\Acer\Documents\41471158_500_s.jpg
[1 C:\Users\Acer\Desktop\*.tmp files -> C:\Users\Acer\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/02/29 15:29:41 | 000,091,175 | ---- | C] () -- C:\Users\Acer\Documents\41450405_500_s.jpg
[2012/02/29 15:29:13 | 000,138,326 | ---- | C] () -- C:\Users\Acer\Documents\61892842_500_s.jpg
[2012/02/29 15:28:50 | 000,104,082 | ---- | C] () -- C:\Users\Acer\Documents\41471158_500_s.jpg
[2011/11/28 16:04:19 | 000,002,432 | ---- | C] () -- C:\Users\Acer\AppData\Local\TemphL3396.html
[2011/11/28 16:04:19 | 000,002,089 | ---- | C] () -- C:\Users\Acer\AppData\Local\TempAh3396.html
[2011/11/22 10:20:23 | 000,002,432 | ---- | C] () -- C:\Users\Acer\AppData\Local\Tempvw4744.html
[2011/11/22 10:20:23 | 000,002,089 | ---- | C] () -- C:\Users\Acer\AppData\Local\TempaN4744.html
[2011/11/18 07:40:17 | 000,002,432 | ---- | C] () -- C:\Users\Acer\AppData\Local\TempJb2868.html
[2011/11/18 07:40:17 | 000,002,089 | ---- | C] () -- C:\Users\Acer\AppData\Local\TempmP2868.html
[2011/09/13 15:10:23 | 000,002,432 | ---- | C] () -- C:\Users\Acer\AppData\Local\Tempnu4740.html
[2011/09/13 15:10:23 | 000,002,089 | ---- | C] () -- C:\Users\Acer\AppData\Local\TempwL4740.html
[2011/09/13 15:06:53 | 000,002,432 | ---- | C] () -- C:\Users\Acer\AppData\Local\TempCg5420.html
[2011/09/13 15:06:53 | 000,002,089 | ---- | C] () -- C:\Users\Acer\AppData\Local\TempdV5420.html
[2011/08/03 11:22:09 | 000,000,214 | ---- | C] () -- C:\Windows\wininit.ini
[2011/06/25 07:10:08 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08b.dat
[2011/06/25 07:05:11 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011/06/03 16:04:03 | 000,000,995 | ---- | C] () -- C:\Windows\DeutschTranslator.INI
[2011/05/25 12:48:37 | 000,000,090 | ---- | C] () -- C:\Users\Acer\AppData\Roaming\XTDocSettings_dt.ini
[2010/05/09 11:57:02 | 000,000,531 | ---- | C] () -- C:\Windows\vsp.ini
[2010/05/02 11:35:47 | 000,005,608 | ---- | C] () -- C:\Users\Acer\AppData\Roaming\WTGAddresses.dat
[2010/04/29 16:28:04 | 000,000,952 | ---- | C] () -- C:\Users\Acer\AppData\Roaming\mobile.trf
[2010/04/29 16:01:59 | 000,000,926 | ---- | C] () -- C:\Users\Acer\AppData\Roaming\WTGSMS.dat
[2010/04/14 08:36:18 | 000,000,050 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010/03/21 10:47:38 | 000,002,299 | ---- | C] () -- C:\Users\Acer\AppData\Roaming\acervcmtmp.ini
[2010/03/12 15:00:20 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2010/03/12 03:08:15 | 000,000,441 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010/03/10 15:23:44 | 000,000,818 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2010/03/10 15:23:44 | 000,000,159 | ---- | C] () -- C:\Windows\brpcfx.ini
[2010/03/10 15:23:44 | 000,000,065 | ---- | C] () -- C:\Windows\System32\bd7320.dat
[2010/03/10 15:20:04 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2010/03/10 15:20:03 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll
[2010/03/10 15:18:52 | 000,031,664 | ---- | C] () -- C:\Windows\maxlink.ini
[2009/08/17 12:23:09 | 000,000,736 | ---- | C] () -- C:\Windows\SamsungMaster.INI
[2009/07/27 16:31:50 | 000,000,018 | ---- | C] () -- C:\Users\Acer\AppData\Roaming\sys386lk.dat
[2009/07/27 16:29:38 | 000,000,010 | ---- | C] () -- C:\Users\Acer\AppData\Roaming\hhxprot4
[2009/03/09 14:50:57 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/01/23 18:25:21 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2009/01/23 18:25:21 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2009/01/23 18:25:21 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2009/01/23 18:25:21 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2009/01/23 18:25:21 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2009/01/23 18:25:21 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2009/01/23 18:25:21 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2009/01/23 18:25:21 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2009/01/23 18:25:21 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2009/01/23 18:25:21 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2009/01/23 18:25:21 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2009/01/23 18:25:21 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2009/01/23 18:25:21 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2009/01/23 18:25:21 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2009/01/23 18:25:21 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2009/01/23 18:25:21 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2009/01/23 18:25:21 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2009/01/23 18:25:21 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2009/01/23 18:25:21 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009/01/23 18:19:09 | 000,000,027 | ---- | C] () -- C:\Windows\CDE DX4000EFDG.ini
[2008/12/17 12:35:14 | 000,000,302 | ---- | C] () -- C:\Users\Acer\AppData\Roaming\wklnhst.dat
[2008/12/14 15:20:48 | 000,000,966 | ---- | C] () -- C:\Windows\VPlayer.INI
[2008/12/14 15:12:33 | 000,002,098 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2008/12/14 15:12:33 | 000,000,056 | RHS- | C] () -- C:\Windows\System32\6D116FA846.sys
[2008/12/14 15:00:43 | 000,007,592 | ---- | C] () -- C:\Users\Acer\AppData\Local\d3d9caps.dat
[2008/12/14 10:30:25 | 000,000,050 | ---- | C] () -- C:\Windows\Winamp.ini
[2008/12/14 10:30:05 | 000,000,041 | ---- | C] () -- C:\Windows\winampa.ini
[2008/12/14 07:59:31 | 000,008,704 | ---- | C] () -- C:\Windows\System32\vidccleaner.exe
[2008/12/14 07:58:42 | 000,729,088 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008/12/14 07:58:42 | 000,163,840 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008/12/13 15:38:28 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2008/12/13 08:18:54 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008/12/13 08:18:54 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/12/13 07:51:13 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008/12/12 15:07:30 | 000,092,840 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008/12/12 15:07:12 | 000,092,840 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008/12/12 14:46:59 | 000,096,768 | ---- | C] () -- C:\Users\Acer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/12 03:28:07 | 000,118,784 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll
[2008/11/12 03:16:26 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2008/11/12 03:16:26 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2008/11/12 03:16:25 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2008/07/30 06:19:21 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/07/29 22:13:17 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008/07/29 22:13:17 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008/07/29 21:47:56 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll
[2008/07/29 21:42:04 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008/07/29 21:25:14 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008/07/29 21:25:14 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2008/07/29 21:25:14 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2008/07/29 21:25:14 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2008/01/21 03:15:58 | 000,618,442 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008/01/21 03:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008/01/21 03:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008/01/21 03:15:58 | 000,004,934 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,299,472 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,582,484 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,096,748 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/12/15 01:17:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\EPSPTDV.DLL
[2004/08/09 02:00:42 | 000,000,114 | ---- | C] () -- C:\Windows\System32\BRLMW03A.INI
[2004/07/12 17:07:21 | 003,375,104 | ---- | C] () -- C:\Windows\System32\qt-mt331.dll
[2002/09/17 18:45:00 | 000,119,808 | ---- | C] () -- C:\Windows\lsb_un20.exe
[2002/04/01 18:29:28 | 000,143,360 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2002/04/01 18:16:30 | 000,454,656 | ---- | C] () -- C:\Windows\System32\VorbisEnc.dll
[2002/04/01 18:16:14 | 000,118,784 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2002/04/01 18:15:40 | 000,011,264 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2002/02/21 12:41:20 | 000,157,184 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2002/01/20 08:26:36 | 000,073,728 | ---- | C] () -- C:\Windows\System32\SimpleResize.dll
[2001/12/26 10:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/10/25 10:53:24 | 000,196,608 | ---- | C] () -- C:\Windows\System32\avisynth.dll
[2001/09/03 17:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 10:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/23 16:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[2001/06/22 07:06:02 | 000,167,936 | ---- | C] () -- C:\Windows\System32\MPEG2DEC.dll
[1999/01/26 17:00:00 | 000,114,816 | ---- | C] () -- C:\Windows\System32\MSMT4232.DLL
========== LOP Check ==========
[2010/03/08 03:06:20 | 000,000,000 | -HSD | M] -- C:\Users\Acer\AppData\Roaming\.#
[2009/07/27 16:31:50 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\10-Sekunden-Haushaltsbuch
[2011/05/21 13:16:05 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\965287
[2008/07/29 22:10:28 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Acer GameZone Console
[2011/03/13 14:51:14 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\BitComet
[2009/03/21 17:18:33 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Datalayer
[2011/10/27 07:08:17 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\DeepBurner
[2009/05/09 17:44:52 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\EPSON
[2008/12/13 14:35:33 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\eSobi
[2008/12/17 06:19:58 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Gadu-Gadu
[2011/08/21 17:59:48 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Gadu-Gadu 10
[2011/02/21 12:29:13 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\ipla
[2009/01/27 11:33:51 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Leadertech
[2011/09/04 13:52:20 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\MusicNet
[2010/03/07 11:04:50 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\NCH Swift Sound
[2009/04/26 14:04:40 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Nokia
[2009/09/22 04:54:49 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Nowe Gadu-Gadu
[2009/04/26 06:11:47 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Nseries
[2009/07/27 15:37:11 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\OpenFM
[2009/04/26 06:16:07 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\PC Suite
[2011/07/18 13:15:28 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\PC-FAX TX
[2011/02/26 06:52:03 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\PhotoFiltre
[2010/12/06 06:57:46 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\RDRM
[2009/08/13 03:27:45 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Recordpad
[2010/04/28 06:18:33 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\ScanSoft
[2010/12/06 02:49:04 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\system programy
[2008/12/17 12:35:15 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Template
[2010/04/29 16:04:32 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Upgrades
[2009/03/10 11:03:14 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\Vodafone
[2008/12/10 06:47:00 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2011/09/05 05:46:07 | 000,000,000 | ---D | M] -- C:\ProgramData\boost_interprocess
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2008/12/10 06:47:00 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2011/03/13 11:04:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Downloaded Installations
[2008/12/13 07:56:16 | 000,000,000 | ---D | M] -- C:\ProgramData\eSobi
[2008/12/10 06:47:00 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2008/07/29 21:59:41 | 000,000,000 | ---D | M] -- C:\ProgramData\FloodLightGames
[2010/03/10 16:06:23 | 000,000,000 | ---D | M] -- C:\ProgramData\Gadu-Gadu 10
[2009/03/21 15:39:01 | 000,000,000 | ---D | M] -- C:\ProgramData\Installations
[2011/01/21 06:58:50 | 000,000,000 | ---D | M] -- C:\ProgramData\ipla
[2010/08/29 04:38:43 | 000,000,000 | ---D | M] -- C:\ProgramData\NCH Swift Sound
[2011/08/13 15:01:50 | 000,000,000 | ---D | M] -- C:\ProgramData\OpenFM
[2008/12/26 07:51:33 | 000,000,000 | ---D | M] -- C:\ProgramData\OrbNetworks
[2010/08/14 06:13:33 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Drivers HeadQuarters
[2009/03/21 17:07:47 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Suite
[2011/02/15 09:40:12 | 000,000,000 | ---D | M] -- C:\ProgramData\ScanSoft
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2008/12/10 06:47:00 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2009/09/13 13:33:54 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp
[2006/11/02 09:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2010/08/14 06:16:12 | 000,000,000 | ---D | M] -- C:\ProgramData\UAB
[2009/01/23 18:29:56 | 000,000,000 | ---D | M] -- C:\ProgramData\UDL
[2008/11/12 03:27:21 | 000,000,000 | ---D | M] -- C:\ProgramData\UIB
[2009/03/10 11:02:51 | 000,000,000 | ---D | M] -- C:\ProgramData\Vodafone
[2008/12/10 06:47:00 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2009/08/10 10:41:08 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch
[2012/01/21 13:51:13 | 000,000,000 | ---D | M] -- C:\ProgramData\Xerox
[2008/07/29 22:22:33 | 000,000,000 | ---D | M] -- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2012/03/23 05:44:36 | 000,032,606 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:FA5F15C4
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:DFC5A2B2
< End of report >
Jurben |
| Themen zu White Screen, "... warten Sie, während die Verbindung hergestellt wird" Windows Vista |
| alternate, antivir, autorun, avira, bho, bildschirm, bitte warten, defender, disabletaskmgr, download, error, explorer, firefox, format, home, internet, launch, logfile, microsoft, mystart, nvidia, popup, problem, realtek, registry, scan, security scan, software, stick, vista, white, white screen, windows |
Baum-Darstellung