| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: BOO/Sinowal.F in MasterbootsektorWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.07.2011, 21:27
| #1 | ||
 |  BOO/Sinowal.F in Masterbootsektor Ich habe wie der Titel schon sagt ein Sinowal-F Problem. Jedenfalls behauptet Antivir das ich es in Masterbotsektor 1 und 2 hätte  Zitat:
Zitat:
Kann mir jemand helfen? Geändert von wursch (04.07.2011 um 21:42 Uhr) |
|
05.07.2011, 08:09
| #2 | ||
| /// Helfer-Team    | BOO/Sinowal.F in Masterbootsektor Hallo und Herzlich Willkommen!
__________________ Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]: Zitat:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen! 1. Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org
2. Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
3. → Lade Dir HJTscanlist.zip herunter → entpacke die Datei auf deinem Desktop → Bei WindowsXP Home musst vor dem Scan zusätzlich tasklist.zip installieren → per Doppelklick starten → Wähle dein Betriebsystem aus - bei Win7 wähle Vista → Wenn Du gefragt wirst, die Option "Einstellung" (1) - scanlist" wählen → Nach kurzer Zeit sollte sich Dein Editor öffnen und die Datei hjtscanlist.txt präsentieren → Bitte kopiere den Inhalt hier in Deinen Thread. ** Falls es klappt auf einmal nicht, kannst den Text in mehrere Teile teilen und so posten 4. Ich würde gerne noch all deine installierten Programme sehen: Lade dir das Tool Ccleaner herunter → Download installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ falls nötig - unter Options settings-> "german" einstellen dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..." wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein Zitat:
** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw grußkira
__________________ |
|
05.07.2011, 08:54
| #3 | |
| | BOO/Sinowal.F in Masterbootsektor Vielen dank für die schnelle Antwort.
__________________zu ""Komplett Scan durchführen" wählen (überall Haken setzen)" habe ich eine Frage. Bei mir Steht nur Vollständigen Suchlauf durchführen. ist das gemeint? zudem habe ich gestern abend nach meinem Posting noch entdeckt das es weitere Schritte in der Anleitung zum Themen erstellen gab (nach der großen roten 1) Hab inzwischen den Defogger und OTL drüber laufen lassen so wie in der Anleitung erklärt und poste sie hier (Hatte mich vorher niche getraut was es hies das ein Doppelposting nicht erwünscht ist und das THema dann als in bearbeitung gillt): Zitat:
Wenn mit Komplett Scan "Vollständigen Suchlauf durchführen" gemeint ist mach ich das dann sofort. |
|
05.07.2011, 14:34
| #4 |
| | BOO/Sinowal.F in Masterbootsektor Ich habe die Anleitung zum MBAM gefunden und verstanden das der Vollscan der richtige ist. Danach hab ich alles ausgeführt. Beim MBAM Scan ist immer wieder Antivir aufgeploppt und hat mir Dateien angezeigt die ich dann auch entfernt habe. Zudem ist mir aufgefallen das ich noch ein altes Windows System auf der Platte drauf habe (Windiws.old) und da waren scheinbar auch noch versäuchungen drin. Das hatte ich damals neu aufgespielt weil es auch versäucht war, aber hatte es nicht gelöscht. Soll ich sicherheitshalber den Windows.old ordner komplett löschen? bzw hier die Logs: Code:
ATTFilter Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org
Datenbank Version: 7026
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
05.07.2011 15:07:35
mbam-log-2011-07-05 (15-07-35).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|L:\|M:\|)
Durchsuchte Objekte: 1007201
Laufzeit: 3 Stunde(n), 3 Minute(n), 15 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 6
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
c:\Users\Bobby\AppData\Local\Temp\77F.tmp\removewat.exe (HackTool.Wpakill) -> Quarantined and deleted successfully.
c:\Windows.old\Users\Admin\AppData\Roaming\apmanager\uninstall.exe (Trojan.FraudTool) -> Quarantined and deleted successfully.
c:\Windows.old\Windows\System32\cooper.mine (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows.old\Windows\System32\net.net (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows.old\Windows\System32\uqfasnejhs.exe (Adware.AdRotator) -> Quarantined and deleted successfully.
c:\tujserrew.bat (Malware.Trace) -> Quarantined and deleted successfully.
OTL Logfile: Code:
ATTFilter OTL logfile created on: 05.07.2011 15:14:19 - Run 2 OTL by OldTimer - Version 3.2.26.0 Folder = C:\Users\Bobby\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 6,00 Gb Total Physical Memory | 4,44 Gb Available Physical Memory | 74,02% Memory free 12,00 Gb Paging File | 10,27 Gb Available in Paging File | 85,65% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,76 Gb Total Space | 249,97 Gb Free Space | 53,67% Space Free | Partition Type: NTFS Drive D: | 931,51 Gb Total Space | 295,68 Gb Free Space | 31,74% Space Free | Partition Type: NTFS Drive E: | 465,76 Gb Total Space | 311,97 Gb Free Space | 66,98% Space Free | Partition Type: NTFS Drive L: | 465,65 Gb Total Space | 2,72 Gb Free Space | 0,58% Space Free | Partition Type: FAT32 Drive M: | 298,09 Gb Total Space | 147,40 Gb Free Space | 49,45% Space Free | Partition Type: NTFS Computer Name: BOBBY-PC | User Name: Bobby | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Bobby\Desktop\OTL.exe (OldTimer Tools) PRC - E:\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - E:\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - E:\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - E:\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - E:\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Windows\SysWOW64\nlssrv32.exe (Nalpeiron Ltd.) PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe () PRC - E:\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe () PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.) ========== Modules (SafeList) ========== MOD - C:\Users\Bobby\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.) SRV - (MBAMService) -- E:\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (AntiVirSchedulerService) -- E:\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (AntiVirService) -- E:\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (nlsX86cc) -- C:\Windows\SysWOW64\nlssrv32.exe (Nalpeiron Ltd.) SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe () SRV - (TouchServicePen) -- C:\Programme\Tablet\Pen\Pen_TouchService.exe (Wacom Technology, Corp.) SRV - (TabletServicePen) -- C:\Programme\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.) SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (SbieSvc) -- E:\Sandboxie\SbieSvc.exe (tzuk) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (Backup Service Home-Dienst) -- E:\Backup Service Home 3\BSHService.exe (Alexander Seeliger Software) SRV - (DAUpdaterSvc) -- E:\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (CableAssociation) -- E:\Hama\WUSB\Association\CableAssociation.exe (Wisair Ltd.) SRV - (Adobe Version Cue CS4) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.) DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.) DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\drivers\wacomvhid.sys (Wacom Technology) DRV:64bit: - (L1E) -- C:\Windows\SysNative\drivers\L1E62x64.sys (Atheros Communications, Inc.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (Ph3xIB64) -- C:\Windows\SysNative\drivers\Ph3xIB64.sys (NXP Semiconductors) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (hwa) -- C:\Windows\SysNative\drivers\WSR_HWA.SYS () DRV:64bit: - (HWARadio) -- C:\Windows\SysNative\drivers\WSR_RCI.SYS () DRV:64bit: - (DWA) -- C:\Windows\SysNative\drivers\WSR_DWA.SYS () DRV:64bit: - (TunnelDrv) -- C:\Windows\SysNative\drivers\WSR_CBA.SYS () DRV:64bit: - (WSR_USF) -- C:\Windows\SysNative\drivers\WSR_USF.sys () DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\drivers\wacommousefilter.sys (Wacom Technology) DRV:64bit: - (X-Rite) -- C:\Windows\SysNative\drivers\XrUsb64.sys (X-Rite, Inc.) DRV - (SbieDrv) -- E:\Sandboxie\SbieDrv.sys (tzuk) DRV - (adfs) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 78 B7 26 59 A0 6B CB 01 [binary data] IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: exif_viewer@mozilla.doslash.org:1.60 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=" FF - prefs.js..network.proxy.type: 4 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.4: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: D:\Mozilla Firefox\components [2011.07.04 13:12:56 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: D:\Mozilla Firefox\plugins [2011.06.25 20:07:08 | 000,000,000 | ---D | M] FF - HKCU\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: D:\Mozilla Firefox\components [2011.07.04 13:12:56 | 000,000,000 | ---D | M] FF - HKCU\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: D:\Mozilla Firefox\plugins [2011.06.25 20:07:08 | 000,000,000 | ---D | M] [2010.04.29 00:03:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bobby\AppData\Roaming\mozilla\Extensions [2011.07.05 09:48:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bobby\AppData\Roaming\mozilla\Firefox\Profiles\7ihbmt81.default\extensions [2011.04.22 17:05:42 | 000,000,000 | ---D | M] ("Exif Viewer") -- C:\Users\Bobby\AppData\Roaming\mozilla\Firefox\Profiles\7ihbmt81.default\extensions\exif_viewer@mozilla.doslash.org [2011.07.02 19:31:11 | 000,001,056 | ---- | M] () -- C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\7ihbmt81.default\searchplugins\icqplugin.xml [2010.05.11 23:51:02 | 000,000,000 | ---D | M] (Java Console) -- D:\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} O1 HOSTS File: ([2010.04.29 01:18:57 | 000,001,300 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Trillian Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (Trillian Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKCU\..\Toolbar\WebBrowser: (Trillian Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] E:\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BambooCore] File not found O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] E:\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [Bamboo Dock] E:\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.19 21:02:05 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{42a06ce3-536b-11df-bc5b-00248c0ef764}\Shell - "" = AutoRun O33 - MountPoints2\{42a06ce3-536b-11df-bc5b-00248c0ef764}\Shell\AutoRun\command - "" = N:\start.exe O33 - MountPoints2\{ec09433e-5316-11df-a516-00248c0ef764}\Shell - "" = AutoRun O33 - MountPoints2\{ec09433e-5316-11df-a516-00248c0ef764}\Shell\AutoRun\command - "" = K:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.07.05 15:12:38 | 000,000,000 | ---D | C] -- C:\Users\Bobby\Desktop\Alter log [2011.07.05 09:45:46 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Roaming\Malwarebytes [2011.07.05 09:45:40 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.07.05 09:45:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.07.05 09:45:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.07.05 09:45:37 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.07.05 09:14:13 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Bobby\Desktop\OTL.exe [2011.07.04 13:21:29 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Roaming\Avira [2011.07.04 13:18:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2011.07.04 13:18:33 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2011.07.04 13:18:33 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2011.07.04 13:18:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2011.07.01 18:50:45 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Local\Phase_One [2011.07.01 18:49:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Phase One [2011.07.01 18:49:25 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Local\CaptureOne [2011.07.01 18:48:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phase One [2011.07.01 18:36:29 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll [2011.07.01 18:36:29 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll [2011.07.01 18:36:29 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll [2011.07.01 18:36:29 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll [2011.07.01 18:36:29 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll [2011.07.01 18:36:29 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll [2011.07.01 18:36:28 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe [2011.07.01 18:36:28 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe [2011.06.28 02:36:11 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Local\SKIDROW [2011.06.28 02:35:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve [2011.06.27 15:24:38 | 000,000,000 | ---D | C] -- C:\Users\Bobby\Desktop\Zeitrelais [2011.06.12 07:43:49 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Roaming\Yxyni [2011.06.12 07:43:49 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Roaming\Caze ========== Files - Modified Within 30 Days ========== [2011.07.05 15:10:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.07.05 15:10:14 | 536,125,439 | -HS- | M] () -- C:\hiberfil.sys [2011.07.05 09:45:40 | 000,000,627 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.07.05 09:14:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Bobby\Desktop\OTL.exe [2011.07.04 23:41:56 | 000,022,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.07.04 23:41:56 | 000,022,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.07.04 23:23:10 | 000,000,148 | ---- | M] () -- C:\Users\Bobby\defogger_reenable [2011.07.04 23:21:45 | 000,050,477 | ---- | M] () -- C:\Users\Bobby\Desktop\Defogger.exe [2011.07.04 23:10:05 | 000,002,673 | ---- | M] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay3.prefs [2011.07.04 23:10:05 | 000,000,346 | -H-- | M] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay3.lic [2011.07.04 22:57:10 | 000,000,620 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuatoCalibrationLoader.lnk [2011.07.04 22:57:10 | 000,000,415 | ---- | M] () -- C:\Users\Public\Desktop\iColor Display 3.7.3.0.lnk [2011.07.04 22:18:00 | 000,089,088 | ---- | M] () -- C:\Users\Bobby\Desktop\mbr.exe [2011.07.04 13:18:37 | 000,000,758 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2011.07.03 22:04:21 | 000,006,692 | ---- | M] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay.prefs [2011.07.03 22:01:54 | 000,000,390 | ---- | M] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay.lic [2011.07.03 00:27:19 | 000,216,179 | ---- | M] () -- C:\Users\Bobby\Desktop\klein.jpg [2011.07.01 18:40:33 | 001,588,294 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.07.01 18:40:33 | 000,696,132 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.07.01 18:40:33 | 000,651,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.07.01 18:40:33 | 000,147,428 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.07.01 18:40:33 | 000,120,382 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.07.01 18:40:20 | 001,588,294 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.06.28 02:35:06 | 000,000,596 | ---- | M] () -- C:\Users\Public\Desktop\Portal 2.lnk [2011.06.27 23:37:05 | 001,923,697 | ---- | M] () -- C:\Users\Bobby\Desktop\Entstehender TaT.jpg [2011.06.26 04:30:00 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job [2011.06.17 12:35:49 | 000,116,568 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2011.06.17 12:35:49 | 000,083,120 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2011.06.07 01:38:29 | 000,268,215 | ---- | M] () -- C:\Users\Bobby\Desktop\TaT-6-6-11-8c.jpg [2011.06.07 00:44:11 | 000,372,445 | ---- | M] () -- C:\Users\Bobby\Desktop\TaT-6-6-11-9.jpg [2011.06.06 21:35:37 | 000,423,675 | ---- | M] () -- C:\Users\Bobby\Desktop\TaT-6-6-11-4.jpg [2011.06.06 19:55:35 | 000,283,895 | ---- | M] () -- C:\Users\Bobby\Desktop\TaT 6-6-11-1-crop.jpg [2011.06.05 21:52:44 | 000,595,257 | ---- | M] () -- C:\Users\Bobby\Desktop\TaT 5-6-11-6b.jpg ========== Files Created - No Company Name ========== [2011.07.05 09:45:40 | 000,000,627 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.07.04 23:23:09 | 000,000,148 | ---- | C] () -- C:\Users\Bobby\defogger_reenable [2011.07.04 23:21:39 | 000,050,477 | ---- | C] () -- C:\Users\Bobby\Desktop\Defogger.exe [2011.07.04 22:57:10 | 000,000,415 | ---- | C] () -- C:\Users\Public\Desktop\iColor Display 3.7.3.0.lnk [2011.07.04 22:17:59 | 000,089,088 | ---- | C] () -- C:\Users\Bobby\Desktop\mbr.exe [2011.07.04 13:18:37 | 000,000,758 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2011.07.03 00:27:18 | 000,216,179 | ---- | C] () -- C:\Users\Bobby\Desktop\klein.jpg [2011.07.01 19:25:11 | 001,923,697 | ---- | C] () -- C:\Users\Bobby\Desktop\Entstehender TaT.jpg [2011.07.01 18:39:07 | 001,588,294 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.06.28 02:35:06 | 000,000,596 | ---- | C] () -- C:\Users\Public\Desktop\Portal 2.lnk [2011.06.07 01:38:41 | 000,268,215 | ---- | C] () -- C:\Users\Bobby\Desktop\TaT-6-6-11-8c.jpg [2011.06.07 00:47:27 | 000,372,445 | ---- | C] () -- C:\Users\Bobby\Desktop\TaT-6-6-11-9.jpg [2011.06.06 21:41:19 | 000,423,675 | ---- | C] () -- C:\Users\Bobby\Desktop\TaT-6-6-11-4.jpg [2011.06.06 19:56:31 | 000,283,895 | ---- | C] () -- C:\Users\Bobby\Desktop\TaT 6-6-11-1-crop.jpg [2011.06.05 22:14:14 | 000,595,257 | ---- | C] () -- C:\Users\Bobby\Desktop\TaT 5-6-11-6b.jpg [2011.04.23 12:40:56 | 000,006,692 | ---- | C] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay.prefs [2011.04.23 12:39:29 | 000,000,390 | ---- | C] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay.lic [2011.04.21 22:41:15 | 000,002,673 | ---- | C] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay3.prefs [2011.04.21 22:41:15 | 000,000,346 | -H-- | C] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay3.lic [2011.02.09 14:09:40 | 000,000,132 | ---- | C] () -- C:\Users\Bobby\AppData\Roaming\Adobe BMP Format CS5 Prefs [2011.01.17 00:27:25 | 000,001,456 | ---- | C] () -- C:\Users\Bobby\AppData\Local\Adobe Für Web speichern 12.0 Prefs [2011.01.16 22:26:42 | 000,000,132 | ---- | C] () -- C:\Users\Bobby\AppData\Roaming\Adobe PNG Format CS5 Prefs [2010.10.17 17:01:27 | 000,004,096 | ---- | C] () -- C:\Windows\SysWow64\HDREfexProFC64.dll [2010.10.04 00:16:26 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\HDREfexProFC32.dll [2010.09.04 23:46:41 | 000,007,606 | ---- | C] () -- C:\Users\Bobby\AppData\Local\Resmon.ResmonCfg [2010.06.25 19:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll [2010.06.16 16:51:17 | 000,001,512 | ---- | C] () -- C:\Windows\Sandboxie.ini [2010.06.11 17:44:33 | 000,044,918 | ---- | C] () -- C:\Windows\War3Unin.dat [2010.05.26 21:25:17 | 000,000,300 | ---- | C] () -- C:\Windows\game.ini [2010.05.05 22:10:18 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.04.29 11:13:31 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010.04.29 03:35:01 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2009.12.18 11:58:28 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\Viveza2FC32.dll [2009.11.06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2008.06.05 08:58:26 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2007.12.28 17:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS [2002.05.16 01:38:40 | 000,091,136 | ---- | C] () -- C:\Windows\SysWow64\mp4fil32.dll [2002.05.04 15:19:00 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\avisynthEx.dll [2002.04.21 20:30:14 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\OggDS.dll [2002.04.19 16:23:26 | 000,106,137 | ---- | C] () -- C:\Windows\SysWow64\libpostproc.dll [2002.04.19 15:51:04 | 000,211,760 | ---- | C] () -- C:\Windows\SysWow64\libavcodec.dll [2002.04.02 00:16:30 | 000,454,656 | ---- | C] () -- C:\Windows\SysWow64\VorbisEnc.dll [2002.04.02 00:16:14 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll [2002.04.02 00:15:40 | 000,011,264 | ---- | C] () -- C:\Windows\SysWow64\ogg.dll [2002.02.21 18:41:20 | 000,157,184 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2001.06.22 13:06:02 | 000,167,936 | ---- | C] () -- C:\Windows\SysWow64\MPEG2DEC.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 64 bytes -> C:\Users\Bobby\Desktop\SDIM0119.AVI:TOC.WMV < End of report > [/CODE] Extra OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 05.07.2011 15:14:19 - Run 2
OTL by OldTimer - Version 3.2.26.0 Folder = C:\Users\Bobby\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
6,00 Gb Total Physical Memory | 4,44 Gb Available Physical Memory | 74,02% Memory free
12,00 Gb Paging File | 10,27 Gb Available in Paging File | 85,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,76 Gb Total Space | 249,97 Gb Free Space | 53,67% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 295,68 Gb Free Space | 31,74% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 311,97 Gb Free Space | 66,98% Space Free | Partition Type: NTFS
Drive L: | 465,65 Gb Total Space | 2,72 Gb Free Space | 0,58% Space Free | Partition Type: FAT32
Drive M: | 298,09 Gb Total Space | 147,40 Gb Free Space | 49,45% Space Free | Partition Type: NTFS
Computer Name: BOBBY-PC | User Name: Bobby | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1387BA33-3FAC-49E9-B545-0E8D3BBC550B}" = Adobe Photoshop Lightroom 3 64-bit
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{5F02C14D-A630-4771-8409-0BA89FCCA8D6}" = iTunes
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{6D45461F-F0FF-4E32-A16D-C636722FCA12}" = WUSB WinDrivers v.14.0.22.0
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"3134FEF0E1D959EC0CC2E458C94B7057B2AC0CC9" = Windows-Treiberpaket - FTDI CDM Driver Package (10/22/2009 2.06.00)
"88EB56038379B8B7DCFB4D2448A60F52E064B265" = Windows-Treiberpaket - FTDI CDM Driver Package (10/22/2009 2.06.00)
"A35BD68D4A1B3E191138E3C9AA417190A9468F7E" = Windows-Treiberpaket - Leaf Imaging Ltd. Image (02/11/2010 )
"CaptureOne6_is1" = Capture One 6.2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"Pen Tablet Driver" = Bamboo
"Sandboxie" = Sandboxie 3.442 (64-bit)
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F4B91C5-4524-02A6-1D9B-5AE52CE2E0F4}" = Bamboo Dock
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15A60757-91A9-8875-17C4-7E5C4A7E17AF}" = Livebrush Mini
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{359FCAA7-B544-4147-AE3B-8C8A526E2427}" = Sony Image Data Suite
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4BC51F3D-288E-433A-A428-9A9C34F7F835}" = Image Trends' Fisheye-Hemi Plug-In 1.1.6
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{5979B77A-9AE6-4E75-AED8-283C5E16C02D}_is1" = Backup Service Home 3.3.1.4
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ULTIMATER_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ULTIMATER_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ULTIMATER_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002A-0409-1000-0000000FF1CE}_ULTIMATER_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ULTIMATER_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ULTIMATER_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0116-0409-1000-0000000FF1CE}_ULTIMATER_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91120000-002E-0000-0000-0000000FF1CE}" = Microsoft Office Ultimate 2007
"{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B0513493-04B9-4F21-B4AB-83E750D54256}" = Adobe Photoshop Lightroom 2.7
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B095B0A4-50A5-46D7-9988-D038FEB040C0}" = Adobe Encore CS4 Library
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{BF962E1B-D17A-4713-A100-6531A132D83D}_is1" = Foto-Mosaik-Edda 5.5.9
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F600CCF3-9C88-4A22-B0B4-DDA82E997118}" = Adobe After Effects CS4 Template Projects & Footage
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_5445c5ddd9a5c69582d3c1e2bba18f7" = Adobe Creative Suite 4 Master Collection
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Bamboo Dock" = Bamboo Dock 3.3
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Color Efex Pro 3.0 Complete" = Color Efex Pro 3.0 Complete
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1" = Livebrush Mini
"Dfine 2.0" = Dfine 2.0
"DirSync" = DirSync 2.92
"DivX Setup.divx.com" = DivX-Setup
"fc-prints" = fc-prints
"HDR Efex Pro" = HDR Efex Pro
"ICQToolbar" = ICQ Toolbar
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{6D45461F-F0FF-4E32-A16D-C636722FCA12}" = WUSB WinDrivers v.14.0.22.0
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.0.1200
"MediaPortal" = MediaPortal
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"NimoCorp" = Nimo Codecs Pack v5.0 (Remove Only)
"Pano2VR" = Pano2VR - Garden Gnome Software
"Pen Tablet Driver" = Bamboo
"PokerStars.net" = PokerStars.net
"Portrait Professional Max 6_is1" = Portrait Professional Max 6.3
"Postal 2_is1" = Portal 2
"PTGui" = PTGui Pro 8.2.1
"Sharpener Pro 3.0" = Sharpener Pro 3.0
"Silver Efex Pro" = Silver Efex Pro
"StarCraft II" = StarCraft II
"Steam App 440" = Team Fortress 2
"Steamless Left4Dead2 Pack" = Steamless Left4Dead2 Pack
"Trillian" = Trillian
"Tw500_pro_is1" = Tourweaver 5.00 Professional Edition
"ULTIMATER" = Microsoft Office Ultimate 2007
"Viveza 2" = Viveza 2
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
"Warcraft III" = Warcraft III
"WinPcapInst" = WinPcap 4.1.2
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"iColorDisplay" = iColor Display 3.7.3.0 (nur entfernen)
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"Warcraft III" = Warcraft III: All Products
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 25.06.2011 09:41:19 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 25.06.2011 18:30:24 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 27.06.2011 04:21:06 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 27.06.2011 07:39:39 | Computer Name = Bobby-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Acrobat.exe, Version: 9.0.0.332,
Zeitstempel: 0x4850eb76 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bdb3b Ausnahmecode: 0xc0000374 Fehleroffset: 0x000cdcbb ID des fehlerhaften
Prozesses: 0xb40 Startzeit der fehlerhaften Anwendung: 0x01cc34bee1b66d32 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 239d8cf5-a0b2-11e0-92dd-00248c0ef764
Error - 29.06.2011 05:24:22 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 29.06.2011 10:12:33 | Computer Name = Bobby-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: portal2.exe, Version: 0.0.0.0, Zeitstempel:
0x4d4c804d Name des fehlerhaften Moduls: valve_avi.dll, Version: 0.0.0.0, Zeitstempel:
0x4daa2f8e Ausnahmecode: 0xc0000005 Fehleroffset: 0x00004473 ID des fehlerhaften Prozesses:
0x1358 Startzeit der fehlerhaften Anwendung: 0x01cc36654c4b0a0b Pfad der fehlerhaften
Anwendung: E:\Portal 2\portal2.exe Pfad des fehlerhaften Moduls: e:\portal 2\bin\valve_avi.dll
Berichtskennung:
d4aa1c4e-a259-11e0-90f8-00248c0ef764
Error - 02.07.2011 02:49:20 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 02.07.2011 16:28:14 | Computer Name = Bobby-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Photoshop.exe, Version: 12.0.0.0,
Zeitstempel: 0x4bbc5b10 Name des fehlerhaften Moduls: HDR Efex Pro.8bf_unloaded,
Version: 0.0.0.0, Zeitstempel: 0x4ca9115a Ausnahmecode: 0xc0000005 Fehleroffset:
0x000007fee5d15b45 ID des fehlerhaften Prozesses: 0x1304 Startzeit der fehlerhaften
Anwendung: 0x01cc38e9e230a41e Pfad der fehlerhaften Anwendung: C:\Program Files\Adobe\Adobe
Photoshop CS5 (64 Bit)\Photoshop.exe Pfad des fehlerhaften Moduls: HDR Efex Pro.8bf
Berichtskennung:
cf7f3bba-a4e9-11e0-a9ff-00248c0ef764
Error - 03.07.2011 04:46:26 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 04.07.2011 18:30:51 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
[ System Events ]
Error - 03.01.2011 11:54:31 | Computer Name = Bobby-PC | Source = bowser | ID = 8003
Description =
Error - 04.01.2011 07:53:20 | Computer Name = Bobby-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk8\DR8 gefunden.
Error - 04.01.2011 09:47:37 | Computer Name = Bobby-PC | Source = bowser | ID = 8003
Description =
Error - 05.01.2011 06:41:57 | Computer Name = Bobby-PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error - 05.01.2011 07:12:50 | Computer Name = Bobby-PC | Source = bowser | ID = 8003
Description =
Error - 07.01.2011 19:13:24 | Computer Name = Bobby-PC | Source = bowser | ID = 8003
Description =
Error - 08.01.2011 09:01:17 | Computer Name = Bobby-PC | Source = bowser | ID = 8003
Description =
Error - 08.01.2011 13:00:45 | Computer Name = Bobby-PC | Source = bowser | ID = 8003
Description =
Error - 09.01.2011 16:17:04 | Computer Name = Bobby-PC | Source = bowser | ID = 8003
Description =
Error - 15.01.2011 07:34:15 | Computer Name = Bobby-PC | Source = bowser | ID = 8003
Description =
< End of report >
[/CODE] |
|
05.07.2011, 14:38
| #5 |
| | BOO/Sinowal.F in Masterbootsektor Muss es leider aussplitten, daher hier der erster Teil von hjtscanlist Code:
ATTFilter
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
º º
hjtscanlist v2.0
º º
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
Microsoft Windows [Version 6.1.7600]
C:
C:\pagefile.sys ---------
C:\hiberfil.sys ---------
05.07.2011 09:45 C:\ProgramData --------- 172032
05.07.2011 09:18 C:\System Volume Information --------- 40960
01.07.2011 18:36 C:\Windows --------- 24576
18.04.2011 22:39 C:\Program Files (x86) --------- 12288
01.01.2011 21:02 C:\Sandbox --------- 0
02.09.2010 19:20 C:\Program Files --------- 8192
29.04.2010 01:47 C:\JAWGe --------- 206376
29.04.2010 01:17 C:\$Recycle.Bin --------- 0
29.04.2010 01:17 C:\Users --------- 4096
29.04.2010 00:37 C:\BOOTSECT.BAK --------- 8192
29.04.2010 00:37 C:\Boot --------- 4096
28.04.2010 23:53 C:\Recovery --------- 0
28.04.2010 23:26 C:\Windows.old --------- 4096
28.04.2010 22:57 C:\Programme --------- 0
28.04.2010 22:57 C:\Dokumente und Einstellungen --------- 0
28.04.2010 21:05 C:\aaw7boot.log --------- 41334
28.09.2009 20:56 C:\Downloads --------- 0
14.07.2009 07:08 C:\Documents and Settings --------- 0
14.07.2009 05:20 C:\PerfLogs --------- 0
14.07.2009 03:38 C:\bootmgr --------- 383562
19.06.2009 21:02 C:\Autodesk --------- 0
10.05.2009 16:42 C:\IO.SYS --------- 0
10.05.2009 16:42 C:\MSDOS.SYS --------- 0
02.05.2009 13:42 C:\MSOCache --------- 0
02.05.2009 02:37 C:\Boot.ini.saved --------- 354
01.05.2009 18:14 C:\Boot.BAK --------- 210
01.05.2009 17:05 C:\RHDSetup.log --------- 646
01.05.2009 16:55 C:\Intel --------- 0
18.09.2006 23:43 C:\config.sys --------- 10
18.09.2006 23:43 C:\autoexec.bat --------- 24
04.08.2004 14:00 C:\NTDETECT.COM --------- 47564
04.08.2004 14:00 C:\bootfont.bin --------- 4952
04.08.2004 14:00 C:\ntldr --------- 251184
----------------------------------------
C:\Windows
05.07.2011 15:17 C:\Windows\WindowsUpdate.log --------- 1797276
05.07.2011 15:10 C:\Windows\setupact.log --------- 59909
05.07.2011 15:10 C:\Windows\bootstat.dat --------- 67584
01.07.2011 18:52 C:\Windows\DPINST.LOG --------- 35178
19.04.2011 11:11 C:\Windows\PFRO.log --------- 37518
18.04.2011 02:32 C:\Windows\DirectX.log --------- 227162
01.01.2011 21:02 C:\Windows\Sandboxie.ini --------- 1512
17.10.2010 17:01 C:\Windows\KB893803v2.log --------- 4288
11.06.2010 18:03 C:\Windows\War3Unin.dat --------- 44918
11.06.2010 17:50 C:\Windows\War3Unin.pif --------- 2829
11.06.2010 17:50 C:\Windows\War3Unin.exe --------- 139264
01.06.2010 12:49 C:\Windows\MEMORY.DMP --------- 412208607
26.05.2010 21:25 C:\Windows\game.ini --------- 300
06.05.2010 14:24 C:\Windows\comsetup.log --------- 762
29.04.2010 11:13 C:\Windows\nsreg.dat --------- 0
29.04.2010 03:35 C:\Windows\Language_trs.ini --------- 1769
29.04.2010 02:46 C:\Windows\win.ini --------- 478
28.04.2010 23:44 C:\Windows\DtcInstall.log --------- 1774
28.04.2010 23:44 C:\Windows\TSSysprep.log --------- 1313
18.02.2010 18:45 C:\Windows\eSellerateEngine.dll --------- 356352
14.07.2009 06:54 C:\Windows\WindowsShell.Manifest --------- 749
14.07.2009 06:51 C:\Windows\setuperr.log --------- 0
14.07.2009 03:39 C:\Windows\write.exe --------- 10240
14.07.2009 03:39 C:\Windows\splwow64.exe --------- 61952
14.07.2009 03:39 C:\Windows\regedit.exe --------- 427008
14.07.2009 03:39 C:\Windows\notepad.exe --------- 193536
14.07.2009 03:39 C:\Windows\hh.exe --------- 16896
14.07.2009 03:39 C:\Windows\HelpPane.exe --------- 733696
14.07.2009 03:39 C:\Windows\fveupdate.exe --------- 15360
14.07.2009 03:39 C:\Windows\explorer.exe --------- 2868224
14.07.2009 03:38 C:\Windows\bfsvc.exe --------- 71168
14.07.2009 03:16 C:\Windows\twain_32.dll --------- 51200
14.07.2009 03:14 C:\Windows\winhlp32.exe --------- 9728
14.07.2009 03:14 C:\Windows\twunk_32.exe --------- 31232
14.07.2009 01:06 C:\Windows\mib.bin --------- 43131
10.06.2009 23:41 C:\Windows\twunk_16.exe --------- 49680
10.06.2009 23:41 C:\Windows\twain.dll --------- 94784
10.06.2009 23:08 C:\Windows\system.ini --------- 219
10.06.2009 22:52 C:\Windows\WMSysPr9.prx --------- 316640
10.06.2009 22:36 C:\Windows\msdfmap.ini --------- 1405
10.06.2009 22:31 C:\Windows\Starter.xml --------- 48201
10.06.2009 22:30 C:\Windows\HomePremium.xml --------- 48265
16.04.2009 17:23 C:\Windows\RtlExUpd.dll --------- 540672
----------------------------------------
C:\Windows\System
----------------------------------------
C:\Windows\System32
05.07.2011 15:21 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 --------- 22080
05.07.2011 15:21 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 --------- 22080
05.07.2011 09:45 C:\Windows\system32\drivers --------- 65536
04.07.2011 13:18 C:\Windows\system32\catroot --------- 4096
01.07.2011 20:33 C:\Windows\system32\config --------- 12288
01.07.2011 18:53 C:\Windows\system32\DriverStore --------- 4096
01.07.2011 18:40 C:\Windows\system32\perfh009.dat --------- 651450
01.07.2011 18:40 C:\Windows\system32\perfc009.dat --------- 120382
01.07.2011 18:40 C:\Windows\system32\perfh007.dat --------- 696132
01.07.2011 18:40 C:\Windows\system32\perfc007.dat --------- 147428
01.07.2011 18:40 C:\Windows\system32\PerfStringBackup.INI --------- 1588294
01.07.2011 18:39 C:\Windows\system32\de-DE --------- 327680
01.07.2011 18:37 C:\Windows\system32\en-US --------- 4096
04.06.2011 01:54 C:\Windows\system32\catroot2 --------- 16384
11.03.2011 15:49 C:\Windows\system32\Tasks --------- 4096
14.11.2010 18:18 C:\Windows\system32\FxsTmp --------- 0
13.10.2010 16:16 C:\Windows\system32\HDREfexProFC64.dll --------- 4096
02.09.2010 19:20 C:\Windows\system32\DRVSTORE --------- 0
27.07.2010 18:55 C:\Windows\system32\dnssd.dll --------- 95520
27.07.2010 18:55 C:\Windows\system32\dnssdX.dll --------- 237856
27.07.2010 18:55 C:\Windows\system32\dns-sd.exe --------- 119584
27.07.2010 18:55 C:\Windows\system32\jdns_sd.dll --------- 69408
13.07.2010 14:26 C:\Windows\system32\Pen_Touch_Tablet.dll --------- 755568
13.07.2010 14:26 C:\Windows\system32\Pen_Tablet.dll --------- 762224
13.07.2010 14:18 C:\Windows\system32\Wintab32.dll --------- 588800
25.06.2010 19:07 C:\Windows\system32\Packet.dll --------- 106000
25.06.2010 19:07 C:\Windows\system32\wpcap.dll --------- 369168
16.06.2010 07:04 C:\Windows\system32\FNTCACHE.DAT --------- 4826064
18.05.2010 01:04 C:\Windows\system32\WTablet --------- 0
08.05.2010 22:42 C:\Windows\system32\wdi --------- 4096
06.05.2010 20:37 C:\Windows\system32\LogFiles --------- 4096
29.04.2010 00:10 C:\Windows\system32\restore --------- 0
28.04.2010 23:53 C:\Windows\system32\Recovery --------- 0
28.04.2010 23:48 C:\Windows\system32\CodeIntegrity --------- 0
28.04.2010 23:45 C:\Windows\system32\license.rtf --------- 56735
28.04.2010 23:44 C:\Windows\system32\sysprep --------- 0
19.04.2010 20:47 C:\Windows\system32\usbaaplrc.dll --------- 3062048
18.03.2010 17:23 C:\Windows\system32\aspnet_counters.dll --------- 20832
18.03.2010 14:27 C:\Windows\system32\msvcr100_clr0400.dll --------- 827744
24.02.2010 10:16 C:\Windows\system32\MpSigStub.exe --------- 212864
04.02.2010 10:01 C:\Windows\system32\xactengine3_6.dll --------- 176984
04.02.2010 10:01 C:\Windows\system32\XAPOFX1_4.dll --------- 78680
04.02.2010 10:01 C:\Windows\system32\X3DAudio1_7.dll --------- 24920
04.02.2010 10:01 C:\Windows\system32\XAudio2_6.dll --------- 530776
27.01.2010 00:25 C:\Windows\system32\Viveza2FC32.dll --------- 3072
18.12.2009 11:58 C:\Windows\system32\Viveza2FC64.dll --------- 322560
25.11.2009 21:47 C:\Windows\system32\netfxperf.dll --------- 48960
25.11.2009 21:47 C:\Windows\system32\PresentationHostProxy.dll --------- 109912
25.11.2009 21:47 C:\Windows\system32\mscoree.dll --------- 444752
25.11.2009 21:47 C:\Windows\system32\PresentationHost.exe --------- 320352
25.11.2009 21:47 C:\Windows\system32\dfshim.dll --------- 1942856
23.11.2009 15:53 C:\Windows\system32\Pen_Tablet.exe --------- 5556520
23.11.2009 15:53 C:\Windows\system32\Touch_Tablet.dll --------- 290088
22.10.2009 17:17 C:\Windows\system32\ftd2xx.dll --------- 330056
22.10.2009 17:17 C:\Windows\system32\ftbusui.dll --------- 143688
22.10.2009 17:16 C:\Windows\system32\FTLang.dll --------- 284992
22.10.2009 17:08 C:\Windows\system32\ftserui2.dll --------- 55112
04.09.2009 17:44 C:\Windows\system32\XAPOFX1_3.dll --------- 73544
04.09.2009 17:44 C:\Windows\system32\XAudio2_5.dll --------- 517960
04.09.2009 17:44 C:\Windows\system32\xactengine3_5.dll --------- 176968
04.09.2009 17:29 C:\Windows\system32\d3dx10_42.dll --------- 523088
04.09.2009 17:29 C:\Windows\system32\d3dx11_42.dll --------- 285024
04.09.2009 17:29 C:\Windows\system32\d3dcsx_42.dll --------- 5554512
04.09.2009 17:29 C:\Windows\system32\D3DCompiler_42.dll --------- 2582888
04.09.2009 17:29 C:\Windows\system32\D3DX9_42.dll --------- 2475352
14.07.2009 20:18 C:\Windows\system32\wbem --------- 65536
14.07.2009 19:58 C:\Windows\system32\migwiz --------- 4096
14.07.2009 19:58 C:\Windows\system32\winrm --------- 0
14.07.2009 19:58 C:\Windows\system32\oobe --------- 4096
14.07.2009 19:58 C:\Windows\system32\0407 --------- 0
14.07.2009 19:58 C:\Windows\system32\migration --------- 0
14.07.2009 19:58 C:\Windows\system32\Setup --------- 0
14.07.2009 19:58 C:\Windows\system32\Boot --------- 0
14.07.2009 19:58 C:\Windows\system32\slmgr --------- 0
14.07.2009 19:58 C:\Windows\system32\WinBioPlugIns --------- 0
14.07.2009 19:58 C:\Windows\system32\Dism --------- 0
14.07.2009 19:58 C:\Windows\system32\WCN --------- 0
14.07.2009 19:58 C:\Windows\system32\MUI --------- 0
14.07.2009 19:58 C:\Windows\system32\Printing_Admin_Scripts --------- 0
14.07.2009 19:58 C:\Windows\system32\de --------- 0
14.07.2009 19:58 C:\Windows\system32\com --------- 0
14.07.2009 19:58 C:\Windows\system32\perfd007.dat --------- 38104
14.07.2009 19:58 C:\Windows\system32\perfi007.dat --------- 295922
14.07.2009 07:32 C:\Windows\system32\Speech --------- 0
14.07.2009 07:32 C:\Windows\system32\WinBioDatabase --------- 0
14.07.2009 07:32 C:\Windows\system32\WindowsPowerShell --------- 0
14.07.2009 07:14 C:\Windows\system32\umstartup.etl --------- 21504
14.07.2009 07:09 C:\Windows\system32\wfp --------- 0
14.07.2009 07:01 C:\Windows\system32\umstartup000.etl --------- 9216
14.07.2009 06:57 C:\Windows\system32\desktop.ini --------- 73
14.07.2009 06:57 C:\Windows\system32\migwiz.lnk --------- 1244
14.07.2009 06:53 C:\Windows\system32\spool --------- 0
14.07.2009 06:45 C:\Windows\system32\Microsoft --------- 0
14.07.2009 05:20 C:\Windows\system32\zh-TW --------- 0
14.07.2009 05:20 C:\Windows\system32\zh-CN --------- 0
14.07.2009 05:20 C:\Windows\system32\zh-HK --------- 0
14.07.2009 05:20 C:\Windows\system32\uk-UA --------- 0
14.07.2009 05:20 C:\Windows\system32\tr-TR --------- 0
14.07.2009 05:20 C:\Windows\system32\th-TH --------- 0
14.07.2009 05:20 C:\Windows\system32\sv-SE --------- 0
----------------------------------------
C:\Windows\Prefetch
----------------------------------------
C:\Windows\Tasks
05.07.2011 15:10 C:\Windows\Tasks\SA.DAT --------- 6
26.06.2011 04:30 C:\Windows\Tasks\Driver Robot.job --------- 366
01.04.2011 13:47 C:\Windows\Tasks\SCHEDLGU.TXT --------- 32632
----------------------------------------
C:\Windows\Temp
----------------------------------------
C:\Users\Bobby\AppData\Local\Temp
05.07.2011 15:12 C:\Users\Bobby\AppData\Local\Temp\Acrobat Distiller 9 --------- 0
05.07.2011 15:11 C:\Users\Bobby\AppData\Local\Temp\WPDNSE --------- 0
05.07.2011 15:11 C:\Users\Bobby\AppData\Local\Temp\divE282.tmp --------- 0
05.07.2011 12:00 C:\Users\Bobby\AppData\Local\Temp\77F.tmp --------- 20480
05.07.2011 09:15 C:\Users\Bobby\AppData\Local\Temp\PDApp.log --------- 1670394
04.07.2011 23:32 C:\Users\Bobby\AppData\Local\Temp\div6B40.tmp --------- 0
04.07.2011 23:26 C:\Users\Bobby\AppData\Local\Temp\divF594.tmp --------- 0
04.07.2011 23:21 C:\Users\Bobby\AppData\Local\Temp\plugtmp-121 --------- 0
04.07.2011 22:57 C:\Users\Bobby\AppData\Local\Temp\{24b663f1-7a60-4b63-887d-c0ac90b68375} --------- 0
04.07.2011 22:56 C:\Users\Bobby\AppData\Local\Temp\{42fda0e7-cac6-4abd-ad42-ac194b5f155a} --------- 0
04.07.2011 22:06 C:\Users\Bobby\AppData\Local\Temp\amt3.log --------- 280713
04.07.2011 22:06 C:\Users\Bobby\AppData\Local\Temp\swtag.log --------- 240047
03.07.2011 09:49 C:\Users\Bobby\AppData\Local\Temp\div212.tmp --------- 0
03.07.2011 02:37 C:\Users\Bobby\AppData\Local\Temp\div22CB.tmp --------- 0
03.07.2011 02:26 C:\Users\Bobby\AppData\Local\Temp\divA381.tmp --------- 0
03.07.2011 02:26 C:\Users\Bobby\AppData\Local\Temp\A449.tmp --------- 311456
02.07.2011 08:12 C:\Users\Bobby\AppData\Local\Temp\COPE_tmp --------- 0
02.07.2011 08:11 C:\Users\Bobby\AppData\Local\Temp\div707D.tmp --------- 0
01.07.2011 18:49 C:\Users\Bobby\AppData\Local\Temp\is-CVUSK.tmp --------- 0
01.07.2011 18:46 C:\Users\Bobby\AppData\Local\Temp\divD816.tmp --------- 0
01.07.2011 18:41 C:\Users\Bobby\AppData\Local\Temp\dd_dotNetFx40_Full_setup_decompression_log.txt --------- 2878
01.07.2011 18:41 C:\Users\Bobby\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_20110701_183503841.html --------- 881754
01.07.2011 18:40 C:\Users\Bobby\AppData\Local\Temp\dd_SetupUtility.txt --------- 660
01.07.2011 18:40 C:\Users\Bobby\AppData\Local\Temp\dd_dotNetFx40LP_Full_x86_x64de_decompression_log.txt --------- 3076
01.07.2011 18:40 C:\Users\Bobby\AppData\Local\Temp\Microsoft .NET Framework Language Pack Setup_20110701_183923852.html --------- 355162
01.07.2011 18:40 C:\Users\Bobby\AppData\Local\Temp\Microsoft .NET Framework Language Pack Setup_20110701_183923852-MSI_netfx_ExtendedLP_x64.msi.txt --------- 1499538
01.07.2011 18:40 C:\Users\Bobby\AppData\Local\Temp\ASPNETSetup_00003.log --------- 3652
01.07.2011 18:40 C:\Users\Bobby\AppData\Local\Temp\ASPNETSetup_00002.log --------- 5390
01.07.2011 18:40 C:\Users\Bobby\AppData\Local\Temp\RGIF86F.tmp --------- 10704
01.07.2011 18:40 C:\Users\Bobby\AppData\Local\Temp\RGIF86F.tmp-tmp --------- 9234
01.07.2011 18:39 C:\Users\Bobby\AppData\Local\Temp\Microsoft .NET Framework Language Pack Setup_20110701_183923852-MSI_netfx_CoreLP_x64.msi.txt --------- 2145368
01.07.2011 18:39 C:\Users\Bobby\AppData\Local\Temp\Microsoft .NET Framework Language Pack Setup_4.0.30319 --------- 0
01.07.2011 18:39 C:\Users\Bobby\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_20110701_183503841-MSI_netfx_Extended_x64.msi.txt --------- 3461542
01.07.2011 18:39 C:\Users\Bobby\AppData\Local\Temp\ASPNETSetup_00001.log --------- 3432
01.07.2011 18:39 C:\Users\Bobby\AppData\Local\Temp\ASPNETSetup_00000.log --------- 4716
01.07.2011 18:38 C:\Users\Bobby\AppData\Local\Temp\RGIB8B2.tmp --------- 10668
01.07.2011 18:38 C:\Users\Bobby\AppData\Local\Temp\RGIB8B2.tmp-tmp --------- 9234
01.07.2011 18:38 C:\Users\Bobby\AppData\Local\Temp\dd_wcf_CA_smci_20110701_163836_650.txt --------- 4688
01.07.2011 18:38 C:\Users\Bobby\AppData\Local\Temp\dd_wcf_CA_smci_20110701_163819_980.txt --------- 6866
01.07.2011 18:38 C:\Users\Bobby\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_20110701_183503841-MSI_netfx_Core_x64.msi.txt --------- 7116818
01.07.2011 18:36 C:\Users\Bobby\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319 --------- 0
01.07.2011 18:36 C:\Users\Bobby\AppData\Local\Temp\bchAC0C.tmp --------- 0
01.07.2011 18:36 C:\Users\Bobby\AppData\Local\Temp\bch8B8D.tmp --------- 0
01.07.2011 18:36 C:\Users\Bobby\AppData\Local\Temp\dd_TMP4747.tmp_decompression_log.txt --------- 741
01.07.2011 18:36 C:\Users\Bobby\AppData\Local\Temp\bch47F5.tmp --------- 0
01.07.2011 18:36 C:\Users\Bobby\AppData\Local\Temp\bch31D2.tmp --------- 0
01.07.2011 18:36 C:\Users\Bobby\AppData\Local\Temp\dd_TMPAA45.tmp_decompression_log.txt --------- 733
01.07.2011 18:35 C:\Users\Bobby\AppData\Local\Temp\bchAB02.tmp --------- 0
01.07.2011 18:35 C:\Users\Bobby\AppData\Local\Temp\bch9721.tmp --------- 0
01.07.2011 09:53 C:\Users\Bobby\AppData\Local\Temp\divC4D4.tmp --------- 0
30.06.2011 08:43 C:\Users\Bobby\AppData\Local\Temp\div5B2A.tmp --------- 0
29.06.2011 10:21 C:\Users\Bobby\AppData\Local\Temp\div14B8.tmp --------- 0
28.06.2011 23:41 C:\Users\Bobby\AppData\Local\Temp\divB412.tmp --------- 0
28.06.2011 14:24 C:\Users\Bobby\AppData\Local\Temp\plugtmp-120 --------- 0
28.06.2011 09:42 C:\Users\Bobby\AppData\Local\Temp\div6815.tmp --------- 0
28.06.2011 02:15 C:\Users\Bobby\AppData\Local\Temp\hsperfdata_Bobby --------- 0
27.06.2011 23:41 C:\Users\Bobby\AppData\Local\Temp\RemoteLog.txt --------- 21456
27.06.2011 13:54 C:\Users\Bobby\AppData\Local\Temp\amt.log --------- 44654
27.06.2011 13:54 C:\Users\Bobby\AppData\Local\Temp\alm.log --------- 145422
27.06.2011 13:40 C:\Users\Bobby\AppData\Local\Temp\libFNP_events.log --------- 1881
27.06.2011 13:39 C:\Users\Bobby\AppData\Local\Temp\lilD07F.tmp --------- 1024
27.06.2011 13:39 C:\Users\Bobby\AppData\Local\Temp\lilD07E.tmp --------- 1024
27.06.2011 13:39 C:\Users\Bobby\AppData\Local\Temp\lilD07D.tmp --------- 1024
27.06.2011 08:57 C:\Users\Bobby\AppData\Local\Temp\divB6FF.tmp --------- 0
27.06.2011 08:57 C:\Users\Bobby\AppData\Local\Temp\B634.tmp --------- 311456
25.06.2011 11:39 C:\Users\Bobby\AppData\Local\Temp\div8065.tmp --------- 0
12.06.2011 09:25 C:\Users\Bobby\AppData\Local\Temp\msohtmlclip1 --------- 0
12.06.2011 07:45 C:\Users\Bobby\AppData\Local\Temp\plugtmp-119 --------- 0
12.06.2011 07:45 C:\Users\Bobby\AppData\Local\Temp\java_install_reg.log --------- 70250
12.06.2011 07:44 C:\Users\Bobby\AppData\Local\Temp\plugtmp-118 --------- 0
12.06.2011 07:44 C:\Users\Bobby\AppData\Local\Temp\plugtmp-117 --------- 0
12.06.2011 07:43 C:\Users\Bobby\AppData\Local\Temp\plugtmp-116 --------- 0
11.06.2011 23:27 C:\Users\Bobby\AppData\Local\Temp\csxs-PHXS.log --------- 3582
11.06.2011 23:22 C:\Users\Bobby\AppData\Local\Temp\TWAIN.LOG --------- 899
11.06.2011 23:22 C:\Users\Bobby\AppData\Local\Temp\Twain001.Mtx --------- 4
11.06.2011 23:22 C:\Users\Bobby\AppData\Local\Temp\Twunk001.MTX --------- 156
10.06.2011 13:27 C:\Users\Bobby\AppData\Local\Temp\div9B06.tmp --------- 0
09.06.2011 07:25 C:\Users\Bobby\AppData\Local\Temp\divC3BB.tmp --------- 0
08.06.2011 15:31 C:\Users\Bobby\AppData\Local\Temp\LPRealMathe.pdf --------- 240940
08.06.2011 15:22 C:\Users\Bobby\AppData\Local\Temp\dq3q8suj.bmp --------- 1940454
08.06.2011 14:05 C:\Users\Bobby\AppData\Local\Temp\divAD5E.tmp --------- 0
07.06.2011 13:13 C:\Users\Bobby\AppData\Local\Temp\div36DA.tmp --------- 0
07.06.2011 08:15 C:\Users\Bobby\AppData\Local\Temp\div5FBB.tmp --------- 0
07.06.2011 08:15 C:\Users\Bobby\AppData\Local\Temp\5F10.tmp --------- 311456
06.06.2011 17:16 C:\Users\Bobby\AppData\Local\Temp\divBAE5.tmp --------- 0
05.06.2011 23:37 C:\Users\Bobby\AppData\Local\Temp\plugtmp-115 --------- 0
05.06.2011 13:18 C:\Users\Bobby\AppData\Local\Temp\yarn84qc.bmp --------- 206054
05.06.2011 11:58 C:\Users\Bobby\AppData\Local\Temp\divC553.tmp --------- 0
04.06.2011 10:59 C:\Users\Bobby\AppData\Local\Temp\plugtmp-114 --------- 0
04.06.2011 08:54 C:\Users\Bobby\AppData\Local\Temp\div5DD8.tmp --------- 0
04.06.2011 02:27 C:\Users\Bobby\AppData\Local\Temp\plugtmp-113 --------- 0
04.06.2011 01:54 C:\Users\Bobby\AppData\Local\Temp\divAD6D.tmp --------- 0
03.06.2011 22:56 C:\Users\Bobby\AppData\Local\Temp\v1y6tohx.bmp --------- 2658358
03.06.2011 19:53 C:\Users\Bobby\AppData\Local\Temp\WMPBurn --------- 0
03.06.2011 19:06 C:\Users\Bobby\AppData\Local\Temp\{878092d9-ded1-47c6-94c3-49591a1062c8} --------- 0
03.06.2011 11:39 C:\Users\Bobby\AppData\Local\Temp\wmsetup.log --------- 9454
01.06.2011 14:21 C:\Users\Bobby\AppData\Local\Temp\divC7FF.tmp --------- 0
31.05.2011 15:09 C:\Users\Bobby\AppData\Local\Temp\divC4C4.tmp --------- 0
31.05.2011 07:40 C:\Users\Bobby\AppData\Local\Temp\divD9E9.tmp --------- 0
31.05.2011 07:40 C:\Users\Bobby\AppData\Local\Temp\D93E.tmp --------- 311456
30.05.2011 23:14 C:\Users\Bobby\AppData\Local\Temp\plugtmp-112 --------- 0
30.05.2011 13:57 C:\Users\Bobby\AppData\Local\Temp\divE56E.tmp --------- 0
29.05.2011 22:08 C:\Users\Bobby\AppData\Local\Temp\plugtmp-111 --------- 0
29.05.2011 10:08 C:\Users\Bobby\AppData\Local\Temp\div888F.tmp --------- 0
28.05.2011 17:25 C:\Users\Bobby\AppData\Local\Temp\div6DEF.tmp --------- 0
28.05.2011 10:05 C:\Users\Bobby\AppData\Local\Temp\divC4A5.tmp --------- 0
28.05.2011 08:50 C:\Users\Bobby\AppData\Local\Temp\divBC3C.tmp --------- 0
27.05.2011 15:49 C:\Users\Bobby\AppData\Local\Temp\96v48yo6.bmp --------- 360054
27.05.2011 15:47 C:\Users\Bobby\AppData\Local\Temp\0q4vc999.bmp --------- 490054
27.05.2011 15:37 C:\Users\Bobby\AppData\Local\Temp\9hmppxnd.bmp --------- 338966
27.05.2011 15:37 C:\Users\Bobby\AppData\Local\Temp\qjx11ow1.bmp --------- 338966
27.05.2011 13:24 C:\Users\Bobby\AppData\Local\Temp\divA1D.tmp --------- 0
26.05.2011 17:48 C:\Users\Bobby\AppData\Local\Temp\lil18E3.tmp --------- 1024
26.05.2011 17:48 C:\Users\Bobby\AppData\Local\Temp\lil18E2.tmp --------- 1024
26.05.2011 17:48 C:\Users\Bobby\AppData\Local\Temp\lil18E1.tmp --------- 1024
26.05.2011 17:45 C:\Users\Bobby\AppData\Local\Temp\j11x8704.bmp --------- 2527254
26.05.2011 13:16 C:\Users\Bobby\AppData\Local\Temp\divE916.tmp --------- 0
26.05.2011 07:48 C:\Users\Bobby\AppData\Local\Temp\divB98E.tmp --------- 0
25.05.2011 12:59 C:\Users\Bobby\AppData\Local\Temp\divC32F.tmp --------- 0
25.05.2011 07:23 C:\Users\Bobby\AppData\Local\Temp\divF71A.tmp --------- 0
24.05.2011 22:43 C:\Users\Bobby\AppData\Local\Temp\Nr.5 2011 Gruppe A Terme.doc --------- 30720
24.05.2011 10:04 C:\Users\Bobby\AppData\Local\Temp\divC206.tmp --------- 0
24.05.2011 10:04 C:\Users\Bobby\AppData\Local\Temp\C061.tmp --------- 311456
24.05.2011 02:50 C:\Users\Bobby\AppData\Local\Temp\plugtmp-110 --------- 0
23.05.2011 14:13 C:\Users\Bobby\AppData\Local\Temp\divD8F0.tmp --------- 0
22.05.2011 23:36 C:\Users\Bobby\AppData\Local\Temp\plugtmp-109 --------- 0
22.05.2011 22:41 C:\Users\Bobby\AppData\Local\Temp\Camera_Raw_6_4_updater.zip --------- 41445559
21.05.2011 08:50 C:\Users\Bobby\AppData\Local\Temp\divC59F.tmp --------- 0
20.05.2011 23:05 C:\Users\Bobby\AppData\Local\Temp\AgWPGPreview-5 --------- 0
20.05.2011 14:05 C:\Users\Bobby\AppData\Local\Temp\is3u9fc1.bmp --------- 2527254
20.05.2011 14:05 C:\Users\Bobby\AppData\Local\Temp\yum7l7tp.bmp --------- 2527254
20.05.2011 14:00 C:\Users\Bobby\AppData\Local\Temp\491tr5yu.bmp --------- 2527254
20.05.2011 13:53 C:\Users\Bobby\AppData\Local\Temp\divE214.tmp --------- 0
20.05.2011 08:05 C:\Users\Bobby\AppData\Local\Temp\divCABD.tmp --------- 0
19.05.2011 15:05 C:\Users\Bobby\AppData\Local\Temp\~DF2B585CB62C33CDFA.TMP --------- 65536
19.05.2011 15:05 C:\Users\Bobby\AppData\Local\Temp\~DF3831D231A88EB7A7.TMP --------- 65536
19.05.2011 15:04 C:\Users\Bobby\AppData\Local\Temp\~DFA0C079AEE2A7B264.TMP --------- 65536
19.05.2011 15:04 C:\Users\Bobby\AppData\Local\Temp\~DF545ABCB431349BBD.TMP --------- 65536
19.05.2011 15:04 C:\Users\Bobby\AppData\Local\Temp\~DFEB64DA3A671A0E45.TMP --------- 65536
19.05.2011 15:04 C:\Users\Bobby\AppData\Local\Temp\~DF2B5F1241BC483371.TMP --------- 65536
19.05.2011 15:04 C:\Users\Bobby\AppData\Local\Temp\~DFC67199F88E802E75.TMP --------- 65536
19.05.2011 13:17 C:\Users\Bobby\AppData\Local\Temp\divD73B.tmp --------- 0
18.05.2011 20:01 C:\Users\Bobby\AppData\Local\Temp\div1B6C.tmp --------- 0
18.05.2011 12:27 C:\Users\Bobby\AppData\Local\Temp\div25C8.tmp --------- 0
17.05.2011 21:39 C:\Users\Bobby\AppData\Local\Temp\AgWPGPreview-4 --------- 0
17.05.2011 17:44 C:\Users\Bobby\AppData\Local\Temp\plugtmp-108 --------- 0
17.05.2011 07:15 C:\Users\Bobby\AppData\Local\Temp\divD815.tmp --------- 0
17.05.2011 07:15 C:\Users\Bobby\AppData\Local\Temp\D5F3.tmp --------- 311456
16.05.2011 18:17 C:\Users\Bobby\AppData\Local\Temp\lilA180.tmp --------- 1024
16.05.2011 18:17 C:\Users\Bobby\AppData\Local\Temp\lilA17E.tmp --------- 1024
16.05.2011 18:17 C:\Users\Bobby\AppData\Local\Temp\lilA17F.tmp --------- 1024
16.05.2011 17:18 C:\Users\Bobby\AppData\Local\Temp\lil1F36.tmp --------- 1024
16.05.2011 17:18 C:\Users\Bobby\AppData\Local\Temp\lil1F35.tmp --------- 1024
16.05.2011 17:18 C:\Users\Bobby\AppData\Local\Temp\lil1F34.tmp --------- 1024
16.05.2011 16:36 C:\Users\Bobby\AppData\Local\Temp\div2EC.tmp --------- 0
15.05.2011 19:33 C:\Users\Bobby\AppData\Local\Temp\plugtmp-107 --------- 0
14.05.2011 09:13 C:\Users\Bobby\AppData\Local\Temp\div6344.tmp --------- 0
13.05.2011 15:58 C:\Users\Bobby\AppData\Local\Temp\15cgayss.bmp --------- 2527254
13.05.2011 15:58 C:\Users\Bobby\AppData\Local\Temp\lrv7xkh5.bmp --------- 2511654
13.05.2011 15:38 C:\Users\Bobby\AppData\Local\Temp\qmctzy1v.bmp --------- 2535054
13.05.2011 15:38 C:\Users\Bobby\AppData\Local\Temp\a8vluszf.bmp --------- 2527254
13.05.2011 14:21 C:\Users\Bobby\AppData\Local\Temp\divCA11.tmp --------- 0
13.05.2011 08:18 C:\Users\Bobby\AppData\Local\Temp\divCB3A.tmp --------- 0
12.05.2011 14:43 C:\Users\Bobby\AppData\Local\Temp\divC199.tmp --------- 0
11.05.2011 14:18 C:\Users\Bobby\AppData\Local\Temp\0l55va3y.bmp --------- 2535054
11.05.2011 14:17 C:\Users\Bobby\AppData\Local\Temp\d2gapz4x.bmp --------- 2535054
11.05.2011 13:43 C:\Users\Bobby\AppData\Local\Temp\divD21D.tmp --------- 0
10.05.2011 15:55 C:\Users\Bobby\AppData\Local\Temp\divFA55.tmp --------- 0
10.05.2011 08:00 C:\Users\Bobby\AppData\Local\Temp\divC8D9.tmp --------- 0
09.05.2011 12:55 C:\Users\Bobby\AppData\Local\Temp\divE732.tmp --------- 0
09.05.2011 12:55 C:\Users\Bobby\AppData\Local\Temp\E30D.tmp --------- 311456
09.05.2011 07:16 C:\Users\Bobby\AppData\Local\Temp\divCFAD.tmp --------- 0
08.05.2011 10:34 C:\Users\Bobby\AppData\Local\Temp\divCEB3.tmp --------- 0
07.05.2011 21:26 C:\Users\Bobby\AppData\Local\Temp\9fhdzzc2.bmp --------- 2707510
07.05.2011 08:41 C:\Users\Bobby\AppData\Local\Temp\divF7B6.tmp --------- 0
06.05.2011 16:34 C:\Users\Bobby\AppData\Local\Temp\div7B27.tmp --------- 0
04.05.2011 12:35 C:\Users\Bobby\AppData\Local\Temp\divCA9E.tmp --------- 0
04.05.2011 07:51 C:\Users\Bobby\AppData\Local\Temp\div758C.tmp --------- 0
03.05.2011 16:08 C:\Users\Bobby\AppData\Local\Temp\divDB8F.tmp --------- 0
03.05.2011 08:18 C:\Users\Bobby\AppData\Local\Temp\divD316.tmp --------- 0
02.05.2011 12:46 C:\Users\Bobby\AppData\Local\Temp\div532E.tmp --------- 0
02.05.2011 12:37 C:\Users\Bobby\AppData\Local\Temp\div28E3.tmp --------- 0
02.05.2011 12:37 C:\Users\Bobby\AppData\Local\Temp\27BB.tmp --------- 311456
01.05.2011 21:42 C:\Users\Bobby\AppData\Local\Temp\91hqa8b3.bmp --------- 2527254
01.05.2011 21:41 C:\Users\Bobby\AppData\Local\Temp\jysolvwd.bmp --------- 2527254
01.05.2011 20:14 C:\Users\Bobby\AppData\Local\Temp\div4173.tmp --------- 0
24.04.2011 07:00 C:\Users\Bobby\AppData\Local\Temp\divAE8.tmp --------- 0
23.04.2011 18:29 C:\Users\Bobby\AppData\Local\Temp\csxs-FWKS.log --------- 4416
23.04.2011 16:41 C:\Users\Bobby\AppData\Local\Temp\divD00A.tmp --------- 0
23.04.2011 12:39 C:\Users\Bobby\AppData\Local\Temp\{91bfae24-0308-408b-8168-480b60f3d901} --------- 0
23.04.2011 12:37 C:\Users\Bobby\AppData\Local\Temp\DMIF2C.tmp --------- 0
23.04.2011 12:24 C:\Users\Bobby\AppData\Local\Temp\divDF94.tmp --------- 0
22.04.2011 23:24 C:\Users\Bobby\AppData\Local\Temp\_ptgtmp_YQUHCF.mov --------- 273225
22.04.2011 23:24 C:\Users\Bobby\AppData\Local\Temp\_ptgtmp_E9DOW0.mov --------- 273225
22.04.2011 10:11 C:\Users\Bobby\AppData\Local\Temp\divC38C.tmp --------- 0
21.04.2011 22:35 C:\Users\Bobby\AppData\Local\Temp\{4e4d3a52-8d9f-48d5-9381-e22a2c333d2b} --------- 0
21.04.2011 22:35 C:\Users\Bobby\AppData\Local\Temp\{9132091C-5680-49F7-8B11-18DC2680A12A} --------- 0
21.04.2011 11:16 C:\Users\Bobby\AppData\Local\Temp\divEDF6.tmp --------- 0
20.04.2011 09:09 C:\Users\Bobby\AppData\Local\Temp\div9923.tmp --------- 0
20.04.2011 09:09 C:\Users\Bobby\AppData\Local\Temp\94B0.tmp --------- 311456
19.04.2011 11:13 C:\Users\Bobby\AppData\Local\Temp\div9D76.tmp --------- 0
19.04.2011 01:10 C:\Users\Bobby\AppData\Local\Temp\plugtmp-106 --------- 0
18.04.2011 23:03 C:\Users\Bobby\AppData\Local\Temp\~DF95F8164ADCAB3FC4.TMP --------- 65536
18.04.2011 23:03 C:\Users\Bobby\AppData\Local\Temp\~DF1068F4B52843AC00.TMP --------- 65536
18.04.2011 23:03 C:\Users\Bobby\AppData\Local\Temp\~DF19A2FD907BE0C49D.TMP --------- 65536
18.04.2011 23:02 C:\Users\Bobby\AppData\Local\Temp\~DF1C6FD36F3689D60B.TMP --------- 65536
18.04.2011 23:02 C:\Users\Bobby\AppData\Local\Temp\~DFC58D544064D60E8D.TMP --------- 65536
18.04.2011 23:02 C:\Users\Bobby\AppData\Local\Temp\~DF701C264CBCC21334.TMP --------- 65536
18.04.2011 23:01 C:\Users\Bobby\AppData\Local\Temp\~DF4140840549921A85.TMP --------- 65536
18.04.2011 23:01 C:\Users\Bobby\AppData\Local\Temp\~DF07A3421D07BDB9B7.TMP --------- 65536
18.04.2011 23:01 C:\Users\Bobby\AppData\Local\Temp\~DFFE122F30CF2E1695.TMP --------- 65536
18.04.2011 23:01 C:\Users\Bobby\AppData\Local\Temp\~DF00D49619EC072078.TMP --------- 65536
18.04.2011 23:01 C:\Users\Bobby\AppData\Local\Temp\~DF14DD2C101251B4F7.TMP --------- 65536
18.04.2011 23:01 C:\Users\Bobby\AppData\Local\Temp\~DFAC554F329A174959.TMP --------- 65536
18.04.2011 23:00 C:\Users\Bobby\AppData\Local\Temp\~DFFDD8696B302E9EFE.TMP --------- 65536
18.04.2011 23:00 C:\Users\Bobby\AppData\Local\Temp\~DFF6D4264C78AF2784.TMP --------- 65536
18.04.2011 23:00 C:\Users\Bobby\AppData\Local\Temp\~DF5CA6473DE426F878.TMP --------- 65536
18.04.2011 23:00 C:\Users\Bobby\AppData\Local\Temp\~DF9496088BB28F760B.TMP --------- 65536
18.04.2011 23:00 C:\Users\Bobby\AppData\Local\Temp\~DF6E015B7B00E2A09C.TMP --------- 65536
18.04.2011 22:59 C:\Users\Bobby\AppData\Local\Temp\~DF9E90B43734F591F9.TMP --------- 65536
18.04.2011 22:58 C:\Users\Bobby\AppData\Local\Temp\~DFCBA471A45D063A9A.TMP --------- 65536
18.04.2011 22:58 C:\Users\Bobby\AppData\Local\Temp\~DF34DEC2E26BBAF763.TMP --------- 65536
18.04.2011 22:58 C:\Users\Bobby\AppData\Local\Temp\~DF5627D88931C0AD96.TMP --------- 65536
18.04.2011 22:58 C:\Users\Bobby\AppData\Local\Temp\~DF8A80F4F4D2979205.TMP --------- 65536
18.04.2011 22:57 C:\Users\Bobby\AppData\Local\Temp\~DF982223ABC98B1057.TMP --------- 65536
18.04.2011 22:57 C:\Users\Bobby\AppData\Local\Temp\~DF6DC5A5E3F8B6E598.TMP --------- 65536
18.04.2011 22:57 C:\Users\Bobby\AppData\Local\Temp\~DFF9DDAB890EF7DD1B.TMP --------- 65536
18.04.2011 22:57 C:\Users\Bobby\AppData\Local\Temp\~DF152C9D376F1E09CE.TMP --------- 65536
18.04.2011 22:57 C:\Users\Bobby\AppData\Local\Temp\~DF183BDEBD32CF0254.TMP --------- 65536
18.04.2011 22:56 C:\Users\Bobby\AppData\Local\Temp\~DFE1DF194E9FC3C92A.TMP --------- 65536
18.04.2011 22:56 C:\Users\Bobby\AppData\Local\Temp\~DFD91EA8D7CE8CDDE9.TMP --------- 65536
18.04.2011 22:56 C:\Users\Bobby\AppData\Local\Temp\~DFD0848654B8D5C46B.TMP --------- 65536
18.04.2011 22:56 C:\Users\Bobby\AppData\Local\Temp\~DF9C29B63E06952FE8.TMP --------- 65536
18.04.2011 22:56 C:\Users\Bobby\AppData\Local\Temp\~DF3E059682889392B1.TMP --------- 65536
18.04.2011 22:55 C:\Users\Bobby\AppData\Local\Temp\~DFDE15423ACDA4C374.TMP --------- 65536
18.04.2011 22:55 C:\Users\Bobby\AppData\Local\Temp\~DF96D6C23E11EC9FFA.TMP --------- 65536
18.04.2011 22:55 C:\Users\Bobby\AppData\Local\Temp\~DF78D0554C286BDC41.TMP --------- 65536
18.04.2011 22:54 C:\Users\Bobby\AppData\Local\Temp\~DF1BC796CEB59E89C1.TMP --------- 65536
18.04.2011 22:54 C:\Users\Bobby\AppData\Local\Temp\~DFA15A1DE365AB921D.TMP --------- 65536
18.04.2011 22:54 C:\Users\Bobby\AppData\Local\Temp\~DF3CE1054D9DC5B000.TMP --------- 65536
18.04.2011 22:53 C:\Users\Bobby\AppData\Local\Temp\~DFD564829216B6AE1F.TMP --------- 65536
18.04.2011 22:53 C:\Users\Bobby\AppData\Local\Temp\~DFD88FF732389FDC98.TMP --------- 65536
18.04.2011 22:53 C:\Users\Bobby\AppData\Local\Temp\~DFF77BB8615353C9A7.TMP --------- 65536
18.04.2011 22:53 C:\Users\Bobby\AppData\Local\Temp\~DF72F956F85E6C7800.TMP --------- 65536
18.04.2011 22:53 C:\Users\Bobby\AppData\Local\Temp\~DF0E762EA73AD71559.TMP --------- 65536
18.04.2011 22:53 C:\Users\Bobby\AppData\Local\Temp\~DF827590CEC273230E.TMP --------- 65536
18.04.2011 22:53 C:\Users\Bobby\AppData\Local\Temp\~DF2016E319D184EB96.TMP --------- 65536
18.04.2011 22:53 C:\Users\Bobby\AppData\Local\Temp\~DF784DDA2CB4EAE068.TMP --------- 65536
18.04.2011 22:52 C:\Users\Bobby\AppData\Local\Temp\~DFA8883899C04BB287.TMP --------- 65536
18.04.2011 22:52 C:\Users\Bobby\AppData\Local\Temp\~DF5114C99A4CB1A3C6.TMP --------- 65536
18.04.2011 22:52 C:\Users\Bobby\AppData\Local\Temp\~DF2921CA94E137D942.TMP --------- 65536
18.04.2011 22:52 C:\Users\Bobby\AppData\Local\Temp\~DF1615B03F04F5D4BE.TMP --------- 65536
18.04.2011 22:52 C:\Users\Bobby\AppData\Local\Temp\~DF734B691465484767.TMP --------- 65536
18.04.2011 22:52 C:\Users\Bobby\AppData\Local\Temp\~DFD13582BC4F1AA93B.TMP --------- 65536
18.04.2011 22:51 C:\Users\Bobby\AppData\Local\Temp\~DF80D321B8F25D498F.TMP --------- 65536
18.04.2011 22:51 C:\Users\Bobby\AppData\Local\Temp\~DF8F246CB36D623958.TMP --------- 65536
18.04.2011 22:51 C:\Users\Bobby\AppData\Local\Temp\~DF8E59713FD944AB31.TMP --------- 65536
18.04.2011 22:51 C:\Users\Bobby\AppData\Local\Temp\~DF815844FBCEBF82BF.TMP --------- 65536
18.04.2011 22:51 C:\Users\Bobby\AppData\Local\Temp\~DFF25931431944B5C0.TMP --------- 65536
18.04.2011 22:51 C:\Users\Bobby\AppData\Local\Temp\~DF1FD3B681A0015FE4.TMP --------- 65536
18.04.2011 22:50 C:\Users\Bobby\AppData\Local\Temp\~DFC1C41D5EF271B071.TMP --------- 65536
18.04.2011 22:50 C:\Users\Bobby\AppData\Local\Temp\~DF28992E7F5C4AF36D.TMP --------- 65536
18.04.2011 22:50 C:\Users\Bobby\AppData\Local\Temp\~DF7660D9B9CF2ED34E.TMP --------- 65536
18.04.2011 22:49 C:\Users\Bobby\AppData\Local\Temp\~DF5A7D2E39B2EE85A6.TMP --------- 65536
18.04.2011 22:48 C:\Users\Bobby\AppData\Local\Temp\~DF3954E5612050E6F8.TMP --------- 65536
18.04.2011 22:47 C:\Users\Bobby\AppData\Local\Temp\~DFD034CEAC17069BF3.TMP --------- 65536
18.04.2011 22:46 C:\Users\Bobby\AppData\Local\Temp\~DF0EA7ECB0BD9A27BE.TMP --------- 65536
18.04.2011 22:46 C:\Users\Bobby\AppData\Local\Temp\~DF4534317D9AD907E1.TMP --------- 65536
18.04.2011 22:45 C:\Users\Bobby\AppData\Local\Temp\~DF4D7A77B4AB52FD61.TMP --------- 65536
18.04.2011 22:45 C:\Users\Bobby\AppData\Local\Temp\~DFAA13593098A83B6B.TMP --------- 65536
18.04.2011 22:23 C:\Users\Bobby\AppData\Local\Temp\WZSE0.TMP --------- 0
18.04.2011 11:19 C:\Users\Bobby\AppData\Local\Temp\divF9D8.tmp --------- 0
18.04.2011 02:35 C:\Users\Bobby\AppData\Local\Temp\dd_vcredistUI3BEC.txt --------- 13038
18.04.2011 02:22 C:\Users\Bobby\AppData\Local\Temp\{f90eacf4-d5dd-4f0d-bf15-e63c76a88cc5} --------- 0
18.04.2011 02:07 C:\Users\Bobby\AppData\Local\Temp\plugtmp-105 --------- 0
18.04.2011 00:52 C:\Users\Bobby\AppData\Local\Temp\msdt --------- 0
17.04.2011 12:49 C:\Users\Bobby\AppData\Local\Temp\divC5CD.tmp --------- 0
16.04.2011 11:09 C:\Users\Bobby\AppData\Local\Temp\divE751.tmp --------- 0
15.04.2011 11:12 C:\Users\Bobby\AppData\Local\Temp\divF2F5.tmp --------- 0
15.04.2011 07:16 C:\Users\Bobby\AppData\Local\Temp\div260.tmp --------- 0
14.04.2011 07:23 C:\Users\Bobby\AppData\Local\Temp\divD2A9.tmp --------- 0
13.04.2011 12:51 C:\Users\Bobby\AppData\Local\Temp\div71A6.tmp --------- 0
12.04.2011 16:37 C:\Users\Bobby\AppData\Local\Temp\div1F23.tmp --------- 0
11.04.2011 23:02 C:\Users\Bobby\AppData\Local\Temp\divD364.tmp --------- 0
11.04.2011 16:26 C:\Users\Bobby\AppData\Local\Temp\divCD4C.tmp --------- 0
11.04.2011 07:02 C:\Users\Bobby\AppData\Local\Temp\divA6B9.tmp --------- 0
10.04.2011 14:59 C:\Users\Bobby\AppData\Local\Temp\plugtmp-104 --------- 0
10.04.2011 14:07 C:\Users\Bobby\AppData\Local\Temp\modB796.tmp --------- 222
10.04.2011 14:07 C:\Users\Bobby\AppData\Local\Temp\modB5C1.tmp --------- 0
10.04.2011 14:07 C:\Users\Bobby\AppData\Local\Temp\mod9D11.tmp --------- 5
10.04.2011 09:52 C:\Users\Bobby\AppData\Local\Temp\div3F6.tmp --------- 0
09.04.2011 09:21 C:\Users\Bobby\AppData\Local\Temp\div1296.tmp --------- 0
08.04.2011 18:28 C:\Users\Bobby\AppData\Local\Temp\divD0E5.tmp --------- 0
06.04.2011 14:15 C:\Users\Bobby\AppData\Local\Temp\div36D9.tmp --------- 0
05.04.2011 15:50 C:\Users\Bobby\AppData\Local\Temp\divF1BD.tmp --------- 0
04.04.2011 08:00 C:\Users\Bobby\AppData\Local\Temp\divCF01.tmp --------- 0
03.04.2011 08:06 C:\Users\Bobby\AppData\Local\Temp\div146A.tmp --------- 0
02.04.2011 19:59 C:\Users\Bobby\AppData\Local\Temp\AgWPGExport-4 --------- 0
02.04.2011 09:52 C:\Users\Bobby\AppData\Local\Temp\divC725.tmp --------- 0
01.04.2011 13:48 C:\Users\Bobby\AppData\Local\Temp\divD577.tmp --------- 0
01.04.2011 07:05 C:\Users\Bobby\AppData\Local\Temp\divE252.tmp --------- 0
31.03.2011 13:41 C:\Users\Bobby\AppData\Local\Temp\divC0CE.tmp --------- 0
29.03.2011 20:21 C:\Users\Bobby\AppData\Local\Temp\div8F34.tmp --------- 0
29.03.2011 18:51 C:\Users\Bobby\AppData\Local\Temp\plugtmp-103 --------- 0
29.03.2011 09:20 C:\Users\Bobby\AppData\Local\Temp\divBC5B.tmp --------- 0
29.03.2011 00:34 C:\Users\Bobby\AppData\Local\Temp\divBCD8.tmp --------- 0
28.03.2011 16:23 C:\Users\Bobby\AppData\Local\Temp\CVR5C87.tmp.cvr --------- 1112
28.03.2011 16:23 C:\Users\Bobby\AppData\Local\Temp\20536455.od --------- 134
28.03.2011 10:42 C:\Users\Bobby\AppData\Local\Temp\div176.tmp --------- 0
27.03.2011 11:03 C:\Users\Bobby\AppData\Local\Temp\plugtmp-102 --------- 0
27.03.2011 06:39 C:\Users\Bobby\AppData\Local\Temp\modB31C.tmp --------- 222
27.03.2011 06:39 C:\Users\Bobby\AppData\Local\Temp\modAFBF.tmp --------- 5
27.03.2011 05:52 C:\Users\Bobby\AppData\Local\Temp\div7A4D.tmp --------- 0
26.03.2011 09:45 C:\Users\Bobby\AppData\Local\Temp\{4b7475cf-2a56-40be-97ed-8375f8a4883c} --------- 0
25.03.2011 14:37 C:\Users\Bobby\AppData\Local\Temp\divCE65.tmp --------- 0
25.03.2011 08:18 C:\Users\Bobby\AppData\Local\Temp\divDEBA.tmp --------- 0
24.03.2011 14:34 C:\Users\Bobby\AppData\Local\Temp\14D7.tmp --------- 311456
24.03.2011 14:30 C:\Users\Bobby\AppData\Local\Temp\divCC62.tmp --------- 0
24.03.2011 08:25 C:\Users\Bobby\AppData\Local\Temp\div7619.tmp --------- 0
23.03.2011 13:45 C:\Users\Bobby\AppData\Local\Temp\divC419.tmp --------- 0
22.03.2011 18:02 C:\Users\Bobby\AppData\Local\Temp\lil5BD5.tmp --------- 1024
22.03.2011 18:02 C:\Users\Bobby\AppData\Local\Temp\lil5BD7.tmp --------- 1024
22.03.2011 18:02 C:\Users\Bobby\AppData\Local\Temp\lil5BD6.tmp --------- 1024
22.03.2011 17:34 C:\Users\Bobby\AppData\Local\Temp\divBCC9.tmp --------- 0
22.03.2011 08:59 C:\Users\Bobby\AppData\Local\Temp\divC9A4.tmp --------- 0
21.03.2011 14:55 C:\Users\Bobby\AppData\Local\Temp\divB0D7.tmp --------- 0
20.03.2011 21:52 C:\Users\Bobby\AppData\Local\Temp\plugtmp-101 --------- 0
20.03.2011 18:56 C:\Users\Bobby\AppData\Local\Temp\dsc02611.jpg --------- 309892
20.03.2011 11:14 C:\Users\Bobby\AppData\Local\Temp\divC7E0.tmp --------- 0
19.03.2011 00:34 C:\Users\Bobby\AppData\Local\Temp\drm_dyndata_7370014.dll --------- 204800
18.03.2011 17:30 C:\Users\Bobby\AppData\Local\Temp\div56D6.tmp --------- 0
18.03.2011 08:13 C:\Users\Bobby\AppData\Local\Temp\divB357.tmp --------- 0
17.03.2011 23:45 C:\Users\Bobby\AppData\Local\Temp\Crysis_Data_DFE --------- 0
17.03.2011 14:58 C:\Users\Bobby\AppData\Local\Temp\divE9E2.tmp --------- 0
16.03.2011 15:13 C:\Users\Bobby\AppData\Local\Temp\lil8813.tmp --------- 1024
16.03.2011 15:13 C:\Users\Bobby\AppData\Local\Temp\lil8815.tmp --------- 1024
16.03.2011 15:13 C:\Users\Bobby\AppData\Local\Temp\lil8814.tmp --------- 1024
16.03.2011 15:12 C:\Users\Bobby\AppData\Local\Temp\pf7mrqdi.bmp --------- 2527254
16.03.2011 14:42 C:\Users\Bobby\AppData\Local\Temp\divBBEE.tmp --------- 0
15.03.2011 09:01 C:\Users\Bobby\AppData\Local\Temp\divA9A.tmp --------- 0
14.03.2011 15:42 C:\Users\Bobby\AppData\Local\Temp\Physik.pdf --------- 188732
14.03.2011 14:50 C:\Users\Bobby\AppData\Local\Temp\divB3E3.tmp --------- 0
13.03.2011 12:35 C:\Users\Bobby\AppData\Local\Temp\ajdnt159.bmp --------- 2535054
13.03.2011 12:35 C:\Users\Bobby\AppData\Local\Temp\xhxmzrbi.bmp --------- 2535054
13.03.2011 10:54 C:\Users\Bobby\AppData\Local\Temp\divCCC0.tmp --------- 0
11.03.2011 15:55 C:\Users\Bobby\AppData\Local\Temp\Low --------- 0
11.03.2011 15:54 C:\Users\Bobby\AppData\Local\Temp\{1360FCC8-F20B-456B-B0BF-558599BAB84B} --------- 0
11.03.2011 15:53 C:\Users\Bobby\AppData\Local\Temp\ABD2BC~1.exe --------- 13942392
11.03.2011 15:49 C:\Users\Bobby\AppData\Local\Temp\install_log.log --------- 97
11.03.2011 15:49 C:\Users\Bobby\AppData\Local\Temp\ASKSUTBLOG --------- 577516
11.03.2011 15:49 C:\Users\Bobby\AppData\Local\Temp\AskSearch --------- 0
11.03.2011 15:49 C:\Users\Bobby\AppData\Local\Temp\asktoolbar.exe --------- 3056008
11.03.2011 15:35 C:\Users\Bobby\AppData\Local\Temp\plugtmp-100 --------- 0
11.03.2011 14:47 C:\Users\Bobby\AppData\Local\Temp\div72CE.tmp --------- 0
10.03.2011 16:23 C:\Users\Bobby\AppData\Local\Temp\hug00gab.bmp --------- 2527254
09.03.2011 17:17 C:\Users\Bobby\AppData\Local\Temp\vf9lqz93.bmp --------- 2535054
09.03.2011 17:17 C:\Users\Bobby\AppData\Local\Temp\bhkxuqiz.bmp --------- 2535054
09.03.2011 16:29 C:\Users\Bobby\AppData\Local\Temp\divECFC.tmp --------- 0
08.03.2011 10:33 C:\Users\Bobby\AppData\Local\Temp\divC7B1.tmp --------- 0
07.03.2011 21:11 C:\Users\Bobby\AppData\Local\Temp\lilC126.tmp --------- 1024
07.03.2011 21:11 C:\Users\Bobby\AppData\Local\Temp\lilC127.tmp --------- 1024
07.03.2011 21:11 C:\Users\Bobby\AppData\Local\Temp\lilC128.tmp --------- 1024
07.03.2011 12:29 C:\Users\Bobby\AppData\Local\Temp\divB911.tmp --------- 0
07.03.2011 02:55 C:\Users\Bobby\AppData\Local\Temp\plugtmp-99 --------- 0
05.03.2011 15:15 C:\Users\Bobby\AppData\Local\Temp\jar_cache8171993878998625847.tmp --------- 2072
05.03.2011 15:15 C:\Users\Bobby\AppData\Local\Temp\jar_cache4014947311916248137.tmp --------- 2090
05.03.2011 15:15 C:\Users\Bobby\AppData\Local\Temp\jar_cache3349591570023605088.tmp --------- 680
05.03.2011 15:15 C:\Users\Bobby\AppData\Local\Temp\jar_cache4660682444806686113.tmp --------- 615
05.03.2011 15:15 C:\Users\Bobby\AppData\Local\Temp\jar_cache3155793434132994394.tmp --------- 3882
05.03.2011 15:15 C:\Users\Bobby\AppData\Local\Temp\jar_cache1969089545928637399.tmp --------- 812
05.03.2011 15:15 C:\Users\Bobby\AppData\Local\Temp\jar_cache5987301515182237507.tmp --------- 544
05.03.2011 15:15 C:\Users\Bobby\AppData\Local\Temp\jar_cache7554853357832164262.tmp --------- 504
05.03.2011 15:15 C:\Users\Bobby\AppData\Local\Temp\jar_cache1715255751171785905.tmp --------- 473
05.03.2011 09:12 C:\Users\Bobby\AppData\Local\Temp\divADEA.tmp --------- 0
03.03.2011 08:04 C:\Users\Bobby\AppData\Local\Temp\divA68B.tmp --------- 0
02.03.2011 22:59 C:\Users\Bobby\AppData\Local\Temp\scoped_dir3430 --------- 0
02.03.2011 22:59 C:\Users\Bobby\AppData\Local\Temp\scoped_dir3539 --------- 0
02.03.2011 13:29 C:\Users\Bobby\AppData\Local\Temp\div1DCC.tmp --------- 0
01.03.2011 21:48 C:\Users\Bobby\AppData\Local\Temp\{CDC50364-CF22-4140-9D07-72766CE3842B} --------- 0
01.03.2011 21:48 C:\Users\Bobby\AppData\Local\Temp\{093FE826-BE47-4C84-88C2-7F6E8E45DC3F} --------- 0
01.03.2011 21:48 C:\Users\Bobby\AppData\Local\Temp\{359FCAA7-B544-4147-AE3B-8C8A526E2427}.log --------- 1869
01.03.2011 21:45 C:\Users\Bobby\AppData\Local\Temp\MSI93730.LOG --------- 775246
01.03.2011 18:05 C:\Users\Bobby\AppData\Local\Temp\ijg9opnv.bmp --------- 2527254
01.03.2011 18:05 C:\Users\Bobby\AppData\Local\Temp\izacw3u3.bmp --------- 2527254
01.03.2011 17:46 C:\Users\Bobby\AppData\Local\Temp\div8E4B.tmp --------- 0
01.03.2011 08:57 C:\Users\Bobby\AppData\Local\Temp\divD690.tmp --------- 0
28.02.2011 14:23 C:\Users\Bobby\AppData\Local\Temp\div9415.tmp --------- 0
26.02.2011 10:41 C:\Users\Bobby\AppData\Local\Temp\div20D8.tmp --------- 0
23.02.2011 17:53 C:\Users\Bobby\AppData\Local\Temp\014yneep.bmp --------- 2527254
23.02.2011 17:52 C:\Users\Bobby\AppData\Local\Temp\qkw4b60f.bmp --------- 2527254
23.02.2011 17:52 C:\Users\Bobby\AppData\Local\Temp\fe7onxia.bmp --------- 2535054
23.02.2011 17:52 C:\Users\Bobby\AppData\Local\Temp\z0qgak7n.bmp --------- 2535054
23.02.2011 17:34 C:\Users\Bobby\AppData\Local\Temp\divE8C8.tmp --------- 0
22.02.2011 17:05 C:\Users\Bobby\AppData\Local\Temp\divFA74.tmp --------- 0
22.02.2011 08:27 C:\Users\Bobby\AppData\Local\Temp\div29FC.tmp --------- 0
20.02.2011 13:43 C:\Users\Bobby\AppData\Local\Temp\div5263.tmp --------- 0
20.02.2011 03:48 C:\Users\Bobby\AppData\Local\Temp\plugtmp-98 --------- 0
19.02.2011 23:19 C:\Users\Bobby\AppData\Local\Temp\div91E2.tmp --------- 0
19.02.2011 23:16 C:\Users\Bobby\AppData\Local\Temp\mod757A.tmp --------- 222
19.02.2011 23:16 C:\Users\Bobby\AppData\Local\Temp\mod6228.tmp --------- 0
19.02.2011 23:16 C:\Users\Bobby\AppData\Local\Temp\mod3982.tmp --------- 5
19.02.2011 18:59 C:\Users\Bobby\AppData\Local\Temp\plugtmp-97 --------- 0
19.02.2011 18:11 C:\Users\Bobby\AppData\Local\Temp\mod695F.tmp --------- 222
19.02.2011 18:11 C:\Users\Bobby\AppData\Local\Temp\mod6661.tmp --------- 0
19.02.2011 18:11 C:\Users\Bobby\AppData\Local\Temp\mod58F7.tmp --------- 5
19.02.2011 15:55 C:\Users\Bobby\AppData\Local\Temp\LPRealMathe-7.pdf --------- 240940
19.02.2011 15:55 C:\Users\Bobby\AppData\Local\Temp\lilD40.tmp --------- 1024
19.02.2011 15:55 C:\Users\Bobby\AppData\Local\Temp\lilD41.tmp --------- 1024
19.02.2011 15:55 C:\Users\Bobby\AppData\Local\Temp\lilD42.tmp --------- 1024
19.02.2011 15:54 C:\Users\Bobby\AppData\Local\Temp\LPRealMathe-6.pdf --------- 240940
19.02.2011 15:03 C:\Users\Bobby\AppData\Local\Temp\verkleinert.zip --------- 6460369
17.02.2011 19:43 C:\Users\Bobby\AppData\Local\Temp\lilB6CB.tmp --------- 1024
17.02.2011 19:43 C:\Users\Bobby\AppData\Local\Temp\lilB6C9.tmp --------- 1024
17.02.2011 19:43 C:\Users\Bobby\AppData\Local\Temp\lilB6CA.tmp --------- 1024
17.02.2011 19:36 C:\Users\Bobby\AppData\Local\Temp\i386 --------- 0
17.02.2011 19:36 C:\Users\Bobby\AppData\Local\Temp\amd64 --------- 0
17.02.2011 17:41 C:\Users\Bobby\AppData\Local\Temp\mod4ADA.tmp --------- 222
17.02.2011 17:41 C:\Users\Bobby\AppData\Local\Temp\mod477F.tmp --------- 0
17.02.2011 17:41 C:\Users\Bobby\AppData\Local\Temp\plugtmp-96 --------- 0
17.02.2011 17:41 C:\Users\Bobby\AppData\Local\Temp\modB3F5.tmp --------- 5
17.02.2011 15:03 C:\Users\Bobby\AppData\Local\Temp\divD27A.tmp --------- 0
17.02.2011 14:58 C:\Users\Bobby\AppData\Local\Temp\mod397A.tmp --------- 222
17.02.2011 14:58 C:\Users\Bobby\AppData\Local\Temp\mod3812.tmp --------- 0
17.02.2011 14:58 C:\Users\Bobby\AppData\Local\Temp\mod2FE6.tmp --------- 5
17.02.2011 14:42 C:\Users\Bobby\AppData\Local\Temp\plugtmp-95 --------- 0
17.02.2011 14:18 C:\Users\Bobby\AppData\Local\Temp\divABD8.tmp --------- 0
16.02.2011 13:48 C:\Users\Bobby\AppData\Local\Temp\sww7ipyr.bmp --------- 2527254
16.02.2011 13:48 C:\Users\Bobby\AppData\Local\Temp\cigr5jw3.bmp --------- 2527254
15.02.2011 23:24 C:\Users\Bobby\AppData\Local\Temp\73zd04d7.bmp --------- 2785334
14.02.2011 13:54 C:\Users\Bobby\AppData\Local\Temp\div4172.tmp --------- 0
14.02.2011 08:02 C:\Users\Bobby\AppData\Local\Temp\div8B2F.tmp --------- 0
13.02.2011 14:55 C:\Users\Bobby\AppData\Local\Temp\pjy6zhrm.bmp --------- 2492334
13.02.2011 14:55 C:\Users\Bobby\AppData\Local\Temp\8xhyubh6.bmp --------- 2492334
13.02.2011 14:55 C:\Users\Bobby\AppData\Local\Temp\98552bvm.bmp --------- 2492334
10.02.2011 14:55 C:\Users\Bobby\AppData\Local\Temp\div96B3.tmp --------- 0
09.02.2011 18:33 C:\Users\Bobby\AppData\Local\Temp\om9dr1fl.bmp --------- 2527254
09.02.2011 14:16 C:\Users\Bobby\AppData\Local\Temp\iard03vj.bmp --------- 184854
09.02.2011 14:16 C:\Users\Bobby\AppData\Local\Temp\sf23jpgt.bmp --------- 184854
09.02.2011 14:16 C:\Users\Bobby\AppData\Local\Temp\myosqyqn.bmp --------- 592470
09.02.2011 14:12 C:\Users\Bobby\AppData\Local\Temp\k2idfyeb.bmp --------- 75558
09.02.2011 14:09 C:\Users\Bobby\AppData\Local\Temp\lj23vwco.bmp --------- 115654
09.02.2011 14:09 C:\Users\Bobby\AppData\Local\Temp\p6yhlr70.bmp --------- 115654
09.02.2011 14:07 C:\Users\Bobby\AppData\Local\Temp\wbi0723e.bmp --------- 75558
09.02.2011 13:45 C:\Users\Bobby\AppData\Local\Temp\div8594.tmp --------- 0
07.02.2011 14:25 C:\Users\Bobby\AppData\Local\Temp\znwvaz75.bmp --------- 2535054
07.02.2011 14:25 C:\Users\Bobby\AppData\Local\Temp\c460co8c.bmp --------- 2535054
07.02.2011 14:24 C:\Users\Bobby\AppData\Local\Temp\34qzf81m.bmp --------- 2527254
07.02.2011 14:20 C:\Users\Bobby\AppData\Local\Temp\Physik-8.pdf --------- 188732
07.02.2011 14:17 C:\Users\Bobby\AppData\Local\Temp\div8989.tmp --------- 0
07.02.2011 14:00 C:\Users\Bobby\AppData\Local\Temp\mod3314.tmp --------- 222
07.02.2011 14:00 C:\Users\Bobby\AppData\Local\Temp\mod31CB.tmp --------- 0
07.02.2011 13:59 C:\Users\Bobby\AppData\Local\Temp\mod4E0.tmp --------- 5
07.02.2011 13:58 C:\Users\Bobby\AppData\Local\Temp\plugtmp-94 --------- 0
07.02.2011 13:50 C:\Users\Bobby\AppData\Local\Temp\divD97C.tmp --------- 0
07.02.2011 08:02 C:\Users\Bobby\AppData\Local\Temp\div8CD3.tmp --------- 0
07.02.2011 02:58 C:\Users\Bobby\AppData\Local\Temp\plugtmp-93 --------- 0
06.02.2011 17:28 C:\Users\Bobby\AppData\Local\Temp\jar_cache8561121234707686858.tmp --------- 3281
06.02.2011 17:22 C:\Users\Bobby\AppData\Local\Temp\plugtmp-92 --------- 0
06.02.2011 16:54 C:\Users\Bobby\AppData\Local\Temp\jar_cache792109186173697724.tmp --------- 3281
06.02.2011 14:03 C:\Users\Bobby\AppData\Local\Temp\ap8k0iqf.bmp --------- 2527254
06.02.2011 14:02 C:\Users\Bobby\AppData\Local\Temp\hnnpftmx.bmp --------- 2527254
06.02.2011 13:55 C:\Users\Bobby\AppData\Local\Temp\6g5r1jhf.bmp --------- 2492334
06.02.2011 13:55 C:\Users\Bobby\AppData\Local\Temp\q2oiwe6z.bmp --------- 2492334
06.02.2011 13:55 C:\Users\Bobby\AppData\Local\Temp\xpef5xo0.bmp --------- 2492334
06.02.2011 13:54 C:\Users\Bobby\AppData\Local\Temp\ug3ftmms.bmp --------- 2492334
06.02.2011 13:44 C:\Users\Bobby\AppData\Local\Temp\f78eg4i5.bmp --------- 2527254
06.02.2011 13:44 C:\Users\Bobby\AppData\Local\Temp\v9jqtwz0.bmp --------- 2527254
06.02.2011 13:25 C:\Users\Bobby\AppData\Local\Temp\aodhk4j8.bmp --------- 2535054
06.02.2011 13:20 C:\Users\Bobby\AppData\Local\Temp\ng6tighy.bmp --------- 2527254
06.02.2011 13:20 C:\Users\Bobby\AppData\Local\Temp\72qk5b7i.bmp --------- 2527254
06.02.2011 13:14 C:\Users\Bobby\AppData\Local\Temp\LPRealPhysik-11.pdf --------- 122376
06.02.2011 12:23 C:\Users\Bobby\AppData\Local\Temp\div8C38.tmp --------- 0
05.02.2011 10:56 C:\Users\Bobby\AppData\Local\Temp\divA11E.tmp --------- 0
04.02.2011 16:27 C:\Users\Bobby\AppData\Local\Temp\div93D5.tmp --------- 0
03.02.2011 22:51 C:\Users\Bobby\AppData\Local\Temp\jar_cache8942532094571866425.tmp --------- 3281
03.02.2011 22:51 C:\Users\Bobby\AppData\Local\Temp\plugtmp-91 --------- 0
03.02.2011 22:35 C:\Users\Bobby\AppData\Local\Temp\jar_cache7732426690710497269.tmp --------- 3281
03.02.2011 22:35 C:\Users\Bobby\AppData\Local\Temp\plugtmp-90 --------- 0
03.02.2011 15:04 C:\Users\Bobby\AppData\Local\Temp\div90F8.tmp --------- 0
02.02.2011 18:02 C:\Users\Bobby\AppData\Local\Temp\plugtmp-89 --------- 0
02.02.2011 15:48 C:\Users\Bobby\AppData\Local\Temp\k4nmim9j.bmp --------- 2527254
02.02.2011 15:48 C:\Users\Bobby\AppData\Local\Temp\rop4jed4.bmp --------- 2527254
02.02.2011 14:53 C:\Users\Bobby\AppData\Local\Temp\div1F90.tmp --------- 0
01.02.2011 17:35 C:\Users\Bobby\AppData\Local\Temp\div5ACC.tmp --------- 0
01.02.2011 08:31 C:\Users\Bobby\AppData\Local\Temp\div9617.tmp --------- 0
31.01.2011 13:48 C:\Users\Bobby\AppData\Local\Temp\div9CDA.tmp --------- 0
31.01.2011 08:04 C:\Users\Bobby\AppData\Local\Temp\div9D3A.tmp --------- 0
30.01.2011 11:31 C:\Users\Bobby\AppData\Local\Temp\plugtmp-88 --------- 0
30.01.2011 10:26 C:\Users\Bobby\AppData\Local\Temp\glc5xpgn.bmp --------- 2527254
30.01.2011 10:19 C:\Users\Bobby\AppData\Local\Temp\9gjbv366.bmp --------- 2527254
30.01.2011 10:19 C:\Users\Bobby\AppData\Local\Temp\9j7j23km.bmp --------- 2527254
30.01.2011 09:48 C:\Users\Bobby\AppData\Local\Temp\3dom98nu.bmp --------- 2535054
30.01.2011 09:47 C:\Users\Bobby\AppData\Local\Temp\gisvabv1.bmp --------- 2535054
30.01.2011 09:47 C:\Users\Bobby\AppData\Local\Temp\ao8nh6c3.bmp --------- 2527254
30.01.2011 09:37 C:\Users\Bobby\AppData\Local\Temp\LPRealPhysik-10.pdf --------- 122376
30.01.2011 09:29 C:\Users\Bobby\AppData\Local\Temp\divF881.tmp --------- 0
28.01.2011 05:52 C:\Users\Bobby\AppData\Local\Temp\div89E8.tmp --------- 0
27.01.2011 14:47 C:\Users\Bobby\AppData\Local\Temp\div9D67.tmp --------- 0
27.01.2011 08:13 C:\Users\Bobby\AppData\Local\Temp\div93A7.tmp --------- 0
26.01.2011 19:14 C:\Users\Bobby\AppData\Local\Temp\plugtmp-87 --------- 0
26.01.2011 16:53 C:\Users\Bobby\AppData\Local\Temp\8cfee7e2e9b5fbfde3c42c18d1f7f474-1.dlc --------- 2052
26.01.2011 16:51 C:\Users\Bobby\AppData\Local\Temp\8cfee7e2e9b5fbfde3c42c18d1f7f474.dlc --------- 2052
26.01.2011 08:21 C:\Users\Bobby\AppData\Local\Temp\div9201.tmp --------- 0
26.01.2011 01:24 C:\Users\Bobby\AppData\Local\Temp\plugtmp-86 --------- 0
25.01.2011 08:21 C:\Users\Bobby\AppData\Local\Temp\div9117.tmp --------- 0
25.01.2011 08:20 C:\Users\Bobby\AppData\Local\Temp\flaCAD0.tmp --------- 23723768
25.01.2011 08:18 C:\Users\Bobby\AppData\Local\Temp\plugtmp-85 --------- 0
25.01.2011 08:11 C:\Users\Bobby\AppData\Local\Temp\div8AC1.tmp --------- 0
24.01.2011 21:20 C:\Users\Bobby\AppData\Local\Temp\wrd19f001c.~lk --------- 0
24.01.2011 13:47 C:\Users\Bobby\AppData\Local\Temp\divABA9.tmp --------- 0
23.01.2011 23:45 C:\Users\Bobby\AppData\Local\Temp\plugtmp-84 --------- 0
23.01.2011 20:08 C:\Users\Bobby\AppData\Local\Temp\qas8iyz2.bmp --------- 2535054
23.01.2011 19:58 C:\Users\Bobby\AppData\Local\Temp\LPRealPhysik-9.pdf --------- 122376
23.01.2011 10:46 C:\Users\Bobby\AppData\Local\Temp\jar_cache8117172662727340902.tmp --------- 3882
23.01.2011 10:46 C:\Users\Bobby\AppData\Local\Temp\jar_cache5819852832921733065.tmp --------- 2072
23.01.2011 10:46 C:\Users\Bobby\AppData\Local\Temp\jar_cache3835340739506342440.tmp --------- 2090
23.01.2011 10:43 C:\Users\Bobby\AppData\Local\Temp\div9D39.tmp --------- 0
22.01.2011 11:07 C:\Users\Bobby\AppData\Local\Temp\wrd741590.~lk --------- 0
22.01.2011 09:00 C:\Users\Bobby\AppData\Local\Temp\div955C.tmp --------- 0
21.01.2011 08:11 C:\Users\Bobby\AppData\Local\Temp\div9684.tmp --------- 0
20.01.2011 13:08 C:\Users\Bobby\AppData\Local\Temp\wrda900d4.~lk --------- 0
20.01.2011 10:04 C:\Users\Bobby\AppData\Local\Temp\div4A1.tmp --------- 0
18.01.2011 18:57 C:\Users\Bobby\AppData\Local\Temp\div1776.tmp --------- 0
18.01.2011 08:53 C:\Users\Bobby\AppData\Local\Temp\div5F4E.tmp --------- 0
17.01.2011 18:11 C:\Users\Bobby\AppData\Local\Temp\csxs-DRWV.log --------- 4616
17.01.2011 08:16 C:\Users\Bobby\AppData\Local\Temp\divA8FB.tmp --------- 0
16.01.2011 23:35 C:\Users\Bobby\AppData\Local\Temp\xqnoljl5.bmp --------- 1967670
16.01.2011 23:29 C:\Users\Bobby\AppData\Local\Temp\qa6nbypf.bmp --------- 2803014
16.01.2011 17:02 C:\Users\Bobby\AppData\Local\Temp\8nxowxvl.bmp --------- 9830454
16.01.2011 15:13 C:\Users\Bobby\AppData\Local\Temp\csxs2-PHXS.log --------- 100
16.01.2011 12:59 C:\Users\Bobby\AppData\Local\Temp\zmucremi.bmp --------- 1449670
15.01.2011 10:45 C:\Users\Bobby\AppData\Local\Temp\div2E7E.tmp --------- 0
14.01.2011 08:21 C:\Users\Bobby\AppData\Local\Temp\div8B7D.tmp --------- 0
13.01.2011 15:36 C:\Users\Bobby\AppData\Local\Temp\o9xgg9le.bmp --------- 2527254
13.01.2011 15:34 C:\Users\Bobby\AppData\Local\Temp\vqnv2y2r.bmp --------- 2527254
13.01.2011 15:26 C:\Users\Bobby\AppData\Local\Temp\div8AE0.tmp --------- 0
12.01.2011 15:56 C:\Users\Bobby\AppData\Local\Temp\lk73w7ve.bmp --------- 2527254
12.01.2011 15:54 C:\Users\Bobby\AppData\Local\Temp\zov7rgul.bmp --------- 2527254
12.01.2011 08:13 C:\Users\Bobby\AppData\Local\Temp\div959B.tmp --------- 0
11.01.2011 17:08 C:\Users\Bobby\AppData\Local\Temp\div8583.tmp --------- 0
10.01.2011 15:28 C:\Users\Bobby\AppData\Local\Temp\div5B0A.tmp --------- 0
10.01.2011 08:14 C:\Users\Bobby\AppData\Local\Temp\div9858.tmp --------- 0
09.01.2011 22:54 C:\Users\Bobby\AppData\Local\Temp\plugtmp-83 --------- 0
09.01.2011 22:38 C:\Users\Bobby\AppData\Local\Temp\lightroombearbeitetkleiner.7z --------- 13185266
09.01.2011 21:09 C:\Users\Bobby\AppData\Local\Temp\dsc06645.jpg --------- 139275
09.01.2011 14:01 C:\Users\Bobby\AppData\Local\Temp\LPRealPhysik-8.pdf --------- 122376
08.01.2011 21:41 C:\Users\Bobby\AppData\Local\Temp\wrd21303d4.~lk --------- 0
08.01.2011 12:01 C:\Users\Bobby\AppData\Local\Temp\div5BA6.tmp --------- 0
08.01.2011 01:23 C:\Users\Bobby\AppData\Local\Temp\Temp2 --------- 0
07.01.2011 11:42 C:\Users\Bobby\AppData\Local\Temp\div8027.tmp --------- 0
06.01.2011 11:29 C:\Users\Bobby\AppData\Local\Temp\div9423.tmp --------- 0
06.01.2011 02:44 C:\Users\Bobby\AppData\Local\Temp\plugtmp-82 --------- 0
05.01.2011 12:37 C:\Users\Bobby\AppData\Local\Temp\div9E31.tmp --------- 0
04.01.2011 11:30 C:\Users\Bobby\AppData\Local\Temp\div16E9.tmp --------- 0
03.01.2011 20:36 C:\Users\Bobby\AppData\Local\Temp\plugtmp-81 --------- 0
03.01.2011 20:35 C:\Users\Bobby\AppData\Local\Temp\mod892.tmp --------- 5
03.01.2011 11:24 C:\Users\Bobby\AppData\Local\Temp\div94CF.tmp --------- 0
02.01.2011 13:12 C:\Users\Bobby\AppData\Local\Temp\div9165.tmp --------- 0
02.01.2011 11:47 C:\Users\Bobby\AppData\Local\Temp\div89C7.tmp --------- 0
31.12.2010 17:53 C:\Users\Bobby\AppData\Local\Temp\jar_cache2136888344314885231.tmp --------- 465
31.12.2010 17:53 C:\Users\Bobby\AppData\Local\Temp\jar_cache5126299803735471706.tmp --------- 215
31.12.2010 17:53 C:\Users\Bobby\AppData\Local\Temp\jar_cache1884229192963736707.tmp --------- 18586
31.12.2010 17:53 C:\Users\Bobby\AppData\Local\Temp\jar_cache3907559928968600197.tmp --------- 130478
31.12.2010 17:53 C:\Users\Bobby\AppData\Local\Temp\jar_cache2773629804568237602.tmp --------- 5546
31.12.2010 12:27 C:\Users\Bobby\AppData\Local\Temp\div8E4A.tmp --------- 0
30.12.2010 12:11 C:\Users\Bobby\AppData\Local\Temp\divCB88.tmp --------- 0
29.12.2010 10:54 C:\Users\Bobby\AppData\Local\Temp\divB1A2.tmp --------- 0
29.12.2010 01:16 C:\Users\Bobby\AppData\Local\Temp\wqjtgtd1.bmp --------- 1854870
28.12.2010 10:28 C:\Users\Bobby\AppData\Local\Temp\divE5FA.tmp --------- 0
27.12.2010 13:14 C:\Users\Bobby\AppData\Local\Temp\div99AF.tmp --------- 0
26.12.2010 14:38 C:\Users\Bobby\AppData\Local\Temp\divC3AC.tmp --------- 0
25.12.2010 11:07 C:\Users\Bobby\AppData\Local\Temp\div93F5.tmp --------- 0
24.12.2010 11:06 C:\Users\Bobby\AppData\Local\Temp\div8804.tmp --------- 0
24.12.2010 01:42 C:\Users\Bobby\AppData\Local\Temp\plugtmp-80 --------- 0
23.12.2010 16:30 C:\Users\Bobby\AppData\Local\Temp\wrd1141e5c.~lk --------- 0
23.12.2010 11:30 C:\Users\Bobby\AppData\Local\Temp\div3A60.tmp --------- 0
22.12.2010 10:39 C:\Users\Bobby\AppData\Local\Temp\div889F.tmp --------- 0
21.12.2010 01:25 C:\Users\Bobby\AppData\Local\Temp\DSC00856.ARW.tiff.xmp --------- 7144
20.12.2010 10:51 C:\Users\Bobby\AppData\Local\Temp\div9991.tmp --------- 0
19.12.2010 22:50 C:\Users\Bobby\AppData\Local\Temp\plugtmp-79 --------- 0
19.12.2010 16:48 C:\Users\Bobby\AppData\Local\Temp\k5qvdrey.bmp --------- 6000054
19.12.2010 16:48 C:\Users\Bobby\AppData\Local\Temp\xav3e2md.bmp --------- 6000054
19.12.2010 11:24 C:\Users\Bobby\AppData\Local\Temp\divE13A.tmp --------- 0
18.12.2010 11:00 C:\Users\Bobby\AppData\Local\Temp\divD25B.tmp --------- 0
16.12.2010 15:00 C:\Users\Bobby\AppData\Local\Temp\divDDFF.tmp --------- 0
15.12.2010 14:58 C:\Users\Bobby\AppData\Local\Temp\kggkn5mh.bmp --------- 2527254
15.12.2010 14:29 C:\Users\Bobby\AppData\Local\Temp\divA61D.tmp --------- 0
14.12.2010 08:12 C:\Users\Bobby\AppData\Local\Temp\div97FA.tmp --------- 0
13.12.2010 22:42 C:\Users\Bobby\AppData\Local\Temp\plugtmp-78 --------- 0
12.12.2010 17:52 C:\Users\Bobby\AppData\Local\Temp\div866D.tmp --------- 0
12.12.2010 10:11 C:\Users\Bobby\AppData\Local\Temp\div9A2C.tmp --------- 0
11.12.2010 09:59 C:\Users\Bobby\AppData\Local\Temp\StructuredQuery.log --------- 2475
11.12.2010 09:00 C:\Users\Bobby\AppData\Local\Temp\div9720.tmp --------- 0
10.12.2010 15:08 C:\Users\Bobby\AppData\Local\Temp\div849A.tmp --------- 0
10.12.2010 08:05 C:\Users\Bobby\AppData\Local\Temp\div6D42.tmp --------- 0
09.12.2010 07:36 C:\Users\Bobby\AppData\Local\Temp\div9819.tmp --------- 0
08.12.2010 14:19 C:\Users\Bobby\AppData\Local\Temp\DSC03502.xmp --------- 7983
08.12.2010 11:13 C:\Users\Bobby\AppData\Local\Temp\divA43B.tmp --------- 0
07.12.2010 13:42 C:\Users\Bobby\AppData\Local\Temp\div1267.tmp --------- 0
06.12.2010 15:27 C:\Users\Bobby\AppData\Local\Temp\wrd16094c.~lk --------- 0
06.12.2010 15:03 C:\Users\Bobby\AppData\Local\Temp\div9990.tmp --------- 0
06.12.2010 08:04 C:\Users\Bobby\AppData\Local\Temp\div65A5.tmp --------- 0
05.12.2010 11:43 C:\Users\Bobby\AppData\Local\Temp\div5511.tmp --------- 0
04.12.2010 10:30 C:\Users\Bobby\AppData\Local\Temp\div47A9.tmp --------- 0
04.12.2010 09:40 C:\Users\Bobby\AppData\Local\Temp\div8803.tmp --------- 0
03.12.2010 18:04 C:\Users\Bobby\AppData\Local\Temp\{60fd0483-046d-4e43-976d-0efdfeca2aa0} --------- 0
03.12.2010 14:52 C:\Users\Bobby\AppData\Local\Temp\divF6EB.tmp --------- 0
02.12.2010 22:55 C:\Users\Bobby\AppData\Local\Temp\div959A.tmp --------- 0
02.12.2010 22:51 C:\Users\Bobby\AppData\Local\Temp\plugtmp-77 --------- 0
02.12.2010 14:57 C:\Users\Bobby\AppData\Local\Temp\wrdb8d15fc.~lk --------- 0
30.11.2010 09:07 C:\Users\Bobby\AppData\Local\Temp\div86DB.tmp --------- 0
|
|
05.07.2011, 14:38
| #6 |
| | BOO/Sinowal.F in Masterbootsektor Und hier der zweite Teil von hjtscanlist Code:
ATTFilter 28.11.2010 10:19 C:\Users\Bobby\AppData\Local\Temp\jar_cache5982200485097599196.tmp --------- 853
28.11.2010 10:19 C:\Users\Bobby\AppData\Local\Temp\jar_cache1877199133028203941.tmp --------- 409
28.11.2010 10:19 C:\Users\Bobby\AppData\Local\Temp\jar_cache3926303217056426143.tmp --------- 414
28.11.2010 10:19 C:\Users\Bobby\AppData\Local\Temp\jar_cache8508163625815478769.tmp --------- 103
28.11.2010 10:19 C:\Users\Bobby\AppData\Local\Temp\jar_cache4001171948258088861.tmp --------- 448
28.11.2010 10:19 C:\Users\Bobby\AppData\Local\Temp\jar_cache8352408441756561420.tmp --------- 455
28.11.2010 10:16 C:\Users\Bobby\AppData\Local\Temp\jar_cache2724881653711752078.tmp --------- 907
28.11.2010 10:16 C:\Users\Bobby\AppData\Local\Temp\jar_cache7277221973162371878.tmp --------- 475
28.11.2010 10:16 C:\Users\Bobby\AppData\Local\Temp\jar_cache8551648749378959994.tmp --------- 427
28.11.2010 10:16 C:\Users\Bobby\AppData\Local\Temp\jar_cache137875352710570804.tmp --------- 480
28.11.2010 10:16 C:\Users\Bobby\AppData\Local\Temp\jar_cache5420661821302167175.tmp --------- 535
28.11.2010 10:16 C:\Users\Bobby\AppData\Local\Temp\jar_cache3288724881094022403.tmp --------- 43
28.11.2010 10:07 C:\Users\Bobby\AppData\Local\Temp\jar_cache8519232553088941114.tmp --------- 906
28.11.2010 10:07 C:\Users\Bobby\AppData\Local\Temp\jar_cache4037311948577134969.tmp --------- 639
28.11.2010 10:07 C:\Users\Bobby\AppData\Local\Temp\jar_cache703022164643613405.tmp --------- 58
28.11.2010 10:07 C:\Users\Bobby\AppData\Local\Temp\jar_cache2946312129598082100.tmp --------- 217
28.11.2010 10:06 C:\Users\Bobby\AppData\Local\Temp\jar_cache8528230224580864266.tmp --------- 2072
28.11.2010 10:06 C:\Users\Bobby\AppData\Local\Temp\jar_cache2675511969954931735.tmp --------- 2090
28.11.2010 10:06 C:\Users\Bobby\AppData\Local\Temp\jar_cache5411816289915762130.tmp --------- 3882
26.11.2010 15:06 C:\Users\Bobby\AppData\Local\Temp\plugtmp-76 --------- 0
23.11.2010 17:39 C:\Users\Bobby\AppData\Local\Temp\div5B96.tmp --------- 0
22.11.2010 13:39 C:\Users\Bobby\AppData\Local\Temp\divCC14.tmp --------- 0
21.11.2010 11:43 C:\Users\Bobby\AppData\Local\Temp\divA350.tmp --------- 0
20.11.2010 17:01 C:\Users\Bobby\AppData\Local\Temp\jar_cache3800684118998163054.tmp --------- 2072
20.11.2010 17:01 C:\Users\Bobby\AppData\Local\Temp\jar_cache7084778927374784029.tmp --------- 2090
20.11.2010 17:01 C:\Users\Bobby\AppData\Local\Temp\jar_cache8277386807200263352.tmp --------- 544
20.11.2010 17:01 C:\Users\Bobby\AppData\Local\Temp\jar_cache6862096778988866186.tmp --------- 504
20.11.2010 17:01 C:\Users\Bobby\AppData\Local\Temp\jar_cache4451919554277800220.tmp --------- 3882
20.11.2010 17:01 C:\Users\Bobby\AppData\Local\Temp\jar_cache340803613120615285.tmp --------- 812
20.11.2010 17:01 C:\Users\Bobby\AppData\Local\Temp\jar_cache2141033286888727077.tmp --------- 473
20.11.2010 17:01 C:\Users\Bobby\AppData\Local\Temp\jar_cache2056453103345082421.tmp --------- 680
20.11.2010 17:01 C:\Users\Bobby\AppData\Local\Temp\jar_cache806867715008166160.tmp --------- 615
20.11.2010 10:28 C:\Users\Bobby\AppData\Local\Temp\div31F8.tmp --------- 0
19.11.2010 15:02 C:\Users\Bobby\AppData\Local\Temp\div8593.tmp --------- 0
18.11.2010 15:24 C:\Users\Bobby\AppData\Local\Temp\yp7d5lj2.bmp --------- 2527254
18.11.2010 14:59 C:\Users\Bobby\AppData\Local\Temp\i7jn26ff.bmp --------- 2527254
18.11.2010 14:16 C:\Users\Bobby\AppData\Local\Temp\div845B.tmp --------- 0
17.11.2010 14:08 C:\Users\Bobby\AppData\Local\Temp\divA7C3.tmp --------- 0
16.11.2010 08:51 C:\Users\Bobby\AppData\Local\Temp\div8574.tmp --------- 0
15.11.2010 13:32 C:\Users\Bobby\AppData\Local\Temp\div903D.tmp --------- 0
14.11.2010 19:17 C:\Users\Bobby\AppData\Local\Temp\oywqo91n.bmp --------- 2535054
14.11.2010 19:15 C:\Users\Bobby\AppData\Local\Temp\5kw3mt2a.bmp --------- 2535054
14.11.2010 19:14 C:\Users\Bobby\AppData\Local\Temp\pi4ma7kf.bmp --------- 2535054
14.11.2010 19:12 C:\Users\Bobby\AppData\Local\Temp\0qevmrad.bmp --------- 2535054
14.11.2010 19:10 C:\Users\Bobby\AppData\Local\Temp\u1pcmr50.bmp --------- 2527254
14.11.2010 19:08 C:\Users\Bobby\AppData\Local\Temp\o4zumz7n.bmp --------- 2527254
14.11.2010 19:06 C:\Users\Bobby\AppData\Local\Temp\9p2pbrw0.bmp --------- 2535054
14.11.2010 18:25 C:\Users\Bobby\AppData\Local\Temp\knz5eb0f.bmp --------- 2527254
14.11.2010 18:22 C:\Users\Bobby\AppData\Local\Temp\8w8bdcb5.bmp --------- 2527254
14.11.2010 18:21 C:\Users\Bobby\AppData\Local\Temp\5z272vao.bmp --------- 2527254
14.11.2010 10:00 C:\Users\Bobby\AppData\Local\Temp\div6567.tmp --------- 0
13.11.2010 09:52 C:\Users\Bobby\AppData\Local\Temp\divC468.tmp --------- 0
12.11.2010 17:38 C:\Users\Bobby\AppData\Local\Temp\div83BF.tmp --------- 0
11.11.2010 15:28 C:\Users\Bobby\AppData\Local\Temp\oPackage --------- 0
11.11.2010 14:06 C:\Users\Bobby\AppData\Local\Temp\u34bk5s7.bmp --------- 2535054
11.11.2010 13:33 C:\Users\Bobby\AppData\Local\Temp\div869C.tmp --------- 0
10.11.2010 23:47 C:\Users\Bobby\AppData\Local\Temp\TW2E7A --------- 0
10.11.2010 23:27 C:\Users\Bobby\AppData\Local\Temp\DSC03769.xmp --------- 7840
10.11.2010 14:40 C:\Users\Bobby\AppData\Local\Temp\TWE8AA --------- 0
10.11.2010 14:16 C:\Users\Bobby\AppData\Local\Temp\div9452.tmp --------- 0
10.11.2010 08:03 C:\Users\Bobby\AppData\Local\Temp\div94B0.tmp --------- 0
09.11.2010 18:59 C:\Users\Bobby\AppData\Local\Temp\TWFCE0 --------- 0
09.11.2010 09:02 C:\Users\Bobby\AppData\Local\Temp\divD4DB.tmp --------- 0
09.11.2010 00:05 C:\Users\Bobby\AppData\Local\Temp\TWCEA1 --------- 0
09.11.2010 00:04 C:\Users\Bobby\AppData\Local\Temp\TWE2AD --------- 0
08.11.2010 13:31 C:\Users\Bobby\AppData\Local\Temp\div9C8C.tmp --------- 0
07.11.2010 11:55 C:\Users\Bobby\AppData\Local\Temp\div906C.tmp --------- 0
06.11.2010 08:31 C:\Users\Bobby\AppData\Local\Temp\div94E0.tmp --------- 0
05.11.2010 14:23 C:\Users\Bobby\AppData\Local\Temp\div9D38.tmp --------- 0
04.11.2010 00:32 C:\Users\Bobby\AppData\Local\Temp\jar_cache4296194067241058745.tmp --------- 535
04.11.2010 00:32 C:\Users\Bobby\AppData\Local\Temp\jar_cache7988253753367445826.tmp --------- 2090
04.11.2010 00:32 C:\Users\Bobby\AppData\Local\Temp\jar_cache1950812726001149612.tmp --------- 2072
04.11.2010 00:32 C:\Users\Bobby\AppData\Local\Temp\jar_cache3718951230741299669.tmp --------- 217
04.11.2010 00:32 C:\Users\Bobby\AppData\Local\Temp\jar_cache4822912109667625140.tmp --------- 43
04.11.2010 00:32 C:\Users\Bobby\AppData\Local\Temp\jar_cache4711332130742715798.tmp --------- 639
04.11.2010 00:32 C:\Users\Bobby\AppData\Local\Temp\jar_cache3774356276840170038.tmp --------- 58
04.11.2010 00:32 C:\Users\Bobby\AppData\Local\Temp\jar_cache8210699335531363982.tmp --------- 504
04.11.2010 00:32 C:\Users\Bobby\AppData\Local\Temp\jar_cache2939846490917868822.tmp --------- 473
04.11.2010 00:32 C:\Users\Bobby\AppData\Local\Temp\jar_cache4152317224994548500.tmp --------- 615
04.11.2010 00:32 C:\Users\Bobby\AppData\Local\Temp\jar_cache3050832056817904673.tmp --------- 544
04.11.2010 00:32 C:\Users\Bobby\AppData\Local\Temp\jar_cache2592611094972978983.tmp --------- 3882
04.11.2010 00:32 C:\Users\Bobby\AppData\Local\Temp\jar_cache4420878295686015208.tmp --------- 680
04.11.2010 00:32 C:\Users\Bobby\AppData\Local\Temp\jar_cache5045922598745632506.tmp --------- 812
03.11.2010 14:26 C:\Users\Bobby\AppData\Local\Temp\div8BDA.tmp --------- 0
02.11.2010 23:04 C:\Users\Bobby\AppData\Local\Temp\TWEA85 --------- 0
02.11.2010 23:04 C:\Users\Bobby\AppData\Local\Temp\TW7989 --------- 0
02.11.2010 22:50 C:\Users\Bobby\AppData\Local\Temp\plugtmp-75 --------- 0
02.11.2010 17:36 C:\Users\Bobby\AppData\Local\Temp\div4A29.tmp --------- 0
02.11.2010 08:38 C:\Users\Bobby\AppData\Local\Temp\div94DF.tmp --------- 0
02.11.2010 01:38 C:\Users\Bobby\AppData\Local\Temp\plugtmp-74 --------- 0
01.11.2010 17:49 C:\Users\Bobby\AppData\Local\Temp\z4jxaxpz.bmp --------- 43254
30.10.2010 09:05 C:\Users\Bobby\AppData\Local\Temp\div955B.tmp --------- 0
29.10.2010 15:16 C:\Users\Bobby\AppData\Local\Temp\div510C.tmp --------- 0
29.10.2010 07:12 C:\Users\Bobby\AppData\Local\Temp\div7FF8.tmp --------- 0
28.10.2010 13:23 C:\Users\Bobby\AppData\Local\Temp\LPRealPhysik-6.pdf --------- 122376
28.10.2010 13:23 C:\Users\Bobby\AppData\Local\Temp\plugtmp-73 --------- 0
28.10.2010 13:20 C:\Users\Bobby\AppData\Local\Temp\div8A73.tmp --------- 0
27.10.2010 21:33 C:\Users\Bobby\AppData\Local\Temp\plugtmp-72 --------- 0
27.10.2010 17:34 C:\Users\Bobby\AppData\Local\Temp\div538B.tmp --------- 0
26.10.2010 19:14 C:\Users\Bobby\AppData\Local\Temp\Physik-7.pdf --------- 188732
26.10.2010 16:44 C:\Users\Bobby\AppData\Local\Temp\div8EF5.tmp --------- 0
25.10.2010 13:21 C:\Users\Bobby\AppData\Local\Temp\div1A24.tmp --------- 0
25.10.2010 07:55 C:\Users\Bobby\AppData\Local\Temp\plugtmp-71 --------- 0
25.10.2010 07:52 C:\Users\Bobby\AppData\Local\Temp\div91D3.tmp --------- 0
24.10.2010 11:41 C:\Users\Bobby\AppData\Local\Temp\divCF3F.tmp --------- 0
23.10.2010 12:29 C:\Users\Bobby\AppData\Local\Temp\div9BC1.tmp --------- 0
23.10.2010 12:24 C:\Users\Bobby\AppData\Local\Temp\plugtmp-70 --------- 0
23.10.2010 12:22 C:\Users\Bobby\AppData\Local\Temp\fla5825.tmp --------- 26956554
23.10.2010 12:05 C:\Users\Bobby\AppData\Local\Temp\divB51B.tmp --------- 0
22.10.2010 23:08 C:\Users\Bobby\AppData\Local\Temp\TW13CB --------- 0
22.10.2010 12:26 C:\Users\Bobby\AppData\Local\Temp\div203C.tmp --------- 0
21.10.2010 13:13 C:\Users\Bobby\AppData\Local\Temp\divAEF3.tmp --------- 0
21.10.2010 12:55 C:\Users\Bobby\AppData\Local\Temp\plugtmp-69 --------- 0
21.10.2010 12:06 C:\Users\Bobby\AppData\Local\Temp\mod5BCC.tmp --------- 222
21.10.2010 12:06 C:\Users\Bobby\AppData\Local\Temp\mod59D7.tmp --------- 0
21.10.2010 12:06 C:\Users\Bobby\AppData\Local\Temp\mod517C.tmp --------- 5
21.10.2010 11:42 C:\Users\Bobby\AppData\Local\Temp\TW237D --------- 0
21.10.2010 11:40 C:\Users\Bobby\AppData\Local\Temp\TW651D --------- 0
21.10.2010 11:37 C:\Users\Bobby\AppData\Local\Temp\TWE36 --------- 0
21.10.2010 11:37 C:\Users\Bobby\AppData\Local\Temp\~DF0D9B7E7AAEDEF57D.TMP --------- 19398656
21.10.2010 11:05 C:\Users\Bobby\AppData\Local\Temp\TW7D46 --------- 0
21.10.2010 11:04 C:\Users\Bobby\AppData\Local\Temp\TW9058 --------- 0
21.10.2010 11:04 C:\Users\Bobby\AppData\Local\Temp\TWD5CF --------- 0
21.10.2010 11:02 C:\Users\Bobby\AppData\Local\Temp\TW3146 --------- 0
21.10.2010 10:55 C:\Users\Bobby\AppData\Local\Temp\TW8CFB --------- 0
21.10.2010 10:47 C:\Users\Bobby\AppData\Local\Temp\TWA653 --------- 0
21.10.2010 10:44 C:\Users\Bobby\AppData\Local\Temp\TW789E --------- 0
21.10.2010 10:44 C:\Users\Bobby\AppData\Local\Temp\TW5880 --------- 0
21.10.2010 10:43 C:\Users\Bobby\AppData\Local\Temp\TWCD8E --------- 0
21.10.2010 10:24 C:\Users\Bobby\AppData\Local\Temp\~DFCEFD3964DB0604F2.TMP --------- 19398656
21.10.2010 09:02 C:\Users\Bobby\AppData\Local\Temp\div9DD4.tmp --------- 0
21.10.2010 01:59 C:\Users\Bobby\AppData\Local\Temp\divA3DC.tmp --------- 0
20.10.2010 21:09 C:\Users\Bobby\AppData\Local\Temp\~DF5B5A389DFB68EFBD.TMP --------- 17629184
20.10.2010 19:43 C:\Users\Bobby\AppData\Local\Temp\~DFA5E663271EF2621A.TMP --------- 17629184
20.10.2010 18:47 C:\Users\Bobby\AppData\Local\Temp\NikHDR_lrsettings --------- 12
20.10.2010 18:46 C:\Users\Bobby\AppData\Local\Temp\NikHDR_config --------- 335
20.10.2010 10:11 C:\Users\Bobby\AppData\Local\Temp\div8F83.tmp --------- 0
20.10.2010 03:06 C:\Users\Bobby\AppData\Local\Temp\plugtmp-68 --------- 0
19.10.2010 13:34 C:\Users\Bobby\AppData\Local\Temp\divA727.tmp --------- 0
17.10.2010 17:02 C:\Users\Bobby\AppData\Local\Temp\NIKHDREfexPro.log --------- 2092
17.10.2010 17:01 C:\Users\Bobby\AppData\Local\Temp\NIKHDREfexPro_NAL.log --------- 74
17.10.2010 17:01 C:\Users\Bobby\AppData\Local\Temp\dd_vcredistUI79D0.txt --------- 12450
17.10.2010 17:01 C:\Users\Bobby\AppData\Local\Temp\dd_vcredistMSI79D0.txt --------- 357202
17.10.2010 17:01 C:\Users\Bobby\AppData\Local\Temp\dd_vcredistUI79C6.txt --------- 12530
17.10.2010 17:01 C:\Users\Bobby\AppData\Local\Temp\dd_vcredistMSI79C6.txt --------- 354070
17.10.2010 12:22 C:\Users\Bobby\AppData\Local\Temp\dd_vcredistUI23A9.txt --------- 11498
17.10.2010 12:22 C:\Users\Bobby\AppData\Local\Temp\dd_vcredistMSI23A9.txt --------- 401078
17.10.2010 12:22 C:\Users\Bobby\AppData\Local\Temp\dd_vcredistUI2388.txt --------- 11450
17.10.2010 12:22 C:\Users\Bobby\AppData\Local\Temp\dd_vcredistMSI2388.txt --------- 368218
17.10.2010 12:08 C:\Users\Bobby\AppData\Local\Temp\{d8063de3-7293-4fa9-9ad8-c0af9dd0daf9} --------- 0
17.10.2010 12:02 C:\Users\Bobby\AppData\Local\Temp\{17f9de64-d1eb-4b53-acb4-016ff0df5bae} --------- 0
17.10.2010 12:02 C:\Users\Bobby\AppData\Local\Temp\{0DFA2CDE-137A-4C08-886C-BAF3689DB86E} --------- 0
17.10.2010 12:02 C:\Users\Bobby\AppData\Local\Temp\{748653D1-8586-4101-8CF8-222C9FCACC68} --------- 0
17.10.2010 09:32 C:\Users\Bobby\AppData\Local\Temp\div84E7.tmp --------- 0
16.10.2010 11:12 C:\Users\Bobby\AppData\Local\Temp\div7A2E.tmp --------- 0
15.10.2010 10:15 C:\Users\Bobby\AppData\Local\Temp\div509F.tmp --------- 0
14.10.2010 18:30 C:\Users\Bobby\AppData\Local\Temp\plugtmp-67 --------- 0
14.10.2010 09:02 C:\Users\Bobby\AppData\Local\Temp\div8FC0.tmp --------- 0
13.10.2010 08:29 C:\Users\Bobby\AppData\Local\Temp\divA755.tmp --------- 0
12.10.2010 10:40 C:\Users\Bobby\AppData\Local\Temp\div9BF0.tmp --------- 0
11.10.2010 10:46 C:\Users\Bobby\AppData\Local\Temp\div9108.tmp --------- 0
10.10.2010 09:51 C:\Users\Bobby\AppData\Local\Temp\divA514.tmp --------- 0
09.10.2010 09:20 C:\Users\Bobby\AppData\Local\Temp\div8E79.tmp --------- 0
08.10.2010 13:34 C:\Users\Bobby\AppData\Local\Temp\div900E.tmp --------- 0
08.10.2010 10:07 C:\Users\Bobby\AppData\Local\Temp\DPInst_Monx86.exe --------- 75160
08.10.2010 10:07 C:\Users\Bobby\AppData\Local\Temp\DPInst_Monx64.exe --------- 75672
08.10.2010 10:06 C:\Users\Bobby\AppData\Local\Temp\OS_Detect.exe --------- 75152
08.10.2010 06:32 C:\Users\Bobby\AppData\Local\Temp\div27F9.tmp --------- 0
07.10.2010 13:49 C:\Users\Bobby\AppData\Local\Temp\div9AB8.tmp --------- 0
06.10.2010 22:34 C:\Users\Bobby\AppData\Local\Temp\{0f855c05-bf83-4ac3-a2ee-9f85bb323839} --------- 0
06.10.2010 22:33 C:\Users\Bobby\AppData\Local\Temp\{bf87098d-b1a0-43af-9d81-878654e71999} --------- 0
06.10.2010 22:25 C:\Users\Bobby\AppData\Local\Temp\VSDEF86.tmp --------- 0
06.10.2010 18:27 C:\Users\Bobby\AppData\Local\Temp\is6CEA.tmp --------- 0
06.10.2010 18:26 C:\Users\Bobby\AppData\Local\Temp\isA0C6.tmp --------- 0
06.10.2010 13:28 C:\Users\Bobby\AppData\Local\Temp\divC8BA.tmp --------- 0
05.10.2010 22:50 C:\Users\Bobby\AppData\Local\Temp\div8F63.tmp --------- 0
05.10.2010 21:38 C:\Users\Bobby\AppData\Local\Temp\is4CCE.tmp --------- 0
05.10.2010 21:31 C:\Users\Bobby\AppData\Local\Temp\isC315.tmp --------- 0
05.10.2010 21:31 C:\Users\Bobby\AppData\Local\Temp\is592C.tmp --------- 0
05.10.2010 21:05 C:\Users\Bobby\AppData\Local\Temp\is8A3A.tmp --------- 0
05.10.2010 21:00 C:\Users\Bobby\AppData\Local\Temp\is341F.tmp --------- 0
05.10.2010 20:51 C:\Users\Bobby\AppData\Local\Temp\is4619.tmp --------- 0
05.10.2010 20:51 C:\Users\Bobby\AppData\Local\Temp\isA4AC.tmp --------- 0
05.10.2010 20:48 C:\Users\Bobby\AppData\Local\Temp\U1Axt4Km.htm.part --------- 0
05.10.2010 20:47 C:\Users\Bobby\AppData\Local\Temp\is1D06.tmp --------- 0
05.10.2010 20:47 C:\Users\Bobby\AppData\Local\Temp\isF4DE.tmp --------- 0
05.10.2010 20:38 C:\Users\Bobby\AppData\Local\Temp\is6A1C.tmp --------- 0
05.10.2010 20:37 C:\Users\Bobby\AppData\Local\Temp\is5239.tmp --------- 0
05.10.2010 16:04 C:\Users\Bobby\AppData\Local\Temp\div1B4.tmp --------- 0
04.10.2010 12:50 C:\Users\Bobby\AppData\Local\Temp\divC216.tmp --------- 0
03.10.2010 10:34 C:\Users\Bobby\AppData\Local\Temp\div8B0F.tmp --------- 0
01.10.2010 18:30 C:\Users\Bobby\AppData\Local\Temp\plugtmp-66 --------- 0
01.10.2010 15:41 C:\Users\Bobby\AppData\Local\Temp\divA9D5.tmp --------- 0
01.10.2010 07:13 C:\Users\Bobby\AppData\Local\Temp\div909B.tmp --------- 0
30.09.2010 13:32 C:\Users\Bobby\AppData\Local\Temp\divA005.tmp --------- 0
30.09.2010 07:08 C:\Users\Bobby\AppData\Local\Temp\divA1AB.tmp --------- 0
27.09.2010 18:15 C:\Users\Bobby\AppData\Local\Temp\{41449af1-e2b4-4b68-b70a-b072d555e181} --------- 0
26.09.2010 19:58 C:\Users\Bobby\AppData\Local\Temp\DSC_0003.NEF-1.tiff.xmp --------- 7091
22.09.2010 14:35 C:\Users\Bobby\AppData\Local\Temp\{a6465287-43cc-481f-b52a-099167ee176f} --------- 0
20.09.2010 13:38 C:\Users\Bobby\AppData\Local\Temp\LPRealPhysik-7.pdf --------- 122376
18.09.2010 19:23 C:\Users\Bobby\AppData\Local\Temp\fheo1477.bmp --------- 15925302
18.09.2010 19:20 C:\Users\Bobby\AppData\Local\Temp\qcq0la46.bmp --------- 15925302
18.09.2010 19:11 C:\Users\Bobby\AppData\Local\Temp\n8938p8x.bmp --------- 15925302
18.09.2010 10:14 C:\Users\Bobby\AppData\Local\Temp\divE040.tmp --------- 0
17.09.2010 14:48 C:\Users\Bobby\AppData\Local\Temp\divA380.tmp --------- 0
16.09.2010 07:25 C:\Users\Bobby\AppData\Local\Temp\div8DCD.tmp --------- 0
15.09.2010 23:29 C:\Users\Bobby\AppData\Local\Temp\~4DAC.mp3 --------- 291960
15.09.2010 23:29 C:\Users\Bobby\AppData\Local\Temp\~4DAC.tmp --------- 0
15.09.2010 23:28 C:\Users\Bobby\AppData\Local\Temp\~501C.mp3 --------- 291960
15.09.2010 23:28 C:\Users\Bobby\AppData\Local\Temp\~501C.tmp --------- 0
15.09.2010 14:06 C:\Users\Bobby\AppData\Local\Temp\div8B5D.tmp --------- 0
14.09.2010 16:47 C:\Users\Bobby\AppData\Local\Temp\jar_cache3365351495356586498.tmp --------- 2344
14.09.2010 16:47 C:\Users\Bobby\AppData\Local\Temp\jar_cache9072242550413067640.tmp --------- 2344
14.09.2010 07:43 C:\Users\Bobby\AppData\Local\Temp\div6103.tmp --------- 0
13.09.2010 12:45 C:\Users\Bobby\AppData\Local\Temp\div89B8.tmp --------- 0
12.09.2010 20:12 C:\Users\Bobby\AppData\Local\Temp\~DFAF48F924414AC390.TMP --------- 147456
12.09.2010 20:11 C:\Users\Bobby\AppData\Local\Temp\plugtmp-65 --------- 0
12.09.2010 12:56 C:\Users\Bobby\AppData\Local\Temp\div89E7.tmp --------- 0
12.09.2010 09:14 C:\Users\Bobby\AppData\Local\Temp\div90BA.tmp --------- 0
11.09.2010 08:36 C:\Users\Bobby\AppData\Local\Temp\div1EC6.tmp --------- 0
10.09.2010 22:49 C:\Users\Bobby\AppData\Local\Temp\plugtmp-64 --------- 0
10.09.2010 14:00 C:\Users\Bobby\AppData\Local\Temp\divB0C7.tmp --------- 0
10.09.2010 07:50 C:\Users\Bobby\AppData\Local\Temp\divE9E1.tmp --------- 0
09.09.2010 22:25 C:\Users\Bobby\AppData\Local\Temp\modF98F.tmp --------- 222
09.09.2010 22:25 C:\Users\Bobby\AppData\Local\Temp\modD873.tmp --------- 5
09.09.2010 22:19 C:\Users\Bobby\AppData\Local\Temp\plugtmp-63 --------- 0
09.09.2010 14:23 C:\Users\Bobby\AppData\Local\Temp\LPRealPhysik-5.pdf --------- 122376
09.09.2010 14:23 C:\Users\Bobby\AppData\Local\Temp\~DF98CAD69355A686E4.TMP --------- 147456
09.09.2010 14:09 C:\Users\Bobby\AppData\Local\Temp\div9E41.tmp --------- 0
09.09.2010 07:05 C:\Users\Bobby\AppData\Local\Temp\div8361.tmp --------- 0
08.09.2010 22:40 C:\Users\Bobby\AppData\Local\Temp\plugtmp-62 --------- 0
08.09.2010 13:36 C:\Users\Bobby\AppData\Local\Temp\~DF31F30BDE645B34D2.TMP --------- 147456
08.09.2010 13:19 C:\Users\Bobby\AppData\Local\Temp\div972F.tmp --------- 0
08.09.2010 07:15 C:\Users\Bobby\AppData\Local\Temp\divA4E5.tmp --------- 0
07.09.2010 16:39 C:\Users\Bobby\AppData\Local\Temp\div8333.tmp --------- 0
07.09.2010 00:00 C:\Users\Bobby\AppData\Local\Temp\plugtmp-61 --------- 0
06.09.2010 13:00 C:\Users\Bobby\AppData\Local\Temp\LPRealPhysik-4.pdf --------- 122376
06.09.2010 12:41 C:\Users\Bobby\AppData\Local\Temp\Physik-6.pdf --------- 188732
06.09.2010 12:41 C:\Users\Bobby\AppData\Local\Temp\LPRealPhysik-3.pdf --------- 122376
06.09.2010 12:35 C:\Users\Bobby\AppData\Local\Temp\~DFFF42CDE8B4CBE5D1.TMP --------- 147456
06.09.2010 07:07 C:\Users\Bobby\AppData\Local\Temp\div8258.tmp --------- 0
05.09.2010 23:01 C:\Users\Bobby\AppData\Local\Temp\plugtmp-60 --------- 0
05.09.2010 13:06 C:\Users\Bobby\AppData\Local\Temp\LPRealMathe-5.pdf --------- 240940
05.09.2010 12:46 C:\Users\Bobby\AppData\Local\Temp\LPRealPhysik-2.pdf --------- 122376
05.09.2010 12:10 C:\Users\Bobby\AppData\Local\Temp\~DFEA52470767B72BB3.TMP --------- 147456
05.09.2010 12:05 C:\Users\Bobby\AppData\Local\Temp\divFEC8.tmp --------- 0
05.09.2010 01:52 C:\Users\Bobby\AppData\Local\Temp\plugtmp-59 --------- 0
05.09.2010 00:34 C:\Users\Bobby\AppData\Local\Temp\~DF9D075E12D8E47746.TMP --------- 147456
05.09.2010 00:10 C:\Users\Bobby\AppData\Local\Temp\02-6.wmv --------- 2077496
05.09.2010 00:09 C:\Users\Bobby\AppData\Local\Temp\01-5.wmv --------- 2149490
05.09.2010 00:07 C:\Users\Bobby\AppData\Local\Temp\04-3.wmv --------- 2301521
05.09.2010 00:07 C:\Users\Bobby\AppData\Local\Temp\03-3.wmv --------- 2197515
05.09.2010 00:07 C:\Users\Bobby\AppData\Local\Temp\02-5.wmv --------- 2269521
05.09.2010 00:06 C:\Users\Bobby\AppData\Local\Temp\01-4.wmv --------- 2333521
05.09.2010 00:06 C:\Users\Bobby\AppData\Local\Temp\15_6_k.wmv --------- 1394924
05.09.2010 00:03 C:\Users\Bobby\AppData\Local\Temp\div7F1D.tmp --------- 0
04.09.2010 20:24 C:\Users\Bobby\AppData\Local\Temp\plugtmp-58 --------- 0
04.09.2010 09:26 C:\Users\Bobby\AppData\Local\Temp\div8DDD.tmp --------- 0
03.09.2010 07:04 C:\Users\Bobby\AppData\Local\Temp\div2F68.tmp --------- 0
03.09.2010 00:08 C:\Users\Bobby\AppData\Local\Temp\plugtmp-57 --------- 0
02.09.2010 19:19 C:\Users\Bobby\AppData\Local\Temp\SetupAdmin584.log --------- 2118379
02.09.2010 19:19 C:\Users\Bobby\AppData\Local\Temp\QTInstallCode.log --------- 2795
02.09.2010 19:19 C:\Users\Bobby\AppData\Local\Temp\qtplugin.log --------- 3976
02.09.2010 19:16 C:\Users\Bobby\AppData\Local\Temp\iTunesSetupC8C.log --------- 2026
02.09.2010 19:16 C:\Users\Bobby\AppData\Local\Temp\MSIe1f02.LOG --------- 572
02.09.2010 16:51 C:\Users\Bobby\AppData\Local\Temp\debra4.mpg --------- 3505316
02.09.2010 16:50 C:\Users\Bobby\AppData\Local\Temp\debra1.mpg --------- 3919632
02.09.2010 15:15 C:\Users\Bobby\AppData\Local\Temp\~DFE9A6D402FD77387F.TMP --------- 147456
02.09.2010 07:05 C:\Users\Bobby\AppData\Local\Temp\div8E2C.tmp --------- 0
01.09.2010 22:57 C:\Users\Bobby\AppData\Local\Temp\mod7B99.tmp --------- 5
01.09.2010 22:56 C:\Users\Bobby\AppData\Local\Temp\plugtmp-56 --------- 0
01.09.2010 22:46 C:\Users\Bobby\AppData\Local\Temp\LPRealPhysik-1.pdf --------- 122376
01.09.2010 19:07 C:\Users\Bobby\AppData\Local\Temp\v0129c.wmv --------- 4298495
01.09.2010 19:06 C:\Users\Bobby\AppData\Local\Temp\3528_02_15sec_03.wmv --------- 1629664
01.09.2010 19:05 C:\Users\Bobby\AppData\Local\Temp\V11295_big_05.mpg --------- 3915780
01.09.2010 19:04 C:\Users\Bobby\AppData\Local\Temp\V08666_big_05.mpg --------- 2533380
01.09.2010 19:02 C:\Users\Bobby\AppData\Local\Temp\1mov-1.wmv --------- 1653620
01.09.2010 19:02 C:\Users\Bobby\AppData\Local\Temp\2mov-2.wmv --------- 1653620
01.09.2010 19:01 C:\Users\Bobby\AppData\Local\Temp\3mov.wmv --------- 1637620
01.09.2010 19:01 C:\Users\Bobby\AppData\Local\Temp\2mov-1.wmv --------- 1581620
01.09.2010 19:00 C:\Users\Bobby\AppData\Local\Temp\04-2.wmv --------- 2293521
01.09.2010 19:00 C:\Users\Bobby\AppData\Local\Temp\03-2.wmv --------- 2325521
01.09.2010 19:00 C:\Users\Bobby\AppData\Local\Temp\02-4.wmv --------- 2197521
01.09.2010 18:59 C:\Users\Bobby\AppData\Local\Temp\02-3.wmv --------- 2197521
01.09.2010 18:59 C:\Users\Bobby\AppData\Local\Temp\01-3.wmv --------- 2221521
01.09.2010 18:57 C:\Users\Bobby\AppData\Local\Temp\2mov.wmv --------- 1645620
01.09.2010 18:57 C:\Users\Bobby\AppData\Local\Temp\1mov.wmv --------- 1629620
01.09.2010 14:07 C:\Users\Bobby\AppData\Local\Temp\~DF2FC28824974F08F1.TMP --------- 147456
01.09.2010 13:19 C:\Users\Bobby\AppData\Local\Temp\divC744.tmp --------- 0
01.09.2010 07:03 C:\Users\Bobby\AppData\Local\Temp\div1498.tmp --------- 0
01.09.2010 07:00 C:\Users\Bobby\AppData\Local\Temp\flaE38.tmp --------- 24313274
01.09.2010 06:59 C:\Users\Bobby\AppData\Local\Temp\plugtmp-55 --------- 0
01.09.2010 06:52 C:\Users\Bobby\AppData\Local\Temp\div9387.tmp --------- 0
31.08.2010 16:34 C:\Users\Bobby\AppData\Local\Temp\div864E.tmp --------- 0
31.08.2010 07:44 C:\Users\Bobby\AppData\Local\Temp\divA43A.tmp --------- 0
30.08.2010 12:32 C:\Users\Bobby\AppData\Local\Temp\divF6A.tmp --------- 0
29.08.2010 07:31 C:\Users\Bobby\AppData\Local\Temp\divAA71.tmp --------- 0
29.08.2010 01:49 C:\Users\Bobby\AppData\Local\Temp\plugtmp-54 --------- 0
28.08.2010 09:15 C:\Users\Bobby\AppData\Local\Temp\div8C47.tmp --------- 0
27.08.2010 14:00 C:\Users\Bobby\AppData\Local\Temp\divCB97.tmp --------- 0
26.08.2010 21:47 C:\Users\Bobby\AppData\Local\Temp\plugtmp-53 --------- 0
26.08.2010 19:23 C:\Users\Bobby\AppData\Local\Temp\~DF50D41159F30CD53D.TMP --------- 49152
26.08.2010 15:14 C:\Users\Bobby\AppData\Local\Temp\div8F24.tmp --------- 0
26.08.2010 07:10 C:\Users\Bobby\AppData\Local\Temp\div96D2.tmp --------- 0
26.08.2010 07:10 C:\Users\Bobby\AppData\Local\Temp\History --------- 0
26.08.2010 07:10 C:\Users\Bobby\AppData\Local\Temp\Cookies --------- 0
26.08.2010 07:10 C:\Users\Bobby\AppData\Local\Temp\Temporary Internet Files --------- 0
25.08.2010 23:47 C:\Users\Bobby\AppData\Local\Temp\divCF7E.tmp --------- 0
25.08.2010 06:55 C:\Users\Bobby\AppData\Local\Temp\div6EB9.tmp --------- 0
24.08.2010 16:47 C:\Users\Bobby\AppData\Local\Temp\Physik-5.pdf --------- 188732
24.08.2010 15:52 C:\Users\Bobby\AppData\Local\Temp\div1DFB.tmp --------- 0
24.08.2010 07:39 C:\Users\Bobby\AppData\Local\Temp\divFE7A.tmp --------- 0
23.08.2010 14:44 C:\Users\Bobby\AppData\Local\Temp\div9F4A.tmp --------- 0
23.08.2010 06:55 C:\Users\Bobby\AppData\Local\Temp\div21C2.tmp --------- 0
22.08.2010 10:10 C:\Users\Bobby\AppData\Local\Temp\div7CDC.tmp --------- 0
22.08.2010 02:14 C:\Users\Bobby\AppData\Local\Temp\plugtmp-52 --------- 0
22.08.2010 01:20 C:\Users\Bobby\AppData\Local\Temp\pornstar_katarina_kat_fucking_movie_4.mpg --------- 2553856
22.08.2010 01:20 C:\Users\Bobby\AppData\Local\Temp\pornstar_katarina_kat_fucking_movie_1.mpg --------- 2375680
21.08.2010 19:41 C:\Users\Bobby\AppData\Local\Temp\~DFE3570129E9907D99.TMP --------- 147456
21.08.2010 09:14 C:\Users\Bobby\AppData\Local\Temp\div87B5.tmp --------- 0
21.08.2010 00:53 C:\Users\Bobby\AppData\Local\Temp\plugtmp-51 --------- 0
20.08.2010 23:59 C:\Users\Bobby\AppData\Local\Temp\LPRealMathe-4.pdf --------- 240940
20.08.2010 13:53 C:\Users\Bobby\AppData\Local\Temp\div8FEF.tmp --------- 0
20.08.2010 06:50 C:\Users\Bobby\AppData\Local\Temp\divCE36.tmp --------- 0
19.08.2010 14:42 C:\Users\Bobby\AppData\Local\Temp\divF95B.tmp --------- 0
19.08.2010 06:52 C:\Users\Bobby\AppData\Local\Temp\div278C.tmp --------- 0
18.08.2010 14:05 C:\Users\Bobby\AppData\Local\Temp\div9414.tmp --------- 0
18.08.2010 07:35 C:\Users\Bobby\AppData\Local\Temp\div1B9A.tmp --------- 0
17.08.2010 23:29 C:\Users\Bobby\AppData\Local\Temp\mod509D.tmp --------- 222
17.08.2010 23:29 C:\Users\Bobby\AppData\Local\Temp\~DFEC9706E274A72E63.TMP --------- 147456
17.08.2010 23:29 C:\Users\Bobby\AppData\Local\Temp\mod4CF4.tmp --------- 140350
17.08.2010 23:29 C:\Users\Bobby\AppData\Local\Temp\mod4B5E.tmp --------- 947
17.08.2010 23:29 C:\Users\Bobby\AppData\Local\Temp\mod2EB7.tmp --------- 5
17.08.2010 23:29 C:\Users\Bobby\AppData\Local\Temp\plugtmp-50 --------- 0
17.08.2010 20:04 C:\Users\Bobby\AppData\Local\Temp\LPRealMathe-3.pdf --------- 240940
17.08.2010 19:20 C:\Users\Bobby\AppData\Local\Temp\LPRealPhysik.pdf --------- 122376
17.08.2010 19:01 C:\Users\Bobby\AppData\Local\Temp\Physik-4.pdf --------- 188732
17.08.2010 15:04 C:\Users\Bobby\AppData\Local\Temp\Elternbrief OS.doc --------- 27136
17.08.2010 15:00 C:\Users\Bobby\AppData\Local\Temp\div8EC7.tmp --------- 0
17.08.2010 07:37 C:\Users\Bobby\AppData\Local\Temp\divF620.tmp --------- 0
16.08.2010 13:28 C:\Users\Bobby\AppData\Local\Temp\LPRealMathe-2.pdf --------- 240940
16.08.2010 12:39 C:\Users\Bobby\AppData\Local\Temp\divAB99.tmp --------- 0
16.08.2010 06:39 C:\Users\Bobby\AppData\Local\Temp\divA2D3.tmp --------- 0
15.08.2010 13:38 C:\Users\Bobby\AppData\Local\Temp\TempFolder.aaa --------- 0
15.08.2010 09:25 C:\Users\Bobby\AppData\Local\Temp\LPRealMathe-1.pdf --------- 240940
15.08.2010 09:18 C:\Users\Bobby\AppData\Local\Temp\div1016.tmp --------- 0
15.08.2010 00:58 C:\Users\Bobby\AppData\Local\Temp\02-2.wmv --------- 2645483
15.08.2010 00:58 C:\Users\Bobby\AppData\Local\Temp\01-2.wmv --------- 2645483
15.08.2010 00:52 C:\Users\Bobby\AppData\Local\Temp\plugtmp-49 --------- 0
14.08.2010 10:11 C:\Users\Bobby\AppData\Local\Temp\Physik-3.pdf --------- 188732
14.08.2010 10:01 C:\Users\Bobby\AppData\Local\Temp\div9C0.tmp --------- 0
13.08.2010 08:41 C:\Users\Bobby\AppData\Local\Temp\divAF80.tmp --------- 0
13.08.2010 01:24 C:\Users\Bobby\AppData\Local\Temp\plugtmp-48 --------- 0
12.08.2010 17:20 C:\Users\Bobby\AppData\Local\Temp\04-1.wmv --------- 8391175
12.08.2010 17:19 C:\Users\Bobby\AppData\Local\Temp\03-1.wmv --------- 9466375
12.08.2010 17:19 C:\Users\Bobby\AppData\Local\Temp\02-1.wmv --------- 8976775
12.08.2010 17:18 C:\Users\Bobby\AppData\Local\Temp\01-1.wmv --------- 10419975
12.08.2010 09:02 C:\Users\Bobby\AppData\Local\Temp\div4549.tmp --------- 0
12.08.2010 00:07 C:\Users\Bobby\AppData\Local\Temp\plugtmp-47 --------- 0
11.08.2010 12:29 C:\Users\Bobby\AppData\Local\Temp\ftdiport.cat --------- 10928
11.08.2010 12:29 C:\Users\Bobby\AppData\Local\Temp\ftdibus.cat --------- 11832
11.08.2010 09:40 C:\Users\Bobby\AppData\Local\Temp\~DFD0EDE6018EBFD0E7.TMP --------- 147456
11.08.2010 09:38 C:\Users\Bobby\AppData\Local\Temp\divFD13.tmp --------- 0
11.08.2010 04:36 C:\Users\Bobby\AppData\Local\Temp\plugtmp-46 --------- 0
10.08.2010 15:17 C:\Users\Bobby\AppData\Local\Temp\scoped_dir26868 --------- 0
10.08.2010 15:17 C:\Users\Bobby\AppData\Local\Temp\scoped_dir28904 --------- 0
10.08.2010 12:10 C:\Users\Bobby\AppData\Local\Temp\scoped_dir5708 --------- 0
10.08.2010 12:10 C:\Users\Bobby\AppData\Local\Temp\scoped_dir23022 --------- 0
10.08.2010 10:41 C:\Users\Bobby\AppData\Local\Temp\div8304.tmp --------- 0
09.08.2010 18:29 C:\Users\Bobby\AppData\Local\Temp\kqpmdzs812m --------- 14142
09.08.2010 10:56 C:\Users\Bobby\AppData\Local\Temp\div8C95.tmp --------- 0
08.08.2010 18:51 C:\Users\Bobby\AppData\Local\Temp\divB70E.tmp --------- 0
06.08.2010 12:02 C:\Users\Bobby\AppData\Local\Temp\div8B2E.tmp --------- 0
06.08.2010 09:44 C:\Users\Bobby\AppData\Local\Temp\div8861.tmp --------- 0
05.08.2010 10:28 C:\Users\Bobby\AppData\Local\Temp\div872A.tmp --------- 0
04.08.2010 13:07 C:\Users\Bobby\AppData\Local\Temp\divD586.tmp --------- 0
04.08.2010 10:16 C:\Users\Bobby\AppData\Local\Temp\div67F5.tmp --------- 0
03.08.2010 09:47 C:\Users\Bobby\AppData\Local\Temp\div1C46.tmp --------- 0
02.08.2010 17:19 C:\Users\Bobby\AppData\Local\Temp\divADDB.tmp --------- 0
02.08.2010 10:58 C:\Users\Bobby\AppData\Local\Temp\div8499.tmp --------- 0
01.08.2010 13:27 C:\Users\Bobby\AppData\Local\Temp\LaunchEFLCc_Data_DFE --------- 0
01.08.2010 13:26 C:\Users\Bobby\AppData\Local\Temp\LaunchEFLC_Data_DFE --------- 0
01.08.2010 13:24 C:\Users\Bobby\AppData\Local\Temp\drm_dyndata_7410004.dll --------- 208896
01.08.2010 13:24 C:\Users\Bobby\AppData\Local\Temp\{727094E1-78FB-41DD-BA03-E80868CD6C31} --------- 0
01.08.2010 13:23 C:\Users\Bobby\AppData\Local\Temp\{52D6F584-175E-42FB-875A-83128C332CFC} --------- 0
01.08.2010 13:23 C:\Users\Bobby\AppData\Local\Temp\mtka_tmp --------- 0
31.07.2010 13:35 C:\Users\Bobby\AppData\Local\Temp\scoped_dir17226 --------- 0
31.07.2010 13:35 C:\Users\Bobby\AppData\Local\Temp\scoped_dir3464 --------- 0
31.07.2010 10:32 C:\Users\Bobby\AppData\Local\Temp\div3F8E.tmp --------- 0
----------------------------------------
C:\Program Files
01.07.2011 18:52 C:\Program Files\DIFX --------- 0
22.05.2011 22:42 C:\Program Files\Adobe --------- 0
02.09.2010 19:20 C:\Program Files\iTunes --------- 4096
02.09.2010 19:20 C:\Program Files\iPod --------- 0
02.09.2010 19:19 C:\Program Files\Common Files --------- 4096
02.09.2010 19:19 C:\Program Files\Bonjour --------- 0
09.08.2010 20:11 C:\Program Files\Tablet --------- 4096
09.08.2010 20:10 C:\Program Files\WTouch --------- 0
01.05.2010 19:18 C:\Program Files\DivX --------- 0
29.04.2010 11:33 C:\Program Files\nik --------- 0
29.04.2010 03:37 C:\Program Files\Realtek --------- 0
29.04.2010 02:41 C:\Program Files\Microsoft Office --------- 0
28.04.2010 23:53 C:\Program Files\Windows NT --------- 4096
28.04.2010 23:53 C:\Program Files\Gemeinsame Dateien --------- 0
14.07.2009 20:18 C:\Program Files\DVD Maker --------- 4096
14.07.2009 20:18 C:\Program Files\Windows Journal --------- 4096
14.07.2009 20:18 C:\Program Files\Microsoft Games --------- 4096
14.07.2009 19:58 C:\Program Files\Windows Sidebar --------- 4096
14.07.2009 19:58 C:\Program Files\Windows Mail --------- 0
14.07.2009 19:58 C:\Program Files\Windows Photo Viewer --------- 4096
14.07.2009 19:58 C:\Program Files\Windows Media Player --------- 4096
14.07.2009 19:58 C:\Program Files\Internet Explorer --------- 4096
14.07.2009 19:58 C:\Program Files\Windows Defender --------- 4096
14.07.2009 07:32 C:\Program Files\Windows Portable Devices --------- 0
14.07.2009 07:32 C:\Program Files\Reference Assemblies --------- 0
14.07.2009 07:32 C:\Program Files\MSBuild --------- 0
14.07.2009 07:09 C:\Program Files\Uninstall Information --------- 0
14.07.2009 06:54 C:\Program Files\desktop.ini --------- 174
----------------------------------------
C:\ProgramData\..
Bobby
Administrator
Default
Public
Default User
All Users
desktop.ini
----------------------------------------
C:\Windows\system32\drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
----------------------------------------
Abbildname PID Sitzungsname Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process 0 Services 0 24 K
System 4 Services 0 1.428 K
smss.exe 260 Services 0 1.024 K
csrss.exe 392 Services 0 4.032 K
wininit.exe 488 Services 0 4.152 K
csrss.exe 512 Console 1 20.168 K
services.exe 536 Services 0 10.008 K
lsass.exe 552 Services 0 11.332 K
lsm.exe 560 Services 0 4.220 K
svchost.exe 684 Services 0 8.728 K
winlogon.exe 748 Console 1 6.856 K
nvvsvc.exe 804 Services 0 3.384 K
svchost.exe 840 Services 0 7.908 K
svchost.exe 904 Services 0 24.540 K
svchost.exe 968 Services 0 121.720 K
svchost.exe 112 Services 0 31.656 K
svchost.exe 856 Services 0 16.252 K
Pen_TouchService.exe 1068 Services 0 4.076 K
rundll32.exe 1184 Console 1 6.972 K
wisptis.exe 1216 Console 1 9.388 K
svchost.exe 1308 Services 0 14.892 K
spoolsv.exe 1452 Services 0 12.844 K
sched.exe 1488 Services 0 1.836 K
svchost.exe 1512 Services 0 19.496 K
avguard.exe 1648 Services 0 17.936 K
AppleMobileDeviceService. 1676 Services 0 4.536 K
BSHService.exe 1704 Services 0 14.264 K
mDNSResponder.exe 1740 Services 0 5.280 K
CableAssociation.exe 1780 Services 0 5.812 K
ICQ Service.exe 1828 Services 0 6.600 K
nlssrv32.exe 1888 Services 0 2.476 K
SbieSvc.exe 1948 Services 0 4.104 K
svchost.exe 2008 Services 0 7.544 K
Pen_Tablet.exe 2032 Services 0 4.980 K
avshadow.exe 2172 Services 0 3.812 K
conhost.exe 2180 Services 0 2.384 K
WUDFHost.exe 2732 Services 0 6.344 K
taskhost.exe 2868 Console 1 7.908 K
svchost.exe 2912 Services 0 5.608 K
wisptis.exe 2920 Console 1 50.116 K
dwm.exe 2932 Console 1 78.572 K
explorer.exe 2992 Console 1 77.916 K
TabTip.exe 3032 Console 1 12.620 K
Pen_TouchUser.exe 3048 Console 1 10.128 K
TabTip32.exe 2392 Console 1 2.652 K
Pen_TabletUser.exe 2880 Console 1 5.060 K
Pen_Tablet.exe 2128 Console 1 18.368 K
mbamservice.exe 2108 Services 0 42.808 K
rundll32.exe 2384 Console 1 5.884 K
RAVCpl64.exe 3092 Console 1 10.316 K
Bamboo Dock.exe 3176 Console 1 29.040 K
acrotray.exe 3412 Console 1 4.600 K
DivXUpdate.exe 3472 Console 1 15.828 K
iTunesHelper.exe 3524 Console 1 12.528 K
avgnt.exe 3536 Console 1 6.160 K
mbamgui.exe 3544 Console 1 7.020 K
iPodService.exe 3332 Services 0 6.992 K
SearchIndexer.exe 3860 Services 0 35.144 K
wmpnetwk.exe 3944 Services 0 18.476 K
svchost.exe 3908 Services 0 15.612 K
svchost.exe 3160 Services 0 13.256 K
svchost.exe 4420 Services 0 34.692 K
InputPersonalization.exe 3152 Console 1 2.052 K
firefox.exe 3264 Console 1 90.480 K
SearchProtocolHost.exe 4008 Services 0 8.124 K
SearchFilterHost.exe 172 Services 0 6.384 K
cmd.exe 1496 Console 1 3.464 K
conhost.exe 4344 Console 1 7.116 K
dllhost.exe 4356 Console 1 5.776 K
tasklist.exe 4736 Console 1 5.216 K
WmiPrvSE.exe 3904 Services 0 5.916 K
***** Ende des Scans 05.07.2011 um 15:22:45,68 ***
Code:
ATTFilter 7-Zip 4.65 26.09.2010
Acrobat.com Adobe Systems Incorporated 28.04.2010 1.2.443
Adobe AIR Adobe Systems Inc. 14.08.2010 1.5.3.9130
Adobe Anchor Service x64 CS4 28.04.2010
Adobe CMaps x64 CS4 28.04.2010
Adobe Community Help Adobe Systems Incorporated 06.05.2010 3.0.0.400
Adobe Creative Suite 4 Master Collection Adobe Systems Incorporated 28.04.2010 224MB 4.0
Adobe CSI CS4 x64 28.04.2010
Adobe Drive CS4 x64 28.04.2010
Adobe Flash Player 10 ActiveX Adobe Systems, Inc. 28.04.2010 1,96MB 10.0.2.54
Adobe Flash Player 10 Plugin Adobe Systems Incorporated 01.04.2011 6,00MB 10.2.153.1
Adobe Fonts All x64 28.04.2010
Adobe InDesign CS4 Icon Handler x64 28.04.2010
Adobe Linguistics CS4 x64 28.04.2010
Adobe Media Player Adobe Systems Incorporated 28.04.2010 1.1
Adobe PDF Library Files x64 CS4 28.04.2010
Adobe Photoshop CS4 (64 Bit) 28.04.2010
Adobe Photoshop CS5 Adobe Systems Incorporated 06.05.2010 2.595MB 12.0
Adobe Photoshop Lightroom 2.7 Adobe 10.05.2010 103,8MB 2.7
Adobe Photoshop Lightroom 3 64-bit Adobe 15.06.2010 251MB 3.0.2
Adobe Type Support x64 CS4 28.04.2010
Adobe WinSoft Linguistics Plugin x64 28.04.2010
Apple Application Support Apple Inc. 01.09.2010 42,8MB 1.3.2
Apple Mobile Device Support Apple Inc. 01.09.2010 20,7MB 3.2.0.47
Apple Software Update Apple Inc. 01.09.2010 2,26MB 2.1.2.120
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver Atheros Communications Inc. 28.04.2010 1.0.0.18
Avira AntiVir Personal - Free Antivirus Avira GmbH 03.07.2011 74,3MB 10.0.0.650
Backup Service Home 3.3.1.4 Alexander Seeliger Software 22.06.2010 5,56MB 3.3.1.4
Bamboo Wacom Technology Corp. 08.08.2010
Bamboo Dock 3.3 Wacom Co., Ltd. 14.08.2010 3.3
Bonjour Apple Inc. 01.09.2010 1,75MB 2.0.3.0
Call of Duty(R) 4 - Modern Warfare(TM) Activision 25.05.2010 2.281MB 1.4
Capture One 6.2 Phase One A/S 30.06.2011 418MB 6.2.49650.20
CCleaner Piriform 04.07.2011 3.08
Color Efex Pro 3.0 Complete Nik Software, Inc. 28.04.2010 3.1.0.0
Dfine 2.0 Nik Software, Inc. 28.04.2010 2.1.0.2
DirSync 2.92 Stephen Kalisch 05.05.2010
DivX-Setup DivX, Inc. 12.05.2010 1.0.1.5
Dragon Age: Origins Electronic Arts, Inc. 28.09.2010 1.04
fc-prints HP Silverwire 08.01.2011
Foto-Mosaik-Edda 5.5.9 Steffen Schirmer 26.05.2010 3,43MB
Grand Theft Auto: Episodes From Liberty City Rockstar Games 31.07.2010 1.1.0.0
HDR Efex Pro Nik Software, Inc. 16.10.2010 1.0.0.0
iColor Display 3.7.3.0 (nur entfernen) 03.07.2011
ICQ Toolbar ICQ 10.03.2011 3.0.0
ICQ7.4 ICQ 10.03.2011 7.4
Image Trends' Fisheye-Hemi Plug-In 1.1.6 Image Trends, Inc. 05.10.2010 5,49MB 1.1.6
iTunes Apple Inc. 01.09.2010 136,9MB 10.0.0.68
Java(TM) 6 Update 15 Sun Microsystems, Inc. 10.05.2010 95,0MB 6.0.150
JDownloader AppWork UG (haftungsbeschränkt) 10.05.2010 0.89
Livebrush Mini MoreMeYou 14.08.2010 1.1.2
Malwarebytes' Anti-Malware Version 1.51.0.1200 Malwarebytes Corporation 04.07.2011 13,8MB 1.51.0.1200
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 30.06.2011 38,8MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 30.06.2011 2,94MB 4.0.30319
Microsoft .NET Framework 4 Extended Microsoft Corporation 30.06.2011 52,0MB 4.0.30319
Microsoft .NET Framework 4 Extended DEU Language Pack Microsoft Corporation 30.06.2011 10,7MB 4.0.30319
Microsoft Games for Windows - LIVE Microsoft Corporation 31.07.2010 8,31MB 3.1.186.0
Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 31.07.2010 32,3MB 3.1.99.0
Microsoft Office Ultimate 2007 Microsoft Corporation 28.04.2010 12.0.6215.1000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 17.04.2011 2,69MB 8.0.59193
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Corporation 28.04.2010 2,25MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 16.10.2010 0,76MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 28.04.2010 2,06MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 16.10.2010 0,23MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 30.04.2010 0,58MB 9.0.30729.4148
Mozilla Firefox (3.6.18) Mozilla 24.06.2011 3.6.18 (de)
Mozilla Firefox (3.6.3) Mozilla 28.04.2010 3.6.3 (de)
Nimo Codecs Pack v5.0 (Remove Only) 17.05.2010
NVIDIA Drivers 28.04.2010
NVIDIA PhysX NVIDIA Corporation 26.09.2010 119,9MB 9.09.0203
Pano2VR - Garden Gnome Software 28.04.2010
Photoshop Camera Raw_x64 28.04.2010
PokerStars.net PokerStars.net 30.04.2010
Portal 2 27.06.2011
Portrait Professional Max 6.3 Anthropics Technology Ltd. 06.05.2011 6.3
PTGui Pro 8.2.1 New House Internet Services B.V. 28.04.2010
QuickTime Apple Inc. 01.09.2010 73,7MB 7.67.75.0
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 28.04.2010 6.0.1.5859
Sandboxie 3.442 (64-bit) 15.06.2010
Sharpener Pro 3.0 Nik Software, Inc. 28.04.2010 3.0.0.2
Silver Efex Pro Nik Software, Inc. 28.04.2010 1.001
Skype Toolbars Skype Technologies S.A. 04.05.2010 6,09MB 1.0.4051
Skype™ 4.2 Skype Technologies S.A. 04.05.2010 31,7MB 4.2.163
Sony Image Data Suite Sony Corporation 28.02.2011 3.0.00.08270
StarCraft II Blizzard Entertainment 18.05.2011 1.3.3.18574
Team Fortress 2 Valve 12.06.2010
Tourweaver 5.00 Professional Edition Easypano Holdings Inc. 19.10.2010
Trillian Cerulean Studios, LLC 10.03.2011
Trillian Toolbar Ask.com 10.03.2011 2,57MB 1.9.1.0
Viveza 2 Nik Software, Inc. 28.04.2010 2.0.0.1
Warcraft III 10.06.2010
Warcraft III: All Products 10.06.2010
WebTablet IE Plugin Wacom Technology Corp. 08.08.2010 1.1.0.5
WebTablet Netscape Plugin Wacom Technology Corp. 08.08.2010 1.1.0.4
Windows-Treiberpaket - FTDI CDM Driver Package (10/22/2009 2.06.00) FTDI 29.04.2010 10/22/2009 2.06.00
Windows-Treiberpaket - FTDI CDM Driver Package (10/22/2009 2.06.00) FTDI 30.04.2010 10/22/2009 2.06.00
Windows-Treiberpaket - Leaf Imaging Ltd. Image (02/11/2010 ) Leaf Imaging Ltd. 30.06.2011 02/11/2010
WinPcap 4.1.2 CACE Technologies 27.08.2010 4.1.0.2001
WinRAR 28.04.2010
WUSB WinDrivers v.14.0.22.0 28.02.2011
|
|
05.07.2011, 21:49
| #7 |
| | BOO/Sinowal.F in Masterbootsektor Der PC ist übrigens vollständig von Netzwerk und Internet getrennt nachdem ich alles heruntergeladen hatte. Ich habe nochmal mit Antivir gescanne und dabei hat sich auch eine Infektion von Platte D und E gezeigt. vermutlich müssen dort dann auch die Masterbootrekorten neu geschrieben werden. USB Sticks die ich mal angeschlossen hatte usw habe ich auch mit dem CAPLOCK gedrückt an einen anderen PC angeschlossen und gescannt. dort ist nichts zu finden. Ich unternehme aber nichts weiteres sondern warte hier auf weitere Anweisungen. Ich find das absolut toll das es Menschen gibt die das hier machen und so tolle Hilfe anbieten. Habe mich inzwischen schon ganz viel durchs Forum gelesen. Bis hierhin auf jedenfall schonmal vielen vielen Dank! Das macht mir irgendwie mit das es eventuell noch was zu retten gibt. |
|
06.07.2011, 07:41
| #8 | |
| /// Helfer-Team | BOO/Sinowal.F in MasterbootsektorZitat:
TDSSKiller von Kaspersky
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
06.07.2011, 09:37
| #9 |
| | BOO/Sinowal.F in Masterbootsektor WOW Toll! Der Sinowal.F wurde als bereinigt angezeigt und Antivir findet ihn auch nichtmehr im Scan des Masterbot. Ich lasse gerade noch einen vollständigen Scan des Systems durchlaufen. Hoffe das auf den anderen beiden Platten auch nichtsmehr auftaucht. Code:
ATTFilter 2011/07/06 09:08:12.0438 3136 TDSS rootkit removing tool 2.5.9.0 Jul 1 2011 18:45:21
2011/07/06 09:08:12.0485 3136 ================================================================================
2011/07/06 09:08:12.0485 3136 SystemInfo:
2011/07/06 09:08:12.0485 3136
2011/07/06 09:08:12.0485 3136 OS Version: 6.1.7600 ServicePack: 0.0
2011/07/06 09:08:12.0485 3136 Product type: Workstation
2011/07/06 09:08:12.0485 3136 ComputerName: BOBBY-PC
2011/07/06 09:08:12.0486 3136 UserName: Bobby
2011/07/06 09:08:12.0486 3136 Windows directory: C:\Windows
2011/07/06 09:08:12.0486 3136 System windows directory: C:\Windows
2011/07/06 09:08:12.0486 3136 Running under WOW64
2011/07/06 09:08:12.0486 3136 Processor architecture: Intel x64
2011/07/06 09:08:12.0486 3136 Number of processors: 2
2011/07/06 09:08:12.0486 3136 Page size: 0x1000
2011/07/06 09:08:12.0486 3136 Boot type: Normal boot
2011/07/06 09:08:12.0486 3136 ================================================================================
2011/07/06 09:08:14.0416 3136 Initialize success
2011/07/06 09:08:21.0119 3724 ================================================================================
2011/07/06 09:08:21.0119 3724 Scan started
2011/07/06 09:08:21.0119 3724 Mode: Manual;
2011/07/06 09:08:21.0119 3724 ================================================================================
2011/07/06 09:08:21.0740 3724 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/07/06 09:08:21.0771 3724 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2011/07/06 09:08:21.0800 3724 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/07/06 09:08:21.0871 3724 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
2011/07/06 09:08:22.0050 3724 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/07/06 09:08:22.0097 3724 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/07/06 09:08:22.0123 3724 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/07/06 09:08:22.0175 3724 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
2011/07/06 09:08:22.0212 3724 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2011/07/06 09:08:22.0354 3724 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2011/07/06 09:08:22.0414 3724 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2011/07/06 09:08:22.0462 3724 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/07/06 09:08:22.0481 3724 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/07/06 09:08:22.0502 3724 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
2011/07/06 09:08:22.0522 3724 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/07/06 09:08:22.0546 3724 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
2011/07/06 09:08:22.0707 3724 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2011/07/06 09:08:22.0758 3724 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/07/06 09:08:22.0779 3724 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/07/06 09:08:22.0821 3724 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/07/06 09:08:22.0842 3724 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2011/07/06 09:08:22.0990 3724 avgntflt (39c2e2870fc0c2ae0595b883cbe716b4) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/07/06 09:08:23.0016 3724 avipbb (c98fa6e5ad0e857d22716bd2b8b1f399) C:\Windows\system32\DRIVERS\avipbb.sys
2011/07/06 09:08:23.0098 3724 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/07/06 09:08:23.0145 3724 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/07/06 09:08:23.0284 3724 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/07/06 09:08:23.0350 3724 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/07/06 09:08:23.0389 3724 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
2011/07/06 09:08:23.0416 3724 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/07/06 09:08:23.0439 3724 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/07/06 09:08:23.0551 3724 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/07/06 09:08:23.0577 3724 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/07/06 09:08:23.0621 3724 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/07/06 09:08:23.0640 3724 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/07/06 09:08:23.0683 3724 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/07/06 09:08:23.0748 3724 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/07/06 09:08:23.0841 3724 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2011/07/06 09:08:23.0894 3724 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/07/06 09:08:23.0947 3724 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/07/06 09:08:24.0115 3724 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/07/06 09:08:24.0158 3724 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2011/07/06 09:08:24.0190 3724 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2011/07/06 09:08:24.0216 3724 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/07/06 09:08:24.0270 3724 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/07/06 09:08:24.0313 3724 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/07/06 09:08:24.0483 3724 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
2011/07/06 09:08:24.0505 3724 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/07/06 09:08:24.0535 3724 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/07/06 09:08:24.0601 3724 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/07/06 09:08:24.0670 3724 DWA (774608ed43b7d0abe859d6c6a6457419) C:\Windows\system32\DRIVERS\WSR_DWA.SYS
2011/07/06 09:08:24.0812 3724 DXGKrnl (7cb7d2b73813ce05c7bc0f5f95d27cec) C:\Windows\System32\drivers\dxgkrnl.sys
2011/07/06 09:08:24.0889 3724 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/07/06 09:08:24.0951 3724 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/07/06 09:08:24.0976 3724 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2011/07/06 09:08:25.0127 3724 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/07/06 09:08:25.0153 3724 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/07/06 09:08:25.0176 3724 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/07/06 09:08:25.0199 3724 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/07/06 09:08:25.0228 3724 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/07/06 09:08:25.0270 3724 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/07/06 09:08:25.0410 3724 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2011/07/06 09:08:25.0446 3724 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/07/06 09:08:25.0471 3724 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/07/06 09:08:25.0525 3724 FTDIBUS (7442bca60ed46cc31c2f39728bbdd9ad) C:\Windows\system32\drivers\ftdibus.sys
2011/07/06 09:08:25.0552 3724 FTSER2K (121af3148cdda212cffbc4f6240699c2) C:\Windows\system32\drivers\ftser2k.sys
2011/07/06 09:08:25.0585 3724 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys
2011/07/06 09:08:25.0718 3724 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/07/06 09:08:25.0765 3724 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/07/06 09:08:25.0790 3724 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/07/06 09:08:25.0854 3724 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
2011/07/06 09:08:25.0889 3724 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/07/06 09:08:25.0914 3724 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/07/06 09:08:25.0933 3724 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/07/06 09:08:26.0054 3724 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/07/06 09:08:26.0101 3724 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2011/07/06 09:08:26.0131 3724 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/07/06 09:08:26.0177 3724 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2011/07/06 09:08:26.0250 3724 hwa (a2d61e2b35435fc3fbe2feeab0bd0809) C:\Windows\system32\DRIVERS\WSR_HWA.SYS
2011/07/06 09:08:26.0414 3724 HWARadio (882ffbf9065d2ecc86f92923ce7f3b86) C:\Windows\system32\DRIVERS\WSR_RCI.SYS
2011/07/06 09:08:26.0463 3724 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2011/07/06 09:08:26.0502 3724 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/07/06 09:08:26.0530 3724 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
2011/07/06 09:08:26.0580 3724 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/07/06 09:08:26.0671 3724 IntcAzAudAddService (d42d651676883181400e22957a7e0b1e) C:\Windows\system32\drivers\RTKVHD64.sys
2011/07/06 09:08:26.0777 3724 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2011/07/06 09:08:26.0813 3724 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/07/06 09:08:26.0842 3724 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/07/06 09:08:26.0868 3724 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/07/06 09:08:26.0894 3724 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/07/06 09:08:26.0963 3724 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/07/06 09:08:26.0975 3724 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2011/07/06 09:08:27.0082 3724 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/07/06 09:08:27.0118 3724 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/07/06 09:08:27.0149 3724 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/07/06 09:08:27.0167 3724 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2011/07/06 09:08:27.0182 3724 KSecPkg (bbe1bf6d9b661c354d4857d5fadb943b) C:\Windows\system32\Drivers\ksecpkg.sys
2011/07/06 09:08:27.0230 3724 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/07/06 09:08:27.0338 3724 L1E (b8e670d7ef61615fa03104552854fac9) C:\Windows\system32\DRIVERS\L1E62x64.sys
2011/07/06 09:08:27.0404 3724 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/07/06 09:08:27.0452 3724 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/07/06 09:08:27.0477 3724 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/07/06 09:08:27.0524 3724 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/07/06 09:08:27.0547 3724 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/07/06 09:08:27.0665 3724 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/07/06 09:08:27.0711 3724 MBAMProtector (ed49fd1373de93617a1f6d128d98fe4d) C:\Windows\system32\drivers\mbam.sys
2011/07/06 09:08:27.0740 3724 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/07/06 09:08:27.0760 3724 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/07/06 09:08:27.0826 3724 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/07/06 09:08:27.0864 3724 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/07/06 09:08:27.0975 3724 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/07/06 09:08:28.0006 3724 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/07/06 09:08:28.0057 3724 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2011/07/06 09:08:28.0083 3724 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2011/07/06 09:08:28.0127 3724 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/07/06 09:08:28.0157 3724 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2011/07/06 09:08:28.0181 3724 mrxsmb (cfdcd8ca87c2a657debc150ac35b5e08) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/07/06 09:08:28.0293 3724 mrxsmb10 (1bee517b220b7f024f411aec1571dd5a) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/07/06 09:08:28.0322 3724 mrxsmb20 (6b2d5fef385828b6e485c1c90afb8195) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/07/06 09:08:28.0345 3724 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
2011/07/06 09:08:28.0370 3724 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2011/07/06 09:08:28.0444 3724 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/07/06 09:08:28.0463 3724 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/07/06 09:08:28.0484 3724 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/07/06 09:08:28.0600 3724 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/07/06 09:08:28.0635 3724 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/07/06 09:08:28.0654 3724 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/07/06 09:08:28.0683 3724 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2011/07/06 09:08:28.0734 3724 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/07/06 09:08:28.0754 3724 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/07/06 09:08:28.0779 3724 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/07/06 09:08:28.0893 3724 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/07/06 09:08:28.0921 3724 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/07/06 09:08:28.0966 3724 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2011/07/06 09:08:29.0001 3724 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/07/06 09:08:29.0054 3724 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/07/06 09:08:29.0079 3724 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/07/06 09:08:29.0183 3724 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/07/06 09:08:29.0201 3724 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2011/07/06 09:08:29.0218 3724 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/07/06 09:08:29.0240 3724 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2011/07/06 09:08:29.0303 3724 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/07/06 09:08:29.0472 3724 NPF (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys
2011/07/06 09:08:29.0516 3724 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/07/06 09:08:29.0535 3724 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/07/06 09:08:29.0580 3724 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
2011/07/06 09:08:29.0605 3724 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/07/06 09:08:29.0805 3724 nvlddmkm (12bdf9809840ae7cc9ab627b3bb933c5) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/07/06 09:08:30.0071 3724 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
2011/07/06 09:08:30.0083 3724 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
2011/07/06 09:08:30.0098 3724 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/07/06 09:08:30.0143 3724 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/07/06 09:08:30.0183 3724 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/07/06 09:08:30.0206 3724 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2011/07/06 09:08:30.0243 3724 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2011/07/06 09:08:30.0280 3724 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
2011/07/06 09:08:30.0308 3724 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/07/06 09:08:30.0445 3724 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/07/06 09:08:30.0471 3724 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/07/06 09:08:30.0572 3724 Ph3xIB64 (1e81496aff9d7fa2b4c4032b746de5b9) C:\Windows\system32\DRIVERS\Ph3xIB64.sys
2011/07/06 09:08:30.0632 3724 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2011/07/06 09:08:30.0765 3724 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/07/06 09:08:30.0806 3724 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2011/07/06 09:08:30.0850 3724 PxHlpa64 (fbf4db6d53585437e41a113300002a2b) C:\Windows\system32\Drivers\PxHlpa64.sys
2011/07/06 09:08:30.0890 3724 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/07/06 09:08:30.0927 3724 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/07/06 09:08:31.0053 3724 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/07/06 09:08:31.0078 3724 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/07/06 09:08:31.0137 3724 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/07/06 09:08:31.0156 3724 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/07/06 09:08:31.0180 3724 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/07/06 09:08:31.0196 3724 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/07/06 09:08:31.0221 3724 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2011/07/06 09:08:31.0246 3724 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/07/06 09:08:31.0372 3724 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/07/06 09:08:31.0403 3724 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/07/06 09:08:31.0416 3724 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/07/06 09:08:31.0443 3724 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2011/07/06 09:08:31.0479 3724 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
2011/07/06 09:08:31.0654 3724 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/07/06 09:08:31.0727 3724 SbieDrv (d8a6fedfb83deedfeca8218b195495f4) E:\Sandboxie\SbieDrv.sys
2011/07/06 09:08:31.0762 3724 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/07/06 09:08:31.0792 3724 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2011/07/06 09:08:31.0824 3724 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/07/06 09:08:31.0850 3724 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/07/06 09:08:31.0866 3724 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/07/06 09:08:31.0892 3724 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/07/06 09:08:31.0927 3724 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/07/06 09:08:32.0046 3724 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/07/06 09:08:32.0056 3724 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/07/06 09:08:32.0081 3724 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/07/06 09:08:32.0131 3724 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/07/06 09:08:32.0158 3724 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/07/06 09:08:32.0180 3724 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/07/06 09:08:32.0275 3724 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/07/06 09:08:32.0365 3724 sptd (602884696850c86434530790b110e8eb) C:\Windows\System32\Drivers\sptd.sys
2011/07/06 09:08:32.0529 3724 srv (ec8f67289105bf270498095f14963464) C:\Windows\system32\DRIVERS\srv.sys
2011/07/06 09:08:32.0551 3724 srv2 (f773d2ed090b7baa1c1a034f3ca476c8) C:\Windows\system32\DRIVERS\srv2.sys
2011/07/06 09:08:32.0570 3724 srvnet (26e84d3649019c3244622e654dfcd75b) C:\Windows\system32\DRIVERS\srvnet.sys
2011/07/06 09:08:32.0614 3724 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/07/06 09:08:32.0655 3724 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2011/07/06 09:08:32.0844 3724 Tcpip (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\drivers\tcpip.sys
2011/07/06 09:08:32.0895 3724 TCPIP6 (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\DRIVERS\tcpip.sys
2011/07/06 09:08:32.0925 3724 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/07/06 09:08:32.0947 3724 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/07/06 09:08:32.0965 3724 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/07/06 09:08:32.0996 3724 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2011/07/06 09:08:33.0138 3724 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2011/07/06 09:08:33.0202 3724 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/07/06 09:08:33.0254 3724 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2011/07/06 09:08:33.0319 3724 TunnelDrv (3473ec97b6263d72495e998f0d04dfb4) C:\Windows\system32\DRIVERS\WSR_CBA.SYS
2011/07/06 09:08:33.0453 3724 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/07/06 09:08:33.0485 3724 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2011/07/06 09:08:33.0521 3724 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/07/06 09:08:33.0546 3724 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2011/07/06 09:08:33.0574 3724 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/07/06 09:08:33.0637 3724 USBAAPL64 (cd03479f2da26500b203ed075c146a7a) C:\Windows\system32\Drivers\usbaapl64.sys
2011/07/06 09:08:33.0666 3724 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/07/06 09:08:33.0807 3724 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2011/07/06 09:08:33.0832 3724 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
2011/07/06 09:08:33.0867 3724 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
2011/07/06 09:08:33.0899 3724 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2011/07/06 09:08:33.0937 3724 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/07/06 09:08:33.0957 3724 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/07/06 09:08:34.0090 3724 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/07/06 09:08:34.0125 3724 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/07/06 09:08:34.0166 3724 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/07/06 09:08:34.0189 3724 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/07/06 09:08:34.0215 3724 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/07/06 09:08:34.0242 3724 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2011/07/06 09:08:34.0263 3724 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/07/06 09:08:34.0406 3724 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2011/07/06 09:08:34.0430 3724 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2011/07/06 09:08:34.0457 3724 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/07/06 09:08:34.0482 3724 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
2011/07/06 09:08:34.0552 3724 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys
2011/07/06 09:08:34.0575 3724 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/07/06 09:08:34.0618 3724 wacomvhid (ec1ceb237e365330c1fcfc4876aa0ac0) C:\Windows\system32\DRIVERS\wacomvhid.sys
2011/07/06 09:08:34.0778 3724 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/06 09:08:34.0787 3724 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/06 09:08:34.0827 3724 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/07/06 09:08:34.0860 3724 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/07/06 09:08:34.0908 3724 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/07/06 09:08:34.0926 3724 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/07/06 09:08:35.0080 3724 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/07/06 09:08:35.0147 3724 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/07/06 09:08:35.0197 3724 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/07/06 09:08:35.0249 3724 WSR_USF (42d0234614f6365356e1d3e4ac3ad2b3) C:\Windows\system32\Drivers\WSR_USF.sys
2011/07/06 09:08:35.0270 3724 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2011/07/06 09:08:35.0379 3724 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/07/06 09:08:35.0440 3724 X-Rite (1d9d643cb69654973a0551c17312034f) C:\Windows\system32\DRIVERS\XrUsb64.sys
2011/07/06 09:08:35.0475 3724 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/07/06 09:08:35.0489 3724 MBR (0x1B8) (39f7a052d4ffd519e42acced17e3f572) \Device\Harddisk1\DR1
2011/07/06 09:08:35.0495 3724 \Device\Harddisk1\DR1 - detected Backdoor.Win32.Sinowal.knf (0)
2011/07/06 09:08:35.0501 3724 MBR (0x1B8) (c1a5e26b17e02714c20979349c18dd25) \Device\Harddisk2\DR2
2011/07/06 09:08:35.0506 3724 \Device\Harddisk2\DR2 - detected Backdoor.Win32.Sinowal.knf (0)
2011/07/06 09:08:35.0528 3724 MBR (0x1B8) (a4a15d6782e6fe1dce41a606cb3affe3) \Device\Harddisk12\DR12
2011/07/06 09:08:42.0981 3724 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk13\DR13
2011/07/06 09:08:42.0990 3724 MBR (0x1B8) (efc7c81313f264515d62137a5404c4e0) \Device\Harddisk14\DR15
2011/07/06 09:08:43.0805 3724 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk3\DR3
2011/07/06 09:08:44.0233 3724 Boot (0x1200) (e9f4d6fb9a410629d55508f202ab4fc4) \Device\Harddisk0\DR0\Partition0
2011/07/06 09:08:44.0243 3724 Boot (0x1200) (2417833460bb281e26b8a5b11f78066a) \Device\Harddisk1\DR1\Partition0
2011/07/06 09:08:44.0252 3724 Boot (0x1200) (24254313a3a3d78122feb269cab3b036) \Device\Harddisk2\DR2\Partition0
2011/07/06 09:08:44.0268 3724 Boot (0x1200) (e08f96b3546c1b3a6f980e54c9e46945) \Device\Harddisk12\DR12\Partition0
2011/07/06 09:08:44.0275 3724 Boot (0x1200) (441096a9c34fe912606da60352f56c88) \Device\Harddisk13\DR13\Partition0
2011/07/06 09:08:44.0287 3724 Boot (0x1200) (a51368bb04259483c8f5f0b040286db9) \Device\Harddisk3\DR3\Partition0
2011/07/06 09:08:44.0292 3724 ================================================================================
2011/07/06 09:08:44.0292 3724 Scan finished
2011/07/06 09:08:44.0292 3724 ================================================================================
2011/07/06 09:08:44.0299 3356 Detected object count: 2
2011/07/06 09:08:44.0299 3356 Actual detected object count: 2
2011/07/06 09:09:14.0133 3356 \Device\Harddisk1\DR1 (Backdoor.Win32.Sinowal.knf) - will be cured after reboot
2011/07/06 09:09:14.0133 3356 \Device\Harddisk1\DR1 - ok
2011/07/06 09:09:14.0133 3356 Backdoor.Win32.Sinowal.knf(\Device\Harddisk1\DR1) - User select action: Cure
2011/07/06 09:09:14.0157 3356 \Device\Harddisk2\DR2 (Backdoor.Win32.Sinowal.knf) - will be cured after reboot
2011/07/06 09:09:14.0157 3356 \Device\Harddisk2\DR2 - ok
2011/07/06 09:09:14.0157 3356 Backdoor.Win32.Sinowal.knf(\Device\Harddisk2\DR2) - User select action: Cure
2011/07/06 09:09:20.0786 1264 Deinitialize success
PDF Reader aktualisieren usw werde ich dann gleich machen wenn ich bescheid bekomme das ich den PC wieder ans Netzwerk und ins Internet lassen kann. Und noch eine Frage. Den Defogger hatte ich ja anfangs gestartet wie es in der Anleitung steht. Den muss ich dann wenn wir ganz fertig sind nochmal starten und dann den anderen Reiter anklicken. |
|
07.07.2011, 05:53
| #10 | |
| /// Helfer-Team | BOO/Sinowal.F in MasterbootsektorZitat:
1. Deine Javaversion ist nicht aktuell! Da aufgrund alter Sicherheitslücken ist Java sehr anfällig, deinstalliere zunächst alle vorhandenen Java-Versionen: → Systemsteuerung → Software → deinstallieren... → Rechner neu aufstarten → Downloade nun die Offline-Version von Java Version 6 Update 24 von Oracle herunter Achte darauf, eventuell angebotene Toolbars abwählen (den Haken bei der Toolbar entfernen)! 2. reinige dein System mit Ccleaner:
3.
4. - "Link:-> ESET Online Scanner >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<< Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen. Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung -> Führe dann einen Komplett-Systemcheck mit Eset/Nod32 durch - folgendes bitte anhaken > "Remove found threads" und "Scan archives" - die Scanergebnis als *.txt Dateien speichern) - meistens "C:\Programme\Eset\EsetOnlineScanner\log.txt" Vor dem Scan Einstellungen im Internet Explorer: - "Extras→ Internetoptionen→ Sicherheit": - alles auf Standardstufe stellen - Active X erlauben - um den Scan zu starten: wenn du danach gefragt wirst (den Text in der Informationsleiste ) - ActiveX-Steuerelement installieren lassen 5. erneut einen Scan mit OTL:
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
07.07.2011, 23:58
| #11 |
| | BOO/Sinowal.F in Masterbootsektor Hui das war ein ganzes Stück Arbeit. Der Onlinescan hat 8 Stunden in Anspruch genommen weil ich alle Speichermedien mit Bildern usw angeschlossen habe. Leider finde ich davon den Log ist. Es wurde aber nichts gefunden. Hier die anderne Logs: Code:
ATTFilter SUPERAntiSpyware Scann-Protokoll
hxxp://www.superantispyware.com
Generiert 07/07/2011 bei 02:35 PM
Version der Applikation : 4.55.1000
Version der Kern-Datenbank : 7381
Version der Spur-Datenbank : 5193
Scan Art : kompletter Scann
Totale Scann-Zeit : 01:28:54
Gescannte Speicherelemente : 652
Erfasste Speicher-Bedrohungen : 0
Gescannte Register-Elemente : 13657
Erfasste Register-Bedrohungen : 0
Gescannte Datei-Elemente : 42956
Erfasste Datei-Elemente : 0
Code:
ATTFilter OTL logfile created on: 08.07.2011 00:16:20 - Run 3 OTL by OldTimer - Version 3.2.26.0 Folder = C:\Users\Bobby\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 6,00 Gb Total Physical Memory | 3,18 Gb Available Physical Memory | 52,94% Memory free 12,00 Gb Paging File | 9,46 Gb Available in Paging File | 78,84% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,76 Gb Total Space | 299,53 Gb Free Space | 64,31% Space Free | Partition Type: NTFS Drive D: | 931,51 Gb Total Space | 317,12 Gb Free Space | 34,04% Space Free | Partition Type: NTFS Drive E: | 465,76 Gb Total Space | 311,91 Gb Free Space | 66,97% Space Free | Partition Type: NTFS Drive L: | 465,65 Gb Total Space | 2,74 Gb Free Space | 0,59% Space Free | Partition Type: FAT32 Drive M: | 298,09 Gb Total Space | 151,34 Gb Free Space | 50,77% Space Free | Partition Type: NTFS Drive O: | 931,51 Gb Total Space | 107,92 Gb Free Space | 11,59% Space Free | Partition Type: NTFS Drive T: | 7,45 Gb Total Space | 6,37 Gb Free Space | 85,48% Space Free | Partition Type: FAT32 Computer Name: BOBBY-PC | User Name: Bobby | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.07.05 09:14:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Bobby\Desktop\OTL.exe PRC - [2011.06.25 20:07:08 | 000,912,344 | ---- | M] (Mozilla Corporation) -- D:\Mozilla Firefox\firefox.exe PRC - [2011.05.29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- E:\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011.05.29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- E:\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011.04.21 07:52:51 | 000,136,360 | ---- | M] (Avira GmbH) -- E:\Avira\AntiVir Desktop\sched.exe PRC - [2011.04.21 07:52:36 | 000,281,768 | ---- | M] (Avira GmbH) -- E:\Avira\AntiVir Desktop\avgnt.exe PRC - [2011.04.21 07:52:36 | 000,269,480 | ---- | M] (Avira GmbH) -- E:\Avira\AntiVir Desktop\avguard.exe PRC - [2010.10.04 00:16:26 | 000,063,488 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe PRC - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe PRC - [2010.08.15 13:36:57 | 000,178,176 | ---- | M] () -- E:\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe PRC - [2010.04.13 00:46:36 | 001,135,912 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- E:\DAEMON Tools Lite\DTLite.exe PRC - [2008.06.11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe ========== Modules (SafeList) ========== MOD - [2011.07.05 09:14:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Bobby\Desktop\OTL.exe MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2010.04.29 01:31:16 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV - [2011.05.29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- E:\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011.05.04 19:55:09 | 000,128,384 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- E:\SupantiSpy\SASCORE64.EXE -- (!SASCORE) SRV - [2011.04.21 07:52:51 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- E:\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.04.21 07:52:36 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- E:\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.03.27 12:06:16 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010.10.04 00:16:26 | 000,063,488 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc) SRV - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service) SRV - [2010.07.13 14:26:12 | 000,719,216 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Programme\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen) SRV - [2010.07.13 14:26:08 | 007,329,648 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Programme\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen) SRV - [2010.06.25 19:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2010.04.29 00:45:13 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010.04.17 12:56:30 | 000,094,440 | ---- | M] (tzuk) [Auto | Running] -- E:\Sandboxie\SbieSvc.exe -- (SbieSvc) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009.12.26 12:21:06 | 000,016,384 | ---- | M] (Alexander Seeliger Software) [Auto | Running] -- E:\Backup Service Home 3\BSHService.exe -- (Backup Service Home-Dienst) SRV - [2009.12.15 22:07:16 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- E:\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.01.29 20:16:26 | 001,405,440 | ---- | M] (Wisair Ltd.) [Auto | Running] -- E:\Hama\WUSB\Association\CableAssociation.exe -- (CableAssociation) SRV - [2008.08.15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.06.17 12:35:49 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2011.06.17 12:35:49 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2011.05.29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2010.06.25 19:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF) DRV:64bit: - [2010.04.29 00:38:01 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2010.04.19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2010.03.31 03:58:04 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2009.10.22 17:10:30 | 000,069,320 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS) DRV:64bit: - [2009.10.22 17:09:12 | 000,084,808 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K) DRV:64bit: - [2009.09.21 16:29:22 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid) DRV:64bit: - [2009.08.23 13:08:10 | 000,056,320 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:32:37 | 001,627,520 | ---- | M] (NXP Semiconductors) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ph3xIB64.sys -- (Ph3xIB64) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009.02.01 18:22:16 | 000,799,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSR_HWA.SYS -- (hwa) DRV:64bit: - [2009.02.01 18:22:16 | 000,141,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSR_RCI.SYS -- (HWARadio) DRV:64bit: - [2009.02.01 18:22:14 | 000,440,320 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSR_DWA.SYS -- (DWA) DRV:64bit: - [2009.01.27 13:22:08 | 000,071,680 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSR_CBA.SYS -- (TunnelDrv) DRV:64bit: - [2009.01.08 16:18:32 | 000,046,592 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSR_USF.sys -- (WSR_USF) DRV:64bit: - [2007.02.16 21:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter) DRV:64bit: - [2007.01.29 10:01:34 | 000,033,600 | ---- | M] (X-Rite, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\XrUsb64.sys -- (X-Rite) DRV - [2010.04.17 12:56:26 | 000,134,760 | ---- | M] (tzuk) [Kernel | On_Demand | Running] -- E:\Sandboxie\SbieDrv.sys -- (SbieDrv) DRV - [2010.02.17 20:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- E:\SupantiSpy\sasdifsv64.sys -- (SASDIFSV) DRV - [2010.02.17 20:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- E:\SupantiSpy\saskutil64.sys -- (SASKUTIL) DRV - [2008.08.14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 78 B7 26 59 A0 6B CB 01 [binary data] IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: exif_viewer@mozilla.doslash.org:1.65 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=" FF - prefs.js..network.proxy.type: 4 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.4: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: D:\Mozilla Firefox\components [2011.07.04 13:12:56 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: D:\Mozilla Firefox\plugins [2011.07.07 14:45:03 | 000,000,000 | ---D | M] FF - HKCU\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: D:\Mozilla Firefox\components [2011.07.04 13:12:56 | 000,000,000 | ---D | M] FF - HKCU\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: D:\Mozilla Firefox\plugins [2011.07.07 14:45:03 | 000,000,000 | ---D | M] [2010.04.29 00:03:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bobby\AppData\Roaming\mozilla\Extensions [2011.07.07 14:56:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bobby\AppData\Roaming\mozilla\Firefox\Profiles\7ihbmt81.default\extensions [2011.07.07 14:46:15 | 000,000,000 | ---D | M] ("Exif Viewer") -- C:\Users\Bobby\AppData\Roaming\mozilla\Firefox\Profiles\7ihbmt81.default\extensions\exif_viewer@mozilla.doslash.org [2011.07.02 19:31:11 | 000,001,056 | ---- | M] () -- C:\Users\Bobby\AppData\Roaming\Mozilla\Firefox\Profiles\7ihbmt81.default\searchplugins\icqplugin.xml [2011.07.07 14:45:04 | 000,000,000 | ---D | M] (Java Console) -- D:\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} O1 HOSTS File: ([2010.04.29 01:18:57 | 000,001,300 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Trillian Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (Trillian Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKCU\..\Toolbar\WebBrowser: (Trillian Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] E:\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] E:\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [Bamboo Dock] E:\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe () O4 - HKCU..\Run: [DAEMON Tools Lite] E:\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [SUPERAntiSpyware] E:\SupantiSpy\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.19 21:02:05 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{42a06ce3-536b-11df-bc5b-00248c0ef764}\Shell - "" = AutoRun O33 - MountPoints2\{42a06ce3-536b-11df-bc5b-00248c0ef764}\Shell\AutoRun\command - "" = N:\start.exe O33 - MountPoints2\{ec09433e-5316-11df-a516-00248c0ef764}\Shell - "" = AutoRun O33 - MountPoints2\{ec09433e-5316-11df-a516-00248c0ef764}\Shell\AutoRun\command - "" = K:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.07.07 14:57:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2011.07.07 14:45:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2011.07.07 14:45:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011.07.07 14:45:03 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2011.07.07 14:45:03 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011.07.07 14:45:02 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011.07.07 14:45:02 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011.07.07 13:03:35 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Roaming\SUPERAntiSpyware.com [2011.07.07 13:03:35 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2011.07.07 13:03:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2011.07.07 13:03:27 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE [2011.07.07 12:21:26 | 000,900,384 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Bobby\Desktop\jre-6u26-windows-i586-iftw.exe [2011.07.05 15:24:40 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011.07.05 15:12:38 | 000,000,000 | ---D | C] -- C:\Users\Bobby\Desktop\Alter log [2011.07.05 09:45:46 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Roaming\Malwarebytes [2011.07.05 09:45:40 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.07.05 09:45:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.07.05 09:45:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.07.05 09:45:37 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.07.05 09:14:13 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Bobby\Desktop\OTL.exe [2011.07.04 13:21:29 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Roaming\Avira [2011.07.04 13:18:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2011.07.04 13:18:33 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2011.07.04 13:18:33 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2011.07.04 13:18:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2011.07.01 18:50:45 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Local\Phase_One [2011.07.01 18:49:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Phase One [2011.07.01 18:49:25 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Local\CaptureOne [2011.07.01 18:48:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phase One [2011.07.01 18:46:24 | 001,458,992 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Bobby\Desktop\TDSSKiller.exe [2011.07.01 18:36:29 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll [2011.07.01 18:36:29 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll [2011.07.01 18:36:29 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll [2011.07.01 18:36:29 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll [2011.07.01 18:36:29 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll [2011.07.01 18:36:29 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll [2011.07.01 18:36:28 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe [2011.07.01 18:36:28 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe [2011.06.28 02:36:11 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Local\SKIDROW [2011.06.28 02:35:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve [2011.06.27 15:24:38 | 000,000,000 | ---D | C] -- C:\Users\Bobby\Desktop\Zeitrelais [2011.06.12 07:43:49 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Roaming\Yxyni [2011.06.12 07:43:49 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Roaming\Caze ========== Files - Modified Within 30 Days ========== [2011.07.07 14:44:51 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011.07.07 14:44:51 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011.07.07 14:44:51 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011.07.07 14:44:50 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2011.07.07 13:03:27 | 000,000,659 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2011.07.07 13:01:37 | 000,007,832 | ---- | M] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay3.prefs [2011.07.07 13:01:29 | 000,000,497 | -H-- | M] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay3.lic [2011.07.07 13:01:04 | 000,103,506 | ---- | M] () -- C:\Users\Bobby\Documents\cc_20110707_130053.reg [2011.07.07 12:24:58 | 000,022,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.07.07 12:24:58 | 000,022,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.07.07 12:17:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.07.07 12:17:15 | 536,125,439 | -HS- | M] () -- C:\hiberfil.sys [2011.07.07 12:12:34 | 000,900,384 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Bobby\Desktop\jre-6u26-windows-i586-iftw.exe [2011.07.05 15:24:41 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.07.05 15:21:45 | 000,030,259 | ---- | M] () -- C:\Users\Bobby\Desktop\hjtscanlist.bat [2011.07.05 09:45:40 | 000,000,627 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.07.05 09:14:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Bobby\Desktop\OTL.exe [2011.07.04 23:21:45 | 000,050,477 | ---- | M] () -- C:\Users\Bobby\Desktop\Defogger.exe [2011.07.04 22:57:10 | 000,000,620 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuatoCalibrationLoader.lnk [2011.07.04 22:57:10 | 000,000,415 | ---- | M] () -- C:\Users\Public\Desktop\iColor Display 3.7.3.0.lnk [2011.07.04 22:18:00 | 000,089,088 | ---- | M] () -- C:\Users\Bobby\Desktop\mbr.exe [2011.07.04 13:18:37 | 000,000,758 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2011.07.03 22:04:21 | 000,006,692 | ---- | M] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay.prefs [2011.07.03 22:01:54 | 000,000,390 | ---- | M] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay.lic [2011.07.03 00:27:19 | 000,216,179 | ---- | M] () -- C:\Users\Bobby\Desktop\klein.jpg [2011.07.01 18:46:24 | 001,458,992 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Bobby\Desktop\TDSSKiller.exe [2011.07.01 18:40:33 | 001,588,294 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.07.01 18:40:33 | 000,696,132 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.07.01 18:40:33 | 000,651,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.07.01 18:40:33 | 000,147,428 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.07.01 18:40:33 | 000,120,382 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.07.01 18:40:20 | 001,588,294 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.06.28 02:35:06 | 000,000,596 | ---- | M] () -- C:\Users\Public\Desktop\Portal 2.lnk [2011.06.27 23:37:05 | 001,923,697 | ---- | M] () -- C:\Users\Bobby\Desktop\Entstehender TaT.jpg [2011.06.26 04:30:00 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job [2011.06.17 12:35:49 | 000,116,568 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2011.06.17 12:35:49 | 000,083,120 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys ========== Files Created - No Company Name ========== [2011.07.07 13:03:27 | 000,000,659 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2011.07.07 13:00:57 | 000,103,506 | ---- | C] () -- C:\Users\Bobby\Documents\cc_20110707_130053.reg [2011.07.05 15:24:41 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.07.05 09:45:40 | 000,000,627 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.07.04 23:21:39 | 000,050,477 | ---- | C] () -- C:\Users\Bobby\Desktop\Defogger.exe [2011.07.04 22:57:10 | 000,000,415 | ---- | C] () -- C:\Users\Public\Desktop\iColor Display 3.7.3.0.lnk [2011.07.04 22:17:59 | 000,089,088 | ---- | C] () -- C:\Users\Bobby\Desktop\mbr.exe [2011.07.04 13:18:37 | 000,000,758 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2011.07.03 00:27:18 | 000,216,179 | ---- | C] () -- C:\Users\Bobby\Desktop\klein.jpg [2011.07.01 19:25:11 | 001,923,697 | ---- | C] () -- C:\Users\Bobby\Desktop\Entstehender TaT.jpg [2011.07.01 18:39:07 | 001,588,294 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.06.28 02:35:06 | 000,000,596 | ---- | C] () -- C:\Users\Public\Desktop\Portal 2.lnk [2011.04.23 12:40:56 | 000,006,692 | ---- | C] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay.prefs [2011.04.23 12:39:29 | 000,000,390 | ---- | C] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay.lic [2011.04.21 22:41:15 | 000,007,832 | ---- | C] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay3.prefs [2011.04.21 22:41:15 | 000,000,497 | -H-- | C] () -- C:\Users\Bobby\AppData\Roaming\iColorDisplay3.lic [2011.02.09 14:09:40 | 000,000,132 | ---- | C] () -- C:\Users\Bobby\AppData\Roaming\Adobe BMP Format CS5 Prefs [2011.01.17 00:27:25 | 000,001,456 | ---- | C] () -- C:\Users\Bobby\AppData\Local\Adobe Für Web speichern 12.0 Prefs [2011.01.16 22:26:42 | 000,000,132 | ---- | C] () -- C:\Users\Bobby\AppData\Roaming\Adobe PNG Format CS5 Prefs [2010.10.17 17:01:27 | 000,004,096 | ---- | C] () -- C:\Windows\SysWow64\HDREfexProFC64.dll [2010.10.04 00:16:26 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\HDREfexProFC32.dll [2010.09.04 23:46:41 | 000,007,606 | ---- | C] () -- C:\Users\Bobby\AppData\Local\Resmon.ResmonCfg [2010.06.25 19:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll [2010.06.16 16:51:17 | 000,001,512 | ---- | C] () -- C:\Windows\Sandboxie.ini [2010.06.11 17:44:33 | 000,044,918 | ---- | C] () -- C:\Windows\War3Unin.dat [2010.05.26 21:25:17 | 000,000,300 | ---- | C] () -- C:\Windows\game.ini [2010.05.05 22:10:18 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.04.29 11:13:31 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010.04.29 03:35:01 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2009.12.18 11:58:28 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\Viveza2FC32.dll [2009.11.06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2008.06.05 08:58:26 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2007.12.28 17:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS [2002.05.16 01:38:40 | 000,091,136 | ---- | C] () -- C:\Windows\SysWow64\mp4fil32.dll [2002.05.04 15:19:00 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\avisynthEx.dll [2002.04.21 20:30:14 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\OggDS.dll [2002.04.19 16:23:26 | 000,106,137 | ---- | C] () -- C:\Windows\SysWow64\libpostproc.dll [2002.04.19 15:51:04 | 000,211,760 | ---- | C] () -- C:\Windows\SysWow64\libavcodec.dll [2002.04.02 00:16:30 | 000,454,656 | ---- | C] () -- C:\Windows\SysWow64\VorbisEnc.dll [2002.04.02 00:16:14 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll [2002.04.02 00:15:40 | 000,011,264 | ---- | C] () -- C:\Windows\SysWow64\ogg.dll [2002.02.21 18:41:20 | 000,157,184 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2001.06.22 13:06:02 | 000,167,936 | ---- | C] () -- C:\Windows\SysWow64\MPEG2DEC.dll ========== LOP Check ========== [2010.06.23 19:11:32 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Alexosoft [2011.05.07 08:56:05 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Anthropics [2011.07.04 13:20:48 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Caze [2010.09.20 21:05:08 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2010.08.15 13:50:16 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1 [2011.07.07 12:59:13 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\DAEMON Tools Lite [2010.04.29 00:31:13 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\DAEMON Tools Pro [2010.10.06 22:35:25 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\ePaperPress [2010.04.29 02:06:30 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\FlashFXP [2010.04.29 02:04:09 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\GardenGnomeSoftware [2011.03.13 10:55:54 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\ICQ [2010.10.06 23:36:21 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\jpg-Illuminator [2010.05.06 18:55:48 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Nik Software [2010.04.29 02:06:01 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Notepad++ [2010.05.11 23:47:07 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Orbit [2011.05.23 21:09:43 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\PTGui [2010.05.07 00:47:01 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2011.04.18 02:40:17 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\The Creative Assembly [2011.03.11 15:50:38 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Trillian [2010.08.15 13:37:58 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Wacom [2010.08.15 13:38:00 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1 [2011.07.04 13:07:14 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Yxyni [2011.06.26 04:30:00 | 000,000,366 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job [2011.04.01 13:47:55 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 64 bytes -> C:\Users\Bobby\Desktop\SDIM0119.AVI:TOC.WMV < End of report > [/Code] OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 08.07.2011 00:16:20 - Run 3
OTL by OldTimer - Version 3.2.26.0 Folder = C:\Users\Bobby\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
6,00 Gb Total Physical Memory | 3,18 Gb Available Physical Memory | 52,94% Memory free
12,00 Gb Paging File | 9,46 Gb Available in Paging File | 78,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,76 Gb Total Space | 299,53 Gb Free Space | 64,31% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 317,12 Gb Free Space | 34,04% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 311,91 Gb Free Space | 66,97% Space Free | Partition Type: NTFS
Drive L: | 465,65 Gb Total Space | 2,74 Gb Free Space | 0,59% Space Free | Partition Type: FAT32
Drive M: | 298,09 Gb Total Space | 151,34 Gb Free Space | 50,77% Space Free | Partition Type: NTFS
Drive O: | 931,51 Gb Total Space | 107,92 Gb Free Space | 11,59% Space Free | Partition Type: NTFS
Drive T: | 7,45 Gb Total Space | 6,37 Gb Free Space | 85,48% Space Free | Partition Type: FAT32
Computer Name: BOBBY-PC | User Name: Bobby | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1387BA33-3FAC-49E9-B545-0E8D3BBC550B}" = Adobe Photoshop Lightroom 3 64-bit
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{5F02C14D-A630-4771-8409-0BA89FCCA8D6}" = iTunes
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{6D45461F-F0FF-4E32-A16D-C636722FCA12}" = WUSB WinDrivers v.14.0.22.0
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"3134FEF0E1D959EC0CC2E458C94B7057B2AC0CC9" = Windows-Treiberpaket - FTDI CDM Driver Package (10/22/2009 2.06.00)
"88EB56038379B8B7DCFB4D2448A60F52E064B265" = Windows-Treiberpaket - FTDI CDM Driver Package (10/22/2009 2.06.00)
"A35BD68D4A1B3E191138E3C9AA417190A9468F7E" = Windows-Treiberpaket - Leaf Imaging Ltd. Image (02/11/2010 )
"CaptureOne6_is1" = Capture One 6.2
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"Pen Tablet Driver" = Bamboo
"Sandboxie" = Sandboxie 3.442 (64-bit)
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F4B91C5-4524-02A6-1D9B-5AE52CE2E0F4}" = Bamboo Dock
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15A60757-91A9-8875-17C4-7E5C4A7E17AF}" = Livebrush Mini
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{359FCAA7-B544-4147-AE3B-8C8A526E2427}" = Sony Image Data Suite
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4BC51F3D-288E-433A-A428-9A9C34F7F835}" = Image Trends' Fisheye-Hemi Plug-In 1.1.6
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{5979B77A-9AE6-4E75-AED8-283C5E16C02D}_is1" = Backup Service Home 3.3.1.4
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ULTIMATER_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ULTIMATER_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ULTIMATER_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002A-0409-1000-0000000FF1CE}_ULTIMATER_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ULTIMATER_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ULTIMATER_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0116-0409-1000-0000000FF1CE}_ULTIMATER_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ULTIMATER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91120000-002E-0000-0000-0000000FF1CE}" = Microsoft Office Ultimate 2007
"{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B0513493-04B9-4F21-B4AB-83E750D54256}" = Adobe Photoshop Lightroom 2.7
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B095B0A4-50A5-46D7-9988-D038FEB040C0}" = Adobe Encore CS4 Library
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{BF962E1B-D17A-4713-A100-6531A132D83D}_is1" = Foto-Mosaik-Edda 5.5.9
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F600CCF3-9C88-4A22-B0B4-DDA82E997118}" = Adobe After Effects CS4 Template Projects & Footage
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_5445c5ddd9a5c69582d3c1e2bba18f7" = Adobe Creative Suite 4 Master Collection
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Bamboo Dock" = Bamboo Dock 3.3
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Color Efex Pro 3.0 Complete" = Color Efex Pro 3.0 Complete
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1" = Livebrush Mini
"Dfine 2.0" = Dfine 2.0
"DirSync" = DirSync 2.92
"DivX Setup.divx.com" = DivX-Setup
"ESET Online Scanner" = ESET Online Scanner v3
"fc-prints" = fc-prints
"HDR Efex Pro" = HDR Efex Pro
"ICQToolbar" = ICQ Toolbar
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{6D45461F-F0FF-4E32-A16D-C636722FCA12}" = WUSB WinDrivers v.14.0.22.0
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.0.1200
"MediaPortal" = MediaPortal
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"NimoCorp" = Nimo Codecs Pack v5.0 (Remove Only)
"Pano2VR" = Pano2VR - Garden Gnome Software
"Pen Tablet Driver" = Bamboo
"PokerStars.net" = PokerStars.net
"Portrait Professional Max 6_is1" = Portrait Professional Max 6.3
"Postal 2_is1" = Portal 2
"PTGui" = PTGui Pro 8.2.1
"Sharpener Pro 3.0" = Sharpener Pro 3.0
"Silver Efex Pro" = Silver Efex Pro
"StarCraft II" = StarCraft II
"Steam App 440" = Team Fortress 2
"Steamless Left4Dead2 Pack" = Steamless Left4Dead2 Pack
"Trillian" = Trillian
"Tw500_pro_is1" = Tourweaver 5.00 Professional Edition
"ULTIMATER" = Microsoft Office Ultimate 2007
"Viveza 2" = Viveza 2
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
"Warcraft III" = Warcraft III
"WinPcapInst" = WinPcap 4.1.2
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"iColorDisplay" = iColor Display 3.7.3.0 (nur entfernen)
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"Warcraft III" = Warcraft III: All Products
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 27.06.2011 04:21:06 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 27.06.2011 07:39:39 | Computer Name = Bobby-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Acrobat.exe, Version: 9.0.0.332,
Zeitstempel: 0x4850eb76 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bdb3b Ausnahmecode: 0xc0000374 Fehleroffset: 0x000cdcbb ID des fehlerhaften
Prozesses: 0xb40 Startzeit der fehlerhaften Anwendung: 0x01cc34bee1b66d32 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 239d8cf5-a0b2-11e0-92dd-00248c0ef764
Error - 29.06.2011 05:24:22 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 29.06.2011 10:12:33 | Computer Name = Bobby-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: portal2.exe, Version: 0.0.0.0, Zeitstempel:
0x4d4c804d Name des fehlerhaften Moduls: valve_avi.dll, Version: 0.0.0.0, Zeitstempel:
0x4daa2f8e Ausnahmecode: 0xc0000005 Fehleroffset: 0x00004473 ID des fehlerhaften Prozesses:
0x1358 Startzeit der fehlerhaften Anwendung: 0x01cc36654c4b0a0b Pfad der fehlerhaften
Anwendung: E:\Portal 2\portal2.exe Pfad des fehlerhaften Moduls: e:\portal 2\bin\valve_avi.dll
Berichtskennung:
d4aa1c4e-a259-11e0-90f8-00248c0ef764
Error - 02.07.2011 02:49:20 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 02.07.2011 16:28:14 | Computer Name = Bobby-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Photoshop.exe, Version: 12.0.0.0,
Zeitstempel: 0x4bbc5b10 Name des fehlerhaften Moduls: HDR Efex Pro.8bf_unloaded,
Version: 0.0.0.0, Zeitstempel: 0x4ca9115a Ausnahmecode: 0xc0000005 Fehleroffset:
0x000007fee5d15b45 ID des fehlerhaften Prozesses: 0x1304 Startzeit der fehlerhaften
Anwendung: 0x01cc38e9e230a41e Pfad der fehlerhaften Anwendung: C:\Program Files\Adobe\Adobe
Photoshop CS5 (64 Bit)\Photoshop.exe Pfad des fehlerhaften Moduls: HDR Efex Pro.8bf
Berichtskennung:
cf7f3bba-a4e9-11e0-a9ff-00248c0ef764
Error - 03.07.2011 04:46:26 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 04.07.2011 18:30:51 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 05.07.2011 20:19:47 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 07.07.2011 06:41:00 | Computer Name = Bobby-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
[ System Events ]
Error - 03.01.2011 11:54:31 | Computer Name = Bobby-PC | Source = bowser | ID = 8003
Description =
Error - 04.01.2011 07:53:20 | Computer Name = Bobby-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk8\DR8 gefunden.
Error - 04.01.2011 09:47:37 | Computer Name = Bobby-PC | Source = bowser | ID = 8003
Description =
Error - 05.01.2011 06:41:57 | Computer Name = Bobby-PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error - 05.01.2011 07:12:50 | Computer Name = Bobby-PC | Source = bowser | ID = 8003
Description =
Error - 07.01.2011 19:13:24 | Computer Name = Bobby-PC | Source = bowser | ID = 8003
Description =
Error - 08.01.2011 09:01:17 | Computer Name = Bobby-PC | Source = bowser | ID = 8003
Description =
Error - 08.01.2011 13:00:45 | Computer Name = Bobby-PC | Source = bowser | ID = 8003
Description =
Error - 09.01.2011 16:17:04 | Computer Name = Bobby-PC | Source = bowser | ID = 8003
Description =
Error - 15.01.2011 07:34:15 | Computer Name = Bobby-PC | Source = bowser | ID = 8003
Description =
< End of report >
[/Code] Bin echt total Dankbar für die Hilfe! Alleine hätte ich das nie hinbekommen. Und irgendwie ist das auch schon spannend zu sehen was am nächsten Tag gemacht werden muss. |
|
08.07.2011, 06:14
| #12 | |
| /// Helfer-Team | BOO/Sinowal.F in Masterbootsektor Hast Du die folgenden Zeilen in der Hosts selbst eingetragen bzw absichtlich zugefügt? Wenn ja, warum? Zitat:
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
08.07.2011, 10:07
| #13 |
| | BOO/Sinowal.F in Masterbootsektor Ja das hab ich geändert weil Photoshop und die ganzen Adobe Produkte wie Bridge usw sich automatisch updaten wollen und das immer aufpoppt. Habe gelesen das man den Lokalhost angeben soll und dann greift das nichtmehr ständig aufs Internet zu Updaten kann ich nun einzelne Komponenten seperat indem ich beispielsweise das Cameraraw Update manuell von Adobe herunterlade. Noch eine Sache war das ich Filterplugins für Photoshop habe die nur 32 Bit unterstützen und nicht unter dem Photpshop 64 Bit laufen. Das heisst ich hab immer meine ältere Version von (CS4) und benutze damit die Plugins. Zum sonstigen Bildbearbeiten nehme ich dann die 64 Bit Version (CS5).  |
|
09.07.2011, 07:46
| #14 |
| /// Helfer-Team | BOO/Sinowal.F in Masterbootsektor ► Wie ist den aktuellen Zustand des Rechners? Auffälligkeiten, Probleme?
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
09.07.2011, 10:21
| #15 |
| | BOO/Sinowal.F in Masterbootsektor Keine Auffälligkeiten, keine Probleme   Ich freu mich total!  |
|
| Themen zu BOO/Sinowal.F in Masterbootsektor |
| adware.adrotator, aktion, behauptet, boo/sinowal.f, boo/sinowal.f., code, cs4/contributeieplugin.dll, datei, error, gen, hacktool.wpakill, handle, log, malware.trace, mas, masterbootsektor, nichts, programm, steal, stealth, trojan.agent, trojan.downloader, trojan.fraudtool, unerwünschtes, unerwünschtes programm |
Linear-Darstellung
